* Hudson (tjh@cryptsoft.com).
*
*/
+
+#ifndef OPENSSL_NO_RSA
+
#include "apps.h"
+#include <string.h>
#include <openssl/err.h>
#include <openssl/pem.h>
int MAIN(int argc, char **argv)
{
+ ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
+ char *engine = NULL;
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
argv++;
if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
pad = RSA_PKCS1_PADDING;
} else if(!strcmp(*argv, "-inkey")) {
if (--argc < 1) badarg = 1;
keyfile = *(++argv);
+ } else if (strcmp(*argv,"-keyform") == 0) {
+ if (--argc < 1) badarg = 1;
+ keyform=str2fmt(*(++argv));
+ } else if(!strcmp(*argv, "-engine")) {
+ if (--argc < 1) badarg = 1;
+ engine = *(++argv);
} else if(!strcmp(*argv, "-pubin")) {
key_type = KEY_PUBKEY;
} else if(!strcmp(*argv, "-certin")) {
else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
+ else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
else if(!strcmp(*argv, "-sign")) {
goto end;
}
+ e = setup_engine(bio_err, engine, 0);
+
+/* FIXME: seed PRNG only if needed */
+ app_RAND_load_file(NULL, bio_err, 0);
+
switch(key_type) {
case KEY_PRIVKEY:
- pkey = load_key(bio_err, keyfile, keyform, NULL);
+ pkey = load_key(bio_err, keyfile, keyform, 0,
+ NULL, e, "Private Key");
break;
case KEY_PUBKEY:
- pkey = load_pubkey(bio_err, keyfile, keyform);
+ pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+ NULL, e, "Public Key");
break;
case KEY_CERT:
- x = load_cert(bio_err, keyfile, keyform);
+ x = load_cert(bio_err, keyfile, keyform,
+ NULL, e, "Certificate");
if(x) {
pkey = X509_get_pubkey(x);
X509_free(x);
}
if(!pkey) {
- BIO_printf(bio_err, "Error loading key\n");
return 1;
}
ERR_print_errors(bio_err);
goto end;
}
- } else out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
keysize = RSA_size(rsa);
end:
RSA_free(rsa);
BIO_free(in);
- BIO_free(out);
+ BIO_free_all(out);
if(rsa_in) OPENSSL_free(rsa_in);
if(rsa_out) OPENSSL_free(rsa_out);
return ret;
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-inkey file input key\n");
+ BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
BIO_printf(bio_err, "-pubin input is an RSA public\n");
BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
BIO_printf(bio_err, "-raw use no padding\n");
- BIO_printf(bio_err, "-pkcs use PKCS#1 padding (default)\n");
+ BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n");
+ BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n");
BIO_printf(bio_err, "-sign sign with private key\n");
BIO_printf(bio_err, "-verify verify with public key\n");
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
+ BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
+
}
+#endif