diff options
| author | Richard Levitte <levitte@openssl.org> | 2000-06-28 16:10:56 +0000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2000-06-28 16:10:56 +0000 |
| commit | 20d242b0dee75830b104109c6fd5955a4ce35840 (patch) | |
| tree | 018296e1c84d26f54c893ea16e5a531a5159c96b | |
| parent | dffd72f171fba5ab14ca86aafc5d5eba131206ad (diff) | |
| download | openssl-20d242b0dee75830b104109c6fd5955a4ce35840.tar.gz | |
Make it possible for users of the openssl applications to specify the
EGD should be used as seeding input, and where the named socket is.
| -rw-r--r-- | apps/dhparam.c | 17 | ||||
| -rw-r--r-- | apps/dsaparam.c | 20 | ||||
| -rw-r--r-- | apps/gendh.c | 19 | ||||
| -rw-r--r-- | apps/gendsa.c | 14 | ||||
| -rw-r--r-- | apps/genrsa.c | 14 | ||||
| -rw-r--r-- | apps/pkcs12.c | 14 | ||||
| -rw-r--r-- | apps/rand.c | 16 | ||||
| -rw-r--r-- | apps/req.c | 13 | ||||
| -rw-r--r-- | apps/smime.c | 15 |
9 files changed, 119 insertions, 23 deletions
diff --git a/apps/dhparam.c b/apps/dhparam.c index a738c5af67..a92863373c 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -121,6 +121,7 @@ #include <openssl/dh.h> #include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/rand.h> #ifndef NO_DSA #include <openssl/dsa.h> @@ -156,7 +157,7 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL; int informat,outformat,check=0,noout=0,C=0,ret=1; char *infile,*outfile,*prog; - char *inrand=NULL; + char *inrand=NULL, *inegd=NULL; int num = 0, g = 0; apps_startup(); @@ -216,6 +217,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } + else if (strcmp(*argv,"-egd") == 0) + { + if (--argc < 1) goto bad; + inegd= *(++argv); + } else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0))) goto bad; argv++; @@ -241,8 +247,9 @@ bad: BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); + BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); BIO_printf(bio_err," -noout no output\n"); goto end; } @@ -271,13 +278,17 @@ bad: if(num) { - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) + && inrand == NULL && inegd == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); #ifndef NO_DSA if (dsaparam) diff --git a/apps/dsaparam.c b/apps/dsaparam.c index a15d6ea309..7e3b12ebe3 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -69,6 +69,7 @@ #include <openssl/dsa.h> #include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/rand.h> #undef PROG #define PROG dsaparam_main @@ -94,7 +95,7 @@ int MAIN(int argc, char **argv) int i,badops=0,text=0; BIO *in=NULL,*out=NULL; int informat,outformat,noout=0,C=0,ret=1; - char *infile,*outfile,*prog,*inrand=NULL; + char *infile,*outfile,*prog,*inrand=NULL,*inegd=NULL; int numbits= -1,num,genkey=0; int need_rand=0; @@ -149,6 +150,12 @@ int MAIN(int argc, char **argv) inrand= *(++argv); need_rand=1; } + else if (strcmp(*argv,"-egd") == 0) + { + if (--argc < 1) goto bad; + inegd= *(++argv); + need_rand=1; + } else if (strcmp(*argv,"-noout") == 0) noout=1; else if (sscanf(*argv,"%d",&num) == 1) @@ -179,7 +186,10 @@ bad: BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -C Output C code\n"); BIO_printf(bio_err," -noout no output\n"); - BIO_printf(bio_err," -rand files to use for random number input\n"); + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); + BIO_printf(bio_err," load the file (or the files in the directory) into\n"); + BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); BIO_printf(bio_err," number number of bits to use for generating private key\n"); goto end; } @@ -217,10 +227,14 @@ bad: if (need_rand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + app_RAND_load_file(NULL, bio_err, + (inrand != NULL || inegd != