Allow RSA key-generation to specify an arbitrary public exponent. Jelte

 Changes between 0.9.7c and 0.9.8  [xx XXX xxxx]

  *) The new 'RSA_generate_key_ex' function now takes a BIGNUM for the public

     exponent rather than 'unsigned long'. There is a corresponding change to

     the new 'rsa_keygen' element of the RSA_METHOD structure.

     [Jelte Jansen, Geoff Thorpe]

  *) Reduce the chances of duplicate issuer name and serial numbers (in

     violation of RFC3280) using the OpenSSL certificate creation utilities. 

     This is done by creating a random 64 bit value for the initial serial

	ENGINE *e = NULL;

#endif

	int ret=1;

	RSA *rsa=NULL;

	int i,num=DEFBITS;

	long l;

	const EVP_CIPHER *enc=NULL;

#endif

	char *inrand=NULL;

	BIO *out=NULL;

	BIGNUM *bn = BN_new();

	RSA *rsa = RSA_new();

	if(!bn || !rsa) goto err;

	apps_startup();

	BN_GENCB_set(&cb, genrsa_cb, bio_err);

	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",

		num);

	if(((rsa = RSA_new()) == NULL) || !RSA_generate_key_ex(rsa, num, f4, &cb))

	if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))

		goto err;

	app_RAND_write_file(NULL, bio_err);

	if (rsa == NULL) goto err;

	/* We need to do the following for when the base number size is <

	 * long, esp windows 3.1 :-(. */

	l=0L;

	ret=0;

err:

	if (rsa != NULL) RSA_free(rsa);

	if (out != NULL) BIO_free_all(out);

	if (bn) BN_free(bn);

	if (rsa) RSA_free(rsa);

	if (out) BIO_free_all(out);

	if(passout) OPENSSL_free(passout);

	if (ret != 0)

		ERR_print_errors(bio_err);

		if (pkey_type == TYPE_RSA)

			{

			RSA *rsa = RSA_new();

			if(!rsa || !RSA_generate_key_ex(rsa, newkey, 0x10001, &cb) ||

			BIGNUM *bn = BN_new();

			if(!bn || !rsa || !BN_set_word(bn, 0x10001) ||

					!RSA_generate_key_ex(rsa, newkey, bn, &cb) ||

					!EVP_PKEY_assign_RSA(pkey, rsa))

				{

				if(bn) BN_free(bn);

				if(rsa) RSA_free(rsa);

				goto end;

				}

			BN_free(bn);

			}

		else

#endif

#ifndef OPENSSL_NO_RSA

static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength)

	{

	BIGNUM *bn = NULL;

	static RSA *rsa_tmp=NULL;

	if (rsa_tmp == NULL)

	if (!rsa_tmp && ((bn = BN_new()) == NULL))

		BIO_printf(bio_err,"Allocation error in generating RSA key\n");

	if (!rsa_tmp && bn)

		{

		if (!s_quiet)

			{

			BIO_printf(bio_err,"Generating temp (%d bit) RSA key...",keylength);

			(void)BIO_flush(bio_err);

			}

		if(((rsa_tmp = RSA_new()) == NULL) || !RSA_generate_key_ex(

					rsa_tmp, keylength,RSA_F4,NULL))

		if(!BN_set_word(bn, RSA_F4) || ((rsa_tmp = RSA_new()) == NULL) ||

				!RSA_generate_key_ex(rsa_tmp, keylength, bn, NULL))

			{

			if(rsa_tmp) RSA_free(rsa_tmp);

			rsa_tmp = NULL;

			BIO_printf(bio_err,"\n");

			(void)BIO_flush(bio_err);

			}

		BN_free(bn);

		}

	return(rsa_tmp);

	}

 * is for behavioural compatibility whilst the code gets rewired, but one day

 * it would be nice to assume there are no such things as "builtin software"

 * implementations. */

	int (*rsa_keygen)(RSA *rsa, int bits, unsigned long e, BN_GENCB *cb);

	int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);

	};

struct rsa_st

#endif /* !defined(OPENSSL_NO_DEPRECATED) */

/* New version */

int	RSA_generate_key_ex(RSA *rsa, int bits, unsigned long e, BN_GENCB *cb);

int	RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);

int	RSA_check_key(const RSA *);

	/* next 4 return -1 on error */