[thirdparty/openssl.git] / apps / ecparam.c

/*
 * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/opensslconf.h>

#include <stdio.h>
#include <stdlib.h>
#include <time.h>
#include <string.h>
#include "apps.h"
#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/x509.h>
#include <openssl/pem.h>

typedef enum OPTION_choice {
    OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
    OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT,
    OPT_CHECK, OPT_LIST_CURVES, OPT_NO_SEED, OPT_NOOUT, OPT_NAME,
    OPT_CONV_FORM, OPT_PARAM_ENC, OPT_GENKEY, OPT_ENGINE, OPT_CHECK_NAMED,
    OPT_R_ENUM, OPT_PROV_ENUM
} OPTION_CHOICE;

const OPTIONS ecparam_options[] = {
    OPT_SECTION("General"),
    {"help", OPT_HELP, '-', "Display this summary"},
    {"list_curves", OPT_LIST_CURVES, '-',
     "Prints a list of all curve 'short names'"},
#ifndef OPENSSL_NO_ENGINE
    {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif

    {"genkey", OPT_GENKEY, '-', "Generate ec key"},
    {"in", OPT_IN, '<', "Input file  - default stdin"},
    {"inform", OPT_INFORM, 'F', "Input format - default PEM (DER or PEM)"},
    {"out", OPT_OUT, '>', "Output file - default stdout"},
    {"outform", OPT_OUTFORM, 'F', "Output format - default PEM"},

    OPT_SECTION("Output"),
    {"text", OPT_TEXT, '-', "Print the ec parameters in text form"},
    {"noout", OPT_NOOUT, '-', "Do not print the ec parameter"},
    {"param_enc", OPT_PARAM_ENC, 's',
     "Specifies the way the ec parameters are encoded"},

    OPT_SECTION("Parameter"),
    {"check", OPT_CHECK, '-', "Validate the ec parameters"},
    {"check_named", OPT_CHECK_NAMED, '-',
     "Check that named EC curve parameters have not been modified"},
    {"no_seed", OPT_NO_SEED, '-',
     "If 'explicit' parameters are chosen do not use the seed"},
    {"name", OPT_NAME, 's',
     "Use the ec parameters with specified 'short name'"},
    {"conv_form", OPT_CONV_FORM, 's', "Specifies the point conversion form "},

    OPT_R_OPTIONS,
    OPT_PROV_OPTIONS,
    {NULL}
};

static OPT_PAIR forms[] = {
    {"compressed", POINT_CONVERSION_COMPRESSED},
    {"uncompressed", POINT_CONVERSION_UNCOMPRESSED},
    {"hybrid", POINT_CONVERSION_HYBRID},
    {NULL}
};

static OPT_PAIR encodings[] = {
    {"named_curve", OPENSSL_EC_NAMED_CURVE},
    {"explicit", 0},
    {NULL}
};

int ecparam_main(int argc, char **argv)
{
    ENGINE *e = NULL;
    BIGNUM *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
    BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL;
    BIO *in = NULL, *out = NULL;
    EC_GROUP *group = NULL;
    point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
    char *curve_name = NULL;
    char *infile = NULL, *outfile = NULL, *prog;
    unsigned char *buffer = NULL;
    OPTION_CHOICE o;
    int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_asn1_flag = 0;
    int informat = FORMAT_PEM, outformat = FORMAT_PEM, noout = 0;
    int ret = 1, private = 0;
    int list_curves = 0, no_seed = 0, check = 0, new_form = 0;
    int text = 0, i, genkey = 0, check_named = 0;

