Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	usr.bin/openssl/rsa.c	Lines:	63	138	45.7 %
Date:	2017-11-07	Branches:	29	88	33.0 %


/* $OpenBSD: rsa.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <openssl/opensslconf.h>

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>

#include "apps.h"
#include "progs.h"

#include <openssl/bio.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/rsa.h>
#include <openssl/x509.h>

static struct {
	int check;
	const EVP_CIPHER *enc;
	char *infile;
	int informat;
	int modulus;
	int noout;
	char *outfile;
	int outformat;
	char *passargin;
	char *passargout;
	int pubin;
	int pubout;
	int pvk_encr;
	int sgckey;
	int text;
} rsa_config;

static int
rsa_opt_cipher(int argc, char **argv, int *argsused)
{
	char *name = argv[0];

	if (*name++ != '-')
		return (1);

	if ((rsa_config.enc = EVP_get_cipherbyname(name)) == NULL) {
		fprintf(stderr, "Invalid cipher '%s'\n", name);
		return (1);
	}

	*argsused = 1;
	return (0);
}

static struct option rsa_options[] = {
	{
		.name = "check",
		.desc = "Check consistency of RSA private key",
		.type = OPTION_FLAG,
		.opt.flag = &rsa_config.check,
	},
	{
		.name = "in",
		.argname = "file",
		.desc = "Input file (default stdin)",
		.type = OPTION_ARG,
		.opt.arg = &rsa_config.infile,
	},
	{
		.name = "inform",
		.argname = "format",
		.desc = "Input format (DER, NET or PEM (default))",
		.type = OPTION_ARG_FORMAT,
		.opt.value = &rsa_config.informat,
	},
	{
		.name = "modulus",
		.desc = "Print the RSA key modulus",
		.type = OPTION_FLAG,
		.opt.flag = &rsa_config.modulus,
	},
	{
		.name = "noout",
		.desc = "Do not print encoded version of the key",
		.type = OPTION_FLAG,
		.opt.flag = &rsa_config.noout,
	},
	{
		.name = "out",
		.argname = "file",
		.desc = "Output file (default stdout)",
		.type = OPTION_ARG,
		.opt.arg = &rsa_config.outfile,
	},
	{
		.name = "outform",
		.argname = "format",
		.desc = "Output format (DER, NET or PEM (default PEM))",
		.type = OPTION_ARG_FORMAT,
		.opt.value = &rsa_config.outformat,
	},
	{
		.name = "passin",
		.argname = "src",
		.desc = "Input file passphrase source",
		.type = OPTION_ARG,
		.opt.arg = &rsa_config.passargin,
	},
	{
		.name = "passout",
		.argname = "src",
		.desc = "Output file passphrase source",
		.type = OPTION_ARG,
		.opt.arg = &rsa_config.passargout,
	},
	{
		.name = "pubin",
		.desc = "Expect a public key (default private key)",
		.type = OPTION_VALUE,
		.value = 1,
		.opt.value = &rsa_config.pubin,
	},
	{
		.name = "pubout",
		.desc = "Output a public key (default private key)",
		.type = OPTION_VALUE,
		.value = 1,
		.opt.value = &rsa_config.pubout,
	},
	{
		.name = "pvk-none",
		.type = OPTION_VALUE,
		.value = 0,
		.opt.value = &rsa_config.pvk_encr,
	},
	{
		.name = "pvk-strong",
		.type = OPTION_VALUE,
		.value = 2,
		.opt.value = &rsa_config.pvk_encr,
	},
	{
		.name = "pvk-weak",
		.type = OPTION_VALUE,
		.value = 1,
		.opt.value = &rsa_config.pvk_encr,
	},
	{
		.name = "RSAPublicKey_in",
		.type = OPTION_VALUE,
		.value = 2,
		.opt.value = &rsa_config.pubin,
	},
	{
		.name = "RSAPublicKey_out",
		.type = OPTION_VALUE,
		.value = 2,
		.opt.value = &rsa_config.pubout,
	},
	{
		.name = "sgckey",
		.desc = "Use modified NET algorithm for IIS and SGC keys",
		.type = OPTION_FLAG,
		.opt.flag = &rsa_config.sgckey,
	},
	{
		.name = "text",
		.desc = "Print in plain text in addition to encoded",
		.type = OPTION_FLAG,
		.opt.flag = &rsa_config.text,
	},
	{
		.name = NULL,
		.type = OPTION_ARGV_FUNC,
		.opt.argvfunc = rsa_opt_cipher,
	},
	{ NULL }
};