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); } if (numbits > 0) diff --git a/apps/gendh.c b/apps/gendh.c index caf5e8d736..5ad55dae59 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -85,7 +85,7 @@ int MAIN(int argc, char **argv) int ret=1,num=DEFBITS; int g=2; char *outfile=NULL; - char *inrand=NULL; + char *inrand=NULL,*inegd=NULL; BIO *out=NULL; apps_startup(); @@ -115,6 +115,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } + else if (strcmp(*argv,"-egd") == 0) + { + if (--argc < 1) goto bad; + inegd= *(++argv); + } else break; argv++; @@ -125,12 +130,13 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"usage: gendh [args] [numbits]\n"); BIO_printf(bio_err," -out file - output the key to 'file\n"); - BIO_printf(bio_err," -2 use 2 as the generator value\n"); - /* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */ - BIO_printf(bio_err," -5 use 5 as the generator value\n"); + BIO_printf(bio_err," -2 - use 2 as the generator value\n"); + /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */ + BIO_printf(bio_err," -5 - use 5 as the generator value\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -egd file - load random seed from EGD socket\n"); goto end; } @@ -152,13 +158,16 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g); BIO_printf(bio_err,"This is going to take a long time\n"); diff --git a/apps/gendsa.c b/apps/gendsa.c index 1937613849..dd83d1bf0f 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -68,6 +68,7 @@ #include <openssl/dsa.h> #include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/rand.h> #define DEFBITS 512 #undef PROG @@ -80,7 +81,7 @@ int MAIN(int argc, char **argv) DSA *dsa=NULL; int ret=1; char *outfile=NULL; - char *inrand=NULL,*dsaparams=NULL; + char *inrand=NULL,*inegd=NULL,*dsaparams=NULL; char *passargout = NULL, *passout = NULL; BIO *out=NULL,*in=NULL; EVP_CIPHER *enc=NULL; @@ -111,6 +112,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } + else if (strcmp(*argv,"-egd") == 0) + { + if (--argc < 1) goto bad; + inegd= *(++argv); + } else if (strcmp(*argv,"-") == 0) goto bad; #ifndef NO_DES @@ -148,6 +154,7 @@ bad: BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -egd file - load random seed from EGD socket\n"); BIO_printf(bio_err," dsaparam-file\n"); BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n"); goto end; @@ -188,13 +195,16 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); BIO_printf(bio_err,"Generating DSA key, %d bits\n", BN_num_bits(dsa->p)); diff --git a/apps/genrsa.c b/apps/genrsa.c index 5cf47e6921..3a9995b820 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -69,6 +69,7 @@ #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/rand.h> #define DEFBITS 512 #undef PROG @@ -88,7 +89,7 @@ int MAIN(int argc, char **argv) unsigned long f4=RSA_F4; char *outfile=NULL; char *passargout = NULL, *passout = NULL; - char *inrand=NULL; + char *inrand=NULL,*inegd=NULL; BIO *out=NULL; apps_startup(); @@ -121,6 +122,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } + else if (strcmp(*argv,"-egd") == 0) + { + if (--argc < 1) goto bad; + inegd= *(++argv); + } #ifndef NO_DES else if (strcmp(*argv,"-des") == 0) enc=EVP_des_cbc(); @@ -157,6 +163,7 @@ bad: BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); goto err; } @@ -178,13 +185,16 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", num); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 3f958943b4..0dab7235e9 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -65,6 +65,7 @@ #include <openssl/crypto.h> #include <openssl/err.h> #include <openssl/pem.h> +#include <openssl/rand.h> #include <openssl/pkcs12.h> #define PROG pkcs12_main @@ -116,7 +117,7 @@ int MAIN(int argc, char **argv) char *cpass = NULL, *mpass = NULL; char *passargin = NULL, *passargout = NULL, *passarg = NULL; char *passin = NULL, *passout = NULL; - char *inrand = NULL; + char *inrand = NULL,*inegd=NULL; apps_startup(); @@ -178,6 +179,11 @@ int MAIN(int argc, char **argv) args++; inrand = *args; } else badarg = 1; + } else if (!strcmp (*args, "-egd")) { + if (args[1]) { + args++; + inegd = *args; + } else badarg = 1; } else if (!strcmp (*args, "-inkey")) { if (args[1]) { args++; @@ -269,6 +275,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); BIO_printf(bio_err, " the random number generator\n"); + BIO_printf(bio_err, "-egd