PR/56657: Juraj Hercek: Add plainrsa-gen utility mentioned in racoon.conf(5)
and fix it for OpenSSL 1.1
This commit is contained in:
christos
parent
3e8c1a26ee
commit
f0fde9902f
|
|
@ -1,4 +1,4 @@
|
|||
/* $NetBSD: plainrsa-gen.c,v 1.6 2011/02/11 10:07:19 tteras Exp $ */
|
||||
/* $NetBSD: plainrsa-gen.c,v 1.7 2022/01/23 14:35:45 christos Exp $ */
|
||||
|
||||
/* Id: plainrsa-gen.c,v 1.6 2005/04/21 09:08:40 monas Exp */
|
||||
/*
|
||||
|
|
@ -63,6 +63,8 @@
|
|||
|
||||
#include "package_version.h"
|
||||
|
||||
#define DEFAULT_PUBEXP RSA_F4
|
||||
|
||||
void
|
||||
usage (char *argv0)
|
||||
{
|
||||
|
|
@ -72,7 +74,7 @@ usage (char *argv0)
|
|||
fprintf(stderr, "Usage: %s [options]\n", argv0);
|
||||
fprintf(stderr, "\n");
|
||||
fprintf(stderr, " -b bits Generate <bits> long RSA key (default=1024)\n");
|
||||
fprintf(stderr, " -e pubexp Public exponent to use (default=0x3)\n");
|
||||
fprintf(stderr, " -e pubexp Public exponent to use (default=%#x)\n", DEFAULT_PUBEXP);
|
||||
fprintf(stderr, " -f filename Filename to store the key to (default=stdout)\n");
|
||||
fprintf(stderr, " -i filename Input source for format conversion\n");
|
||||
fprintf(stderr, " -h Help\n");
|
||||
|
|
@ -91,11 +93,11 @@ mix_b64_pubkey(const RSA *key)
|
|||
long binlen, ret;
|
||||
vchar_t *res;
|
||||
|
||||
binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n);
|
||||
binlen = 1 + BN_num_bytes(RSA_get0_e(key)) + BN_num_bytes(RSA_get0_n(key));
|
||||
binbuf = malloc(binlen);
|
||||
memset(binbuf, 0, binlen);
|
||||
binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]);
|
||||
ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1]));
|
||||
binbuf[0] = BN_bn2bin(RSA_get0_e(key), (unsigned char *) &binbuf[1]);
|
||||
ret = BN_bn2bin(RSA_get0_n(key), (unsigned char *) (&binbuf[binbuf[0] + 1]));
|
||||
if (1 + binbuf[0] + ret != binlen) {
|
||||
plog(LLV_ERROR, LOCATION, NULL,
|
||||
"Pubkey generation failed. This is really strange...\n");
|
||||
|
|
@ -131,16 +133,16 @@ print_rsa_key(FILE *fp, const RSA *key)
|
|||
|
||||
fprintf(fp, "# : PUB 0s%s\n", pubkey64->v);
|
||||
fprintf(fp, ": RSA\t{\n");
|
||||
fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n));
|
||||
fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(RSA_get0_n(key)));
|
||||
fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v);
|
||||
fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n)));
|
||||
fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e)));
|
||||
fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d)));
|
||||
fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p)));
|
||||
fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q)));
|
||||
fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1)));
|
||||
fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1)));
|
||||
fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp)));
|
||||
fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_n(key))));
|
||||
fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_e(key))));
|
||||
fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_d(key))));
|
||||
fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_p(key))));
|
||||
fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_q(key))));