static void
show_ciphers(const OBJ_NAME *name, void *arg)
{
	static int n;

	fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
}

static void
rsa_usage()
{
	fprintf(stderr,
	    "usage: rsa [-ciphername] [-check] [-in file] "
	    "[-inform fmt]\n"
	    "    [-modulus] [-noout] [-out file] [-outform fmt] "
	    "[-passin src]\n"
	    "    [-passout src] [-pubin] [-pubout] [-sgckey] [-text]\n\n");
	options_usage(rsa_options);
	fprintf(stderr, "\n");

	fprintf(stderr, "Valid ciphername values:\n\n");
	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
	fprintf(stderr, "\n");
}

int
rsa_main(int argc, char **argv)
{
	int ret = 1;
	RSA *rsa = NULL;
	int i;
	BIO *out = NULL;
	char *passin = NULL, *passout = NULL;

	if (single_execution) {
		if (pledge("stdio cpath wpath rpath tty flock", NULL) == -1) {
			perror("pledge");
			exit(1);
		}
	}

	memset(&rsa_config, 0, sizeof(rsa_config));
	rsa_config.pvk_encr = 2;
	rsa_config.informat = FORMAT_PEM;
	rsa_config.outformat = FORMAT_PEM;

	if (options_parse(argc, argv, rsa_options, NULL, NULL) != 0) {
		rsa_usage();
		goto end;
	}

	if (!app_passwd(bio_err, rsa_config.passargin, rsa_config.passargout,
	    &passin, &passout)) {
		BIO_printf(bio_err, "Error getting passwords\n");
		goto end;
	}
	if (rsa_config.check && rsa_config.pubin) {
		BIO_printf(bio_err, "Only private keys can be checked\n");
		goto end;
	}
	out = BIO_new(BIO_s_file());

	{
		EVP_PKEY *pkey;

		if (rsa_config.pubin) {
			int tmpformat = -1;
			if (rsa_config.pubin == 2) {
				if (rsa_config.informat == FORMAT_PEM)
					tmpformat = FORMAT_PEMRSA;
				else if (rsa_config.informat == FORMAT_ASN1)
					tmpformat = FORMAT_ASN1RSA;
			} else if (rsa_config.informat == FORMAT_NETSCAPE &&
			    rsa_config.sgckey)
				tmpformat = FORMAT_IISSGC;
			else
				tmpformat = rsa_config.informat;

			pkey = load_pubkey(bio_err, rsa_config.infile,
			    tmpformat, 1, passin, "Public Key");
		} else
			pkey = load_key(bio_err, rsa_config.infile,
			    (rsa_config.informat == FORMAT_NETSCAPE &&
			    rsa_config.sgckey ? FORMAT_IISSGC :
			    rsa_config.informat), 1, passin, "Private Key");

		if (pkey != NULL)
			rsa = EVP_PKEY_get1_RSA(pkey);
		EVP_PKEY_free(pkey);
	}

	if (rsa == NULL) {
		ERR_print_errors(bio_err);
		goto end;
	}
	if (rsa_config.outfile == NULL) {
		BIO_set_fp(out, stdout, BIO_NOCLOSE);
	} else {
		if (BIO_write_filename(out, rsa_config.outfile) <= 0) {
			perror(rsa_config.outfile);
			goto end;
		}
	}

