diff options
author | Bodo Möller <bodo@openssl.org> | 1999-10-26 01:56:29 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 1999-10-26 01:56:29 +0000 |
commit | a31011e8e0ea18f1cc79d7eb53238768ae9369c6 (patch) | |
tree | da6c9af95c39c6e6c44d2b71ace3bd4495728be1 /apps/dsaparam.c | |
parent | 38899535f85784442395aeab921b25fc79266491 (diff) | |
download | openssl-a31011e8e0ea18f1cc79d7eb53238768ae9369c6.tar.gz |
Various randomness handling bugfixes and improvements --
some utilities that should have used RANDFILE did not,
and -rand handling was broken except in genrsa.
Diffstat (limited to 'apps/dsaparam.c')
-rw-r--r-- | apps/dsaparam.c | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 9316fb2c8a..1b5380662d 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -57,6 +57,7 @@ */ #ifndef NO_DSA +#include <assert.h> #include <stdio.h> #include <stdlib.h> #include <time.h> @@ -65,7 +66,6 @@ #include <openssl/bio.h> #include <openssl/err.h> #include <openssl/bn.h> -#include <openssl/rand.h> #include <openssl/dsa.h> #include <openssl/x509.h> #include <openssl/pem.h> @@ -93,7 +93,7 @@ int MAIN(int argc, char **argv) int informat,outformat,noout=0,C=0,ret=1; char *infile,*outfile,*prog,*inrand=NULL; int numbits= -1,num,genkey=0; - char buffer[200],*randfile=NULL; + int need_rand=0; apps_startup(); @@ -136,11 +136,15 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-C") == 0) C=1; else if (strcmp(*argv,"-genkey") == 0) + { genkey=1; + need_rand=1; + } else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; inrand= *(++argv); + need_rand=1; } else if (strcmp(*argv,"-noout") == 0) noout=1; @@ -148,6 +152,7 @@ int MAIN(int argc, char **argv) { /* generate a key */ numbits=num; + need_rand=1; } else { @@ -207,11 +212,17 @@ bad: } } - if (numbits > 0) + if (need_rand) { - randfile=RAND_file_name(buffer,200); - RAND_load_file(randfile,1024L*1024L); + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); + } + if (numbits > 0) + { + assert(need_rand); BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); BIO_printf(bio_err,"This could take some time\n"); dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL, @@ -316,6 +327,7 @@ bad: { DSA *dsakey; + assert(need_rand); if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; if (!DSA_generate_key(dsakey)) goto end; if (outformat == FORMAT_ASN1) @@ -328,6 +340,8 @@ bad: } DSA_free(dsakey); } + if (need_rand) + app_RAND_write_file(NULL, bio_err); ret=0; end: if (in != NULL) BIO_free(in); |