提交 20d242b0 编写于 作者: R Richard Levitte

Make it possible for users of the openssl applications to specify the

EGD should be used as seeding input, and where the named socket is.
上级 dffd72f1
......@@ -121,6 +121,7 @@
#include <openssl/dh.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#ifndef NO_DSA
#include <openssl/dsa.h>
......@@ -156,7 +157,7 @@ int MAIN(int argc, char **argv)
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
char *inrand=NULL;
char *inrand=NULL, *inegd=NULL;
int num = 0, g = 0;
apps_startup();
......@@ -216,6 +217,11 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (strcmp(*argv,"-egd") == 0)
{
if (--argc < 1) goto bad;
inegd= *(++argv);
}
else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0)))
goto bad;
argv++;
......@@ -241,8 +247,9 @@ bad:
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
BIO_printf(bio_err," -noout no output\n");
goto end;
}
......@@ -271,13 +278,17 @@ bad:
if(num) {
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
if (!app_RAND_load_file(NULL, bio_err, 1)
&& inrand == NULL && inegd == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
#ifndef NO_DSA
if (dsaparam)
......
......@@ -69,6 +69,7 @@
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#undef PROG
#define PROG dsaparam_main
......@@ -94,7 +95,7 @@ int MAIN(int argc, char **argv)
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,noout=0,C=0,ret=1;
char *infile,*outfile,*prog,*inrand=NULL;
char *infile,*outfile,*prog,*inrand=NULL,*inegd=NULL;
int numbits= -1,num,genkey=0;
int need_rand=0;
......@@ -149,6 +150,12 @@ int MAIN(int argc, char **argv)
inrand= *(++argv);
need_rand=1;
}
else if (strcmp(*argv,"-egd") == 0)
{
if (--argc < 1) goto bad;
inegd= *(++argv);
need_rand=1;
}
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (sscanf(*argv,"%d",&num) == 1)
......@@ -179,7 +186,10 @@ bad:
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
BIO_printf(bio_err," -rand files to use for random number input\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
BIO_printf(bio_err," number number of bits to use for generating private key\n");
goto end;
}
......@@ -217,10 +227,14 @@ bad:
if (need_rand)
{
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
app_RAND_load_file(NULL, bio_err,
(inrand != NULL || inegd != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
}
if (numbits > 0)
......
......@@ -85,7 +85,7 @@ int MAIN(int argc, char **argv)
int ret=1,num=DEFBITS;
int g=2;
char *outfile=NULL;
char *inrand=NULL;
char *inrand=NULL,*inegd=NULL;
BIO *out=NULL;
apps_startup();
......@@ -115,6 +115,11 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (strcmp(*argv,"-egd") == 0)
{
if (--argc < 1) goto bad;
inegd= *(++argv);
}
else
break;
argv++;
......@@ -125,12 +130,13 @@ int MAIN(int argc, char **argv)
bad:
BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
BIO_printf(bio_err," -out file - output the key to 'file\n");
BIO_printf(bio_err," -2 use 2 as the generator value\n");
/* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */
BIO_printf(bio_err," -5 use 5 as the generator value\n");
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -egd file - load random seed from EGD socket\n");
goto end;
}
......@@ -152,13 +158,16 @@ bad:
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g);
BIO_printf(bio_err,"This is going to take a long time\n");
......
......@@ -68,6 +68,7 @@
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#define DEFBITS 512
#undef PROG
......@@ -80,7 +81,7 @@ int MAIN(int argc, char **argv)
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
char *inrand=NULL,*dsaparams=NULL;
char *inrand=NULL,*inegd=NULL,*dsaparams=NULL;
char *passargout = NULL, *passout = NULL;
BIO *out=NULL,*in=NULL;
EVP_CIPHER *enc=NULL;
......@@ -111,6 +112,11 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (strcmp(*argv,"-egd") == 0)
{
if (--argc < 1) goto bad;
inegd= *(++argv);
}
else if (strcmp(*argv,"-") == 0)
goto bad;
#ifndef NO_DES
......@@ -148,6 +154,7 @@ bad:
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -egd file - load random seed from EGD socket\n");
BIO_printf(bio_err," dsaparam-file\n");
BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
goto end;
......@@ -188,13 +195,16 @@ bad:
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
BIO_printf(bio_err,"Generating DSA key, %d bits\n",
BN_num_bits(dsa->p));
......
......@@ -69,6 +69,7 @@
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#define DEFBITS 512
#undef PROG
......@@ -88,7 +89,7 @@ int MAIN(int argc, char **argv)
unsigned long f4=RSA_F4;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
char *inrand=NULL;
char *inrand=NULL,*inegd=NULL;
BIO *out=NULL;
apps_startup();
......@@ -121,6 +122,11 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (strcmp(*argv,"-egd") == 0)
{
if (--argc < 1) goto bad;
inegd= *(++argv);
}
#ifndef NO_DES
else if (strcmp(*argv,"-des") == 0)
enc=EVP_des_cbc();
......@@ -157,6 +163,7 @@ bad:
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
goto err;
}
......@@ -178,13 +185,16 @@ bad:
}
}
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL)
{
BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
}
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
num);
......