    prog = opt_init(argc, argv, ecparam_options);
    while ((o = opt_next()) != OPT_EOF) {
        switch (o) {
        case OPT_EOF:
        case OPT_ERR:
 opthelp:
            BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
            goto end;
        case OPT_HELP:
            opt_help(ecparam_options);
            ret = 0;
            goto end;
        case OPT_INFORM:
            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
                goto opthelp;
            break;
        case OPT_IN:
            infile = opt_arg();
            break;
        case OPT_OUTFORM:
            if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
                goto opthelp;
            break;
        case OPT_OUT:
            outfile = opt_arg();
            break;
        case OPT_TEXT:
            text = 1;
            break;
        case OPT_CHECK:
            check = 1;
            break;
        case OPT_CHECK_NAMED:
            check_named = 1;
            break;
        case OPT_LIST_CURVES:
            list_curves = 1;
            break;
        case OPT_NO_SEED:
            no_seed = 1;
            break;
        case OPT_NOOUT:
            noout = 1;
            break;
        case OPT_NAME:
            curve_name = opt_arg();
            break;
        case OPT_CONV_FORM:
            if (!opt_pair(opt_arg(), forms, &new_form))
                goto opthelp;
            form = new_form;
            new_form = 1;
            break;
        case OPT_PARAM_ENC:
            if (!opt_pair(opt_arg(), encodings, &asn1_flag))
                goto opthelp;
            new_asn1_flag = 1;
            break;
        case OPT_GENKEY:
            genkey = 1;
            break;
        case OPT_R_CASES:
            if (!opt_rand(o))
                goto end;
            break;
        case OPT_PROV_CASES:
            if (!opt_provider(o))
                goto end;
            break;
        case OPT_ENGINE:
            e = setup_engine(opt_arg(), 0);
            break;
        }
    }
    argc = opt_num_rest();
    if (argc != 0)
        goto opthelp;

    private = genkey ? 1 : 0;

    in = bio_open_default(infile, 'r', informat);
    if (in == NULL)
        goto end;
    out = bio_open_owner(outfile, outformat, private);
    if (out == NULL)
        goto end;

    if (list_curves) {
        EC_builtin_curve *curves = NULL;
        size_t crv_len = EC_get_builtin_curves(NULL, 0);
        size_t n;

        curves = app_malloc((int)sizeof(*curves) * crv_len, "list curves");
        if (!EC_get_builtin_curves(curves, crv_len)) {
            OPENSSL_free(curves);
            goto end;
        }

        for (n = 0; n < crv_len; n++) {
            const char *comment;
            const char *sname;
            comment = curves[n].comment;
            sname = OBJ_nid2sn(curves[n].nid);
            if (comment == NULL)
                comment = "CURVE DESCRIPTION NOT AVAILABLE";
            if (sname == NULL)
                sname = "";

            BIO_printf(out, "  %-10s: ", sname);
            BIO_printf(out, "%s\n", comment);
        }

        OPENSSL_free(curves);
        ret = 0;
        goto end;
    }

    if (curve_name != NULL) {
        int nid;

        /*
         * workaround for the SECG curve names secp192r1 and secp256r1 (which
         * are the same as the curves prime192v1 and prime256v1 defined in
         * X9.62)
         */
        if (strcmp(curve_name, "secp192r1") == 0) {
            BIO_printf(bio_err, "using curve name prime192v1 "
                       "instead of secp192r1\n");
            nid = NID_X9_62_prime192v1;
        } else if (strcmp(curve_name, "secp256r1") == 0) {
            BIO_printf(bio_err, "using curve name prime256v1 "
                       "instead of secp256r1\n");
            nid = NID_X9_62_prime256v1;
        } else {
            nid = OBJ_sn2nid(curve_name);
        }

        if (nid == 0)
            nid = EC_curve_nist2nid(curve_name);

        if (nid == 0) {
            BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
            goto end;
        }

        group = EC_GROUP_new_by_curve_name(nid);
        if (group == NULL) {
            BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
            goto end;
        }
        EC_GROUP_set_asn1_flag(group, asn1_flag);
        EC_GROUP_set_point_conversion_form(group, form);
    } else if (informat == FORMAT_ASN1) {
        group = d2i_ECPKParameters_bio(in, NULL);
    } else {
        group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
    }
    if (group == NULL) {
        BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
        ERR_print_errors(bio_err);
        goto end;
    }

    if (new_form)
        EC_GROUP_set_point_conversion_form(group, form);

    if (new_asn1_flag)
        EC_GROUP_set_asn1_flag(group, asn1_flag);

    if (no_seed) {
        EC_GROUP_set_seed(group, NULL, 0);
    }

    if (text) {
        if (!ECPKParameters_print(out, group, 0))
            goto end;
    }

    if (check_named) {
        BIO_printf(bio_err, "validating named elliptic curve parameters: ");
        if (EC_GROUP_check_named_curve(group, 0, NULL) <= 0) {
            BIO_printf(bio_err, "failed\n");
            ERR_print_errors(bio_err);
            goto end;
        }
        BIO_printf(bio_err, "ok\n");
    }

    if (check) {
        BIO_printf(bio_err, "checking elliptic curve parameters: ");
        if (!EC_GROUP_check(group, NULL)) {
            BIO_printf(bio_err, "failed\n");
            ERR_print_errors(bio_err);
            goto end;
        }
        BIO_printf(bio_err, "ok\n");

