[thirdparty/openssl.git] / apps / ecdsa.c

/* apps/ecdsa.c */
/* ====================================================================
 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#ifndef OPENSSL_NO_ECDSA
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/ecdsa.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem.h>

#undef PROG
#define PROG	ecdsa_main

/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
 * -outform arg - output format - default PEM
 * -in arg	- input file - default stdin
 * -out arg	- output file - default stdout
 * -des		- encrypt output if PEM format with DES in cbc mode
 * -des3	- encrypt output if PEM format
 * -idea	- encrypt output if PEM format
 * -aes128	- encrypt output if PEM format
 * -aes192	- encrypt output if PEM format
 * -aes256	- encrypt output if PEM format
 * -text	- print a text version
 * -pub		- print the ECDSA public key
 * -compressed  - print the public key in compressed form ( default )   
 * -hybrid 	- print the public key in hybrid form
 * -uncompressed - print the public key in uncompressed form
 *		  the last three options ( compressed, hybrid and uncompressed )
 *		  are only used if the "-pub" option is also selected.
 *	  	  For a precise description of the the meaning of compressed,
 *		  hybrid and uncompressed please refer to the X9.62 standart.
 *		  All three forms represents ways to express the ecdsa public
 *		  key ( a point on a elliptic curve ) as octet string. Let len be
 *		  the length ( in bytes ) of an element of the field over which
 *		  the curve is defined, then a compressed octet string has the form
 *		  0x02 + result of BN_bn2bin() of the x coordinate of the public key
 */

int MAIN(int, char **);

int MAIN(int argc, char **argv)
{
	ENGINE 	*e = NULL;
	int 	ret = 1;
	ECDSA 	*ecdsa = NULL;
	int 	i, badops = 0;
	const EVP_CIPHER *enc = NULL;
	BIO 	*in = NULL, *out = NULL;
	int 	informat, outformat, text=0, noout=0;
	int  	pubin = 0, pubout = 0;
	char 	*infile, *outfile, *prog, *engine;
	char 	*passargin = NULL, *passargout = NULL;
	char 	*passin = NULL, *passout = NULL;
	int 	pub = 0, point_form = 0;
	unsigned char *buffer = NULL;
	unsigned int  buf_len = 0;
	BIGNUM	*tmp_bn = NULL;

	apps_startup();

	if (bio_err == NULL)
		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);

	if (!load_config(bio_err, NULL))
		goto end;

	engine = NULL;
	infile = NULL;
	outfile = NULL;
	informat = FORMAT_PEM;
	outformat = FORMAT_PEM;

	prog = argv[0];
	argc--;
	argv++;
	while (argc >= 1)
	{
		if (strcmp(*argv,"-inform") == 0)
		{
			if (--argc < 1) goto bad;
			informat=str2fmt(*(++argv));
		}
		else if (strcmp(*argv,"-outform") == 0)
		{
			if (--argc < 1) goto bad;
			outformat=str2fmt(*(++argv));
		}
		else if (strcmp(*argv,"-in") == 0)
		{
			if (--argc < 1) goto bad;
			infile= *(++argv);
		}
		else if (strcmp(*argv,"-out") == 0)
		{
			if (--argc < 1) goto bad;
			outfile= *(++argv);
		}
		else if (strcmp(*argv,"-passin") == 0)
		{
			if (--argc < 1) goto bad;
			passargin= *(++argv);
		}
		else if (strcmp(*argv,"-passout") == 0)
		{
			if (--argc < 1) goto bad;
			passargout= *(++argv);
		}
		else if (strcmp(*argv, "-engine") == 0)
		{
			if (--argc < 1) goto bad;
			engine= *(++argv);
		}
		else if (strcmp(*argv, "-noout") == 0)
			noout = 1;
		else if (strcmp(*argv, "-text") == 0)
			text = 1;
		else if (strcmp(*argv, "-pub") == 0)
		{
			pub = 1;
			buffer = (unsigned char *)(*(argv+1));
			if (strcmp((char *)buffer, "compressed") == 0)
				point_form = POINT_CONVERSION_COMPRESSED;
			else if (strcmp((char *)buffer, "hybrid") == 0)
				point_form = POINT_CONVERSION_HYBRID;
			else if (strcmp((char *)buffer, "uncompressed") == 0)
				point_form = POINT_CONVERSION_UNCOMPRESSED;
			if (point_form)
			{
				argc--;
				argv++;
			}
		}
		else if (strcmp(*argv, "-pubin") == 0)
			pubin=1;
		else if (strcmp(*argv, "-pubout") == 0)
			pubout=1;
		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
		{
			BIO_printf(bio_err,"unknown option %s\n",*argv);
			badops=1;
			break;
		}
		argc--;
		argv++;
	}

