GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: usr.bin/openssl/gendsa.c Lines: 65 85 76.5 %
Date: 2017-11-13 Branches: 38 60 63.3 %

Line Branch Exec Source
1
/* $OpenBSD: gendsa.c,v 1.8 2017/01/20 08:57:12 deraadt Exp $ */
2
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3
 * All rights reserved.
4
 *
5
 * This package is an SSL implementation written
6
 * by Eric Young (eay@cryptsoft.com).
7
 * The implementation was written so as to conform with Netscapes SSL.
8
 *
9
 * This library is free for commercial and non-commercial use as long as
10
 * the following conditions are aheared to.  The following conditions
11
 * apply to all code found in this distribution, be it the RC4, RSA,
12
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13
 * included with this distribution is covered by the same copyright terms
14
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15
 *
16
 * Copyright remains Eric Young's, and as such any Copyright notices in
17
 * the code are not to be removed.
18
 * If this package is used in a product, Eric Young should be given attribution
19
 * as the author of the parts of the library used.
20
 * This can be in the form of a textual message at program startup or
21
 * in documentation (online or textual) provided with the package.
22
 *
23
 * Redistribution and use in source and binary forms, with or without
24
 * modification, are permitted provided that the following conditions
25
 * are met:
26
 * 1. Redistributions of source code must retain the copyright
27
 *    notice, this list of conditions and the following disclaimer.
28
 * 2. Redistributions in binary form must reproduce the above copyright
29
 *    notice, this list of conditions and the following disclaimer in the
30
 *    documentation and/or other materials provided with the distribution.
31
 * 3. All advertising materials mentioning features or use of this software
32
 *    must display the following acknowledgement:
33
 *    "This product includes cryptographic software written by
34
 *     Eric Young (eay@cryptsoft.com)"
35
 *    The word 'cryptographic' can be left out if the rouines from the library
36
 *    being used are not cryptographic related :-).
37
 * 4. If you include any Windows specific code (or a derivative thereof) from
38
 *    the apps directory (application code) you must include an acknowledgement:
39
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40
 *
41
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51
 * SUCH DAMAGE.
52
 *
53
 * The licence and distribution terms for any publically available version or
54
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55
 * copied and put under another distribution licence
56
 * [including the GNU Public Licence.]
57
 */
58
59
#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DSA */
60
61
62
#include <sys/types.h>
63
#include <sys/stat.h>
64
65
#include <stdio.h>
66
#include <string.h>
67
68
#include "apps.h"
69
70
#include <openssl/bio.h>
71
#include <openssl/bn.h>
72
#include <openssl/dsa.h>
73
#include <openssl/err.h>
74
#include <openssl/pem.h>
75
#include <openssl/x509.h>
76
77
int
78
gendsa_main(int argc, char **argv)
79
{
80
	DSA *dsa = NULL;
81
	int ret = 1;
82
	char *outfile = NULL;
83
	char *dsaparams = NULL;
84
16
	char *passargout = NULL, *passout = NULL;
85
	BIO *out = NULL, *in = NULL;
86
	const EVP_CIPHER *enc = NULL;
87
88
8
	if (single_execution) {
89
8
		if (pledge("stdio cpath wpath rpath tty flock", NULL) == -1) {
90
			perror("pledge");
91
			exit(1);
92
		}
93
	}
94
95
8
	argv++;
96
8
	argc--;
97
24
	for (;;) {
98
24
		if (argc <= 0)
99
			break;
100
20
		if (strcmp(*argv, "-out") == 0) {