    }

    if (outformat == FORMAT_ASN1 && genkey)
        noout = 1;

    if (!noout) {
        if (outformat == FORMAT_ASN1)
            i = i2d_ECPKParameters_bio(out, group);
        else
            i = PEM_write_bio_ECPKParameters(out, group);
        if (!i) {
            BIO_printf(bio_err, "unable to write elliptic "
                       "curve parameters\n");
            ERR_print_errors(bio_err);
            goto end;
        }
    }

    if (genkey) {
        EC_KEY *eckey = EC_KEY_new();

        if (eckey == NULL)
            goto end;

        if (EC_KEY_set_group(eckey, group) == 0) {
            BIO_printf(bio_err, "unable to set group when generating key\n");
            EC_KEY_free(eckey);
            ERR_print_errors(bio_err);
            goto end;
        }

        if (new_form)
            EC_KEY_set_conv_form(eckey, form);

        if (!EC_KEY_generate_key(eckey)) {
            BIO_printf(bio_err, "unable to generate key\n");
            EC_KEY_free(eckey);
            ERR_print_errors(bio_err);
            goto end;
        }
        assert(private);
        if (outformat == FORMAT_ASN1)
            i = i2d_ECPrivateKey_bio(out, eckey);
        else
            i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
                                           NULL, 0, NULL, NULL);
        EC_KEY_free(eckey);
    }