	if (badops)
	{
bad:
		BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
		BIO_printf(bio_err, "where options are\n");
		BIO_printf(bio_err, " -inform arg     input format - DER or PEM\n");
		BIO_printf(bio_err, " -outform arg    output format - DER or PEM\n");
		BIO_printf(bio_err, " -in arg         input file\n");
		BIO_printf(bio_err, " -passin arg     input file pass phrase source\n");
		BIO_printf(bio_err, " -out arg        output file\n");
		BIO_printf(bio_err, " -passout arg    output file pass phrase source\n");
		BIO_printf(bio_err, " -engine e       use engine e, possibly a hardware device.\n");
		BIO_printf(bio_err, " -des            encrypt PEM output with cbc des\n");
		BIO_printf(bio_err, " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
		BIO_printf(bio_err, " -idea           encrypt PEM output with cbc idea\n");
#endif
#ifndef OPENSSL_NO_AES
		BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
#endif
		BIO_printf(bio_err, " -text           print the key in text\n");
		BIO_printf(bio_err, " -noout          don't print key out\n");
		BIO_printf(bio_err, " -pub [compressed | hybrid | uncompressed] \n");
		BIO_printf(bio_err, "         compressed     print the public key in compressed form ( default )\n");   
		BIO_printf(bio_err, "         hybrid         print the public key in hybrid form\n");
 		BIO_printf(bio_err, "         uncompressed   print the public key in uncompressed form\n");
		goto end;
	}

	ERR_load_crypto_strings();

        e = setup_engine(bio_err, engine, 0);

	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 
	{
		BIO_printf(bio_err, "Error getting passwords\n");
		goto end;
	}

	in = BIO_new(BIO_s_file());
	out = BIO_new(BIO_s_file());
	if ((in == NULL) || (out == NULL))
	{
		ERR_print_errors(bio_err);
		goto end;
	}

	if (infile == NULL)
		BIO_set_fp(in,stdin,BIO_NOCLOSE);
	else
	{
		if (BIO_read_filename(in,infile) <= 0)
		{
			perror(infile);
			goto end;
		}
	}

	BIO_printf(bio_err,"read ECDSA key\n");
	if (informat == FORMAT_ASN1) 
	{
		if (pubin) 
			ecdsa = d2i_ECDSA_PUBKEY_bio(in, NULL);
		else 
			ecdsa = d2i_ECDSAPrivateKey_bio(in, NULL);
	} else if (informat == FORMAT_PEM) 
	{
		if (pubin) 
			ecdsa = PEM_read_bio_ECDSA_PUBKEY(in, NULL, NULL, NULL);
		else 
			ecdsa = PEM_read_bio_ECDSAPrivateKey(in, NULL, NULL, passin);
	} else
	{
		BIO_printf(bio_err, "bad input format specified for key\n");
		goto end;
	}
	if (ecdsa == NULL)
	{
		BIO_printf(bio_err,"unable to load Key\n");
		ERR_print_errors(bio_err);
		goto end;
	}

	if (outfile == NULL)
	{
		BIO_set_fp(out, stdout, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
		{
			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
			out = BIO_push(tmpbio, out);
		}
#endif
	}
	else
	{
		if (BIO_write_filename(out, outfile) <= 0)
		{
			perror(outfile);
			goto end;
		}
	}

