xref: /freebsd/crypto/openssl/apps/rsa.c (revision 23f282aa31e9b6fceacd449020e936e98d6f2298) 
1 /* apps/rsa.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #ifndef NO_RSA
60 #include <stdio.h>
61 #include <stdlib.h>
62 #include <string.h>
63 #include <time.h>
64 #include "apps.h"
65 #include <openssl/bio.h>
66 #include <openssl/err.h>
67 #include <openssl/rsa.h>
68 #include <openssl/evp.h>
69 #include <openssl/x509.h>
70 #include <openssl/pem.h>
71 
72 #undef PROG
73 #define PROG	rsa_main
74 
75 /* -inform arg	- input format - default PEM (one of DER, NET or PEM)
76  * -outform arg - output format - default PEM
77  * -in arg	- input file - default stdin
78  * -out arg	- output file - default stdout
79  * -des		- encrypt output if PEM format with DES in cbc mode
80  * -des3	- encrypt output if PEM format
81  * -idea	- encrypt output if PEM format
82  * -text	- print a text version
83  * -modulus	- print the RSA key modulus
84  * -check	- verify key consistency
85  * -pubin	- Expect a public key in input file.
86  * -pubout	- Output a public key.
87  */
88 
89 int MAIN(int, char **);
90 
91 int MAIN(int argc, char **argv)
92 	{
93 	int ret=1;
94 	RSA *rsa=NULL;
95 	int i,badops=0;
96 	const EVP_CIPHER *enc=NULL;
97 	BIO *in=NULL,*out=NULL;
98 	int informat,outformat,text=0,check=0,noout=0;
99 	int pubin = 0, pubout = 0;
100 	char *infile,*outfile,*prog;
101 	char *passargin = NULL, *passargout = NULL;
102 	char *passin = NULL, *passout = NULL;
103 	int modulus=0;
104 
105 	apps_startup();
106 
107 	if (bio_err == NULL)
108 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
109 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
110 
111 	infile=NULL;
112 	outfile=NULL;
113 	informat=FORMAT_PEM;
114 	outformat=FORMAT_PEM;
115 
116 	prog=argv[0];
117 	argc--;
118 	argv++;
119 	while (argc >= 1)
120 		{
121 		if 	(strcmp(*argv,"-inform") == 0)
122 			{
123 			if (--argc < 1) goto bad;
124 			informat=str2fmt(*(++argv));
125 			}
126 		else if (strcmp(*argv,"-outform") == 0)
127 			{
128 			if (--argc < 1) goto bad;
129 			outformat=str2fmt(*(++argv));
130 			}
131 		else if (strcmp(*argv,"-in") == 0)
132 			{
133 			if (--argc < 1) goto bad;
134 			infile= *(++argv);
135 			}
136 		else if (strcmp(*argv,"-out") == 0)
137 			{
138 			if (--argc < 1) goto bad;
139 			outfile= *(++argv);
140 			}
141 		else if (strcmp(*argv,"-passin") == 0)
142 			{
143 			if (--argc < 1) goto bad;
144 			passargin= *(++argv);
145 			}
146 		else if (strcmp(*argv,"-passout") == 0)
147 			{
148 			if (--argc < 1) goto bad;
149 			passargout= *(++argv);
150 			}
151 		else if (strcmp(*argv,"-pubin") == 0)
152 			pubin=1;
153 		else if (strcmp(*argv,"-pubout") == 0)
154 			pubout=1;
155 		else if (strcmp(*argv,"-noout") == 0)
156 			noout=1;
157 		else if (strcmp(*argv,"-text") == 0)
158 			text=1;
159 		else if (strcmp(*argv,"-modulus") == 0)
160 			modulus=1;
161 		else if (strcmp(*argv,"-check") == 0)
162 			check=1;
163 		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
164 			{
165 			BIO_printf(bio_err,"unknown option %s\n",*argv);
166 			badops=1;
167 			break;
168 			}
169 		argc--;
170 		argv++;
171 		}
172 
173 	if (badops)
174 		{
175 bad:
176 		BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
177 		BIO_printf(bio_err,"where options are\n");
178 		BIO_printf(bio_err," -inform arg     input format - one of DER NET PEM\n");
179 		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
180 		BIO_printf(bio_err," -in arg         input file\n");
181 		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
182 		BIO_printf(bio_err," -out arg        output file\n");
183 		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
184 		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
185 		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
186 #ifndef NO_IDEA
187 		BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
188 #endif
189 		BIO_printf(bio_err," -text           print the key in text\n");
190 		BIO_printf(bio_err," -noout          don't print key out\n");
191 		BIO_printf(bio_err," -modulus        print the RSA key modulus\n");
192 		BIO_printf(bio_err," -check          verify key consistency\n");
193 		BIO_printf(bio_err," -pubin          expect a public key in input file\n");
194 		BIO_printf(bio_err," -pubout         output a public key\n");
195 		goto end;
196 		}
197 
198 	ERR_load_crypto_strings();
199 
200 	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
