diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-06-09 10:21:58 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-05-25 15:16:54 +0200 |
| commit | a7e4ca5b4e1932cb91ea21047403c87a033e524a (patch) | |
| tree | 1ad41d1f12e8ed09486ca48cf570cff42962ec73 /apps/lib | |
| parent | 8d67621de16990132c13f6a11bcc18ce8e9cdd47 (diff) | |
Add warning to key/param generating apps on potential delay due to missing entropy
This also introduces app_keygen() and app_paramgen() and cleans up err reporting.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12095)
Diffstat (limited to 'apps/lib')
| -rw-r--r-- | apps/lib/apps.c | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index fa63410359..12a17fceed 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -35,6 +35,7 @@ #include <openssl/ui.h> #include <openssl/safestack.h> #include <openssl/rsa.h> +#include <openssl/rand.h> #include <openssl/bn.h> #include <openssl/ssl.h> #include <openssl/store.h> @@ -629,7 +630,7 @@ void app_bail_out(char *fmt, ...) BIO_vprintf(bio_err, fmt, args); va_end(args); ERR_print_errors(bio_err); - exit(1); + exit(EXIT_FAILURE); } void *app_malloc(size_t sz, const char *what) @@ -3258,3 +3259,36 @@ void app_params_free(OSSL_PARAM *params) OPENSSL_free(params); } } + +EVP_PKEY *app_keygen(EVP_PKEY_CTX *ctx, const char *alg, int bits, int verbose) +{ + EVP_PKEY *res = NULL; + + if (verbose && alg != NULL) { + BIO_printf(bio_err, "Generating %s key", alg); + if (bits > 0) + BIO_printf(bio_err, " with %d bits\n", bits); + else + BIO_printf(bio_err, "\n"); + } + if (!RAND_status()) + BIO_printf(bio_err, "Warning: generating random key material may take a long time\n" + "if the system has a poor entropy source\n"); + if (EVP_PKEY_keygen(ctx, &res) <= 0) + app_bail_out("%s: Error generating %s key\n", opt_getprog(), + alg != NULL ? alg : "asymmetric"); + return res; +} + +EVP_PKEY *app_paramgen(EVP_PKEY_CTX *ctx, const char *alg) +{ + EVP_PKEY *res = NULL; + + if (!RAND_status()) + BIO_printf(bio_err, "Warning: generating random key parameters may take a long time\n" + "if the system has a poor entropy source\n"); + if (EVP_PKEY_paramgen(ctx, &res) <= 0) + app_bail_out("%s: Generating %s key parameters failed\n", + opt_getprog(), alg != NULL ? alg : "asymmetric"); + return res; +} |