	if (text) 
		if (!ECDSA_print(out, ecdsa, 0))
		{
			perror(outfile);
			ERR_print_errors(bio_err);
			goto end;
		}

	if (pub)
	{
		fprintf(stdout, "Public Key (");
		if (point_form == POINT_CONVERSION_COMPRESSED)
			fprintf(stdout, "COMPRESSED");
		else if (point_form == POINT_CONVERSION_UNCOMPRESSED)
			fprintf(stdout, "UNCOMPRESSED");
		else if (point_form == POINT_CONVERSION_HYBRID)
			fprintf(stdout, "HYBRID");
		fprintf(stdout, ")=");
		buf_len = EC_POINT_point2oct(ecdsa->group, EC_GROUP_get0_generator(ecdsa->group),
					     point_form, NULL, 0, NULL);
		if (!buf_len)
		{
			BIO_printf(bio_err,"invalid public key length\n");
			ERR_print_errors(bio_err);
			goto end;
		}
		if ((tmp_bn = BN_new()) == NULL ||
		    (buffer = OPENSSL_malloc(buf_len)) == NULL) goto end;
		if (!EC_POINT_point2oct(ecdsa->group, EC_GROUP_get0_generator(ecdsa->group),
					     point_form, buffer, buf_len, NULL) ||
		    !BN_bin2bn(buffer, buf_len, tmp_bn))
		{
			BIO_printf(bio_err,"can not encode public key\n");
			ERR_print_errors(bio_err);
			OPENSSL_free(buffer);
			goto end;
		}
		BN_print(out, tmp_bn);
		fprintf(stdout,"\n");
	}