	if (rsa_config.text)
		if (!RSA_print(out, rsa, 0)) {
			perror(rsa_config.outfile);
			ERR_print_errors(bio_err);
			goto end;
		}
	if (rsa_config.modulus) {
		BIO_printf(out, "Modulus=");
		BN_print(out, rsa->n);
		BIO_printf(out, "\n");
	}
	if (rsa_config.check) {
		int r = RSA_check_key(rsa);

		if (r == 1)
			BIO_printf(out, "RSA key ok\n");
		else if (r == 0) {
			unsigned long err;

			while ((err = ERR_peek_error()) != 0 &&
			    ERR_GET_LIB(err) == ERR_LIB_RSA &&
			    ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
			    ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
				BIO_printf(out, "RSA key error: %s\n",
				    ERR_reason_error_string(err));
				ERR_get_error();	/* remove e from error
							 * stack */
			}
		}
		if (r == -1 || ERR_peek_error() != 0) {	/* should happen only if
							 * r == -1 */
			ERR_print_errors(bio_err);
			goto end;
		}
	}
	if (rsa_config.noout) {
		ret = 0;
		goto end;
	}
	BIO_printf(bio_err, "writing RSA key\n");
	if (rsa_config.outformat == FORMAT_ASN1) {
		if (rsa_config.pubout || rsa_config.pubin) {
			if (rsa_config.pubout == 2)
				i = i2d_RSAPublicKey_bio(out, rsa);
			else
				i = i2d_RSA_PUBKEY_bio(out, rsa);
		} else
			i = i2d_RSAPrivateKey_bio(out, rsa);
	}
#ifndef OPENSSL_NO_RC4
	else if (rsa_config.outformat == FORMAT_NETSCAPE) {
		unsigned char *p, *pp;
		int size;

		i = 1;
		size = i2d_RSA_NET(rsa, NULL, NULL, rsa_config.sgckey);
		if ((p = malloc(size)) == NULL) {
			BIO_printf(bio_err, "Memory allocation failure\n");
			goto end;
		}
		pp = p;
		i2d_RSA_NET(rsa, &p, NULL, rsa_config.sgckey);
		BIO_write(out, (char *) pp, size);
		free(pp);
	}
#endif
	else if (rsa_config.outformat == FORMAT_PEM) {
		if (rsa_config.pubout || rsa_config.pubin) {
			if (rsa_config.pubout == 2)
				i = PEM_write_bio_RSAPublicKey(out, rsa);
			else
				i = PEM_write_bio_RSA_PUBKEY(out, rsa);
		} else
			i = PEM_write_bio_RSAPrivateKey(out, rsa,
			    rsa_config.enc, NULL, 0, NULL, passout);
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
	} else if (rsa_config.outformat == FORMAT_MSBLOB ||
	    rsa_config.outformat == FORMAT_PVK) {
		EVP_PKEY *pk;
		pk = EVP_PKEY_new();
		EVP_PKEY_set1_RSA(pk, rsa);
		if (rsa_config.outformat == FORMAT_PVK)
			i = i2b_PVK_bio(out, pk, rsa_config.pvk_encr, 0,
			    passout);
		else if (rsa_config.pubin || rsa_config.pubout)
			i = i2b_PublicKey_bio(out, pk);
		else
			i = i2b_PrivateKey_bio(out, pk);
		EVP_PKEY_free(pk);
#endif
	} else {
		BIO_printf(bio_err,
		    "bad output format specified for outfile\n");
		goto end;
	}
	if (i <= 0) {
		BIO_printf(bio_err, "unable to write key\n");
		ERR_print_errors(bio_err);
	} else
		ret = 0;

end:
	BIO_free_all(out);
	RSA_free(rsa);
	free(passin);
	free(passout);

