wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gendsa: dsaparam: introduce -verbose option to enable output

Browse source 
Other commands like 'req' support -verbose, so why not gendsa and dsaparam?

Part of a larger and more ambitious effort to add -verbose to all apps
that might be used in scripts and need to otherwise run silently (well,
without belching out anything that isn't a warning or error... which ties
into a later scrub of using STDOUT were appropriate for informative
messages instead of STDERR)... so that scripts also have the option of
doing >/dev/null without losing anything critical.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/6908)
This commit is contained in:
Philip Prindeville 2018-08-09 15:19:19 -06:00 committed by Pauli
parent c43fa566ea
commit b6a07f6760
4 changed files with 40 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
apps/dsaparam.c
View file

@ -25,12 +25,15 @@ NON_EMPTY_TRANSLATION_UNIT
# include <openssl/x509.h> # include <openssl/x509.h>
# include <openssl/pem.h> # include <openssl/pem.h>
static int verbose = 0;
static int dsa_cb(int p, int n, BN_GENCB *cb); static int dsa_cb(int p, int n, BN_GENCB *cb);
typedef enum OPTION_choice { typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_C, OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_C,
OPT_NOOUT, OPT_GENKEY, OPT_ENGINE, OPT_R_ENUM OPT_NOOUT, OPT_GENKEY, OPT_ENGINE, OPT_VERBOSE,
OPT_R_ENUM
} OPTION_CHOICE; } OPTION_CHOICE;
const OPTIONS dsaparam_options[] = { const OPTIONS dsaparam_options[] = {
@ -47,6 +50,7 @@ const OPTIONS dsaparam_options[] = {
# ifndef OPENSSL_NO_ENGINE # ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"},
# endif # endif
{"verbose", OPT_VERBOSE, '-', "Verbose output"},
{NULL} {NULL}
}; };
@ -107,6 +111,9 @@ int dsaparam_main(int argc, char **argv)
case OPT_NOOUT: case OPT_NOOUT:
noout = 1; noout = 1;
break; break;
case OPT_VERBOSE:
verbose = 1;
break;
} }
} }
argc = opt_num_rest(); argc = opt_num_rest();
@ -145,9 +152,11 @@ int dsaparam_main(int argc, char **argv)
BIO_printf(bio_err, "Error allocating DSA object\n"); BIO_printf(bio_err, "Error allocating DSA object\n");
goto end; goto end;
} }
if (verbose) {
BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n",
num); num);
BIO_printf(bio_err, "This could take some time\n"); BIO_printf(bio_err, "This could take some time\n");
}
if (!DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL, cb)) { if (!DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL, cb)) {
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
BIO_printf(bio_err, "Error, DSA key generation failed\n"); BIO_printf(bio_err, "Error, DSA key generation failed\n");
@ -251,6 +260,9 @@ static int dsa_cb(int p, int n, BN_GENCB *cb)
static const char symbols[] = ".+*\n"; static const char symbols[] = ".+*\n";
char c = (p >= 0 && (size_t)p < sizeof(symbols) - 1) ? symbols[p] : '?'; char c = (p >= 0 && (size_t)p < sizeof(symbols) - 1) ? symbols[p] : '?';
if (!verbose)
return 1;
BIO_write(BN_GENCB_get_arg(cb), &c, 1); BIO_write(BN_GENCB_get_arg(cb), &c, 1);
(void)BIO_flush(BN_GENCB_get_arg(cb)); (void)BIO_flush(BN_GENCB_get_arg(cb));
return 1; return 1;