	if (noout) 
		goto end;
	BIO_printf(bio_err, "writing ECDSA key\n");
	if (outformat == FORMAT_ASN1) 
	{
		if(pubin || pubout) 
			i = i2d_ECDSA_PUBKEY_bio(out, ecdsa);
		else 
			i = i2d_ECDSAPrivateKey_bio(out, ecdsa);
	} else if (outformat == FORMAT_PEM) 
	{
		if(pubin || pubout)
			i = PEM_write_bio_ECDSA_PUBKEY(out, ecdsa);
		else 
			i = PEM_write_bio_ECDSAPrivateKey(out, ecdsa, enc,
							NULL, 0, NULL, passout);
	} else 
	{
		BIO_printf(bio_err, "bad output format specified for outfile\n");
		goto end;
	}
	if (!i)
	{
		BIO_printf(bio_err, "unable to write private key\n");
		ERR_print_errors(bio_err);
	}
	else
		ret=0;
end:
	if (in) 	BIO_free(in);
	if (out)	BIO_free_all(out);
	if (ecdsa) 	ECDSA_free(ecdsa);
	if (tmp_bn)	BN_free(tmp_bn);
	if (passin) 	OPENSSL_free(passin);
	if (passout) 	OPENSSL_free(passout);
	apps_shutdown();
	EXIT(ret);
}
#endif
Commit	Line	Data
4d94ae00 BM	1	/* apps/ecdsa.c */
	2	/* ====================================================================
	3	* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
	4	*
	5	* Redistribution and use in source and binary forms, with or without
	6	* modification, are permitted provided that the following conditions
	7	* are met:
	8	*
	9	* 1. Redistributions of source code must retain the above copyright
	10	* notice, this list of conditions and the following disclaimer.
	11	*
	12	* 2. Redistributions in binary form must reproduce the above copyright
	13	* notice, this list of conditions and the following disclaimer in
	14	* the documentation and/or other materials provided with the
	15	* distribution.
	16	*
	17	* 3. All advertising materials mentioning features or use of this
	18	* software must display the following acknowledgment:
	19	* "This product includes software developed by the OpenSSL Project
	20	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	21	*
	22	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	23	* endorse or promote products derived from this software without
	24	* prior written permission. For written permission, please contact
	25	* openssl-core@openssl.org.
	26	*
	27	* 5. Products derived from this software may not be called "OpenSSL"
	28	* nor may "OpenSSL" appear in their names without prior written
	29	* permission of the OpenSSL Project.
	30	*
	31	* 6. Redistributions of any form whatsoever must retain the following
	32	* acknowledgment:
	33	* "This product includes software developed by the OpenSSL Project
	34	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	35	*
	36	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	37	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	38	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	39	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	40	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	41	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	42	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	43	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	44	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	45	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	46	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	47	* OF THE POSSIBILITY OF SUCH DAMAGE.
	48	* ====================================================================
	49	*
	50	* This product includes cryptographic software written by Eric Young
	51	* (eay@cryptsoft.com). This product includes software written by Tim
	52	* Hudson (tjh@cryptsoft.com).
	53	*
	54	*/
	55	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
	56	* All rights reserved.
	57	*
	58	* This package is an SSL implementation written
	59	* by Eric Young (eay@cryptsoft.com).
	60	* The implementation was written so as to conform with Netscapes SSL.
	61	*
	62	* This library is free for commercial and non-commercial use as long as
	63	* the following conditions are aheared to. The following conditions
	64	* apply to all code found in this distribution, be it the RC4, RSA,
65	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
66	* included with this distribution is covered by the same copyright terms
