summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGES5
-rw-r--r--apps/Makefile.ssl6
-rw-r--r--apps/dsa-ca.pem23
-rw-r--r--apps/dsa-pca.pem23
-rw-r--r--apps/gendsa.c32
-rw-r--r--apps/progs.h5
6 files changed, 58 insertions, 36 deletions
diff --git a/CHANGES b/CHANGES
index 8bda119818..18f4f48381 100644
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,11 @@
Changes between 0.9.1c and 0.9.2
+ *) Get the gendsa program working (hopefully) and add it to app list. Remove
+ encryption from sample DSA keys (in case anyone is interested the password
+ was "1234").
+ [Steve Henson]
+
*) Make _all_ *_free functions accept a NULL pointer.
[Frans Heymans <fheymans@isaserver.be>]
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
index 54f4091398..a225bd4470 100644
--- a/apps/Makefile.ssl
+++ b/apps/Makefile.ssl
@@ -33,7 +33,7 @@ EXE= $(PROGRAM)
E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \
rsa dsa dsaparam \
- x509 genrsa s_server s_client speed \
+ x509 genrsa gendsa s_server s_client speed \
s_time version pkcs7 crl2pkcs7 sess_id ciphers
PROGS= $(PROGRAM).c
@@ -46,7 +46,7 @@ S_SRC= s_cb.c s_socket.c
E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
pkcs7.o crl2p7.o crl.o \
rsa.o dsa.o dsaparam.o \
- x509.o genrsa.o s_server.o s_client.o speed.o \
+ x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \
s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
ciphers.o
@@ -55,7 +55,7 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
pkcs7.c crl2p7.c crl.c \
rsa.c dsa.c dsaparam.c \
- x509.c genrsa.c s_server.c s_client.c speed.c \
+ x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \
s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
ciphers.c
diff --git a/apps/dsa-ca.pem b/apps/dsa-ca.pem
index 9eb08f3ddd..cccc14208f 100644
--- a/apps/dsa-ca.pem
+++ b/apps/dsa-ca.pem
@@ -1,17 +1,14 @@
-----BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
-
-svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
-Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
-Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
-par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
-zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
-uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
-rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
-1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
-HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
-MVqOsYxGCb+kez0FoDSTgw==
+MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
+PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
+u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
+Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
+hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
+SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
+Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4
+94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T
+tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77
+J6zsFbSEHaQGUmfSeoM=
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
diff --git a/apps/dsa-pca.pem b/apps/dsa-pca.pem
index e3641ad47e..d23774edd6 100644
--- a/apps/dsa-pca.pem
+++ b/apps/dsa-pca.pem
@@ -1,17 +1,14 @@
-----BEGIN DSA PRIVATE KEY-----
-Proc-Type: 4,ENCRYPTED
-DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
-
-GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
-mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
-of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
-FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
-RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
-qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
-diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
-V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
-hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
-dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ
+PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel
+u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH
+Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso
+hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu
+SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y
+Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz
+6TicfImU7UFRn9h00j0lJQ==
-----END DSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
diff --git a/apps/gendsa.c b/apps/gendsa.c
index e0e5afa400..564a881ae6 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -85,10 +85,11 @@ char **argv;
{
char buffer[200];
DSA *dsa=NULL;
- int ret=1,num=DEFBITS;
+ int ret=1;
char *outfile=NULL;
char *inrand=NULL,*randfile,*dsaparams=NULL;
BIO *out=NULL,*in=NULL;
+ EVP_CIPHER *enc=NULL;
apps_startup();
@@ -117,6 +118,16 @@ char **argv;
{
dsaparams= *argv;
}
+#ifndef NO_DES
+ else if (strcmp(*argv,"-des") == 0)
+ enc=EVP_des_cbc();
+ else if (strcmp(*argv,"-des3") == 0)
+ enc=EVP_des_ede3_cbc();
+#endif
+#ifndef NO_IDEA
+ else if (strcmp(*argv,"-idea") == 0)
+ enc=EVP_idea_cbc();
+#endif
else
goto bad;
argv++;
@@ -126,8 +137,15 @@ char **argv;
if (dsaparams == NULL)
{
bad:
- BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n");
- BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err,"usage: gendsa [args] [dsaparams]\n");
+ BIO_printf(bio_err," -out file - output the key to 'file'\n");
+#ifndef NO_DES
+ BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
+ BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+#endif
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
+#endif
BIO_printf(bio_err," -rand file:file:...\n");
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@@ -135,7 +153,7 @@ bad:
}
in=BIO_new(BIO_s_file());
- if (!(BIO_read_filename(in,"dsaparams")))
+ if (!(BIO_read_filename(in,dsaparams)))
{
perror(dsaparams);
goto end;
@@ -174,8 +192,8 @@ bad:
dsa_load_rand(inrand));
}
- BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
- BIO_printf(bio_err,"This could take some time\n");
+ BIO_printf(bio_err,"Generating DSA key, %d bits\n",
+ BN_num_bits(dsa->p));
if (!DSA_generate_key(dsa)) goto end;
if (randfile == NULL)
@@ -183,7 +201,7 @@ bad:
else
RAND_write_file(randfile);
- if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL))
+ if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL))
goto end;
ret=0;
end:
diff --git a/apps/progs.h b/apps/progs.h
index 9ed1f4bf5a..4f12cba668 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -14,6 +14,7 @@ extern int dsa_main(int argc,char *argv[]);
extern int dsaparam_main(int argc,char *argv[]);
extern int x509_main(int argc,char *argv[]);
extern int genrsa_main(int argc,char *argv[]);
+extern int gendsa_main(int argc,char *argv[]);
extern int s_server_main(int argc,char *argv[]);
extern int s_client_main(int argc,char *argv[]);
extern int speed_main(int argc,char *argv[]);
@@ -39,6 +40,7 @@ extern int dsa_main();
extern int dsaparam_main();
extern int x509_main();
extern int genrsa_main();
+extern int gendsa_main();
extern int s_server_main();
extern int s_client_main();
extern int speed_main();
@@ -90,6 +92,9 @@ FUNCTION functions[] = {
#ifndef NO_RSA
{FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
#endif
+#ifndef NO_DSA
+ {FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
+#endif
#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
{FUNC_TYPE_GENERAL,"s_server",s_server_main},
#endif
View Lorry Controller Status