    ret = 0;
 end:
    BN_free(ec_p);
    BN_free(ec_a);
    BN_free(ec_b);
    BN_free(ec_gen);
    BN_free(ec_order);
    BN_free(ec_cofactor);
    OPENSSL_free(buffer);
    EC_GROUP_free(group);
    release_engine(e);
    BIO_free(in);
    BIO_free_all(out);
    return ret;
}
Commit	Line	Data
14a7cfb3	1	/*
33388b44	2	* Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
aa8f3d76	3	* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
5dbd3efc	4	*
dffa7520	5	* Licensed under the Apache License 2.0 (the "License"). You may not use
846e33c7 RS	6	* this file except in compliance with the License. You can obtain a copy
	7	* in the file LICENSE in the source distribution or at
	8	* https://www.openssl.org/source/license.html
5dbd3efc	9	*/
846e33c7	10
6e04afb8	11	#include <openssl/opensslconf.h>
1ae56f2f RS	12
	13	#include <stdio.h>
	14	#include <stdlib.h>
	15	#include <time.h>
	16	#include <string.h>
	17	#include "apps.h"
	18	#include "progs.h"
	19	#include <openssl/bio.h>
	20	#include <openssl/err.h>
	21	#include <openssl/bn.h>
	22	#include <openssl/ec.h>
	23	#include <openssl/x509.h>
	24	#include <openssl/pem.h>
0f113f3e	25
7e1b7485 RS	26	typedef enum OPTION_choice {
7e1b7485 RS	27	OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
1696b890	28	OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT,
7e1b7485	29	OPT_CHECK, OPT_LIST_CURVES, OPT_NO_SEED, OPT_NOOUT, OPT_NAME,
8402cd5f	30	OPT_CONV_FORM, OPT_PARAM_ENC, OPT_GENKEY, OPT_ENGINE, OPT_CHECK_NAMED,
6bd4e3f2	31	OPT_R_ENUM, OPT_PROV_ENUM
7e1b7485 RS	32	} OPTION_CHOICE;
7e1b7485 RS	33
44c83ebd	34	const OPTIONS ecparam_options[] = {
5388f986	35	OPT_SECTION("General"),
7e1b7485	36	{"help", OPT_HELP, '-', "Display this summary"},
5388f986 RS	37	{"list_curves", OPT_LIST_CURVES, '-',
5388f986 RS	38	"Prints a list of all curve 'short names'"},
1ae56f2f	39	#ifndef OPENSSL_NO_ENGINE
5388f986	40	{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
1ae56f2f	41	#endif
5388f986 RS	42
5388f986 RS	43	{"genkey", OPT_GENKEY, '-', "Generate ec key"},
7e1b7485	44	{"in", OPT_IN, '<', "Input file - default stdin"},
5388f986	45	{"inform", OPT_INFORM, 'F', "Input format - default PEM (DER or PEM)"},
7e1b7485	46	{"out", OPT_OUT, '>', "Output file - default stdout"},
5388f986 RS	47	{"outform", OPT_OUTFORM, 'F', "Output format - default PEM"},
	48
	49	OPT_SECTION("Output"),
7e1b7485	50	{"text", OPT_TEXT, '-', "Print the ec parameters in text form"},
5388f986 RS	51	{"noout", OPT_NOOUT, '-', "Do not print the ec parameter"},
	52	{"param_enc", OPT_PARAM_ENC, 's',
	53	"Specifies the way the ec parameters are encoded"},
	54
	55	OPT_SECTION("Parameter"),
7e1b7485	56	{"check", OPT_CHECK, '-', "Validate the ec parameters"},
8402cd5f SL	57	{"check_named", OPT_CHECK_NAMED, '-',
8402cd5f SL	58	"Check that named EC curve parameters have not been modified"},
7e1b7485 RS	59	{"no_seed", OPT_NO_SEED, '-',
7e1b7485 RS	60	"If 'explicit' parameters are chosen do not use the seed"},
7e1b7485 RS	61	{"name", OPT_NAME, 's',
	62	"Use the ec parameters with specified 'short name'"},
	63	{"conv_form", OPT_CONV_FORM, 's', "Specifies the point conversion form "},
5388f986	64
3ee1eac2	65	OPT_R_OPTIONS,
6bd4e3f2	66	OPT_PROV_OPTIONS,
7e1b7485 RS	67	{NULL}
	68	};
	69
df2ee0e2	70	static OPT_PAIR forms[] = {
7e1b7485 RS	71	{"compressed", POINT_CONVERSION_COMPRESSED},
	72	{"uncompressed", POINT_CONVERSION_UNCOMPRESSED},
	73	{"hybrid", POINT_CONVERSION_HYBRID},
	74	{NULL}
	75	};
	76
df2ee0e2	77	static OPT_PAIR encodings[] = {
7e1b7485 RS	78	{"named_curve", OPENSSL_EC_NAMED_CURVE},
	79	{"explicit", 0},
	80	{NULL}
	81	};
	82
	83	int ecparam_main(int argc, char **argv)
0f113f3e	84	{
dd1abd44	85	ENGINE *e = NULL;
7e1b7485 RS	86	BIGNUM ec_gen = NULL, ec_order = NULL, *ec_cofactor = NULL;
	87	BIGNUM ec_p = NULL, ec_a = NULL, *ec_b = NULL;
	88	BIO in = NULL, out = NULL;
0f113f3e MC	89	EC_GROUP *group = NULL;
0f113f3e MC	90	point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
