]> git.ipfire.org Git - thirdparty/openssl.git/blob - apps/genrsa.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove MAC cruft
[thirdparty/openssl.git] / apps / genrsa.c
1 /*
2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <openssl/opensslconf.h>
11 #ifdef OPENSSL_NO_RSA
12 NON_EMPTY_TRANSLATION_UNIT
13 #else
14
15 # include <stdio.h>
16 # include <string.h>
17 # include <sys/types.h>
18 # include <sys/stat.h>
19 # include "apps.h"
20 # include "progs.h"
21 # include <openssl/bio.h>
22 # include <openssl/err.h>
23 # include <openssl/bn.h>
24 # include <openssl/rsa.h>
25 # include <openssl/evp.h>
26 # include <openssl/x509.h>
27 # include <openssl/pem.h>
28 # include <openssl/rand.h>
29
30 # define DEFBITS 2048
31 # define DEFPRIMES 2
32
33 static int verbose = 0;
34
35 static int genrsa_cb(int p, int n, BN_GENCB *cb);
36
37 typedef enum OPTION_choice {
38 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
39 OPT_3, OPT_F4, OPT_ENGINE,
40 OPT_OUT, OPT_PASSOUT, OPT_CIPHER, OPT_PRIMES, OPT_VERBOSE,
41 OPT_R_ENUM
42 } OPTION_CHOICE;
43
44 const OPTIONS genrsa_options[] = {
45 {"help", OPT_HELP, '-', "Display this summary"},
46 {"3", OPT_3, '-', "Use 3 for the E value"},
47 {"F4", OPT_F4, '-', "Use F4 (0x10001) for the E value"},
48 {"f4", OPT_F4, '-', "Use F4 (0x10001) for the E value"},
49 {"out", OPT_OUT, '>', "Output the key to specified file"},
50 OPT_R_OPTIONS,
51 {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
52 {"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"},
53 # ifndef OPENSSL_NO_ENGINE
54 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
55 # endif
56 {"primes", OPT_PRIMES, 'p', "Specify number of primes"},
57 {"verbose", OPT_VERBOSE, '-', "Verbose output"},
58 {NULL}
59 };
60
61 int genrsa_main(int argc, char **argv)
62 {
63 BN_GENCB *cb = BN_GENCB_new();
64 PW_CB_DATA cb_data;
65 ENGINE *eng = NULL;
66 BIGNUM *bn = BN_new();
67 BIO *out = NULL;
68 const BIGNUM *e;
69 RSA *rsa = NULL;
70 const EVP_CIPHER *enc = NULL;
71 int ret = 1, num = DEFBITS, private = 0, primes = DEFPRIMES;
72 unsigned long f4 = RSA_F4;
73 char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
74 char *prog, *hexe, *dece;
75 OPTION_CHOICE o;
76
77 if (bn == NULL || cb == NULL)
78 goto end;
79
80 BN_GENCB_set(cb, genrsa_cb, bio_err);
81
82 prog = opt_init(argc, argv, genrsa_options);
83 while ((o = opt_next()) != OPT_EOF) {
84 switch (o) {
85 case OPT_EOF:
86 case OPT_ERR:
87 opthelp:
88 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
89 goto end;
90 case OPT_HELP:
91 ret = 0;
92 opt_help(genrsa_options);
93 goto end;
94 case OPT_3:
95 f4 = 3;
96 break;
97 case OPT_F4:
98 f4 = RSA_F4;
99 break;
100 case OPT_OUT:
101 outfile = opt_arg();
102 break;
103 case OPT_ENGINE:
104 eng = setup_engine(opt_arg(), 0);
105 break;
106 case OPT_R_CASES:
107 if (!opt_rand(o))
108 goto end;
109 break;
110 case OPT_PASSOUT:
111 passoutarg = opt_arg();
112 break;
113 case OPT_CIPHER:
114 if (!opt_cipher(opt_unknown(), &enc))
115 goto end;
116 break;
117 case OPT_PRIMES:
118 if (!opt_int(opt_arg(), &primes))
119 goto end;
120 break;
121 case OPT_VERBOSE:
122 verbose = 1;
123 break;
124 }
125 }
126 argc = opt_num_rest();
127 argv = opt_rest();
128
129 if (argc == 1) {
130 if (!opt_int(argv[0], &num) || num <= 0)
131 goto end;
132 if (num > OPENSSL_RSA_MAX_MODULUS_BITS)
133 BIO_printf(bio_err,
134 "Warning: It is not recommended to use more than %d bit for RSA keys.\n"
135 " Your key size is %d! Larger key size may behave not as expected.\n",
136 OPENSSL_RSA_MAX_MODULUS_BITS, num);
137 } else if (argc > 0) {
138 BIO_printf(bio_err, "Extra arguments given.\n");
139 goto opthelp;
140 }
141
142 private = 1;
143 if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
144 BIO_printf(bio_err, "Error getting password\n");
145 goto end;
146 }
147
148 out = bio_open_owner(outfile, FORMAT_PEM, private);
149 if (out == NULL)
150 goto end;
151
152 if (verbose)
153 BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus (%d primes)\n",
154 num, primes);
155 rsa = eng ? RSA_new_method(eng) : RSA_new();
156 if (rsa == NULL)
157 goto end;
158
159 if (!BN_set_word(bn, f4)
160 || !RSA_generate_multi_prime_key(rsa, num, primes, bn, cb))
161 goto end;
162
163 RSA_get0_key(rsa, NULL, &e, NULL);
164 hexe = BN_bn2hex(e);
165 dece = BN_bn2dec(e);
166 if (hexe && dece && verbose) {
167 BIO_printf(bio_err, "e is %s (0x%s)\n", dece, hexe);
168 }
169 OPENSSL_free(hexe);
170 OPENSSL_free(dece);
171 cb_data.password = passout;
172 cb_data.prompt_info = outfile;
173 assert(private);
174 if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
175 (pem_password_cb *)password_callback,
176 &cb_data))
177 goto end;
178
179 ret = 0;
180 end:
181 BN_free(bn);
182 BN_GENCB_free(cb);
183 RSA_free(rsa);
184 BIO_free_all(out);
185 release_engine(eng);
186 OPENSSL_free(passout);
187 if (ret != 0)
188 ERR_print_errors(bio_err);
189 return ret;
190 }
191
192 static int genrsa_cb(int p, int n, BN_GENCB *cb)
193 {
194 char c = '*';
195
196 if (!verbose)
197 return 1;
198
199 if (p == 0)
200 c = '.';
201 if (p == 1)
202 c = '+';
203 if (p == 2)
204 c = '*';
205 if (p == 3)
206 c = '\n';
207 BIO_write(BN_GENCB_get_arg(cb), &c, 1);
208 (void)BIO_flush(BN_GENCB_get_arg(cb));
209 return 1;
210 }
211 #endif
A mirror of the official openssl repository