X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;ds=sidebyside;f=apps%2Fgenpkey.c;h=3ae508c1c83b2c4a184bfc793f43f65a9d28ac6b;hb=8dd5c603b60d8dd2907fea6c9cdefff20b787845;hp=8f556f371be148a301c151141785e60897978843;hpb=dd1abd4462e4e4fa84b8f8de2ec70375f9b0e191;p=oweals%2Fopenssl.git diff --git a/apps/genpkey.c b/apps/genpkey.c index 8f556f371b..3ae508c1c8 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -1,7 +1,7 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. * - * Licensed under the OpenSSL license (the "License"). You may not use + * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html @@ -10,6 +10,7 @@ #include #include #include "apps.h" +#include "progs.h" #include #include #include @@ -27,20 +28,24 @@ typedef enum OPTION_choice { } OPTION_CHOICE; const OPTIONS genpkey_options[] = { + OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, - {"out", OPT_OUT, '>', "Output file"}, - {"outform", OPT_OUTFORM, 'F', "output format (DER or PEM)"}, - {"pass", OPT_PASS, 's', "Output file pass phrase source"}, +#ifndef OPENSSL_NO_ENGINE + {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, +#endif {"paramfile", OPT_PARAMFILE, '<', "Parameters file"}, {"algorithm", OPT_ALGORITHM, 's', "The public key algorithm"}, {"pkeyopt", OPT_PKEYOPT, 's', "Set the public key algorithm option as opt:value"}, + + OPT_SECTION("Output"), + {"out", OPT_OUT, '>', "Output file"}, + {"outform", OPT_OUTFORM, 'F', "output format (DER or PEM)"}, + {"pass", OPT_PASS, 's', "Output file pass phrase source"}, {"genparam", OPT_GENPARAM, '-', "Generate parameters, not key"}, {"text", OPT_TEXT, '-', "Print the in text"}, {"", OPT_CIPHER, '-', "Cipher to use to encrypt the key"}, -#ifndef OPENSSL_NO_ENGINE - {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, -#endif + /* This is deliberately last. */ {OPT_HELP_STR, 1, 1, "Order of options may be important! See the documentation.\n"}, @@ -119,6 +124,13 @@ int genpkey_main(int argc, char **argv) if (!opt_cipher(opt_unknown(), &cipher) || do_param == 1) goto opthelp; + if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE || + EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE || + EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE || + EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE) { + BIO_printf(bio_err, "%s: cipher mode not supported\n", prog); + goto end; + } } } argc = opt_num_rest(); @@ -156,9 +168,9 @@ int genpkey_main(int argc, char **argv) } } - if (do_param) + if (do_param) { rv = PEM_write_bio_Parameters(out, pkey); - else if (outformat == FORMAT_PEM) { + } else if (outformat == FORMAT_PEM) { assert(private); rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass); } else if (outformat == FORMAT_ASN1) { @@ -209,7 +221,7 @@ static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e) } pbio = BIO_new_file(file, "r"); - if (!pbio) { + if (pbio == NULL) { BIO_printf(bio_err, "Can't open parameter file %s\n", file); return 0; } @@ -217,7 +229,7 @@ static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e) pkey = PEM_read_bio_Parameters(pbio, NULL); BIO_free(pbio); - if (!pkey) { + if (pkey == NULL) { BIO_printf(bio_err, "Error reading parameter file %s\n", file); return 0; }