3ee1eac2	91	char *curve_name = NULL;
333b070e	92	char infile = NULL, outfile = NULL, *prog;
0f113f3e	93	unsigned char *buffer = NULL;
7e1b7485 RS	94	OPTION_CHOICE o;
7e1b7485 RS	95	int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_asn1_flag = 0;
1696b890	96	int informat = FORMAT_PEM, outformat = FORMAT_PEM, noout = 0;
3b061a00	97	int ret = 1, private = 0;
7e1b7485	98	int list_curves = 0, no_seed = 0, check = 0, new_form = 0;
8402cd5f	99	int text = 0, i, genkey = 0, check_named = 0;
7e1b7485 RS	100
	101	prog = opt_init(argc, argv, ecparam_options);
	102	while ((o = opt_next()) != OPT_EOF) {
	103	switch (o) {
	104	case OPT_EOF:
	105	case OPT_ERR:
	106	opthelp:
	107	BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
	108	goto end;
	109	case OPT_HELP:
	110	opt_help(ecparam_options);
	111	ret = 0;
	112	goto end;
	113	case OPT_INFORM:
	114	if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
	115	goto opthelp;
	116	break;
	117	case OPT_IN:
	118	infile = opt_arg();
	119	break;
	120	case OPT_OUTFORM:
	121	if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
	122	goto opthelp;
	123	break;
	124	case OPT_OUT:
	125	outfile = opt_arg();
	126	break;
	127	case OPT_TEXT:
0f113f3e	128	text = 1;
7e1b7485	129	break;
7e1b7485	130	case OPT_CHECK:
0f113f3e	131	check = 1;
7e1b7485	132	break;
8402cd5f SL	133	case OPT_CHECK_NAMED:
	134	check_named = 1;
	135	break;
7e1b7485	136	case OPT_LIST_CURVES:
0f113f3e	137	list_curves = 1;
7e1b7485 RS	138	break;
7e1b7485 RS	139	case OPT_NO_SEED:
0f113f3e	140	no_seed = 1;
7e1b7485 RS	141	break;
7e1b7485 RS	142	case OPT_NOOUT:
0f113f3e	143	noout = 1;
7e1b7485 RS	144	break;
	145	case OPT_NAME:
	146	curve_name = opt_arg();
	147	break;
	148	case OPT_CONV_FORM:
	149	if (!opt_pair(opt_arg(), forms, &new_form))
	150	goto opthelp;
	151	form = new_form;
	152	new_form = 1;
	153	break;
	154	case OPT_PARAM_ENC:
	155	if (!opt_pair(opt_arg(), encodings, &asn1_flag))
	156	goto opthelp;
	157	new_asn1_flag = 1;
	158	break;
	159	case OPT_GENKEY:
3ee1eac2	160	genkey = 1;
7e1b7485	161	break;
3ee1eac2 RS	162	case OPT_R_CASES:
	163	if (!opt_rand(o))
	164	goto end;
7e1b7485	165	break;
6bd4e3f2 P	166	case OPT_PROV_CASES:
	167	if (!opt_provider(o))
	168	goto end;
	169	break;
7e1b7485	170	case OPT_ENGINE:
dd1abd44	171	e = setup_engine(opt_arg(), 0);
0f113f3e MC	172	break;
0f113f3e MC	173	}
0f113f3e	174	}
7e1b7485	175	argc = opt_num_rest();
03358517 KR	176	if (argc != 0)
	177	goto opthelp;
	178
3b061a00	179	private = genkey ? 1 : 0;
0f113f3e	180
bdd58d98	181	in = bio_open_default(infile, 'r', informat);
7e1b7485	182	if (in == NULL)
0f113f3e	183	goto end;
bdd58d98	184	out = bio_open_owner(outfile, outformat, private);
7e1b7485	185	if (out == NULL)
0f113f3e	186	goto end;
0f113f3e	187
0f113f3e MC	188	if (list_curves) {
0f113f3e MC	189	EC_builtin_curve *curves = NULL;
68dc6824 RS	190	size_t crv_len = EC_get_builtin_curves(NULL, 0);
68dc6824 RS	191	size_t n;
0f113f3e	192
b4faea50	193	curves = app_malloc((int)sizeof(curves) crv_len, "list curves");
0f113f3e MC	194	if (!EC_get_builtin_curves(curves, crv_len)) {
	195	OPENSSL_free(curves);
	196	goto end;
	197	}
	198
	199	for (n = 0; n < crv_len; n++) {
	200	const char *comment;
	201	const char *sname;
	202	comment = curves[n].comment;
	203	sname = OBJ_nid2sn(curves[n].nid);
	204	if (comment == NULL)
	205	comment = "CURVE DESCRIPTION NOT AVAILABLE";
	206	if (sname == NULL)
	207	sname = "";
	208
	209	BIO_printf(out, " %-10s: ", sname);
	210	BIO_printf(out, "%s\n", comment);
	211	}
	212
	213	OPENSSL_free(curves);
	214	ret = 0;
	215	goto end;
	216	}
	217
	218	if (curve_name != NULL) {
	219	int nid;
	220
	221	/*
	222	* workaround for the SECG curve names secp192r1 and secp256r1 (which
	223	* are the same as the curves prime192v1 and prime256v1 defined in
	224	* X9.62)
	225	*/
86885c28	226	if (strcmp(curve_name, "secp192r1") == 0) {
0f113f3e MC	227	BIO_printf(bio_err, "using curve name prime192v1 "
