rsa.c revision 55714
155714Skris/* apps/rsa.c */ 255714Skris/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 355714Skris * All rights reserved. 455714Skris * 555714Skris * This package is an SSL implementation written 655714Skris * by Eric Young (eay@cryptsoft.com). 755714Skris * The implementation was written so as to conform with Netscapes SSL. 855714Skris * 955714Skris * This library is free for commercial and non-commercial use as long as 1055714Skris * the following conditions are aheared to. The following conditions 1155714Skris * apply to all code found in this distribution, be it the RC4, RSA, 1255714Skris * lhash, DES, etc., code; not just the SSL code. The SSL documentation 1355714Skris * included with this distribution is covered by the same copyright terms 1455714Skris * except that the holder is Tim Hudson (tjh@cryptsoft.com). 1555714Skris * 1655714Skris * Copyright remains Eric Young's, and as such any Copyright notices in 1755714Skris * the code are not to be removed. 1855714Skris * If this package is used in a product, Eric Young should be given attribution 1955714Skris * as the author of the parts of the library used. 2055714Skris * This can be in the form of a textual message at program startup or 2155714Skris * in documentation (online or textual) provided with the package. 2255714Skris * 2355714Skris * Redistribution and use in source and binary forms, with or without 2455714Skris * modification, are permitted provided that the following conditions 2555714Skris * are met: 2655714Skris * 1. Redistributions of source code must retain the copyright 2755714Skris * notice, this list of conditions and the following disclaimer. 2855714Skris * 2. Redistributions in binary form must reproduce the above copyright 2955714Skris * notice, this list of conditions and the following disclaimer in the 3055714Skris * documentation and/or other materials provided with the distribution. 3155714Skris * 3. All advertising materials mentioning features or use of this software 3255714Skris * must display the following acknowledgement: 3355714Skris * "This product includes cryptographic software written by 3455714Skris * Eric Young (eay@cryptsoft.com)" 3555714Skris * The word 'cryptographic' can be left out if the rouines from the library 3655714Skris * being used are not cryptographic related :-). 3755714Skris * 4. If you include any Windows specific code (or a derivative thereof) from 3855714Skris * the apps directory (application code) you must include an acknowledgement: 3955714Skris * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 4055714Skris * 4155714Skris * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 4255714Skris * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 4355714Skris * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 4455714Skris * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 4555714Skris * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 4655714Skris * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 4755714Skris * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 4855714Skris * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 4955714Skris * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 5055714Skris * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 5155714Skris * SUCH DAMAGE. 5255714Skris * 5355714Skris * The licence and distribution terms for any publically available version or 5455714Skris * derivative of this code cannot be changed. i.e. this code cannot simply be 5555714Skris * copied and put under another distribution licence 5655714Skris * [including the GNU Public Licence.] 5755714Skris */ 5855714Skris 5955714Skris#ifndef NO_RSA 6055714Skris#include <stdio.h> 6155714Skris#include <stdlib.h> 6255714Skris#include <string.h> 6355714Skris#include <time.h> 6455714Skris#include "apps.h" 6555714Skris#include <openssl/bio.h> 6655714Skris#include <openssl/err.h> 6755714Skris#include <openssl/rsa.h> 6855714Skris#include <openssl/evp.h> 6955714Skris#include <openssl/x509.h> 7055714Skris#include <openssl/pem.h> 7155714Skris 7255714Skris#undef PROG 7355714Skris#define PROG rsa_main 7455714Skris 7555714Skris/* -inform arg - input format - default PEM (one of DER, NET or PEM) 7655714Skris * -outform arg - output format - default PEM 7755714Skris * -in arg - input file - default stdin 7855714Skris * -out arg - output file - default stdout 7955714Skris * -des - encrypt output if PEM format with DES in cbc mode 8055714Skris * -des3 - encrypt output if PEM format 8155714Skris * -idea - encrypt output if PEM format 8255714Skris * -text - print a text version 8355714Skris * -modulus - print the RSA key modulus 8455714Skris * -check - verify key consistency 8555714Skris */ 8655714Skris 8755714Skrisint MAIN(int argc, char **argv) 8855714Skris { 8955714Skris int ret=1; 9055714Skris RSA *rsa=NULL; 9155714Skris int i,badops=0; 9255714Skris const EVP_CIPHER *enc=NULL; 9355714Skris BIO *in=NULL,*out=NULL; 9455714Skris int informat,outformat,text=0,check=0,noout=0; 9555714Skris char *infile,*outfile,*prog; 9655714Skris int modulus=0; 9755714Skris 9855714Skris apps_startup(); 9955714Skris 10055714Skris if (bio_err == NULL) 10155714Skris if ((bio_err=BIO_new(BIO_s_file())) != NULL) 10255714Skris BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); 10355714Skris 10455714Skris infile=NULL; 10555714Skris outfile=NULL; 10655714Skris informat=FORMAT_PEM; 10755714Skris outformat=FORMAT_PEM; 10855714Skris 10955714Skris prog=argv[0]; 11055714Skris argc--; 11155714Skris argv++; 11255714Skris while (argc >= 1) 11355714Skris { 11455714Skris if (strcmp(*argv,"-inform") == 0) 11555714Skris { 11655714Skris if (--argc < 1) goto bad; 11755714Skris informat=str2fmt(*(++argv)); 11855714Skris } 11955714Skris else if (strcmp(*argv,"-outform") == 0) 12055714Skris { 12155714Skris if (--argc < 1) goto bad; 12255714Skris outformat=str2fmt(*(++argv)); 12355714Skris } 12455714Skris else if (strcmp(*argv,"-in") == 0) 12555714Skris { 12655714Skris if (--argc < 1) goto bad; 12755714Skris infile= *(++argv); 12855714Skris } 12955714Skris else if (strcmp(*argv,"-out") == 0) 13055714Skris { 13155714Skris if (--argc < 1) goto bad; 13255714Skris outfile= *(++argv); 13355714Skris } 13455714Skris else if (strcmp(*argv,"-noout") == 0) 13555714Skris noout=1; 13655714Skris else if (strcmp(*argv,"-text") == 0) 13755714Skris text=1; 13855714Skris else if (strcmp(*argv,"-modulus") == 0) 13955714Skris modulus=1; 14055714Skris else if (strcmp(*argv,"-check") == 0) 14155714Skris check=1; 14255714Skris else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL) 14355714Skris { 14455714Skris BIO_printf(bio_err,"unknown option %s\n",*argv); 14555714Skris badops=1; 14655714Skris break; 14755714Skris } 14855714Skris argc--; 14955714Skris argv++; 15055714Skris } 15155714Skris 15255714Skris if (badops) 15355714Skris { 15455714Skrisbad: 15555714Skris BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); 15655714Skris BIO_printf(bio_err,"where options are\n"); 15755714Skris BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n"); 15855714Skris BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n"); 15955714Skris BIO_printf(bio_err," -in arg input file\n"); 16055714Skris BIO_printf(bio_err," -out arg output file\n"); 16155714Skris BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); 16255714Skris BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); 16355714Skris#ifndef NO_IDEA 16455714Skris BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); 16555714Skris#endif 16655714Skris BIO_printf(bio_err," -text print the key in text\n"); 16755714Skris BIO_printf(bio_err," -noout don't print key out\n"); 16855714Skris BIO_printf(bio_err," -modulus print the RSA key modulus\n"); 16955714Skris BIO_printf(bio_err," -check verify key consistency\n"); 17055714Skris goto end; 17155714Skris } 17255714Skris 17355714Skris ERR_load_crypto_strings(); 17455714Skris 17555714Skris in=BIO_new(BIO_s_file()); 17655714Skris out=BIO_new(BIO_s_file()); 17755714Skris if ((in == NULL) || (out == NULL)) 17855714Skris { 17955714Skris ERR_print_errors(bio_err); 18055714Skris goto end; 18155714Skris } 18255714Skris 18355714Skris if (infile == NULL) 18455714Skris BIO_set_fp(in,stdin,BIO_NOCLOSE); 18555714Skris else 18655714Skris { 18755714Skris if (BIO_read_filename(in,infile) <= 0) 18855714Skris { 18955714Skris perror(infile); 19055714Skris goto end; 19155714Skris } 19255714Skris } 19355714Skris 19455714Skris BIO_printf(bio_err,"read RSA private key\n"); 19555714Skris if (informat == FORMAT_ASN1) 19655714Skris rsa=d2i_RSAPrivateKey_bio(in,NULL); 19755714Skris#ifndef NO_RC4 19855714Skris