From 7f9b7b074dd0fd8213947ec08802cdabaeb4ea41 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 9 Jan 1999 17:29:34 +0000 Subject: [PATCH] Fix the gendsa program and add it to the app list. The progs.h file is auto generated but not auto updated so it is included. Also remove the encryption from the sample DSA keys. --- CHANGES | 5 +++++ apps/Makefile.ssl | 6 +++--- apps/dsa-ca.pem | 23 ++++++++++------------- apps/dsa-pca.pem | 23 ++++++++++------------- apps/gendsa.c | 32 +++++++++++++++++++++++++------- apps/progs.h | 5 +++++ 6 files changed, 58 insertions(+), 36 deletions(-) diff --git a/CHANGES b/CHANGES index 8bda119818..18f4f48381 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,11 @@ Changes between 0.9.1c and 0.9.2 + *) Get the gendsa program working (hopefully) and add it to app list. Remove + encryption from sample DSA keys (in case anyone is interested the password + was "1234"). + [Steve Henson] + *) Make _all_ *_free functions accept a NULL pointer. [Frans Heymans ] diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 54f4091398..a225bd4470 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -33,7 +33,7 @@ EXE= $(PROGRAM) E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \ rsa dsa dsaparam \ - x509 genrsa s_server s_client speed \ + x509 genrsa gendsa s_server s_client speed \ s_time version pkcs7 crl2pkcs7 sess_id ciphers PROGS= $(PROGRAM).c @@ -46,7 +46,7 @@ S_SRC= s_cb.c s_socket.c E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \ pkcs7.o crl2p7.o crl.o \ rsa.o dsa.o dsaparam.o \ - x509.o genrsa.o s_server.o s_client.o speed.o \ + x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \ ciphers.o @@ -55,7 +55,7 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \ E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \ pkcs7.c crl2p7.c crl.c \ rsa.c dsa.c dsaparam.c \ - x509.c genrsa.c s_server.c s_client.c speed.c \ + x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \ ciphers.c diff --git a/apps/dsa-ca.pem b/apps/dsa-ca.pem index 9eb08f3ddd..cccc14208f 100644 --- a/apps/dsa-ca.pem +++ b/apps/dsa-ca.pem @@ -1,17 +1,14 @@ -----BEGIN DSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0 - -svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0 -Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl -Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/ -par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr -zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO -uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5 -rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx -1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4 -HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827 -MVqOsYxGCb+kez0FoDSTgw== +MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ +PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel +u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH +Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso +hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu +SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y +Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4 +94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T +tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77 +J6zsFbSEHaQGUmfSeoM= -----END DSA PRIVATE KEY----- -----BEGIN CERTIFICATE REQUEST----- MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx diff --git a/apps/dsa-pca.pem b/apps/dsa-pca.pem index e3641ad47e..d23774edd6 100644 --- a/apps/dsa-pca.pem +++ b/apps/dsa-pca.pem @@ -1,17 +1,14 @@ -----BEGIN DSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4 - -GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS -mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt -of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr -FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX -RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd -qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1 -diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn -V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h -hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf -dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7 +MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ +PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel +u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH +Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso +hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu +SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y +Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk +umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A +29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz +6TicfImU7UFRn9h00j0lJQ== -----END DSA PRIVATE KEY----- -----BEGIN CERTIFICATE REQUEST----- MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx diff --git a/apps/gendsa.c b/apps/gendsa.c index e0e5afa400..564a881ae6 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -85,10 +85,11 @@ char **argv; { char buffer[200]; DSA *dsa=NULL; - int ret=1,num=DEFBITS; + int ret=1; char *outfile=NULL; char *inrand=NULL,*randfile,*dsaparams=NULL; BIO *out=NULL,*in=NULL; + EVP_CIPHER *enc=NULL; apps_startup(); @@ -117,6 +118,16 @@ char **argv; { dsaparams= *argv; } +#ifndef NO_DES + else if (strcmp(*argv,"-des") == 0) + enc=EVP_des_cbc(); + else if (strcmp(*argv,"-des3") == 0) + enc=EVP_des_ede3_cbc(); +#endif +#ifndef NO_IDEA + else if (strcmp(*argv,"-idea") == 0) + enc=EVP_idea_cbc(); +#endif else goto bad; argv++; @@ -126,8 +137,15 @@ char **argv; if (dsaparams == NULL) { bad: - BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n"); - BIO_printf(bio_err," -out file - output the key to 'file\n"); + BIO_printf(bio_err,"usage: gendsa [args] [dsaparams]\n"); + BIO_printf(bio_err," -out file - output the key to 'file'\n"); +#ifndef NO_DES + BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); + BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); +#endif +#ifndef NO_IDEA + BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); +#endif BIO_printf(bio_err," -rand file:file:...\n"); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); @@ -135,7 +153,7 @@ bad: } in=BIO_new(BIO_s_file()); - if (!(BIO_read_filename(in,"dsaparams"))) + if (!(BIO_read_filename(in,dsaparams))) { perror(dsaparams); goto end; @@ -174,8 +192,8 @@ bad: dsa_load_rand(inrand)); } - BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - BIO_printf(bio_err,"This could take some time\n"); + BIO_printf(bio_err,"Generating DSA key, %d bits\n", + BN_num_bits(dsa->p)); if (!DSA_generate_key(dsa)) goto end; if (randfile == NULL) @@ -183,7 +201,7 @@ bad: else RAND_write_file(randfile); - if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL)) + if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL)) goto end; ret=0; end: diff --git a/apps/progs.h b/apps/progs.h index 9ed1f4bf5a..4f12cba668 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -14,6 +14,7 @@ extern int dsa_main(int argc,char *argv[]); extern int dsaparam_main(int argc,char *argv[]); extern int x509_main(int argc,char *argv[]); extern int genrsa_main(int argc,char *argv[]); +extern int gendsa_main(int argc,char *argv[]); extern int s_server_main(int argc,char *argv[]); extern int s_client_main(int argc,char *argv[]); extern int speed_main(int argc,char *argv[]); @@ -39,6 +40,7 @@ extern int dsa_main(); extern int dsaparam_main(); extern int x509_main(); extern int genrsa_main(); +extern int gendsa_main(); extern int s_server_main(); extern int s_client_main(); extern int speed_main(); @@ -90,6 +92,9 @@ FUNCTION functions[] = { #ifndef NO_RSA {FUNC_TYPE_GENERAL,"genrsa",genrsa_main}, #endif +#ifndef NO_DSA + {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, +#endif #if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3)) {FUNC_TYPE_GENERAL,"s_server",s_server_main}, #endif -- 2.25.1