	228	"instead of secp192r1\n");
	229	nid = NID_X9_62_prime192v1;
86885c28	230	} else if (strcmp(curve_name, "secp256r1") == 0) {
0f113f3e MC	231	BIO_printf(bio_err, "using curve name prime256v1 "
	232	"instead of secp256r1\n");
	233	nid = NID_X9_62_prime256v1;
2234212c	234	} else {
0f113f3e	235	nid = OBJ_sn2nid(curve_name);
2234212c	236	}
0f113f3e MC	237
	238	if (nid == 0)
	239	nid = EC_curve_nist2nid(curve_name);
	240
	241	if (nid == 0) {
	242	BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
	243	goto end;
	244	}
	245
	246	group = EC_GROUP_new_by_curve_name(nid);
	247	if (group == NULL) {
	248	BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
	249	goto end;
	250	}
	251	EC_GROUP_set_asn1_flag(group, asn1_flag);
	252	EC_GROUP_set_point_conversion_form(group, form);
2234212c	253	} else if (informat == FORMAT_ASN1) {
0f113f3e	254	group = d2i_ECPKParameters_bio(in, NULL);
2234212c	255	} else {
0f113f3e	256	group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
2234212c	257	}
0f113f3e MC	258	if (group == NULL) {
	259	BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
	260	ERR_print_errors(bio_err);
	261	goto end;
	262	}
	263
	264	if (new_form)
	265	EC_GROUP_set_point_conversion_form(group, form);
	266
	267	if (new_asn1_flag)
	268	EC_GROUP_set_asn1_flag(group, asn1_flag);
	269
	270	if (no_seed) {
	271	EC_GROUP_set_seed(group, NULL, 0);
	272	}
	273
	274	if (text) {
	275	if (!ECPKParameters_print(out, group, 0))
	276	goto end;
	277	}
	278
8402cd5f SL	279	if (check_named) {
8402cd5f SL	280	BIO_printf(bio_err, "validating named elliptic curve parameters: ");
a9612d6c	281	if (EC_GROUP_check_named_curve(group, 0, NULL) <= 0) {
8402cd5f SL	282	BIO_printf(bio_err, "failed\n");
	283	ERR_print_errors(bio_err);
	284	goto end;
	285	}
	286	BIO_printf(bio_err, "ok\n");
	287	}
	288
0f113f3e	289	if (check) {
0f113f3e MC	290	BIO_printf(bio_err, "checking elliptic curve parameters: ");
	291	if (!EC_GROUP_check(group, NULL)) {
	292	BIO_printf(bio_err, "failed\n");
	293	ERR_print_errors(bio_err);
99dcd880 PW	294	goto end;
	295	}
	296	BIO_printf(bio_err, "ok\n");
0f113f3e MC	297
	298	}
	299
4bdc25b0 BE	300	if (outformat == FORMAT_ASN1 && genkey)
	301	noout = 1;
	302
0f113f3e MC	303	if (!noout) {
	304	if (outformat == FORMAT_ASN1)
	305	i = i2d_ECPKParameters_bio(out, group);
7e1b7485	306	else
0f113f3e	307	i = PEM_write_bio_ECPKParameters(out, group);
0f113f3e MC	308	if (!i) {
	309	BIO_printf(bio_err, "unable to write elliptic "
	310	"curve parameters\n");
	311	ERR_print_errors(bio_err);
	312	goto end;
	313	}
	314	}
	315
0f113f3e MC	316	if (genkey) {
	317	EC_KEY *eckey = EC_KEY_new();
	318
	319	if (eckey == NULL)
	320	goto end;
	321
f6de4eb7 DSH	322	if (EC_KEY_set_group(eckey, group) == 0) {
	323	BIO_printf(bio_err, "unable to set group when generating key\n");
	324	EC_KEY_free(eckey);
	325	ERR_print_errors(bio_err);
0f113f3e	326	goto end;
f6de4eb7	327	}
0f113f3e	328
4bdc25b0 BE	329	if (new_form)
	330	EC_KEY_set_conv_form(eckey, form);
	331
0f113f3e	332	if (!EC_KEY_generate_key(eckey)) {
f6de4eb7	333	BIO_printf(bio_err, "unable to generate key\n");
0f113f3e	334	EC_KEY_free(eckey);
f6de4eb7	335	ERR_print_errors(bio_err);
0f113f3e MC	336	goto end;
0f113f3e MC	337	}
3b061a00	338	assert(private);
0f113f3e MC	339	if (outformat == FORMAT_ASN1)
0f113f3e MC	340	i = i2d_ECPrivateKey_bio(out, eckey);
7e1b7485	341	else
0f113f3e MC	342	i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
0f113f3e MC	343	NULL, 0, NULL, NULL);
0f113f3e MC	344	EC_KEY_free(eckey);
	345	}
	346
0f113f3e MC	347	ret = 0;
0f113f3e MC	348	end:
23a1d5e9 RS	349	BN_free(ec_p);
	350	BN_free(ec_a);
	351	BN_free(ec_b);
	352	BN_free(ec_gen);
	353	BN_free(ec_order);
	354	BN_free(ec_cofactor);
b548a1f1	355	OPENSSL_free(buffer);
dd1abd44 RL	356	EC_GROUP_free(group);
dd1abd44 RL	357	release_engine(e);
ca3a82c3 RS	358	BIO_free(in);
ca3a82c3 RS	359	BIO_free_all(out);
26a7d938	360	return ret;
5dbd3efc	361	}