	return (ret);
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: rsa.c,v 1.9 2017/01/20 08:57:12 deraadt Exp $ */
2			/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3			* All rights reserved.
4			*
5			* This package is an SSL implementation written
6			* by Eric Young (eay@cryptsoft.com).
7			* The implementation was written so as to conform with Netscapes SSL.
8			*
9			* This library is free for commercial and non-commercial use as long as
10			* the following conditions are aheared to. The following conditions
11			* apply to all code found in this distribution, be it the RC4, RSA,
12			* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13			* included with this distribution is covered by the same copyright terms
14			* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15			*
16			* Copyright remains Eric Young's, and as such any Copyright notices in
17			* the code are not to be removed.
18			* If this package is used in a product, Eric Young should be given attribution
19			* as the author of the parts of the library used.
20			* This can be in the form of a textual message at program startup or
21			* in documentation (online or textual) provided with the package.
22			*
23			* Redistribution and use in source and binary forms, with or without
24			* modification, are permitted provided that the following conditions
25			* are met:
26			* 1. Redistributions of source code must retain the copyright
27			* notice, this list of conditions and the following disclaimer.
28			* 2. Redistributions in binary form must reproduce the above copyright
29			* notice, this list of conditions and the following disclaimer in the
30			* documentation and/or other materials provided with the distribution.
31			* 3. All advertising materials mentioning features or use of this software
32			* must display the following acknowledgement:
33			* "This product includes cryptographic software written by
34			* Eric Young (eay@cryptsoft.com)"
35			* The word 'cryptographic' can be left out if the rouines from the library
36			* being used are not cryptographic related :-).
37			* 4. If you include any Windows specific code (or a derivative thereof) from
38			* the apps directory (application code) you must include an acknowledgement:
39			* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40			*
41			* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42			* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44			* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45			* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46			* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47			* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49			* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50			* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51			* SUCH DAMAGE.
52			*
53			* The licence and distribution terms for any publically available version or
54			* derivative of this code cannot be changed. i.e. this code cannot simply be
55			* copied and put under another distribution licence
56			* [including the GNU Public Licence.]
57			*/
58
59			#include <openssl/opensslconf.h>
60
61			#include <stdio.h>
62			#include <stdlib.h>
63			#include <string.h>
64			#include <time.h>
65
66			#include "apps.h"
67			#include "progs.h"
68
69			#include <openssl/bio.h>
70			#include <openssl/bn.h>
