1: /* apps/dsa.c */
    2: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
    3:  * All rights reserved.
    4:  *
    5:  * This package is an SSL implementation written
    6:  * by Eric Young (eay@cryptsoft.com).
    7:  * The implementation was written so as to conform with Netscapes SSL.
    8:  * 
    9:  * This library is free for commercial and non-commercial use as long as
   10:  * the following conditions are aheared to.  The following conditions
   11:  * apply to all code found in this distribution, be it the RC4, RSA,
   12:  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
   13:  * included with this distribution is covered by the same copyright terms
   14:  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
   15:  * 
   16:  * Copyright remains Eric Young's, and as such any Copyright notices in
   17:  * the code are not to be removed.
   18:  * If this package is used in a product, Eric Young should be given attribution
   19:  * as the author of the parts of the library used.
   20:  * This can be in the form of a textual message at program startup or
   21:  * in documentation (online or textual) provided with the package.
   22:  * 
   23:  * Redistribution and use in source and binary forms, with or without
   24:  * modification, are permitted provided that the following conditions
   25:  * are met:
   26:  * 1. Redistributions of source code must retain the copyright
   27:  *    notice, this list of conditions and the following disclaimer.
   28:  * 2. Redistributions in binary form must reproduce the above copyright
   29:  *    notice, this list of conditions and the following disclaimer in the
   30:  *    documentation and/or other materials provided with the distribution.
   31:  * 3. All advertising materials mentioning features or use of this software
   32:  *    must display the following acknowledgement:
   33:  *    "This product includes cryptographic software written by
   34:  *     Eric Young (eay@cryptsoft.com)"
   35:  *    The word 'cryptographic' can be left out if the rouines from the library
   36:  *    being used are not cryptographic related :-).
   37:  * 4. If you include any Windows specific code (or a derivative thereof) from 
   38:  *    the apps directory (application code) you must include an acknowledgement:
   39:  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
   40:  * 
   41:  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
   42:  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   43:  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   44:  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   45:  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   46:  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   47:  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   48:  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   49:  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   50:  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   51:  * SUCH DAMAGE.
   52:  * 
   53:  * The licence and distribution terms for any publically available version or
   54:  * derivative of this code cannot be changed.  i.e. this code cannot simply be
   55:  * copied and put under another distribution licence
   56:  * [including the GNU Public Licence.]
   57:  */
   58: 
   59: #include <openssl/opensslconf.h>        /* for OPENSSL_NO_DSA */
   60: #ifndef OPENSSL_NO_DSA
   61: #include <stdio.h>
   62: #include <stdlib.h>
   63: #include <string.h>
   64: #include <time.h>
   65: #include "apps.h"
   66: #include <openssl/bio.h>
   67: #include <openssl/err.h>
   68: #include <openssl/dsa.h>
   69: #include <openssl/evp.h>
   70: #include <openssl/x509.h>
   71: #include <openssl/pem.h>
   72: #include <openssl/bn.h>
   73: 
   74: #undef PROG
   75: #define PROG    dsa_main
   76: 
   77: /* -inform arg  - input format - default PEM (one of DER, NET or PEM)
   78:  * -outform arg - output format - default PEM
   79:  * -in arg      - input file - default stdin
   80:  * -out arg     - output file - default stdout
   81:  * -des         - encrypt output if PEM format with DES in cbc mode
   82:  * -des3        - encrypt output if PEM format
   83:  * -idea        - encrypt output if PEM format
   84:  * -aes128      - encrypt output if PEM format
   85:  * -aes192      - encrypt output if PEM format
   86:  * -aes256      - encrypt output if PEM format
   87:  * -camellia128 - encrypt output if PEM format
   88:  * -camellia192 - encrypt output if PEM format
   89:  * -camellia256 - encrypt output if PEM format
   90:  * -seed        - encrypt output if PEM format
   91:  * -text        - print a text version
   92:  * -modulus     - print the DSA public key
   93:  */
   94: 
   95: int MAIN(int, char **);
   96: 
   97: int MAIN(int argc, char **argv)
   98:         {
   99: #ifndef OPENSSL_NO_ENGINE
  100:         ENGINE *e = NULL;
  101: #endif
  102:         int ret=1;
  103:         DSA *dsa=NULL;
  104:         int i,badops=0;
  105:         const EVP_CIPHER *enc=NULL;
