Changes to openssl genrsa
Dave Barter
I would like to modify the openssl genrsa program to "quietly" generate
keys, ie. Not print the '.' and '+' characters to STDOUT when generation
occurs. Basically I would like to add the flag -quiet to the genrsa
command line.
I guess this may be useful in other functions as well, or it may be that
I am the only person annoyed by it !
I have had a brief glance at the code to try and ascertaint the best way
to do this, and notice that in genrsa.c for example all output to the
screen goes through a function called BIO_printf(). I was considering
modifying this function to suppress output if the -quiet flag was
present.
Could somebody on the list give me a brief summary of the BIO_printf
function and also advise whether there would be a better method to
achieve my aim.
Thank you for your help
Dave Barter
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List opens...@openssl.org
Automated List Manager majo...@openssl.org
Dave Barter
Dave Barter
Götz Babin-Ebell
--------------ms6714231B8C206F11D990BC07
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Dave Barter wrote:
>
> I hope I have the right list for this, my apologies if I don't.
>
> I would like to modify the openssl genrsa program to "quietly" generate
> keys, ie. Not print the '.' and '+' characters to STDOUT when generation
> occurs. Basically I would like to add the flag -quiet to the genrsa
> command line.
>
> I guess this may be useful in other functions as well, or it may be that
> I am the only person annoyed by it !
>
> I have had a brief glance at the code to try and ascertaint the best way
> to do this, and notice that in genrsa.c for example all output to the
> screen goes through a function called BIO_printf(). I was considering
> modifying this function to suppress output if the -quiet flag was
> present.
openssl-SNAP-20011003 > grep BIO_printf crypto/*/*.c ssl/*.c | wc -l
227
Are you really shure you don't break something with this change ?
> Could somebody on the list give me a brief summary of the BIO_printf
> function and also advise whether there would be a better method to
> achieve my aim.
it is a printf for the BIO interface.
If you don't want these outputs, change the callbacks that print them...
Bye
Goetz
--
Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de
Sonninstr. 24-28, 20097 Hamburg, Germany
Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126
--------------ms6714231B8C206F11D990BC07
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
Content-Transfer-Encoding: base64
MIIF7gYJKoZIhvcNAQcCoIIF3zCCBdsCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
A8QwggPAMIIDKaADAgECAg4yEgAAAAKvalUGOVwG9TANBgkqhkiG9w0BAQUFADCBvDELMAkG
A1UEBhMCREUxEDAOBgNVBAgTB0hhbWJ1cmcxEDAOBgNVBAcTB0hhbWJ1cmcxOjA4BgNVBAoT
MVRDIFRydXN0Q2VudGVyIGZvciBTZWN1cml0eSBpbiBEYXRhIE5ldHdvcmtzIEdtYkgxIjAg
BgNVBAsTGVRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0ExKTAnBgkqhkiG9w0BCQEWGmNlcnRp
ZmljYXRlQHRydXN0Y2VudGVyLmRlMB4XDTAxMDExMjIxMzcxNFoXDTAyMDIxMzIxMzcxNFow
gasxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMRww
GgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMRQwEgYDVQQLEwtFbnR3aWNrbHVuZzEaMBgG
A1UEAxQRR8hvdHogQmFiaW4tRWJlbGwxKDAmBgkqhkiG9w0BCQEWGWJhYmluZWJlbGxAVHJ1
c3RDZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ/3ycGGjVT5EscfUOG8
hxtxJbpf1YMyVNMgB6yejtwWhbkVoKtV0OH7UxvTt8ukC9a65lWbiU2epyZIVhv2Ugm8wq3K
Wcb2BSqCasQz4X3Rvu3RO5/8FehNDw0tGWm/sQk6z/DAGN/miSCj/kygw3cgoVGyTnCTgFae
KqpEOi9bAgMBAAGjgdMwgdAwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBeAwPgYJYIZI
AYb4QgEIBDEWL2h0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lcy9pbmRleC5o
dG1sMBEGCWCGSAGG+EIBAQQEAwIFoDBdBglghkgBhvhCAQMEUBZOaHR0cHM6Ly93d3cudHJ1
c3RjZW50ZXIuZGUvY2dpLWJpbi9jaGVjay1yZXYuY2dpLzMyMTIwMDAwMDAwMkFGNkE1NTA2
Mzk1QzA2RjU/MA0GCSqGSIb3DQEBBQUAA4GBAG4bmhzGLcTmZEZhIOjtaps2cxkt4uURdboB
EMX/ONqJW2aneAFNWgTNjCg3oktETXUwdwZI45OSCT+gyaENEngjPUe8Ph/amkU6S6dn1YYm
nFakmkG5ErxkjI0NMS7kIUqofdbdIpGMz6WBJOe+YcXMD2SuPf2AReHeWEB5HFwbMYIB8jCC
Ae4CAQEwgc8wgbwxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdI
YW1idXJnMTowOAYDVQQKEzFUQyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBO
ZXR3b3JrcyBHbWJIMSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBMSkwJwYJ
KoZIhvcNAQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZQIOMhIAAAACr2pVBjlcBvUw
CQYFKw4DAhoFAKB6MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwGwYJKoZIhvcNAQkPMQ4w
DDAKBggqhkiG9w0DBzAcBgkqhkiG9w0BCQUxDxcNMDExMDExMTE1MjE1WjAjBgkqhkiG9w0B
CQQxFgQUlhTf0p6e83qxJB204sHNSTOe6nowDQYJKoZIhvcNAQEBBQAEgYA8L34o4m4qQ/iv
4mO2f6AjF6LrNxzeKfuVxzUfOIXyOVBTPNCp/5F7YG2tkuZlwgTlcAPU8fdmG9IuuufKl86E
3+Lz4faytxfuF+g3ljrD6kpIJ4DZRZpSsBpehvNh0lx6lNsQVW02NIaAbRMCN3EycG5aVB2G
wXMhGxV7+OBFUw==
--------------ms6714231B8C206F11D990BC07--
Richard Levitte - VMS Whacker
dave> I would like to modify the openssl genrsa program to "quietly" generate
dave> keys, ie. Not print the '.' and '+' characters to STDOUT when generation
dave> occurs. Basically I would like to add the flag -quiet to the genrsa
dave> command line.