67	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
68	*
69	* Copyright remains Eric Young's, and as such any Copyright notices in
70	* the code are not to be removed.
71	* If this package is used in a product, Eric Young should be given attribution
72	* as the author of the parts of the library used.
73	* This can be in the form of a textual message at program startup or
74	* in documentation (online or textual) provided with the package.
75	*
76	* Redistribution and use in source and binary forms, with or without
77	* modification, are permitted provided that the following conditions
78	* are met:
79	* 1. Redistributions of source code must retain the copyright
80	* notice, this list of conditions and the following disclaimer.
81	* 2. Redistributions in binary form must reproduce the above copyright
82	* notice, this list of conditions and the following disclaimer in the
83	* documentation and/or other materials provided with the distribution.
84	* 3. All advertising materials mentioning features or use of this software
85	* must display the following acknowledgement:
86	* "This product includes cryptographic software written by
87	* Eric Young (eay@cryptsoft.com)"
88	* The word 'cryptographic' can be left out if the rouines from the library
89	* being used are not cryptographic related :-).
90	* 4. If you include any Windows specific code (or a derivative thereof) from
91	* the apps directory (application code) you must include an acknowledgement:
92	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
93	*
94	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
95	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
96	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
97	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
98	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
99	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
100	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
101	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
102	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
103	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
104	* SUCH DAMAGE.
105	*
106	* The licence and distribution terms for any publically available version or
107	* derivative of this code cannot be changed. i.e. this code cannot simply be
108	* copied and put under another distribution licence
109	* [including the GNU Public Licence.]
110	*/
111
112	#ifndef OPENSSL_NO_ECDSA
113	#include <stdio.h>
114	#include <stdlib.h>
115	#include <string.h>
116	#include <time.h>
117	#include "apps.h"
118	#include <openssl/bio.h>
119	#include <openssl/err.h>
120	#include <openssl/ecdsa.h>
121	#include <openssl/evp.h>
122	#include <openssl/x509.h>
123	#include <openssl/pem.h>
124
125	#undef PROG
126	#define PROG ecdsa_main
127
128	/* -inform arg - input format - default PEM (one of DER, NET or PEM)
129	* -outform arg - output format - default PEM
130	* -in arg - input file - default stdin
131	* -out arg - output file - default stdout
132	* -des - encrypt output if PEM format with DES in cbc mode
133	* -des3 - encrypt output if PEM format
134	* -idea - encrypt output if PEM format
b3dfaaa1 RL	135	* -aes128 - encrypt output if PEM format
	136	* -aes192 - encrypt output if PEM format
	137	* -aes256 - encrypt output if PEM format
4d94ae00 BM	138	* -text - print a text version
	139	* -pub - print the ECDSA public key
	140	* -compressed - print the public key in compressed form ( default )
	141	* -hybrid - print the public key in hybrid form
	142	* -uncompressed - print the public key in uncompressed form
	143	* the last three options ( compressed, hybrid and uncompressed )
	144	* are only used if the "-pub" option is also selected.
	145	* For a precise description of the the meaning of compressed,
	146	* hybrid and uncompressed please refer to the X9.62 standart.
	147	* All three forms represents ways to express the ecdsa public
	148	* key ( a point on a elliptic curve ) as octet string. Let len be
	149	* the length ( in bytes ) of an element of the field over which
	150	* the curve is defined, then a compressed octet string has the form