71			#include <openssl/err.h>
72			#include <openssl/evp.h>
73			#include <openssl/pem.h>
74			#include <openssl/rsa.h>
75			#include <openssl/x509.h>
76
77			static struct {
78			int check;
79			const EVP_CIPHER *enc;
80			char *infile;
81			int informat;
82			int modulus;
83			int noout;
84			char *outfile;
85			int outformat;
86			char *passargin;
87			char *passargout;
88			int pubin;
89			int pubout;
90			int pvk_encr;
91			int sgckey;
92			int text;
93			} rsa_config;
94
95			static int
96			rsa_opt_cipher(int argc, char *argv, int argsused)
97			{
98		16	char *name = argv[0];
99
100	✗✓	8	if (*name++ != '-')
101			return (1);
102
103	✓✗	8	if ((rsa_config.enc = EVP_get_cipherbyname(name)) == NULL) {
104		8	fprintf(stderr, "Invalid cipher '%s'\n", name);
105		8	return (1);
106			}
107
108			*argsused = 1;
109			return (0);
110		8	}
111
112			static struct option rsa_options[] = {
113			{
114			.name = "check",
115			.desc = "Check consistency of RSA private key",
116			.type = OPTION_FLAG,
117			.opt.flag = &rsa_config.check,
118			},
119			{
120			.name = "in",
121			.argname = "file",
122			.desc = "Input file (default stdin)",
123			.type = OPTION_ARG,
124			.opt.arg = &rsa_config.infile,
125			},
126			{
127			.name = "inform",
128			.argname = "format",
129			.desc = "Input format (DER, NET or PEM (default))",
130			.type = OPTION_ARG_FORMAT,
131			.opt.value = &rsa_config.informat,
132			},
133			{
134			.name = "modulus",
135			.desc = "Print the RSA key modulus",
136			.type = OPTION_FLAG,
137			.opt.flag = &rsa_config.modulus,
138			},
139			{
140			.name = "noout",
141			.desc = "Do not print encoded version of the key",
142			.type = OPTION_FLAG,
143			.opt.flag = &rsa_config.noout,
144			},
145			{
146			.name = "out",
147			.argname = "file",
148			.desc = "Output file (default stdout)",
149			.type = OPTION_ARG,
150			.opt.arg = &rsa_config.outfile,
151			},
152			{
153			.name = "outform",
154			.argname = "format",
155			.desc = "Output format (DER, NET or PEM (default PEM))",
156			.type = OPTION_ARG_FORMAT,
157			.opt.value = &rsa_config.outformat,
158			},
159			{
160			.name = "passin",
161			.argname = "src",
162			.desc = "Input file passphrase source",
163			.type = OPTION_ARG,
164			.opt.arg = &rsa_config.passargin,
165			},
166			{
167			.name = "passout",
168			.argname = "src",
169			.desc = "Output file passphrase source",
170			.type = OPTION_ARG,
171			.opt.arg = &rsa_config.passargout,
172			},
173			{
174			.name = "pubin",
175			.desc = "Expect a public key (default private key)",
176			.type = OPTION_VALUE,
177			.value = 1,
178			.opt.value = &rsa_config.pubin,
179			},
180			{
181			.name = "pubout",
182			.desc = "Output a public key (default private key)",
183			.type = OPTION_VALUE,
184			.value = 1,
185			.opt.value = &rsa_config.pubout,
186			},
187			{
188			.name = "pvk-none",
189			.type = OPTION_VALUE,
190			.value = 0,
191			.opt.value = &rsa_config.pvk_encr,
192			},
193			{
194			.name = "pvk-strong",
195			.type = OPTION_VALUE,
196			.value = 2,
197			.opt.value = &rsa_config.pvk_encr,
198			},
199			{
200			.name = "pvk-weak",
201			.type = OPTION_VALUE,
202			.value = 1,
203			.opt.value = &rsa_config.pvk_encr,
204			},
205			{
206			.name = "RSAPublicKey_in",
207			.type = OPTION_VALUE,
208			.value = 2,
209			.opt.value = &rsa_config.pubin,
210			},
211			{