101
4
			if (--argc < 1)
102
				goto bad;
103
4
			outfile = *(++argv);
104
20
		} else if (strcmp(*argv, "-passout") == 0) {
105
4
			if (--argc < 1)
106
				goto bad;
107
4
			passargout = *(++argv);
108
4
		}
109
12
		else if (strcmp(*argv, "-") == 0)
110
			goto bad;
111
#ifndef OPENSSL_NO_DES
112
12
		else if (strcmp(*argv, "-des") == 0)
113
			enc = EVP_des_cbc();
114
12
		else if (strcmp(*argv, "-des3") == 0)
115
4
			enc = EVP_des_ede3_cbc();
116
#endif
117
#ifndef OPENSSL_NO_IDEA
118
8
		else if (strcmp(*argv, "-idea") == 0)
119
			enc = EVP_idea_cbc();
120
#endif
121
#ifndef OPENSSL_NO_AES
122
8
		else if (strcmp(*argv, "-aes128") == 0)
123
			enc = EVP_aes_128_cbc();
124
8
		else if (strcmp(*argv, "-aes192") == 0)
125
			enc = EVP_aes_192_cbc();
126
8
		else if (strcmp(*argv, "-aes256") == 0)
127
			enc = EVP_aes_256_cbc();
128
#endif
129
#ifndef OPENSSL_NO_CAMELLIA
130
8
		else if (strcmp(*argv, "-camellia128") == 0)
131
			enc = EVP_camellia_128_cbc();
132
8
		else if (strcmp(*argv, "-camellia192") == 0)
133
			enc = EVP_camellia_192_cbc();
134
8
		else if (strcmp(*argv, "-camellia256") == 0)
135
			enc = EVP_camellia_256_cbc();
136
#endif
137
8
		else if (**argv != '-' && dsaparams == NULL) {
138
			dsaparams = *argv;
139
		} else
140
			goto bad;
141
16
		argv++;
142
16
		argc--;
143
	}
144
145
4
	if (dsaparams == NULL) {
146
bad:
147
4
		BIO_printf(bio_err, "usage: gendsa [args] dsaparam-file\n");
148
4
		BIO_printf(bio_err, " -out file - output the key to 'file'\n");
149
#ifndef OPENSSL_NO_DES
150
4
		BIO_printf(bio_err, " -des      - encrypt the generated key with DES in cbc mode\n");
151
4
		BIO_printf(bio_err, " -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
152
#endif
153
#ifndef OPENSSL_NO_IDEA
154
4
		BIO_printf(bio_err, " -idea     - encrypt the generated key with IDEA in cbc mode\n");
155
#endif
156
#ifndef OPENSSL_NO_AES
157
4
		BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
158
4
		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
159
#endif
160
#ifndef OPENSSL_NO_CAMELLIA
161
4
		BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
162
4
		BIO_printf(bio_err, "                 encrypt PEM output with cbc camellia\n");
163
#endif
164
4
		BIO_printf(bio_err, " dsaparam-file\n");
165
4
		BIO_printf(bio_err, "           - a DSA parameter file as generated by the dsaparam command\n");
166
4
		goto end;
167
	}
168
4
	if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
169
		BIO_printf(bio_err, "Error getting password\n");
170
		goto end;
171
	}
172
4
	in = BIO_new(BIO_s_file());
173
4
	if (!(BIO_read_filename(in, dsaparams))) {
174
		perror(dsaparams);
175
		goto end;
176
	}
177
4
	if ((dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL)) == NULL) {
178
		BIO_printf(bio_err, "unable to load DSA parameter file\n");
179
		goto end;
180
	}
181
4
	BIO_free(in);
182
	in = NULL;
183
184
4
	out = BIO_new(BIO_s_file());
185
4
	if (out == NULL)
186
		goto end;
187
188
4
	if (outfile == NULL) {
189
		BIO_set_fp(out, stdout, BIO_NOCLOSE);
190
	} else {
191
4
		if (BIO_write_filename(out, outfile) <= 0) {
192
			perror(outfile);
193
			goto end;
194
		}
195
	}
196
197
8
	BIO_printf(bio_err, "Generating DSA key, %d bits\n",
198
4
	    BN_num_bits(dsa->p));
199
4
	if (!DSA_generate_key(dsa))
200
		goto end;
201
202
4
	if (!PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout))
203
		goto end;
204
4
	ret = 0;
205
end:
206
8
	if (ret != 0)
207
4
		ERR_print_errors(bio_err);
208
8
	BIO_free(in);
209
8
	if (out != NULL)
210
4
		BIO_free_all(out);
211
8
	if (dsa != NULL)
212
4
		DSA_free(dsa);
213
8
	free(passout);
214
215
8
	return (ret);
216
8
}