The message to everyone is "Do not hack OpenSSL when stressed"...
Changes between 0.9.5a and 0.9.6 [xx XXX 2000]
- *) Add the possibility, through the -egd parameter, to tell the openssl
- applications that EGD should be used as seeding source, and where
- the EGD named socket is.
- [Richard Levitte]
-
- *) Add the possibility to tell RAND_egd() and RAND_egd_bytes() where
- the EGD named socket is through the environment variable RANDEGD.
- [Richard Levitte]
-
*) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
[Bodo Moeller]
#include <openssl/dh.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
-#include <openssl/rand.h>
#ifndef NO_DSA
#include <openssl/dsa.h>
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
- char *inrand=NULL, *inegd=NULL;
+ char *inrand=NULL;
int num = 0, g = 0;
apps_startup();
if (--argc < 1) goto bad;
inrand= *(++argv);
}
- else if (strcmp(*argv,"-egd") == 0)
- {
- if (--argc < 1) goto bad;
- inegd= *(++argv);
- }
else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
goto bad;
argv++;
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
- BIO_printf(bio_err," load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
- BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
BIO_printf(bio_err," -noout no output\n");
goto end;
}
if(num) {
- if (!app_RAND_load_file(NULL, bio_err, 1)
- && inrand == NULL && inegd == NULL)
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
#ifndef NO_DSA
if (dsaparam)
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
-#include <openssl/rand.h>
#undef PROG
#define PROG dsaparam_main
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,noout=0,C=0,ret=1;
- char *infile,*outfile,*prog,*inrand=NULL,*inegd=NULL;
+ char *infile,*outfile,*prog,*inrand=NULL;
int numbits= -1,num,genkey=0;
int need_rand=0;
inrand= *(++argv);
need_rand=1;
}
- else if (strcmp(*argv,"-egd") == 0)
- {
- if (--argc < 1) goto bad;
- inegd= *(++argv);
- need_rand=1;
- }
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (sscanf(*argv,"%d",&num) == 1)
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
- BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
- BIO_printf(bio_err," load the file (or the files in the directory) into\n");
- BIO_printf(bio_err," the random number generator\n");
- BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
+ BIO_printf(bio_err," -rand files to use for random number input\n");
BIO_printf(bio_err," number number of bits to use for generating private key\n");
goto end;
}
if (need_rand)
{
- app_RAND_load_file(NULL, bio_err,
- (inrand != NULL || inegd != NULL));
+ app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
}
if (numbits > 0)
int ret=1,num=DEFBITS;
int g=2;
char *outfile=NULL;
- char *inrand=NULL,*inegd=NULL;
+ char *inrand=NULL;
BIO *out=NULL;
apps_startup();
if (--argc < 1) goto bad;
inrand= *(++argv);
}
- else if (strcmp(*argv,"-egd") == 0)
- {
- if (--argc < 1) goto bad;
- inegd= *(++argv);
- }
else
break;
argv++;
bad:
BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
BIO_printf(bio_err," -out file - output the key to 'file\n");
- BIO_printf(bio_err," -2 - use 2 as the generator value\n");
- /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
- BIO_printf(bio_err," -5 - use 5 as the generator value\n");
+ BIO_printf(bio_err," -2 use 2 as the generator value\n");
+ /* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */
+ BIO_printf(bio_err," -5 use 5 as the generator value\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
- BIO_printf(bio_err," -egd file - load random seed from EGD socket\n");
goto end;
}
}
}
- if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
-#include <openssl/rand.h>
#define DEFBITS 512
#undef PROG
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
- char *inrand=NULL,*inegd=NULL,*dsaparams=NULL;
+ char *inrand=NULL,*dsaparams=NULL;
char *passargout = NULL, *passout = NULL;
BIO *out=NULL,*in=NULL;
EVP_CIPHER *enc=NULL;
if (--argc < 1) goto bad;
inrand= *(++argv);
}
- else if (strcmp(*argv,"-egd") == 0)
- {
- if (--argc < 1) goto bad;
- inegd= *(++argv);
- }
else if (strcmp(*argv,"-") == 0)
goto bad;
#ifndef NO_DES
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
- BIO_printf(bio_err," -egd file - load random seed from EGD socket\n");
BIO_printf(bio_err," dsaparam-file\n");
BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
goto end;
}
}
- if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
BIO_printf(bio_err,"Generating DSA key, %d bits\n",
BN_num_bits(dsa->p));
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
-#include <openssl/rand.h>
#define DEFBITS 512
#undef PROG
unsigned long f4=RSA_F4;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
- char *inrand=NULL,*inegd=NULL;
+ char *inrand=NULL;
BIO *out=NULL;
apps_startup();
if (--argc < 1) goto bad;
inrand= *(++argv);
}
- else if (strcmp(*argv,"-egd") == 0)