212			.name = "RSAPublicKey_out",
213			.type = OPTION_VALUE,
214			.value = 2,
215			.opt.value = &rsa_config.pubout,
216			},
217			{
218			.name = "sgckey",
219			.desc = "Use modified NET algorithm for IIS and SGC keys",
220			.type = OPTION_FLAG,
221			.opt.flag = &rsa_config.sgckey,
222			},
223			{
224			.name = "text",
225			.desc = "Print in plain text in addition to encoded",
226			.type = OPTION_FLAG,
227			.opt.flag = &rsa_config.text,
228			},
229			{
230			.name = NULL,
231			.type = OPTION_ARGV_FUNC,
232			.opt.argvfunc = rsa_opt_cipher,
233			},
234			{ NULL }
235			};
236
237			static void
238			show_ciphers(const OBJ_NAME name, void arg)
239			{
240			static int n;
241
242		3248	fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
243		1624	}
244
245			static void
246			rsa_usage()
247			{
248		16	fprintf(stderr,
249			"usage: rsa [-ciphername] [-check] [-in file] "
250			"[-inform fmt]\n"
251			" [-modulus] [-noout] [-out file] [-outform fmt] "
252			"[-passin src]\n"
253			" [-passout src] [-pubin] [-pubout] [-sgckey] [-text]\n\n");
254		8	options_usage(rsa_options);
255		8	fprintf(stderr, "\n");
256
257		8	fprintf(stderr, "Valid ciphername values:\n\n");
258		8	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
259		8	fprintf(stderr, "\n");
260		8	}
261
262			int
263			rsa_main(int argc, char **argv)
264			{
265			int ret = 1;
266			RSA *rsa = NULL;
267			int i;
268			BIO *out = NULL;
269		32	char passin = NULL, passout = NULL;
270
271	✓✗	16	if (single_execution) {
272	✗✓	16	if (pledge("stdio cpath wpath rpath tty flock", NULL) == -1) {
273			perror("pledge");
274			exit(1);
275			}
276			}
277
278		16	memset(&rsa_config, 0, sizeof(rsa_config));
279		16	rsa_config.pvk_encr = 2;
280		16	rsa_config.informat = FORMAT_PEM;
281		16	rsa_config.outformat = FORMAT_PEM;
282
283	✓✓	16	if (options_parse(argc, argv, rsa_options, NULL, NULL) != 0) {
284		8	rsa_usage();
285		8	goto end;
286			}
287
288	✗✓	8	if (!app_passwd(bio_err, rsa_config.passargin, rsa_config.passargout,
289			&passin, &passout)) {
290			BIO_printf(bio_err, "Error getting passwords\n");
291			goto end;
292			}
293	✗✓	8	if (rsa_config.check && rsa_config.pubin) {
294			BIO_printf(bio_err, "Only private keys can be checked\n");
295			goto end;
296			}
297		8	out = BIO_new(BIO_s_file());
298
299			{
300			EVP_PKEY *pkey;
301
302	✗✓	8	if (rsa_config.pubin) {
303			int tmpformat = -1;
304			if (rsa_config.pubin == 2) {
305			if (rsa_config.informat == FORMAT_PEM)
306			tmpformat = FORMAT_PEMRSA;
307			else if (rsa_config.informat == FORMAT_ASN1)
308			tmpformat = FORMAT_ASN1RSA;
309			} else if (rsa_config.informat == FORMAT_NETSCAPE &&
310			rsa_config.sgckey)
311			tmpformat = FORMAT_IISSGC;
312			else
313			tmpformat = rsa_config.informat;
314
315			pkey = load_pubkey(bio_err, rsa_config.infile,
316			tmpformat, 1, passin, "Public Key");
317			} else
318		16	pkey = load_key(bio_err, rsa_config.infile,
319		16	(rsa_config.informat == FORMAT_NETSCAPE &&
320		8	rsa_config.sgckey ? FORMAT_IISSGC :
321		8	rsa_config.informat), 1, passin, "Private Key");
322
323	✓✗	8	if (pkey != NULL)
324		8	rsa = EVP_PKEY_get1_RSA(pkey);
325		8	EVP_PKEY_free(pkey);
326			}
327
328	✗✓	8	if (rsa == NULL) {
329			ERR_print_errors(bio_err);
330			goto end;
331			}
332	✗✓	8	if (rsa_config.outfile == NULL) {
333			BIO_set_fp(out, stdout, BIO_NOCLOSE);