|
||||
fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_dmp1(key))));
|
||||
fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_dmq1(key))));
|
||||
fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(RSA_get0_iqmp(key))));
|
||||
fprintf(fp, " }\n");
|
||||
|
||||
vfree(pubkey64);
|
||||
|
|
@ -204,13 +206,17 @@ gen_rsa_key(FILE *fp, size_t bits, unsigned long exp)
|
|||
{
|
||||
int ret;
|
||||
RSA *key;
|
||||
BIGNUM *e;
|
||||
|
||||
key = RSA_generate_key(bits, exp, NULL, NULL);
|
||||
if (!key) {
|
||||
key = RSA_new();
|
||||
e = BN_new();
|
||||
BN_set_word(e, exp);
|
||||
|
||||
if (1 != RSA_generate_key_ex(key, bits, e, NULL)) {
|
||||
fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror());
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
ret = print_rsa_key(fp, key);
|
||||
RSA_free(key);
|
||||
|
||||
|
|
@ -222,7 +228,7 @@ main (int argc, char *argv[])
|
|||
{
|
||||
FILE *fp = stdout, *fpin = NULL;
|
||||
size_t bits = 1024;
|
||||
unsigned int pubexp = 0x3;
|
||||
unsigned int pubexp = DEFAULT_PUBEXP;
|
||||
struct stat st;
|
||||
extern char *optarg;
|
||||
extern int optind;
|
||||
|
|
@ -232,10 +238,7 @@ main (int argc, char *argv[])
|
|||
while ((c = getopt(argc, argv, "e:b:f:i:h")) != -1)
|
||||
switch (c) {
|
||||
case 'e':
|
||||
if (strncmp(optarg, "0x", 2) == 0)
|
||||
sscanf(optarg, "0x%x", &pubexp);
|
||||
else
|
||||
pubexp = atoi(optarg);
|
||||
pubexp = (unsigned int)strtoul(optarg, NULL, 0);
|
||||
break;
|
||||
case 'b':
|
||||
bits = atoi(optarg);
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: mi,v 1.1288 2022/01/22 07:53:05 pho Exp $
|
||||
# $NetBSD: mi,v 1.1289 2022/01/23 14:35:44 christos Exp $
|
||||
#
|
||||
# Note: Don't delete entries from here - mark them as "obsolete" instead,
|
||||
# unless otherwise stated below.
|
||||
|
|
@ -1800,6 +1800,7 @@
|
|||
./usr/sbin/pkg_delete base-pkgutil-bin
|
||||
./usr/sbin/pkg_info base-pkgutil-bin
|
||||
./usr/sbin/pkg_view base-obsolete obsolete
|
||||
./usr/sbin/plainrsa-gen base-netutil-bin
|
||||
./usr/sbin/portmap base-obsolete obsolete
|
||||
./usr/sbin/postalias base-postfix-bin postfix
|
||||
./usr/sbin/postcat base-postfix-bin postfix
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: mi,v 1.371 2021/12/31 16:14:44 christos Exp $
|
||||
# $NetBSD: mi,v 1.372 2022/01/23 14:35:44 christos Exp $
|
||||
./etc/mtree/set.debug comp-sys-root
|
||||
./usr/lib comp-sys-usr compatdir
|
||||
./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile
|
||||
|
|
@ -1231,6 +1231,7 @@
|
|||
./usr/libdata/debug/usr/sbin/pkg_create.debug comp-pkgutil-debug debug
|
||||
./usr/libdata/debug/usr/sbin/pkg_delete.debug comp-pkgutil-debug debug
|
||||
./usr/libdata/debug/usr/sbin/pkg_info.debug comp-pkgutil-debug debug
|
||||
./usr/libdata/debug/usr/sbin/plainrsa-gen.debug comp-netutil-debug debug
|
||||
./usr/libdata/debug/usr/sbin/postalias.debug comp-postfix-debug postfix,debug
|
||||
./usr/libdata/debug/usr/sbin/postcat.debug comp-postfix-debug postfix,debug
|
||||
./usr/libdata/debug/usr/sbin/postconf.debug comp-postfix-debug postfix,debug
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: mi,v 1.1732 2022/01/17 16:31:23 thorpej Exp $