201 		BIO_printf(bio_err, "Error getting passwords\n");
202 		goto end;
203 	}
204 
205 	if(check && pubin) {
206 		BIO_printf(bio_err, "Only private keys can be checked\n");
207 		goto end;
208 	}
209 
210 	in=BIO_new(BIO_s_file());
211 	out=BIO_new(BIO_s_file());
212 	if ((in == NULL) || (out == NULL))
213 		{
214 		ERR_print_errors(bio_err);
215 		goto end;
216 		}
217 
218 	if (infile == NULL)
219 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
220 	else
221 		{
222 		if (BIO_read_filename(in,infile) <= 0)
223 			{
224 			perror(infile);
225 			goto end;
226 			}
227 		}
228 
229 	BIO_printf(bio_err,"read RSA key\n");
230 	if	(informat == FORMAT_ASN1) {
231 		if (pubin) rsa=d2i_RSA_PUBKEY_bio(in,NULL);
232 		else rsa=d2i_RSAPrivateKey_bio(in,NULL);
233 	}
234 #ifndef NO_RC4
235 	else if (informat == FORMAT_NETSCAPE)
236 		{
237 		BUF_MEM *buf=NULL;
238 		unsigned char *p;
239 		int size=0;
240 
241 		buf=BUF_MEM_new();
242 		for (;;)
243 			{
244 			if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
245 				goto end;
246 			i=BIO_read(in,&(buf->data[size]),1024*10);
247 			size+=i;
248 			if (i == 0) break;
249 			if (i < 0)
250 				{
251 				perror("reading private key");
252 				BUF_MEM_free(buf);
253 				goto end;
254 				}
255 			}
256 		p=(unsigned char *)buf->data;
257 		rsa=d2i_Netscape_RSA(NULL,&p,(long)size,NULL);
258 		BUF_MEM_free(buf);
259 		}
260 #endif
261 	else if (informat == FORMAT_PEM) {
262 		if(pubin) rsa=PEM_read_bio_RSA_PUBKEY(in,NULL,NULL,NULL);
263 		else rsa=PEM_read_bio_RSAPrivateKey(in,NULL, NULL,passin);
264 	}
265 	else
266 		{
267 		BIO_printf(bio_err,"bad input format specified for key\n");
268 		goto end;
269 		}
270 	if (rsa == NULL)
271 		{
272 		BIO_printf(bio_err,"unable to load key\n");
273 		ERR_print_errors(bio_err);
274 		goto end;
275 		}
276 
277 	if (outfile == NULL)
278 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
279 	else
280 		{
281 		if (BIO_write_filename(out,outfile) <= 0)
282 			{
283 			perror(outfile);
284 			goto end;
285 			}
286 		}
287 
288 	if (text)
289 		if (!RSA_print(out,rsa,0))
290 			{
291 			perror(outfile);
292 			ERR_print_errors(bio_err);
293 			goto end;
294 			}
295 
296 	if (modulus)
297 		{
298 		BIO_printf(out,"Modulus=");
299 		BN_print(out,rsa->n);
300 		BIO_printf(out,"\n");
301 		}
302 
303 	if (check)
304 		{
305 		int r = RSA_check_key(rsa);
306 
307 		if (r == 1)
308 			BIO_printf(out,"RSA key ok\n");
309 		else if (r == 0)
310 			{
311 			long e;
312 
313 			while ((e = ERR_peek_error()) != 0 &&
314 				ERR_GET_LIB(e) == ERR_LIB_RSA &&
315 				ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY &&
316 				ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE)
317 				{
318 				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
319 				ERR_get_error(); /* remove e from error stack */
320 				}
321 			}
322 
323 		if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
324 			{
325 			ERR_print_errors(bio_err);
326 			goto end;
327 			}
328 		}
329 
330 	if (noout)
331 		{
332 		ret = 0;
333 		goto end;
334 		}
335 	BIO_printf(bio_err,"writing RSA key\n");
336 	if 	(outformat == FORMAT_ASN1) {
337 		if(pubout || pubin) i=i2d_RSA_PUBKEY_bio(out,rsa);
338 		else i=i2d_RSAPrivateKey_bio(out,rsa);
339 	}
340 #ifndef NO_RC4
341 	else if (outformat == FORMAT_NETSCAPE)
342 		{
343 		unsigned char *p,*pp;
344 		int size;
345 
346 		i=1;
347 		size=i2d_Netscape_RSA(rsa,NULL,NULL);
348 		if ((p=(unsigned char *)Malloc(size)) == NULL)
349 			{
350 			BIO_printf(bio_err,"Malloc failure\n");
351 			goto end;
352 			}
353 		pp=p;
354 		i2d_Netscape_RSA(rsa,&p,NULL);
355 		BIO_write(out,(char *)pp,size);
356 		Free(pp);
357 		}
358 #endif
359 	else if (outformat == FORMAT_PEM) {
360 		if(pubout || pubin)
361 		    i=PEM_write_bio_RSA_PUBKEY(out,rsa);
362 		else i=PEM_write_bio_RSAPrivateKey(out,rsa,
363 						enc,NULL,0,NULL,passout);
364 	} else	{
365 		BIO_printf(bio_err,"bad output format specified for outfile\n");
366 		goto end;
367 		}
368 	if (!i)
369 		{
370 		BIO_printf(bio_err,"unable to write key\n");
371 		ERR_print_errors(bio_err);
372 		}
373 	else
374 		ret=0;
375 end:
376 	if(in != NULL) BIO_free(in);
377 	if(out != NULL) BIO_free(out);
378 	if(rsa != NULL) RSA_free(rsa);
379 	if(passin) Free(passin);
380 	if(passout) Free(passout);
381 	EXIT(ret);
382 	}
383 #else /* !NO_RSA */
384 
385 # if PEDANTIC
386 static void *dummy=&dummy;
387 # endif
388 
389 #endif
390