  106:         BIO *in=NULL,*out=NULL;
  107:         int informat,outformat,text=0,noout=0;
  108:         int pubin = 0, pubout = 0;
  109:         char *infile,*outfile,*prog;
  110: #ifndef OPENSSL_NO_ENGINE
  111:         char *engine;
  112: #endif
  113:         char *passargin = NULL, *passargout = NULL;
  114:         char *passin = NULL, *passout = NULL;
  115:         int modulus=0;
  116: 
  117:         apps_startup();
  118: 
  119:         if (bio_err == NULL)
  120:                 if ((bio_err=BIO_new(BIO_s_file())) != NULL)
  121:                         BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
  122: 
  123:         if (!load_config(bio_err, NULL))
  124:                 goto end;
  125: 
  126: #ifndef OPENSSL_NO_ENGINE
  127:         engine=NULL;
  128: #endif
  129:         infile=NULL;
  130:         outfile=NULL;
  131:         informat=FORMAT_PEM;
  132:         outformat=FORMAT_PEM;
  133: 
  134:         prog=argv[0];
  135:         argc--;
  136:         argv++;
  137:         while (argc >= 1)
  138:                 {
  139:                 if    (strcmp(*argv,"-inform") == 0)
  140:                         {
  141:                         if (--argc < 1) goto bad;
  142:                         informat=str2fmt(*(++argv));
  143:                         }
  144:                 else if (strcmp(*argv,"-outform") == 0)
  145:                         {
  146:                         if (--argc < 1) goto bad;
  147:                         outformat=str2fmt(*(++argv));
  148:                         }
  149:                 else if (strcmp(*argv,"-in") == 0)
  150:                         {
  151:                         if (--argc < 1) goto bad;
  152:                         infile= *(++argv);
  153:                         }
  154:                 else if (strcmp(*argv,"-out") == 0)
  155:                         {
  156:                         if (--argc < 1) goto bad;
  157:                         outfile= *(++argv);
  158:                         }
  159:                 else if (strcmp(*argv,"-passin") == 0)
  160:                         {
  161:                         if (--argc < 1) goto bad;
  162:                         passargin= *(++argv);
  163:                         }
  164:                 else if (strcmp(*argv,"-passout") == 0)
  165:                         {
  166:                         if (--argc < 1) goto bad;
  167:                         passargout= *(++argv);
  168:                         }
  169: #ifndef OPENSSL_NO_ENGINE
  170:                 else if (strcmp(*argv,"-engine") == 0)
  171:                         {
  172:                         if (--argc < 1) goto bad;
  173:                         engine= *(++argv);
  174:                         }
  175: #endif
  176:                 else if (strcmp(*argv,"-noout") == 0)
  177:                         noout=1;
  178:                 else if (strcmp(*argv,"-text") == 0)
  179:                         text=1;
  180:                 else if (strcmp(*argv,"-modulus") == 0)
  181:                         modulus=1;
  182:                 else if (strcmp(*argv,"-pubin") == 0)
  183:                         pubin=1;
  184:                 else if (strcmp(*argv,"-pubout") == 0)
  185:                         pubout=1;
  186:                 else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
  187:                         {
  188:                         BIO_printf(bio_err,"unknown option %s\n",*argv);
  189:                         badops=1;
  190:                         break;
  191:                         }
  192:                 argc--;
  193:                 argv++;
  194:                 }
  195: 
  196:         if (badops)
  197:                 {
  198: bad:
  199:                 BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
  200:                 BIO_printf(bio_err,"where options are\n");
  201:                 BIO_printf(bio_err," -inform arg     input format - DER or PEM\n");
  202:                 BIO_printf(bio_err," -outform arg    output format - DER or PEM\n");
  203:                 BIO_printf(bio_err," -in arg         input file\n");
  204:                 BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
  205:                 BIO_printf(bio_err," -out arg        output file\n");
  206:                 BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
  207: #ifndef OPENSSL_NO_ENGINE
  208:                 BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
  209: #endif
  210:                 BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
  211:                 BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
  212: #ifndef OPENSSL_NO_IDEA
  213:                 BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
  214: #endif
  215: #ifndef OPENSSL_NO_AES
  216:                 BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
  217:                 BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
  218: #endif
  219: #ifndef OPENSSL_NO_CAMELLIA
