1 /* apps/gendsa.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #ifndef NO_DSA 60 #include <stdio.h> 61 #include <string.h> 62 #include <sys/types.h> 63 #include <sys/stat.h> 64 #include "apps.h" 65 #include <openssl/bio.h> 66 #include <openssl/rand.h> 67 #include <openssl/err.h> 68 #include <openssl/bn.h> 69 #include <openssl/dsa.h> 70 #include <openssl/x509.h> 71 #include <openssl/pem.h> 72 73 #define DEFBITS 512 74 #undef PROG 75 #define PROG gendsa_main 76 77 static long dsa_load_rand(char *names); 78 int MAIN(int argc, char **argv) 79 { 80 char buffer[200]; 81 DSA *dsa=NULL; 82 int ret=1; 83 char *outfile=NULL; 84 char *inrand=NULL,*randfile,*dsaparams=NULL; 85 BIO *out=NULL,*in=NULL; 86 EVP_CIPHER *enc=NULL; 87 88 apps_startup(); 89 90 if (bio_err == NULL) 91 if ((bio_err=BIO_new(BIO_s_file())) != NULL) 92 BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); 93 94 argv++; 95 argc--; 96 for (;;) 97 { 98 if (argc <= 0) break; 99 if (strcmp(*argv,"-out") == 0) 100 { 101 if (--argc < 1) goto bad; 102 outfile= *(++argv); 103 } 104 else if (strcmp(*argv,"-rand") == 0) 105 { 106 if (--argc < 1) goto bad; 107 inrand= *(++argv); 108 } 109 else if (strcmp(*argv,"-") == 0) 110 goto bad; 111 #ifndef NO_DES 112 else if (strcmp(*argv,"-des") == 0) 113 enc=EVP_des_cbc(); 114 else if (strcmp(*argv,"-des3") == 0) 115 enc=EVP_des_ede3_cbc(); 116 #endif 117 #ifndef NO_IDEA 118 else if (strcmp(*argv,"-idea") == 0) 119 enc=EVP_idea_cbc(); 120 #endif 121 else if (**argv != '-' && dsaparams == NULL) 122 { 123 dsaparams = *argv; 124 } 125 else 126 goto bad; 127 argv++; 128 argc--; 129 } 130 131 if (dsaparams == NULL) 132 { 133 bad: 134 BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n"); 135 BIO_printf(bio_err," -out file - output the key to 'file'\n"); 136 #ifndef NO_DES 137 BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); 138 BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); 139 #endif 140 #ifndef NO_IDEA 141 BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); 142 #endif 143 BIO_printf(bio_err," -rand file:file:...\n"); 144 BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); 145 BIO_printf(bio_err," the random number generator\n"); 146 BIO_printf(bio_err," dsaparam-file\n"); 147 BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n"); 148 goto end; 149 } 150 151 in=BIO_new(BIO_s_file()); 152 if (!(BIO_read_filename(in,dsaparams))) 153 { 154 perror(dsaparams); 155 goto end; 156 } 157 158 if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL) 159 { 160 BIO_printf(bio_err,"unable to load DSA parameter file\n"); 161 goto end; 162 } 163 BIO_free(in); 164 165 out=BIO_new(BIO_s_file()); 166 if (out == NULL) goto end; 167 168 if (outfile == NULL) 169 BIO_set_fp(out,stdout,BIO_NOCLOSE); 170 else 171 { 172 if (BIO_write_filename(out,outfile) <= 0) 173 { 174 perror(outfile); 175 goto end; 176 } 177 } 178 179 randfile=RAND_file_name(buffer,200); 180 if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L)) 181 BIO_printf(bio_err,"unable to load 'random state'\n"); 182 183 if (inrand == NULL) 184 BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); 185 else 186 { 187 BIO_printf(bio_err,"%ld semi-random bytes loaded\n", 188 dsa_load_rand(inrand)); 189 } 190 191 BIO_printf(bio_err,"Generating DSA key, %d bits\n", 192 BN_num_bits(dsa->p)); 193 if (!DSA_generate_key(dsa)) goto end; 194 195 if (randfile == NULL) 196 BIO_printf(bio_err,"unable to write 'random state'\n"); 197 else 198 RAND_write_file(randfile); 199 200 if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL,NULL)) 201 goto end; 202 ret=0; 203 end: 204 if (ret != 0) 205 ERR_print_errors(bio_err); 206 if (out != NULL) BIO_free(out); 207 if (dsa != NULL) DSA_free(dsa); 208 EXIT(ret); 209 } 210 211 static long dsa_load_rand(char *name) 212 { 213 char *p,*n; 214 int last; 215 long tot=0; 216 217 for (;;) 218 { 219 last=0; 220 for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); 221 if (*p == '\0') last=1; 222 *p='\0'; 223 n=name; 224 name=p+1; 225 if (*n == '\0') break; 226 227 tot+=RAND_load_file(n,1); 228 if (last) break; 229 } 230 return(tot); 231 } 232 #endif 233