GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.bin/openssl/rsautl.c Lines: 0 173 0.0 %
Date: 2016-12-06 Branches: 0 101 0.0 %

Line Branch Exec Source
1
/* $OpenBSD: rsautl.c,v 1.10 2015/10/17 15:00:11 doug Exp $ */
2
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3
 * project 2000.
4
 */
5
/* ====================================================================
6
 * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 *
12
 * 1. Redistributions of source code must retain the above copyright
13
 *    notice, this list of conditions and the following disclaimer.
14
 *
15
 * 2. Redistributions in binary form must reproduce the above copyright
16
 *    notice, this list of conditions and the following disclaimer in
17
 *    the documentation and/or other materials provided with the
18
 *    distribution.
19
 *
20
 * 3. All advertising materials mentioning features or use of this
21
 *    software must display the following acknowledgment:
22
 *    "This product includes software developed by the OpenSSL Project
23
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24
 *
25
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26
 *    endorse or promote products derived from this software without
27
 *    prior written permission. For written permission, please contact
28
 *    licensing@OpenSSL.org.
29
 *
30
 * 5. Products derived from this software may not be called "OpenSSL"
31
 *    nor may "OpenSSL" appear in their names without prior written
32
 *    permission of the OpenSSL Project.
33
 *
34
 * 6. Redistributions of any form whatsoever must retain the following
35
 *    acknowledgment:
36
 *    "This product includes software developed by the OpenSSL Project
37
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38
 *
39
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50
 * OF THE POSSIBILITY OF SUCH DAMAGE.
51
 * ====================================================================
52
 *
53
 * This product includes cryptographic software written by Eric Young
54
 * (eay@cryptsoft.com).  This product includes software written by Tim
55
 * Hudson (tjh@cryptsoft.com).
56
 *
57
 */
58
59
#include <openssl/opensslconf.h>
60
61
62
#include <string.h>
63
64
#include "apps.h"
65
66
#include <openssl/err.h>
67
#include <openssl/pem.h>
68
#include <openssl/rsa.h>
69
70
#define RSA_SIGN 	1
71
#define RSA_VERIFY 	2
72
#define RSA_ENCRYPT 	3
73
#define RSA_DECRYPT 	4
74
75
#define KEY_PRIVKEY	1
76
#define KEY_PUBKEY	2
77
#define KEY_CERT	3
78
79
static void usage(void);
80
81
int
82
rsautl_main(int argc, char **argv)
83
{
84
	BIO *in = NULL, *out = NULL;
85
	char *infile = NULL, *outfile = NULL;
86
	char *keyfile = NULL;
87
	char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
88
	int keyform = FORMAT_PEM;
89
	char need_priv = 0, badarg = 0, rev = 0;
90
	char hexdump = 0, asn1parse = 0;
91
	X509 *x;
92
	EVP_PKEY *pkey = NULL;
93
	RSA *rsa = NULL;
94
	unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
95
	char *passargin = NULL, *passin = NULL;
96
	int rsa_inlen, rsa_outlen = 0;
97
	int keysize;
98
99
	int ret = 1;
100
101
	if (single_execution) {
102
		if (pledge("stdio rpath wpath cpath tty", NULL) == -1) {
103
			perror("pledge");
104
			exit(1);
105
		}
106
	}
107
108
	argc--;
109
	argv++;
110
111
	pad = RSA_PKCS1_PADDING;
112
113
	while (argc >= 1) {
114
		if (!strcmp(*argv, "-in")) {
115
			if (--argc < 1)
116
				badarg = 1;
117
			else
118
				infile = *(++argv);
119
		} else if (!strcmp(*argv, "-out")) {
120
			if (--argc < 1)
121
				badarg = 1;
122
			else
123
				outfile = *(++argv);
124
		} else if (!strcmp(*argv, "-inkey")) {
125
			if (--argc < 1)
126
				badarg = 1;
127
			else
128
				keyfile = *(++argv);
129
		} else if (!strcmp(*argv, "-passin")) {
130
			if (--argc < 1)
131
				badarg = 1;
132
			else
133
				passargin = *(++argv);
134
		} else if (strcmp(*argv, "-keyform") == 0) {
135
			if (--argc < 1)
136
				badarg = 1;
137
			else
138
				keyform = str2fmt(*(++argv));
139
		} else if (!strcmp(*argv, "-pubin")) {
140
			key_type = KEY_PUBKEY;
141
		} else if (!strcmp(*argv, "-certin")) {
142
			key_type = KEY_CERT;
143
		} else if (!strcmp(*argv, "-asn1parse"))
144
			asn1parse = 1;
145
		else if (!strcmp(*argv, "-hexdump"))
146
			hexdump = 1;
147
		else if (!strcmp(*argv, "-raw"))
148
			pad = RSA_NO_PADDING;
149
		else if (!strcmp(*argv, "-oaep"))
150
			pad = RSA_PKCS1_OAEP_PADDING;
151
		else if (!strcmp(*argv, "-ssl"))
152
			pad = RSA_SSLV23_PADDING;
153
		else if (!strcmp(*argv, "-pkcs"))
154
			pad = RSA_PKCS1_PADDING;
155
		else if (!strcmp(*argv, "-x931"))
156
			pad = RSA_X931_PADDING;
157
		else if (!strcmp(*argv, "-sign")) {
158
			rsa_mode = RSA_SIGN;
159
			need_priv = 1;
160
		} else if (!strcmp(*argv, "-verify"))
161
			rsa_mode = RSA_VERIFY;
162