9
apps/gendsa.c
View file

@ -27,7 +27,7 @@ NON_EMPTY_TRANSLATION_UNIT
typedef enum OPTION_choice { typedef enum OPTION_choice {
OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_CIPHER, OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_CIPHER, OPT_VERBOSE,
OPT_R_ENUM OPT_R_ENUM
} OPTION_CHOICE; } OPTION_CHOICE;
@ -42,6 +42,7 @@ const OPTIONS gendsa_options[] = {
# ifndef OPENSSL_NO_ENGINE # ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
# endif # endif
{"verbose", OPT_VERBOSE, '-', "Verbose output"},
{NULL} {NULL}
}; };
@ -54,7 +55,7 @@ int gendsa_main(int argc, char **argv)
char *dsaparams = NULL; char *dsaparams = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog; char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o; OPTION_CHOICE o;
int ret = 1, private = 0; int ret = 1, private = 0, verbose = 0;
const BIGNUM *p = NULL; const BIGNUM *p = NULL;
prog = opt_init(argc, argv, gendsa_options); prog = opt_init(argc, argv, gendsa_options);
@ -86,6 +87,9 @@ int gendsa_main(int argc, char **argv)
if (!opt_cipher(opt_unknown(), &enc)) if (!opt_cipher(opt_unknown(), &enc))
goto end; goto end;
break; break;
case OPT_VERBOSE:
verbose = 1;
break;
} }
} }
argc = opt_num_rest(); argc = opt_num_rest();
@ -124,6 +128,7 @@ int gendsa_main(int argc, char **argv)
" Your key size is %d! Larger key size may behave not as expected.\n", " Your key size is %d! Larger key size may behave not as expected.\n",
OPENSSL_DSA_MAX_MODULUS_BITS, BN_num_bits(p)); OPENSSL_DSA_MAX_MODULUS_BITS, BN_num_bits(p));
if (verbose)
BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(p)); BIO_printf(bio_err, "Generating DSA key, %d bits\n", BN_num_bits(p));
if (!DSA_generate_key(dsa)) if (!DSA_generate_key(dsa))
goto end; goto end;

17
doc/man1/dsaparam.pod
View file

@ -20,6 +20,7 @@ B<openssl dsaparam>
[B<-writerand file>] [B<-writerand file>]
[B<-genkey>] [B<-genkey>]
[B<-engine id>] [B<-engine id>]
[B<-verbose>]
[B<numbits>] [B<numbits>]
=head1 DESCRIPTION =head1 DESCRIPTION
@ -89,12 +90,6 @@ all others.
Writes random data to the specified I<file> upon exit. Writes random data to the specified I<file> upon exit.
This can be used with a subsequent B<-rand> flag. This can be used with a subsequent B<-rand> flag.
=item B<numbits>
This option specifies that a parameter set should be generated of size
B<numbits>. It must be the last option. If this option is included then
the input file (if any) is ignored.
=item B<-engine id> =item B<-engine id>
Specifying an engine (by its unique B<id> string) will cause B<dsaparam> Specifying an engine (by its unique B<id> string) will cause B<dsaparam>
@ -102,6 +97,16 @@ to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default thus initialising it if needed. The engine will then be set as the default
for all available algorithms. for all available algorithms.
=item B<-verbose>
Print extra details about the operations being performed.
=item B<numbits>
This option specifies that a parameter set should be generated of size
B<numbits>. It must be the last option. If this option is included then
the input file (if any) is ignored.
=back =back
=head1 NOTES =head1 NOTES

5
doc/man1/gendsa.pod
View file

@ -25,6 +25,7 @@ B<openssl> B<gendsa>
[B<-rand file...>] [B<-rand file...>]
[B<-writerand file>] [B<-writerand file>]
[B<-engine id>] [B<-engine id>]
[B<-verbose>]
[B<paramfile>] [B<paramfile>]
=head1 DESCRIPTION =head1 DESCRIPTION
@ -71,6 +72,10 @@ to attempt to obtain a functional reference to the specified engine,
thus initialising it if needed. The engine will then be set as the default thus initialising it if needed. The engine will then be set as the default
for all available algorithms. for all available algorithms.
=item B<-verbose>
Print extra details about the operations being performed.
=item B<paramfile> =item B<paramfile>
This option specifies the DSA parameter file to use. The parameters in this This option specifies the DSA parameter file to use. The parameters in this