file load random seed from EGD socket\n"); goto end; } @@ -296,10 +303,13 @@ int MAIN(int argc, char **argv) } if(export_cert || inrand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); } ERR_load_crypto_strings(); diff --git a/apps/rand.c b/apps/rand.c index fa9bc023f4..b0c50920a5 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -15,6 +15,7 @@ /* -out file - write to file * -rand file:file - PRNG seed files + * -egd file - PRNG seed from EGD named socket * -base64 - encode output * num - write 'num' bytes */ @@ -26,7 +27,7 @@ int MAIN(int argc, char **argv) int i, r, ret = 1; int badopt; char *outfile = NULL; - char *inrand = NULL; + char *inrand = NULL,*inegd=NULL; int base64 = 0; BIO *out = NULL; int num = -1; @@ -55,6 +56,13 @@ int MAIN(int argc, char **argv) else badopt = 1; } + else if (strcmp(argv[i], "-egd") == 0) + { + if ((argv[i+1] != NULL) && (inegd == NULL)) + inegd = argv[++i]; + else + badopt = 1; + } else if (strcmp(argv[i], "-base64") == 0) { if (!base64) @@ -86,14 +94,18 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "where options are\n"); BIO_printf(bio_err, "-out file - write to file\n"); BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); + BIO_printf(bio_err, "-egd file - seed PRNG from EGD named socket\n"); BIO_printf(bio_err, "-base64 - encode output\n"); goto err; } - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); out = BIO_new(BIO_s_file()); if (out == NULL) diff --git a/apps/req.c b/apps/req.c index fd26ed8343..55e53342cf 100644 --- a/apps/req.c +++ b/apps/req.c @@ -103,6 +103,7 @@ * -key file - make a request using key in file (or use it for verification). * -keyform - key file format. * -rand file(s) - load the file(s) into the PRNG. + * -egd file - load PRNG seed from EGD named socket. * -newkey - make a key and a request. * -modulus - print RSA modulus. * -x509 - output a self signed X509 structure instead. @@ -156,7 +157,7 @@ int MAIN(int argc, char **argv) char *req_exts = NULL; EVP_CIPHER *cipher=NULL; int modulus=0; - char *inrand=NULL; + char *inrand=NULL,*inegd=NULL; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; char *p; @@ -245,6 +246,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } + else if (strcmp(*argv,"-egd") == 0) + { + if (--argc < 1) goto bad; + inegd= *(++argv); + } else if (strcmp(*argv,"-newkey") == 0) { int is_numeric; @@ -381,6 +387,7 @@ bad: BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); @@ -555,7 +562,9 @@ bad: app_RAND_load_file(randfile, bio_err, 0); if (inrand) app_RAND_load_files(inrand); - + if (inegd) + RAND_egd(inegd); + if (newkey <= 0) { newkey=(int)CONF_get_number(req_conf,SECTION,BITS); diff --git a/apps/smime.c b/apps/smime.c index bb8ecd7cf0..f3a1ad56b8 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -63,6 +63,7 @@ #include "apps.h" #include <openssl/crypto.h> #include <openssl/pem.h> +#include <openssl/rand.h> #include <openssl/err.h> #undef PROG @@ -100,7 +101,7 @@ int MAIN(int argc, char **argv) char *to = NULL, *from = NULL, *subject = NULL; char *CAfile = NULL, *CApath = NULL; char *passargin = NULL, *passin = NULL; - char *inrand = NULL; + char *inrand = NULL,*inegd=NULL; int need_rand = 0; args = argv + 1; @@ -150,6 +151,12 @@ int MAIN(int argc, char **argv) inrand = *args; } else badarg = 1; need_rand = 1; + } else if (!strcmp(*args,"-egd")) { + if (args[1]) { + args++; + inegd = *args; + } else badarg = 1; + need_rand = 1; } else if (!strcmp(*args,"-passin")) { if (args[1]) { args++; @@ -272,6 +279,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); BIO_printf(bio_err, " the random number generator\n"); + BIO_printf(bio_err, "-egd file load random seed from EGD socket\n"); BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); goto end; } @@ -282,10 +290,13 @@ int MAIN(int argc, char **argv) } if (need_rand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); + if (inegd != NULL) + BIO_printf(bio_err,"%ld egd bytes loaded\n", + RAND_egd(inegd)); } ret = 2; |