	151	* 0x02 + result of BN_bn2bin() of the x coordinate of the public key
	152	*/
	153
	154	int MAIN(int, char **);
	155
	156	int MAIN(int argc, char **argv)
	157	{
	158	ENGINE *e = NULL;
	159	int ret = 1;
	160	ECDSA *ecdsa = NULL;
	161	int i, badops = 0;
	162	const EVP_CIPHER *enc = NULL;
	163	BIO in = NULL, out = NULL;
	164	int informat, outformat, text=0, noout=0;
	165	int pubin = 0, pubout = 0;
	166	char infile, outfile, prog, engine;
	167	char passargin = NULL, passargout = NULL;
	168	char passin = NULL, passout = NULL;
	169	int pub = 0, point_form = 0;
	170	unsigned char *buffer = NULL;
	171	unsigned int buf_len = 0;
	172	BIGNUM *tmp_bn = NULL;
	173
	174	apps_startup();
	175
	176	if (bio_err == NULL)
	177	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
	178	BIO_set_fp(bio_err, stderr, BIO_NOCLOSE\|BIO_FP_TEXT);
	179
3647bee2 DSH	180	if (!load_config(bio_err, NULL))
	181	goto end;
	182
4d94ae00 BM	183	engine = NULL;
	184	infile = NULL;
	185	outfile = NULL;
	186	informat = FORMAT_PEM;
	187	outformat = FORMAT_PEM;
	188
	189	prog = argv[0];
	190	argc--;
	191	argv++;
	192	while (argc >= 1)
	193	{
	194	if (strcmp(*argv,"-inform") == 0)
	195	{
	196	if (--argc < 1) goto bad;
	197	informat=str2fmt(*(++argv));
	198	}
	199	else if (strcmp(*argv,"-outform") == 0)
	200	{
	201	if (--argc < 1) goto bad;
	202	outformat=str2fmt(*(++argv));
	203	}
	204	else if (strcmp(*argv,"-in") == 0)
	205	{
	206	if (--argc < 1) goto bad;
	207	infile= *(++argv);
	208	}
	209	else if (strcmp(*argv,"-out") == 0)
	210	{
	211	if (--argc < 1) goto bad;
	212	outfile= *(++argv);
	213	}
	214	else if (strcmp(*argv,"-passin") == 0)
	215	{
	216	if (--argc < 1) goto bad;
	217	passargin= *(++argv);
	218	}
	219	else if (strcmp(*argv,"-passout") == 0)
	220	{
	221	if (--argc < 1) goto bad;
	222	passargout= *(++argv);
	223	}
	224	else if (strcmp(*argv, "-engine") == 0)
	225	{
	226	if (--argc < 1) goto bad;
	227	engine= *(++argv);
	228	}
	229	else if (strcmp(*argv, "-noout") == 0)
	230	noout = 1;
	231	else if (strcmp(*argv, "-text") == 0)
	232	text = 1;
	233	else if (strcmp(*argv, "-pub") == 0)
	234	{
	235	pub = 1;
b3dfaaa1 RL	236	buffer = (unsigned char )((argv+1));
b3dfaaa1 RL	237	if (strcmp((char *)buffer, "compressed") == 0)
4d94ae00	238	point_form = POINT_CONVERSION_COMPRESSED;
b3dfaaa1	239	else if (strcmp((char *)buffer, "hybrid") == 0)
4d94ae00	240	point_form = POINT_CONVERSION_HYBRID;
b3dfaaa1	241	else if (strcmp((char *)buffer, "uncompressed") == 0)
4d94ae00 BM	242	point_form = POINT_CONVERSION_UNCOMPRESSED;
	243	if (point_form)
	244	{
	245	argc--;
	246	argv++;
	247	}
	248	}
	249	else if (strcmp(*argv, "-pubin") == 0)
	250	pubin=1;
	251	else if (strcmp(*argv, "-pubout") == 0)
	252	pubout=1;
	253	else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
	254	{
	255	BIO_printf(bio_err,"unknown option %s\n",*argv);
	256	badops=1;
	257	break;
	258	}
	259	argc--;
	260	argv++;
	261	}
	262
	263	if (badops)
	264	{
	265	bad:
	266	BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
	267	BIO_printf(bio_err, "where options are\n");
	268	BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
	269	BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
	270	BIO_printf(bio_err, " -in arg input file\n");
	271	BIO_printf(bio_err, " -passin arg input file pass phrase source\n");
	272	BIO_printf(bio_err, " -out arg output file\n");
	273	BIO_printf(bio_err, " -passout arg output file pass phrase source\n");
	274	BIO_printf(bio_err, " -engine e use engine e, possibly a hardware device.\n");
	275	BIO_printf(bio_err, " -des encrypt PEM output with cbc des\n");
	276	BIO_printf(bio_err, " -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
	277	#ifndef OPENSSL_NO_IDEA
	278	BIO_printf(bio_err, " -idea encrypt PEM output with cbc idea\n");
b3dfaaa1 RL	279	#endif
	280	#ifndef OPENSSL_NO_AES
	281	BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
	282	BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
4d94ae00 BM	283	#endif
	284	BIO_printf(bio_err, " -text print the key in text\n");
	285	BIO_printf(bio_err, " -noout don't print key out\n");
