diff options
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | apps/Makefile.ssl | 6 | ||||
-rw-r--r-- | apps/dsa-ca.pem | 23 | ||||
-rw-r--r-- | apps/dsa-pca.pem | 23 | ||||
-rw-r--r-- | apps/gendsa.c | 32 | ||||
-rw-r--r-- | apps/progs.h | 5 |
6 files changed, 58 insertions, 36 deletions
@@ -5,6 +5,11 @@ Changes between 0.9.1c and 0.9.2 + *) Get the gendsa program working (hopefully) and add it to app list. Remove + encryption from sample DSA keys (in case anyone is interested the password + was "1234"). + [Steve Henson] + *) Make _all_ *_free functions accept a NULL pointer. [Frans Heymans <fheymans@isaserver.be>] diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl index 54f4091398..a225bd4470 100644 --- a/apps/Makefile.ssl +++ b/apps/Makefile.ssl @@ -33,7 +33,7 @@ EXE= $(PROGRAM) E_EXE= verify asn1pars req dgst dh enc gendh errstr ca crl \ rsa dsa dsaparam \ - x509 genrsa s_server s_client speed \ + x509 genrsa gendsa s_server s_client speed \ s_time version pkcs7 crl2pkcs7 sess_id ciphers PROGS= $(PROGRAM).c @@ -46,7 +46,7 @@ S_SRC= s_cb.c s_socket.c E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \ pkcs7.o crl2p7.o crl.o \ rsa.o dsa.o dsaparam.o \ - x509.o genrsa.o s_server.o s_client.o speed.o \ + x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o \ s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \ ciphers.o @@ -55,7 +55,7 @@ E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \ E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \ pkcs7.c crl2p7.c crl.c \ rsa.c dsa.c dsaparam.c \ - x509.c genrsa.c s_server.c s_client.c speed.c \ + x509.c genrsa.c gendsa.c s_server.c s_client.c speed.c \ s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \ ciphers.c diff --git a/apps/dsa-ca.pem b/apps/dsa-ca.pem index 9eb08f3ddd..cccc14208f 100644 --- a/apps/dsa-ca.pem +++ b/apps/dsa-ca.pem @@ -1,17 +1,14 @@ -----BEGIN DSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0 - -svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0 -Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl -Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/ -par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr -zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO -uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5 -rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx -1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4 -HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827 -MVqOsYxGCb+kez0FoDSTgw== +MIIBugIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ +PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel +u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH +Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso +hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu +SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y +Mu0OArgCgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuHvSLw9YUrJahcBHmbpvt4 +94lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUqAylOVFJJJXuirVJ+o+0T +tOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u3enxhqnDGQIUB78dhW77 +J6zsFbSEHaQGUmfSeoM= -----END DSA PRIVATE KEY----- -----BEGIN CERTIFICATE REQUEST----- MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx diff --git a/apps/dsa-pca.pem b/apps/dsa-pca.pem index e3641ad47e..d23774edd6 100644 --- a/apps/dsa-pca.pem +++ b/apps/dsa-pca.pem @@ -1,17 +1,14 @@ -----BEGIN DSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4 - -GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS -mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt -of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr -FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX -RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd -qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1 -diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn -V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h -hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf -dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7 +MIIBvAIBAAKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQ +PnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtel +u+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcH +Me36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLso +hkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbu +SXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7Y +Mu0OArgCgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk +umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A +29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUCFQDNvrBz +6TicfImU7UFRn9h00j0lJQ== -----END DSA PRIVATE KEY----- -----BEGIN CERTIFICATE REQUEST----- MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx diff --git a/apps/gendsa.c b/apps/gendsa.c index e0e5afa400..564a881ae6 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -85,10 +85,11 @@ char **argv; { char buffer[200]; DSA *dsa=NULL; - int ret=1,num=DEFBITS; + int ret=1; char *outfile=NULL; char *inrand=NULL,*randfile,*dsaparams=NULL; BIO *out=NULL,*in=NULL; + EVP_CIPHER *enc=NULL; apps_startup(); @@ -117,6 +118,16 @@ char **argv; { dsaparams= *argv; } +#ifndef NO_DES + else if (strcmp(*argv,"-des") == 0) + enc=EVP_des_cbc(); + else if (strcmp(*argv,"-des3") == 0) + enc=EVP_des_ede3_cbc(); +#endif +#ifndef NO_IDEA + else if (strcmp(*argv,"-idea") == 0) + enc=EVP_idea_cbc(); +#endif else goto bad; argv++; @@ -126,8 +137,15 @@ char **argv; if (dsaparams == NULL) { bad: - BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n"); - BIO_printf(bio_err," -out file - output the key to 'file\n"); + BIO_printf(bio_err,"usage: gendsa [args] [dsaparams]\n"); + BIO_printf(bio_err," -out file - output the key to 'file'\n"); +#ifndef NO_DES + BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); + BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); +#endif +#ifndef NO_IDEA + BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); +#endif BIO_printf(bio_err," -rand file:file:...\n"); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); @@ -135,7 +153,7 @@ bad: } in=BIO_new(BIO_s_file()); - if (!(BIO_read_filename(in,"dsaparams"))) + if (!(BIO_read_filename(in,dsaparams))) { perror(dsaparams); goto end; @@ -174,8 +192,8 @@ bad: dsa_load_rand(inrand)); } - BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); - BIO_printf(bio_err,"This could take some time\n"); + BIO_printf(bio_err,"Generating DSA key, %d bits\n", + BN_num_bits(dsa->p)); if (!DSA_generate_key(dsa)) goto end; if (randfile == NULL) @@ -183,7 +201,7 @@ bad: else RAND_write_file(randfile); - if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL)) + if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL)) goto end; ret=0; end: diff --git a/apps/progs.h b/apps/progs.h index 9ed1f4bf5a..4f12cba668 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -14,6 +14,7 @@ extern int dsa_main(int argc,char *argv[]); extern int dsaparam_main(int argc,char *argv[]); extern int x509_main(int argc,char *argv[]); extern int genrsa_main(int argc,char *argv[]); +extern int gendsa_main(int argc,char *argv[]); extern int s_server_main(int argc,char *argv[]); extern int s_client_main(int argc,char *argv[]); extern int speed_main(int argc,char *argv[]); @@ -39,6 +40,7 @@ extern int dsa_main(); extern int dsaparam_main(); extern int x509_main(); extern int genrsa_main(); +extern int gendsa_main(); extern int s_server_main(); extern int s_client_main(); extern int speed_main(); @@ -90,6 +92,9 @@ FUNCTION functions[] = { #ifndef NO_RSA {FUNC_TYPE_GENERAL,"genrsa",genrsa_main}, #endif +#ifndef NO_DSA + {FUNC_TYPE_GENERAL,"gendsa",gendsa_main}, +#endif #if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3)) {FUNC_TYPE_GENERAL,"s_server",s_server_main}, #endif |