|
||||
# $NetBSD: mi,v 1.1733 2022/01/23 14:35:44 christos Exp $
|
||||
#
|
||||
# Note: don't delete entries from here - mark them as "obsolete" instead.
|
||||
#
|
||||
|
|
@ -2989,6 +2989,7 @@
|
|||
./usr/share/man/cat8/ping.0 man-netutil-catman .cat
|
||||
./usr/share/man/cat8/ping6.0 man-netutil-catman use_inet6,.cat
|
||||
./usr/share/man/cat8/pipe.0 man-postfix-catman postfix,.cat
|
||||
./usr/share/man/cat8/plainrsa-gen.0 man-netutil-catman .cat
|
||||
./usr/share/man/cat8/playstation2/MAKEDEV.0 man-obsolete obsolete
|
||||
./usr/share/man/cat8/playstation2/makedev.0 man-obsolete obsolete
|
||||
./usr/share/man/cat8/pmax/MAKEDEV.0 man-obsolete obsolete
|
||||
|
|
@ -6003,6 +6004,7 @@
|
|||
./usr/share/man/html8/ping.html man-netutil-htmlman html
|
||||
./usr/share/man/html8/ping6.html man-netutil-htmlman use_inet6,html
|
||||
./usr/share/man/html8/pipe.html man-postfix-htmlman postfix,html
|
||||
./usr/share/man/html8/plainrsa-gen.html man-netutil-htmlman html
|
||||
./usr/share/man/html8/pmax/boot.html man-sys-htmlman html
|
||||
./usr/share/man/html8/postinstall.html man-sys-htmlman html
|
||||
./usr/share/man/html8/postscreen.html man-postfix-htmlman postfix,html
|
||||
|
|
@ -9263,6 +9265,7 @@
|
|||
./usr/share/man/man8/ping.8 man-netutil-man .man
|
||||
./usr/share/man/man8/ping6.8 man-netutil-man use_inet6,.man
|
||||
./usr/share/man/man8/pipe.8 man-postfix-man postfix,.man
|
||||
./usr/share/man/man8/plainrsa-gen.8 man-netutil-man .man
|
||||
./usr/share/man/man8/playstation2/MAKEDEV.8 man-obsolete obsolete
|
||||
./usr/share/man/man8/playstation2/makedev.8 man-obsolete obsolete
|
||||
./usr/share/man/man8/pmax/MAKEDEV.8 man-obsolete obsolete
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# $NetBSD: Makefile,v 1.285 2020/08/20 21:30:46 riastradh Exp $
|
||||
# $NetBSD: Makefile,v 1.286 2022/01/23 14:35:44 christos Exp $
|
||||
# from: @(#)Makefile 5.20 (Berkeley) 6/12/93
|
||||
|
||||
.include <bsd.own.mk>
|
||||
|
|
@ -53,7 +53,7 @@ SUBDIR+=faithd ifmcstat ip6addrctl ndp rip6query rtsold
|
|||
SUBDIR+=mld6query route6d rtadvd traceroute6
|
||||
.endif
|
||||
|
||||
SUBDIR+= racoon racoonctl
|
||||
SUBDIR+= plainrsa-gen racoon racoonctl
|
||||
|
||||
SUBDIR+= nvmmctl
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,35 @@
|
|||
# $NetBSD: Makefile,v 1.1 2022/01/23 14:35:44 christos Exp $
|
||||
|
||||
WARNS?= 0 # XXX third-party program, many issues
|
||||
NOCLANGERROR= # defined
|
||||
|
||||
.include <bsd.own.mk>
|
||||
|
||||
PROG= plainrsa-gen
|
||||
SRCS= plainrsa-gen.c plog.c crypto_openssl.c logger.c vmbuf.c misc.c \
|
||||
rsalist.c sockmisc.c genlist.c prsa_tok.c prsa_par.c
|
||||
MAN= plainrsa-gen.8
|
||||
|
||||
DIST= ${NETBSDSRCDIR}/crypto/dist/ipsec-tools
|
||||
CPPFLAGS+= -I${DIST}/src/racoon -I${DIST}/src/racoon/missing
|
||||
CPPFLAGS+= -I${DIST}/src/libipsec
|
||||
CPPFLAGS+= -I${NETBSDSRCDIR}/lib/libipsec
|
||||
CPPFLAGS+= -DHAVE_CONFIG_H -DNOUSE_PRIVSEP
|
||||
.if ${HAVE_OPENSSL} < 11
|
||||
CPPFLAGS+= -DHAVE_OPENSSL_RC5_H
|
||||
CPPFLAGS+= -DOPENSSL_API_COMPAT=0x10100000L
|
||||
.endif
|
||||
|
||||
.PATH: ${DIST}/src/racoon
|
||||
|
||||
LDADD+= -lcrypto -lipsec
|
||||
DPADD+= ${LIBCRYPTO} ${LIBIPSEC}
|
||||
|
||||
LPREFIX=prsa
|
||||
YPREFIX=prsa
|
||||
YFLAGS=-d
|
||||
|
||||
prsa_tok.c: prsa_par.c
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
||||
Loading…
Reference in New Issue