	286	BIO_printf(bio_err, " -pub [compressed \| hybrid \| uncompressed] \n");
	287	BIO_printf(bio_err, " compressed print the public key in compressed form ( default )\n");
	288	BIO_printf(bio_err, " hybrid print the public key in hybrid form\n");
	289	BIO_printf(bio_err, " uncompressed print the public key in uncompressed form\n");
	290	goto end;
	291	}
	292
	293	ERR_load_crypto_strings();
	294
	295	e = setup_engine(bio_err, engine, 0);
	296
	297	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
	298	{
	299	BIO_printf(bio_err, "Error getting passwords\n");
	300	goto end;
	301	}
	302
	303	in = BIO_new(BIO_s_file());
	304	out = BIO_new(BIO_s_file());
	305	if ((in == NULL) \|\| (out == NULL))
	306	{
	307	ERR_print_errors(bio_err);
	308	goto end;
	309	}
	310
	311	if (infile == NULL)
	312	BIO_set_fp(in,stdin,BIO_NOCLOSE);
	313	else
	314	{
	315	if (BIO_read_filename(in,infile) <= 0)
	316	{
	317	perror(infile);
	318	goto end;
	319	}
	320	}
	321
	322	BIO_printf(bio_err,"read ECDSA key\n");
	323	if (informat == FORMAT_ASN1)
	324	{
	325	if (pubin)
	326	ecdsa = d2i_ECDSA_PUBKEY_bio(in, NULL);
	327	else
	328	ecdsa = d2i_ECDSAPrivateKey_bio(in, NULL);
	329	} else if (informat == FORMAT_PEM)
	330	{
	331	if (pubin)
	332	ecdsa = PEM_read_bio_ECDSA_PUBKEY(in, NULL, NULL, NULL);
	333	else
	334	ecdsa = PEM_read_bio_ECDSAPrivateKey(in, NULL, NULL, passin);
	335	} else
	336	{
	337	BIO_printf(bio_err, "bad input format specified for key\n");
	338	goto end;
	339	}
	340	if (ecdsa == NULL)
	341	{
	342	BIO_printf(bio_err,"unable to load Key\n");
	343	ERR_print_errors(bio_err);
	344	goto end;
	345	}
	346
347	if (outfile == NULL)
348	{
349	BIO_set_fp(out, stdout, BIO_NOCLOSE);
350	#ifdef OPENSSL_SYS_VMS
351	{
352	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
353	out = BIO_push(tmpbio, out);
354	}
355	#endif
356	}
357	else
358	{
359	if (BIO_write_filename(out, outfile) <= 0)
360	{
361	perror(outfile);
362	goto end;
363	}
364	}
365
366	if (text)
367	if (!ECDSA_print(out, ecdsa, 0))
368	{
369	perror(outfile);
370	ERR_print_errors(bio_err);
371	goto end;
372	}
373
374	if (pub)
375	{
376	fprintf(stdout, "Public Key (");
377	if (point_form == POINT_CONVERSION_COMPRESSED)
378	fprintf(stdout, "COMPRESSED");
379	else if (point_form == POINT_CONVERSION_UNCOMPRESSED)
380	fprintf(stdout, "UNCOMPRESSED");
381	else if (point_form == POINT_CONVERSION_HYBRID)
382	fprintf(stdout, "HYBRID");
383	fprintf(stdout, ")=");
384	buf_len = EC_POINT_point2oct(ecdsa->group, EC_GROUP_get0_generator(ecdsa->group),
385	point_form, NULL, 0, NULL);
386	if (!buf_len)
387	{
388	BIO_printf(bio_err,"invalid public key length\n");
389	ERR_print_errors(bio_err);
390	goto end;
391	}
392	if ((tmp_bn = BN_new()) == NULL \|\|
393	(buffer = OPENSSL_malloc(buf_len)) == NULL) goto end;
394	if (!EC_POINT_point2oct(ecdsa->group, EC_GROUP_get0_generator(ecdsa->group),
395	point_form, buffer, buf_len, NULL) \|\|
396	!BN_bin2bn(buffer, buf_len, tmp_bn))
397	{
398	BIO_printf(bio_err,"can not encode public key\n");
399	ERR_print_errors(bio_err);
400	OPENSSL_free(buffer);
401	goto end;
402	}
403	BN_print(out, tmp_bn);
404	fprintf(stdout,"\n");
405	}
406
407	if (noout)
408	goto end;
409	BIO_printf(bio_err, "writing ECDSA key\n");
410	if (outformat == FORMAT_ASN1)
411	{
412	if(pubin \|\| pubout)
413	i = i2d_ECDSA_PUBKEY_bio(out, ecdsa);
414	else
415	i = i2d_ECDSAPrivateKey_bio(out, ecdsa);
416	} else if (outformat == FORMAT_PEM)
417	{
418	if(pubin \|\| pubout)
419	i = PEM_write_bio_ECDSA_PUBKEY(out, ecdsa);
420	else
421	i = PEM_write_bio_ECDSAPrivateKey(out, ecdsa, enc,
422	NULL, 0, NULL, passout);
423	} else
424	{
425	BIO_printf(bio_err, "bad output format specified for outfile\n");
426	goto end;
427	}
428	if (!i)
429	{
430	BIO_printf(bio_err, "unable to write private key\n");
431	ERR_print_errors(bio_err);
432	}
433	else
434	ret=0;
435	end:
436	if (in) BIO_free(in);
437	if (out) BIO_free_all(out);
438	if (ecdsa) ECDSA_free(ecdsa);
439	if (tmp_bn) BN_free(tmp_bn);
440	if (passin) OPENSSL_free(passin);
441	if (passout) OPENSSL_free(passout);
442	apps_shutdown();
443	EXIT(ret);
444	}
445	#endif