334			} else {
335	✗✓	8	if (BIO_write_filename(out, rsa_config.outfile) <= 0) {
336			perror(rsa_config.outfile);
337			goto end;
338			}
339			}
340
341	✓✗	8	if (rsa_config.text)
342	✗✓	8	if (!RSA_print(out, rsa, 0)) {
343			perror(rsa_config.outfile);
344			ERR_print_errors(bio_err);
345			goto end;
346			}
347	✗✓	8	if (rsa_config.modulus) {
348			BIO_printf(out, "Modulus=");
349			BN_print(out, rsa->n);
350			BIO_printf(out, "\n");
351			}
352	✓✗	8	if (rsa_config.check) {
353		8	int r = RSA_check_key(rsa);
354
355	✓✗	8	if (r == 1)
356		8	BIO_printf(out, "RSA key ok\n");
357			else if (r == 0) {
358			unsigned long err;
359
360			while ((err = ERR_peek_error()) != 0 &&
361			ERR_GET_LIB(err) == ERR_LIB_RSA &&
362			ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
363			ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
364			BIO_printf(out, "RSA key error: %s\n",
365			ERR_reason_error_string(err));
366			ERR_get_error(); /* remove e from error
367			* stack */
368			}
369			}
370	✓✗✗✓	16	if (r == -1 \|\| ERR_peek_error() != 0) { /* should happen only if
371			* r == -1 */
372			ERR_print_errors(bio_err);
373			goto end;
374			}
375	✓✓✓	8	}
376	✗✓	8	if (rsa_config.noout) {
377			ret = 0;
378			goto end;
379			}
380		8	BIO_printf(bio_err, "writing RSA key\n");
381	✗✓	8	if (rsa_config.outformat == FORMAT_ASN1) {
382			if (rsa_config.pubout \|\| rsa_config.pubin) {
383			if (rsa_config.pubout == 2)
384			i = i2d_RSAPublicKey_bio(out, rsa);
385			else
386			i = i2d_RSA_PUBKEY_bio(out, rsa);
387			} else
388			i = i2d_RSAPrivateKey_bio(out, rsa);
389			}
390			#ifndef OPENSSL_NO_RC4
391	✗✓	8	else if (rsa_config.outformat == FORMAT_NETSCAPE) {
392			unsigned char p, pp;
393			int size;
394
395			i = 1;
396			size = i2d_RSA_NET(rsa, NULL, NULL, rsa_config.sgckey);
397			if ((p = malloc(size)) == NULL) {
398			BIO_printf(bio_err, "Memory allocation failure\n");
399			goto end;
400			}
401			pp = p;
402			i2d_RSA_NET(rsa, &p, NULL, rsa_config.sgckey);
403			BIO_write(out, (char *) pp, size);
404			free(pp);
405			}
406			#endif
407	✓✗	8	else if (rsa_config.outformat == FORMAT_PEM) {
408	✗✓	8	if (rsa_config.pubout \|\| rsa_config.pubin) {
409			if (rsa_config.pubout == 2)
410			i = PEM_write_bio_RSAPublicKey(out, rsa);
411			else
412			i = PEM_write_bio_RSA_PUBKEY(out, rsa);
413			} else
414		8	i = PEM_write_bio_RSAPrivateKey(out, rsa,
415		8	rsa_config.enc, NULL, 0, NULL, passout);
416			#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
417			} else if (rsa_config.outformat == FORMAT_MSBLOB \|\|
418			rsa_config.outformat == FORMAT_PVK) {
419			EVP_PKEY *pk;
420			pk = EVP_PKEY_new();
421			EVP_PKEY_set1_RSA(pk, rsa);
422			if (rsa_config.outformat == FORMAT_PVK)
423			i = i2b_PVK_bio(out, pk, rsa_config.pvk_encr, 0,
424			passout);
425			else if (rsa_config.pubin \|\| rsa_config.pubout)
426			i = i2b_PublicKey_bio(out, pk);
427			else
428			i = i2b_PrivateKey_bio(out, pk);
429			EVP_PKEY_free(pk);
430			#endif
431			} else {
432			BIO_printf(bio_err,
433			"bad output format specified for outfile\n");
434			goto end;
435			}
436	✗✓	8	if (i <= 0) {
437			BIO_printf(bio_err, "unable to write key\n");
438			ERR_print_errors(bio_err);
439			} else
440			ret = 0;
441
442			end:
443		16	BIO_free_all(out);
444		16	RSA_free(rsa);
445		16	free(passin);
446		16	free(passout);
447
448		16	return (ret);
449		16	}