		else if (!strcmp(*argv, "-rev"))
163
			rev = 1;
164
		else if (!strcmp(*argv, "-encrypt"))
165
			rsa_mode = RSA_ENCRYPT;
166
		else if (!strcmp(*argv, "-decrypt")) {
167
			rsa_mode = RSA_DECRYPT;
168
			need_priv = 1;
169
		} else
170
			badarg = 1;
171
		if (badarg) {
172
			usage();
173
			goto end;
174
		}
175
		argc--;
176
		argv++;
177
	}
178
179
	if (need_priv && (key_type != KEY_PRIVKEY)) {
180
		BIO_printf(bio_err, "A private key is needed for this operation\n");
181
		goto end;
182
	}
183
	if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
184
		BIO_printf(bio_err, "Error getting password\n");
185
		goto end;
186
	}
187
188
	switch (key_type) {
189
	case KEY_PRIVKEY:
190
		pkey = load_key(bio_err, keyfile, keyform, 0,
191
		    passin, "Private Key");
192
		break;
193
194
	case KEY_PUBKEY:
195
		pkey = load_pubkey(bio_err, keyfile, keyform, 0,
196
		    NULL, "Public Key");
197
		break;
198
199
	case KEY_CERT:
200
		x = load_cert(bio_err, keyfile, keyform,
201
		    NULL, "Certificate");
202
		if (x) {
203
			pkey = X509_get_pubkey(x);
204
			X509_free(x);
205
		}
206
		break;
207
	}
208
209
	if (!pkey)
210
		goto end;
211
212
	rsa = EVP_PKEY_get1_RSA(pkey);
213
	EVP_PKEY_free(pkey);
214
215
	if (!rsa) {
216
		BIO_printf(bio_err, "Error getting RSA key\n");
217
		ERR_print_errors(bio_err);
218
		goto end;
219
	}
220
	if (infile) {
221
		if (!(in = BIO_new_file(infile, "rb"))) {
222
			BIO_printf(bio_err, "Error Reading Input File\n");
223
			ERR_print_errors(bio_err);
224
			goto end;
225
		}
226
	} else
227
		in = BIO_new_fp(stdin, BIO_NOCLOSE);
228
229
	if (outfile) {
230
		if (!(out = BIO_new_file(outfile, "wb"))) {
231
			BIO_printf(bio_err, "Error Reading Output File\n");
232
			ERR_print_errors(bio_err);
233
			goto end;
234
		}
235
	} else {
236
		out = BIO_new_fp(stdout, BIO_NOCLOSE);
237
	}
238
239
	keysize = RSA_size(rsa);
240
241
	rsa_in = reallocarray(NULL, keysize, 2);
242
	if (rsa_in == NULL) {
243
		BIO_printf(bio_err, "Error allocating memory for input data\n");
244
		exit(1);
245
	}
246
	rsa_out = malloc(keysize);
247
	if (rsa_out == NULL) {
248
		BIO_printf(bio_err, "Error allocating memory for output data\n");
249
		exit(1);
250
	}
251
252
	/* Read the input data */
253
	rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
254
	if (rsa_inlen <= 0) {
255
		BIO_printf(bio_err, "Error reading input Data\n");
256
		exit(1);
257
	}
258
	if (rev) {
259
		int i;
260
		unsigned char ctmp;
261
		for (i = 0; i < rsa_inlen / 2; i++) {
262
			ctmp = rsa_in[i];
263
			rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
264
			rsa_in[rsa_inlen - 1 - i] = ctmp;
265
		}
266
	}
267
	switch (rsa_mode) {
268
269
	case RSA_VERIFY:
270
		rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
271
		break;
272
273
	case RSA_SIGN:
274
		rsa_outlen = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
275
		break;
276
277
	case RSA_ENCRYPT:
278
		rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
279
		break;
280
281
	case RSA_DECRYPT:
282
		rsa_outlen = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
283
		break;
284
285
	}
286
287
	if (rsa_outlen <= 0) {
288
		BIO_printf(bio_err, "RSA operation error\n");
289
		ERR_print_errors(bio_err);
290
		goto end;
291
	}
292
	ret = 0;
293
	if (asn1parse) {
294
		if (!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
295
			ERR_print_errors(bio_err);
296
		}
297
	} else if (hexdump)
298
		BIO_dump(out, (char *) rsa_out, rsa_outlen);
299
	else
300
		BIO_write(out, rsa_out, rsa_outlen);
301
302
end:
303
	RSA_free(rsa);
304
	BIO_free(in);
305
	BIO_free_all(out);
306
	free(rsa_in);
307
	free(rsa_out);
308
	free(passin);
309
310
	return ret;
311
}
312
313
static void
314
usage()
315
{
316
	BIO_printf(bio_err, "Usage: rsautl [options]\n");
317
	BIO_printf(bio_err, "-in file        input file\n");
318
	BIO_printf(bio_err, "-out file       output file\n");
319
	BIO_printf(bio_err, "-inkey file     input key\n");
320
	BIO_printf(bio_err, "-keyform arg    private key format - default PEM\n");
321
	BIO_printf(bio_err, "-pubin          input is an RSA public\n");
322
	BIO_printf(bio_err, "-certin         input is a certificate carrying an RSA public key\n");
323
	BIO_printf(bio_err, "-ssl            use SSL v2 padding\n");
324
	BIO_printf(bio_err, "-raw            use no padding\n");
325
	BIO_printf(bio_err, "-pkcs           use PKCS#1 v1.5 padding (default)\n");
326
	BIO_printf(bio_err, "-oaep           use PKCS#1 OAEP\n");
327
	BIO_printf(bio_err, "-sign           sign with private key\n");
328
	BIO_printf(bio_err, "-verify         verify with public key\n");
329
	BIO_printf(bio_err, "-encrypt        encrypt with public key\n");
330
	BIO_printf(bio_err, "-decrypt        decrypt with private key\n");
331
	BIO_printf(bio_err, "-hexdump        hex dump output\n");
332
}