else if (informat == FORMAT_NETSCAPE) 19955714Skris { 20055714Skris BUF_MEM *buf=NULL; 20155714Skris unsigned char *p; 20255714Skris int size=0; 20355714Skris 20455714Skris buf=BUF_MEM_new(); 20555714Skris for (;;) 20655714Skris { 20755714Skris if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10))) 20855714Skris goto end; 20955714Skris i=BIO_read(in,&(buf->data[size]),1024*10); 21055714Skris size+=i; 21155714Skris if (i == 0) break; 21255714Skris if (i < 0) 21355714Skris { 21455714Skris perror("reading private key"); 21555714Skris BUF_MEM_free(buf); 21655714Skris goto end; 21755714Skris } 21855714Skris } 21955714Skris p=(unsigned char *)buf->data; 22055714Skris rsa=(RSA *)d2i_Netscape_RSA(NULL,&p,(long)size,NULL); 22155714Skris BUF_MEM_free(buf); 22255714Skris } 22355714Skris#endif 22455714Skris else if (informat == FORMAT_PEM) 22555714Skris rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL,NULL); 22655714Skris else 22755714Skris { 22855714Skris BIO_printf(bio_err,"bad input format specified for key\n"); 22955714Skris goto end; 23055714Skris } 23155714Skris if (rsa == NULL) 23255714Skris { 23355714Skris BIO_printf(bio_err,"unable to load Private Key\n"); 23455714Skris ERR_print_errors(bio_err); 23555714Skris goto end; 23655714Skris } 23755714Skris 23855714Skris if (outfile == NULL) 23955714Skris BIO_set_fp(out,stdout,BIO_NOCLOSE); 24055714Skris else 24155714Skris { 24255714Skris if (BIO_write_filename(out,outfile) <= 0) 24355714Skris { 24455714Skris perror(outfile); 24555714Skris goto end; 24655714Skris } 24755714Skris } 24855714Skris 24955714Skris if (text) 25055714Skris if (!RSA_print(out,rsa,0)) 25155714Skris { 25255714Skris perror(outfile); 25355714Skris ERR_print_errors(bio_err); 25455714Skris goto end; 25555714Skris } 25655714Skris 25755714Skris if (modulus) 25855714Skris { 25955714Skris fprintf(stdout,"Modulus="); 26055714Skris BN_print(out,rsa->n); 26155714Skris fprintf(stdout,"\n"); 26255714Skris } 26355714Skris 26455714Skris if (check) 26555714Skris { 26655714Skris int r = RSA_check_key(rsa); 26755714Skris 26855714Skris if (r == 1) 26955714Skris BIO_printf(out,"RSA key ok\n"); 27055714Skris else if (r == 0) 27155714Skris { 27255714Skris long e; 27355714Skris 27455714Skris while ((e = ERR_peek_error()) != 0 && 27555714Skris ERR_GET_LIB(e) == ERR_LIB_RSA && 27655714Skris ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY && 27755714Skris ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE) 27855714Skris { 27955714Skris BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e)); 28055714Skris ERR_get_error(); /* remove e from error stack */ 28155714Skris } 28255714Skris } 28355714Skris 28455714Skris if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */ 28555714Skris { 28655714Skris ERR_print_errors(bio_err); 28755714Skris goto end; 28855714Skris } 28955714Skris } 29055714Skris 29155714Skris if (noout) goto end; 29255714Skris BIO_printf(bio_err,"writing RSA private key\n"); 29355714Skris if (outformat == FORMAT_ASN1) 29455714Skris i=i2d_RSAPrivateKey_bio(out,rsa); 29555714Skris#ifndef NO_RC4 29655714Skris else if (outformat == FORMAT_NETSCAPE) 29755714Skris { 29855714Skris unsigned char *p,*pp; 29955714Skris int size; 30055714Skris 30155714Skris i=1; 30255714Skris size=i2d_Netscape_RSA(rsa,NULL,NULL); 30355714Skris if ((p=(unsigned char *)Malloc(size)) == NULL) 30455714Skris { 30555714Skris BIO_printf(bio_err,"Malloc failure\n"); 30655714Skris goto end; 30755714Skris } 30855714Skris pp=p; 30955714Skris i2d_Netscape_RSA(rsa,&p,NULL); 31055714Skris BIO_write(out,(char *)pp,size); 31155714Skris Free(pp); 31255714Skris } 31355714Skris#endif 31455714Skris else if (outformat == FORMAT_PEM) 31555714Skris i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL,NULL); 31655714Skris else { 31755714Skris BIO_printf(bio_err,"bad output format specified for outfile\n"); 31855714Skris goto end; 31955714Skris } 32055714Skris if (!i) 32155714Skris { 32255714Skris BIO_printf(bio_err,"unable to write private key\n"); 32355714Skris ERR_print_errors(bio_err); 32455714Skris } 32555714Skris else 32655714Skris ret=0; 32755714Skrisend: 32855714Skris if (in != NULL) BIO_free(in); 32955714Skris if (out != NULL) BIO_free(out); 33055714Skris if (rsa != NULL) RSA_free(rsa); 33155714Skris EXIT(ret); 33255714Skris } 33355714Skris#endif 334