A very quick solution is to redirect stdout to /dev/null or something
corresponding.
dave> I have had a brief glance at the code to try and ascertaint the best way
dave> to do this, and notice that in genrsa.c for example all output to the
dave> screen goes through a function called BIO_printf(). I was considering
dave> modifying this function to suppress output if the -quiet flag was
dave> present.
Why on earth would you want to change BIO_printf(), and how would it
know that the application parsed a -quiet? A global variable?
The right way would be to change genrsa to only print to stdout when
-quiet hasn't been given.
dave> Could somebody on the list give me a brief summary of the BIO_printf
dave> function and also advise whether there would be a better method to
dave> achieve my aim.
It's supposed to be a replacement of fprintf and friends, but takes a
BIO* instead of a FILE*.
--
Richard Levitte \ Spannvägen 38, II \ LeV...@stacken.kth.se
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis -- po...@bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
Dave Barter
> From: "Dave Barter" <da...@may-5.com>
>
> dave> I would like to modify the openssl genrsa program to "quietly"
> generate dave> keys, ie. Not print the '.' and '+' characters to STDOUT
> when generation dave> occurs. Basically I would like to add the flag -quiet
> to the genrsa dave> command line.
>
> A very quick solution is to redirect stdout to /dev/null or something
> corresponding.
>
Not very platform independent
> dave> I have had a brief glance at the code to try and ascertaint the best
> way dave> to do this, and notice that in genrsa.c for example all output to
> the dave> screen goes through a function called BIO_printf(). I was
> considering dave> modifying this function to suppress output if the -quiet
> flag was dave> present.
>
> Why on earth would you want to change BIO_printf(), and how would it
> know that the application parsed a -quiet? A global variable?
I'm looking for some advice before delving deep into the code, this is a
personal change I'm not looking for it to be incorporated into a full release.
>
> The right way would be to change genrsa to only print to stdout when
> -quiet hasn't been given.
Agree, but it only works with genrsa, I want to silence other modules as
well. Is there some sort of faq covering the overall design and dependancies
of openssl, it would stop me bothering you lot !
>
> dave> Could somebody on the list give me a brief summary of the BIO_printf
> dave> function and also advise whether there would be a better method to
> dave> achieve my aim.
>
> It's supposed to be a replacement of fprintf and friends, but takes a
> BIO* instead of a FILE*.
Thanks, this helps, could I add some value to the project by documenting at a
high level the function of each C prog. or has this been done before ?
Richard Levitte - VMS Whacker
davebarter> On Thursday 11 October 2001 11:52, you wrote:
davebarter> > From: "Dave Barter" <da...@may-5.com>
davebarter> >
davebarter> > dave> I would like to modify the openssl genrsa program to "quietly"
davebarter> > generate dave> keys, ie. Not print the '.' and '+' characters to STDOUT
davebarter> > when generation dave> occurs. Basically I would like to add the flag -quiet
davebarter> > to the genrsa dave> command line.
davebarter> >
davebarter> > A very quick solution is to redirect stdout to /dev/null or something
davebarter> > corresponding.
davebarter> >
davebarter>
davebarter> Not very platform independent
True, but it's possible on most of them (obtw, the output in question
is on stderr, not stdout):
Unix: openssl genrsa 2> /dev/null
VMS: define/user sys$error nla0:
openssl genrsa
davebarter> > The right way would be to change genrsa to only print to stdout when
davebarter> > -quiet hasn't been given.
davebarter>
davebarter> Agree, but it only works with genrsa, I want to silence other modules as
davebarter> well. Is there some sort of faq covering the overall design and dependancies
davebarter> of openssl, it would stop me bothering you lot !
I still say that's the only way to do it. Trying to fiddle with
BIO_printf() and have it "magically" see if it's supposed to be quiet
or not is asking for lots of trouble. Also, it's not that many
commands that have that kind of "intrusive" printout.
davebarter> Thanks, this helps, could I add some value to the project by documenting at a
davebarter> high level the function of each C prog. or has this been done before ?
Well, you can always see what is there already in the doc/ directory
tree and fill the gaps (there are gaps, absolutely, not question about
it :-)).
--
Richard Levitte \ Spannvägen 38, II \ LeV...@stacken.kth.se
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis -- po...@bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus: http://www.gemplus.com/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.