- {
- if (--argc < 1) goto bad;
- inegd= *(++argv);
- }
#ifndef NO_DES
else if (strcmp(*argv,"-des") == 0)
enc=EVP_des_cbc();
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
- BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
goto err;
}
}
}
- if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
num);
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/pem.h>
-#include <openssl/rand.h>
#include <openssl/pkcs12.h>
#define PROG pkcs12_main
char *cpass = NULL, *mpass = NULL;
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL;
- char *inrand = NULL,*inegd=NULL;
+ char *inrand = NULL;
apps_startup();
args++;
inrand = *args;
} else badarg = 1;
- } else if (!strcmp (*args, "-egd")) {
- if (args[1]) {
- args++;
- inegd = *args;
- } else badarg = 1;
} else if (!strcmp (*args, "-inkey")) {
if (args[1]) {
args++;
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
- BIO_printf(bio_err, "-egd file load random seed from EGD socket\n");
goto end;
}
}
if(export_cert || inrand) {
- app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
+ app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
}
ERR_load_crypto_strings();
/* -out file - write to file
* -rand file:file - PRNG seed files
- * -egd file - PRNG seed from EGD named socket
* -base64 - encode output
* num - write 'num' bytes
*/
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
- char *inrand = NULL,*inegd=NULL;
+ char *inrand = NULL;
int base64 = 0;
BIO *out = NULL;
int num = -1;
else
badopt = 1;
}
- else if (strcmp(argv[i], "-egd") == 0)
- {
- if ((argv[i+1] != NULL) && (inegd == NULL))
- inegd = argv[++i];
- else
- badopt = 1;
- }
else if (strcmp(argv[i], "-base64") == 0)
{
if (!base64)
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-out file - write to file\n");
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
- BIO_printf(bio_err, "-egd file - seed PRNG from EGD named socket\n");
BIO_printf(bio_err, "-base64 - encode output\n");
goto err;
}
- app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
+ app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
out = BIO_new(BIO_s_file());
if (out == NULL)
* -key file - make a request using key in file (or use it for verification).
* -keyform - key file format.
* -rand file(s) - load the file(s) into the PRNG.
- * -egd file - load PRNG seed from EGD named socket.
* -newkey - make a key and a request.
* -modulus - print RSA modulus.
* -x509 - output a self signed X509 structure instead.
char *req_exts = NULL;
EVP_CIPHER *cipher=NULL;
int modulus=0;
- char *inrand=NULL,*inegd=NULL;
+ char *inrand=NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
char *p;
if (--argc < 1) goto bad;
inrand= *(++argv);
}
- else if (strcmp(*argv,"-egd") == 0)
- {
- if (--argc < 1) goto bad;
- inegd= *(++argv);
- }
else if (strcmp(*argv,"-newkey") == 0)
{
int is_numeric;
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
- BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
app_RAND_load_file(randfile, bio_err, 0);
if (inrand)
app_RAND_load_files(inrand);
- if (inegd)
- RAND_egd(inegd);
-
+
if (newkey <= 0)
{
newkey=(int)CONF_get_number(req_conf,SECTION,BITS);
#include "apps.h"
#include <openssl/crypto.h>
#include <openssl/pem.h>
-#include <openssl/rand.h>
#include <openssl/err.h>
#undef PROG
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
char *passargin = NULL, *passin = NULL;
- char *inrand = NULL,*inegd=NULL;
+ char *inrand = NULL;
int need_rand = 0;
args = argv + 1;
inrand = *args;
} else badarg = 1;
need_rand = 1;
- } else if (!strcmp(*args,"-egd")) {
- if (args[1]) {
- args++;
- inegd = *args;
- } else badarg = 1;
- need_rand = 1;
} else if (!strcmp(*args,"-passin")) {
if (args[1]) {
args++;
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
- BIO_printf(bio_err, "-egd file load random seed from EGD socket\n");
BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n");
goto end;
}
}
if (need_rand) {
- app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
+ app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
- if (inegd != NULL)
- BIO_printf(bio_err,"%ld egd bytes loaded\n",
- RAND_egd(inegd));
}
ret = 2;
*
*/
-#include <stdlib.h>
#include <openssl/rand.h>
/* Query the EGD <URL: http://www.lothar.com/tech/crypto/>.
int RAND_egd(const char *path)
{
- const char *s;
int ret = -1;
struct sockaddr_un addr;
int len, num;
int fd = -1;
unsigned char buf[256];
- s=getenv("RANDEGD");
- if (s != NULL)
- path = s;
-
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
if (strlen(path) > sizeof(addr.sun_path))
int RAND_egd_bytes(const char *path,int bytes)
{
- const char *s;
int ret = 0;
struct sockaddr_un addr;
int len, num;
int fd = -1;
unsigned char buf[255];
- s=getenv("RANDEGD");
- if (s != NULL)
- path = s;
-
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
if (strlen(path) > sizeof(addr.sun_path))