......@@ -65,6 +65,7 @@
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/pkcs12.h>
#define PROG pkcs12_main
......@@ -116,7 +117,7 @@ int MAIN(int argc, char **argv)
char *cpass = NULL, *mpass = NULL;
char *passargin = NULL, *passargout = NULL, *passarg = NULL;
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
char *inrand = NULL,*inegd=NULL;
apps_startup();
......@@ -178,6 +179,11 @@ int MAIN(int argc, char **argv)
args++;
inrand = *args;
} else badarg = 1;
} else if (!strcmp (*args, "-egd")) {
if (args[1]) {
args++;
inegd = *args;
} else badarg = 1;
} else if (!strcmp (*args, "-inkey")) {
if (args[1]) {
args++;
......@@ -269,6 +275,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
BIO_printf(bio_err, "-egd file load random seed from EGD socket\n");
goto end;
}
......@@ -296,10 +303,13 @@ int MAIN(int argc, char **argv)
}
if(export_cert || inrand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
}
ERR_load_crypto_strings();
......
......@@ -15,6 +15,7 @@
/* -out file - write to file
* -rand file:file - PRNG seed files
* -egd file - PRNG seed from EGD named socket
* -base64 - encode output
* num - write 'num' bytes
*/
......@@ -26,7 +27,7 @@ int MAIN(int argc, char **argv)
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
char *inrand = NULL;
char *inrand = NULL,*inegd=NULL;
int base64 = 0;
BIO *out = NULL;
int num = -1;
......@@ -55,6 +56,13 @@ int MAIN(int argc, char **argv)
else
badopt = 1;
}
else if (strcmp(argv[i], "-egd") == 0)
{
if ((argv[i+1] != NULL) && (inegd == NULL))
inegd = argv[++i];
else
badopt = 1;
}
else if (strcmp(argv[i], "-base64") == 0)
{
if (!base64)
......@@ -86,14 +94,18 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-out file - write to file\n");
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "-egd file - seed PRNG from EGD named socket\n");
BIO_printf(bio_err, "-base64 - encode output\n");
goto err;
}
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
out = BIO_new(BIO_s_file());
if (out == NULL)
......
......@@ -103,6 +103,7 @@
* -key file - make a request using key in file (or use it for verification).
* -keyform - key file format.
* -rand file(s) - load the file(s) into the PRNG.
* -egd file - load PRNG seed from EGD named socket.
* -newkey - make a key and a request.
* -modulus - print RSA modulus.
* -x509 - output a self signed X509 structure instead.
......@@ -156,7 +157,7 @@ int MAIN(int argc, char **argv)
char *req_exts = NULL;
EVP_CIPHER *cipher=NULL;
int modulus=0;
char *inrand=NULL;
char *inrand=NULL,*inegd=NULL;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
char *p;
......@@ -245,6 +246,11 @@ int MAIN(int argc, char **argv)
if (--argc < 1) goto bad;
inrand= *(++argv);
}
else if (strcmp(*argv,"-egd") == 0)
{
if (--argc < 1) goto bad;
inegd= *(++argv);
}
else if (strcmp(*argv,"-newkey") == 0)
{
int is_numeric;
......@@ -381,6 +387,7 @@ bad:
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
BIO_printf(bio_err," -egd file load random seed from EGD socket\n");
BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
......@@ -555,7 +562,9 @@ bad:
app_RAND_load_file(randfile, bio_err, 0);
if (inrand)
app_RAND_load_files(inrand);
if (inegd)
RAND_egd(inegd);
if (newkey <= 0)
{
newkey=(int)CONF_get_number(req_conf,SECTION,BITS);
......
......@@ -63,6 +63,7 @@
#include "apps.h"
#include <openssl/crypto.h>
#include <openssl/pem.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#undef PROG
......@@ -100,7 +101,7 @@ int MAIN(int argc, char **argv)
char *to = NULL, *from = NULL, *subject = NULL;
char *CAfile = NULL, *CApath = NULL;
char *passargin = NULL, *passin = NULL;
char *inrand = NULL;
char *inrand = NULL,*inegd=NULL;
int need_rand = 0;
args = argv + 1;
......@@ -150,6 +151,12 @@ int MAIN(int argc, char **argv)
inrand = *args;
} else badarg = 1;
need_rand = 1;
} else if (!strcmp(*args,"-egd")) {
if (args[1]) {
args++;
inegd = *args;
} else badarg = 1;
need_rand = 1;
} else if (!strcmp(*args,"-passin")) {
if (args[1]) {
args++;
......@@ -272,6 +279,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
BIO_printf(bio_err, "-egd file load random seed from EGD socket\n");
BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n");
goto end;
}
......@@ -282,10 +290,13 @@ int MAIN(int argc, char **argv)
}
if (need_rand) {
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL));
if (inrand != NULL)
BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
app_RAND_load_files(inrand));
if (inegd != NULL)
BIO_printf(bio_err,"%ld egd bytes loaded\n",
RAND_egd(inegd));
}
ret = 2;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册