  220:                 BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
  221:                 BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
  222: #endif
  223: #ifndef OPENSSL_NO_SEED
  224:                 BIO_printf(bio_err," -seed           encrypt PEM output with cbc seed\n");
  225: #endif
  226:                 BIO_printf(bio_err," -text           print the key in text\n");
  227:                 BIO_printf(bio_err," -noout          don't print key out\n");
  228:                 BIO_printf(bio_err," -modulus        print the DSA public value\n");
  229:                 goto end;
  230:                 }
  231: 
  232:         ERR_load_crypto_strings();
  233: 
  234: #ifndef OPENSSL_NO_ENGINE
  235:         e = setup_engine(bio_err, engine, 0);
  236: #endif
  237: 
  238:         if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
  239:                 BIO_printf(bio_err, "Error getting passwords\n");
  240:                 goto end;
  241:         }
  242: 
  243:         in=BIO_new(BIO_s_file());
  244:         out=BIO_new(BIO_s_file());
  245:         if ((in == NULL) || (out == NULL))
  246:                 {
  247:                 ERR_print_errors(bio_err);
  248:                 goto end;
  249:                 }
  250: 
  251:         if (infile == NULL)
  252:                 BIO_set_fp(in,stdin,BIO_NOCLOSE);
  253:         else
  254:                 {
  255:                 if (BIO_read_filename(in,infile) <= 0)
  256:                         {
  257:                         perror(infile);
  258:                         goto end;
  259:                         }
  260:                 }
  261: 
  262:         BIO_printf(bio_err,"read DSA key\n");
  263:         if     (informat == FORMAT_ASN1) {
  264:                 if(pubin) dsa=d2i_DSA_PUBKEY_bio(in,NULL);
  265:                 else dsa=d2i_DSAPrivateKey_bio(in,NULL);
  266:         } else if (informat == FORMAT_PEM) {
  267:                 if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL);
  268:                 else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin);
  269:         } else
  270:                 {
  271:                 BIO_printf(bio_err,"bad input format specified for key\n");
  272:                 goto end;
  273:                 }
  274:         if (dsa == NULL)
  275:                 {
  276:                 BIO_printf(bio_err,"unable to load Key\n");
  277:                 ERR_print_errors(bio_err);
  278:                 goto end;
  279:                 }
  280: 
  281:         if (outfile == NULL)
  282:                 {
  283:                 BIO_set_fp(out,stdout,BIO_NOCLOSE);
  284: #ifdef OPENSSL_SYS_VMS
  285:                 {
  286:                 BIO *tmpbio = BIO_new(BIO_f_linebuffer());
  287:                 out = BIO_push(tmpbio, out);
  288:                 }
  289: #endif
  290:                 }
  291:         else
  292:                 {
  293:                 if (BIO_write_filename(out,outfile) <= 0)
  294:                         {
  295:                         perror(outfile);
  296:                         goto end;
  297:                         }
  298:                 }
  299: 
  300:         if (text) 
  301:                 if (!DSA_print(out,dsa,0))
  302:                         {
  303:                         perror(outfile);
  304:                         ERR_print_errors(bio_err);
  305:                         goto end;
  306:                         }
  307: 
  308:         if (modulus)
  309:                 {
  310:                 fprintf(stdout,"Public Key=");
  311:                 BN_print(out,dsa->pub_key);
  312:                 fprintf(stdout,"\n");
  313:                 }
  314: 
  315:         if (noout) goto end;
  316:         BIO_printf(bio_err,"writing DSA key\n");
  317:         if     (outformat == FORMAT_ASN1) {
  318:                 if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa);
  319:                 else i=i2d_DSAPrivateKey_bio(out,dsa);
  320:         } else if (outformat == FORMAT_PEM) {
  321:                 if(pubin || pubout)
  322:                         i=PEM_write_bio_DSA_PUBKEY(out,dsa);
  323:                 else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,
  324:                                                         NULL,0,NULL, passout);
  325:         } else {
  326:                 BIO_printf(bio_err,"bad output format specified for outfile\n");
  327:                 goto end;
  328:                 }
  329:         if (!i)
  330:                 {
  331:                 BIO_printf(bio_err,"unable to write private key\n");
  332:                 ERR_print_errors(bio_err);
  333:                 }
  334:         else
  335:                 ret=0;
  336: end:
  337:         if(in != NULL) BIO_free(in);
  338:         if(out != NULL) BIO_free_all(out);
  339:         if(dsa != NULL) DSA_free(dsa);
  340:         if(passin) OPENSSL_free(passin);
  341:         if(passout) OPENSSL_free(passout);
  342:         apps_shutdown();
  343:         OPENSSL_EXIT(ret);
  344:         }
  345: #endif