genrsa.c 5.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196
  1. /*
  2. * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/opensslconf.h>
  10. #ifdef OPENSSL_NO_RSA
  11. NON_EMPTY_TRANSLATION_UNIT
  12. #else
  13. # include <stdio.h>
  14. # include <string.h>
  15. # include <sys/types.h>
  16. # include <sys/stat.h>
  17. # include "apps.h"
  18. # include "progs.h"
  19. # include <openssl/bio.h>
  20. # include <openssl/err.h>
  21. # include <openssl/bn.h>
  22. # include <openssl/rsa.h>
  23. # include <openssl/evp.h>
  24. # include <openssl/x509.h>
  25. # include <openssl/pem.h>
  26. # include <openssl/rand.h>
  27. # define DEFBITS 2048
  28. # define DEFPRIMES 2
  29. static int genrsa_cb(int p, int n, BN_GENCB *cb);
  30. typedef enum OPTION_choice {
  31. OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
  32. OPT_3, OPT_F4, OPT_ENGINE,
  33. OPT_OUT, OPT_PASSOUT, OPT_CIPHER, OPT_PRIMES,
  34. OPT_R_ENUM
  35. } OPTION_CHOICE;
  36. const OPTIONS genrsa_options[] = {
  37. {"help", OPT_HELP, '-', "Display this summary"},
  38. {"3", OPT_3, '-', "Use 3 for the E value"},
  39. {"F4", OPT_F4, '-', "Use F4 (0x10001) for the E value"},
  40. {"f4", OPT_F4, '-', "Use F4 (0x10001) for the E value"},
  41. {"out", OPT_OUT, '>', "Output the key to specified file"},
  42. OPT_R_OPTIONS,
  43. {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
  44. {"", OPT_CIPHER, '-', "Encrypt the output with any supported cipher"},
  45. # ifndef OPENSSL_NO_ENGINE
  46. {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
  47. # endif
  48. {"primes", OPT_PRIMES, 'p', "Specify number of primes"},
  49. {NULL}
  50. };
  51. int genrsa_main(int argc, char **argv)
  52. {
  53. BN_GENCB *cb = BN_GENCB_new();
  54. PW_CB_DATA cb_data;
  55. ENGINE *eng = NULL;
  56. BIGNUM *bn = BN_new();
  57. BIO *out = NULL;
  58. const BIGNUM *e;
  59. RSA *rsa = NULL;
  60. const EVP_CIPHER *enc = NULL;
  61. int ret = 1, num = DEFBITS, private = 0, primes = DEFPRIMES;
  62. unsigned long f4 = RSA_F4;
  63. char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
  64. char *prog, *hexe, *dece;
  65. OPTION_CHOICE o;
  66. if (bn == NULL || cb == NULL)
  67. goto end;
  68. BN_GENCB_set(cb, genrsa_cb, bio_err);
  69. prog = opt_init(argc, argv, genrsa_options);
  70. while ((o = opt_next()) != OPT_EOF) {
  71. switch (o) {
  72. case OPT_EOF:
  73. case OPT_ERR:
  74. opthelp:
  75. BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
  76. goto end;
  77. case OPT_HELP:
  78. ret = 0;
  79. opt_help(genrsa_options);
  80. goto end;
  81. case OPT_3:
  82. f4 = 3;
  83. break;
  84. case OPT_F4:
  85. f4 = RSA_F4;
  86. break;
  87. case OPT_OUT:
  88. outfile = opt_arg();
  89. break;
  90. case OPT_ENGINE:
  91. eng = setup_engine(opt_arg(), 0);
  92. break;
  93. case OPT_R_CASES:
  94. if (!opt_rand(o))
  95. goto end;
  96. break;
  97. case OPT_PASSOUT:
  98. passoutarg = opt_arg();
  99. break;
  100. case OPT_CIPHER:
  101. if (!opt_cipher(opt_unknown(), &enc))
  102. goto end;
  103. break;
  104. case OPT_PRIMES:
  105. if (!opt_int(opt_arg(), &primes))
  106. goto end;
  107. break;
  108. }
  109. }
  110. argc = opt_num_rest();
  111. argv = opt_rest();
  112. if (argc == 1) {
  113. if (!opt_int(argv[0], &num) || num <= 0)
  114. goto end;
  115. } else if (argc > 0) {
  116. BIO_printf(bio_err, "Extra arguments given.\n");
  117. goto opthelp;
  118. }
  119. private = 1;
  120. if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
  121. BIO_printf(bio_err, "Error getting password\n");
  122. goto end;
  123. }
  124. out = bio_open_owner(outfile, FORMAT_PEM, private);
  125. if (out == NULL)
  126. goto end;
  127. BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus (%d primes)\n",
  128. num, primes);
  129. rsa = eng ? RSA_new_method(eng) : RSA_new();
  130. if (rsa == NULL)
  131. goto end;
  132. if (!BN_set_word(bn, f4)
  133. || !RSA_generate_multi_prime_key(rsa, num, primes, bn, cb))
  134. goto end;
  135. RSA_get0_key(rsa, NULL, &e, NULL);
  136. hexe = BN_bn2hex(e);
  137. dece = BN_bn2dec(e);
  138. if (hexe && dece) {
  139. BIO_printf(bio_err, "e is %s (0x%s)\n", dece, hexe);
  140. }
  141. OPENSSL_free(hexe);
  142. OPENSSL_free(dece);
  143. cb_data.password = passout;
  144. cb_data.prompt_info = outfile;
  145. assert(private);
  146. if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
  147. (pem_password_cb *)password_callback,
  148. &cb_data))
  149. goto end;
  150. ret = 0;
  151. end:
  152. BN_free(bn);
  153. BN_GENCB_free(cb);
  154. RSA_free(rsa);
  155. BIO_free_all(out);
  156. release_engine(eng);
  157. OPENSSL_free(passout);
  158. if (ret != 0)
  159. ERR_print_errors(bio_err);
  160. return ret;
  161. }
  162. static int genrsa_cb(int p, int n, BN_GENCB *cb)
  163. {
  164. char c = '*';
  165. if (p == 0)
  166. c = '.';
  167. if (p == 1)
  168. c = '+';
  169. if (p == 2)
  170. c = '*';
  171. if (p == 3)
  172. c = '\n';
  173. BIO_write(BN_GENCB_get_arg(cb), &c, 1);
  174. (void)BIO_flush(BN_GENCB_get_arg(cb));
  175. return 1;
  176. }
  177. #endif