]> git.ipfire.org Git - thirdparty/openssl.git/blob - apps/ecparam.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Centralise loading default apps config file
[thirdparty/openssl.git] / apps / ecparam.c
1 /*
2 * Written by Nils Larsch for the OpenSSL project.
3 */
4 /* ====================================================================
5 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * 3. All advertising materials mentioning features or use of this
20 * software must display the following acknowledgment:
21 * "This product includes software developed by the OpenSSL Project
22 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
23 *
24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
25 * endorse or promote products derived from this software without
26 * prior written permission. For written permission, please contact
27 * openssl-core@openssl.org.
28 *
29 * 5. Products derived from this software may not be called "OpenSSL"
30 * nor may "OpenSSL" appear in their names without prior written
31 * permission of the OpenSSL Project.
32 *
33 * 6. Redistributions of any form whatsoever must retain the following
34 * acknowledgment:
35 * "This product includes software developed by the OpenSSL Project
36 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
37 *
38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49 * OF THE POSSIBILITY OF SUCH DAMAGE.
50 * ====================================================================
51 *
52 * This product includes cryptographic software written by Eric Young
53 * (eay@cryptsoft.com). This product includes software written by Tim
54 * Hudson (tjh@cryptsoft.com).
55 *
56 */
57 /* ====================================================================
58 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
59 *
60 * Portions of the attached software ("Contribution") are developed by
61 * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
62 *
63 * The Contribution is licensed pursuant to the OpenSSL open source
64 * license provided above.
65 *
66 * The elliptic curve binary polynomial software is originally written by
67 * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
68 *
69 */
70
71 #include <openssl/opensslconf.h>
72 #ifndef OPENSSL_NO_EC
73 # include <stdio.h>
74 # include <stdlib.h>
75 # include <time.h>
76 # include <string.h>
77 # include "apps.h"
78 # include <openssl/bio.h>
79 # include <openssl/err.h>
80 # include <openssl/bn.h>
81 # include <openssl/ec.h>
82 # include <openssl/x509.h>
83 # include <openssl/pem.h>
84
85 typedef enum OPTION_choice {
86 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
87 OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_C,
88 OPT_CHECK, OPT_LIST_CURVES, OPT_NO_SEED, OPT_NOOUT, OPT_NAME,
89 OPT_CONV_FORM, OPT_PARAM_ENC, OPT_GENKEY, OPT_RAND, OPT_ENGINE
90 } OPTION_CHOICE;
91
92 OPTIONS ecparam_options[] = {
93 {"help", OPT_HELP, '-', "Display this summary"},
94 {"inform", OPT_INFORM, 'F', "Input format - default PEM (DER or PEM)"},
95 {"outform", OPT_OUTFORM, 'F', "Output format - default PEM"},
96 {"in", OPT_IN, '<', "Input file - default stdin"},
97 {"out", OPT_OUT, '>', "Output file - default stdout"},
98 {"text", OPT_TEXT, '-', "Print the ec parameters in text form"},
99 {"C", OPT_C, '-', "Print a 'C' function creating the parameters"},
100 {"check", OPT_CHECK, '-', "Validate the ec parameters"},
101 {"list_curves", OPT_LIST_CURVES, '-',
102 "Prints a list of all curve 'short names'"},
103 {"no_seed", OPT_NO_SEED, '-',
104 "If 'explicit' parameters are chosen do not use the seed"},
105 {"noout", OPT_NOOUT, '-', "Do not print the ec parameter"},
106 {"name", OPT_NAME, 's',
107 "Use the ec parameters with specified 'short name'"},
108 {"conv_form", OPT_CONV_FORM, 's', "Specifies the point conversion form "},
109 {"param_enc", OPT_PARAM_ENC, 's',
110 "Specifies the way the ec parameters are encoded"},
111 {"genkey", OPT_GENKEY, '-', "Generate ec key"},
112 {"rand", OPT_RAND, 's', "Files to use for random number input"},
113 # ifndef OPENSSL_NO_ENGINE
114 {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
115 # endif
116 {NULL}
117 };
118
119 static OPT_PAIR forms[] = {
120 {"compressed", POINT_CONVERSION_COMPRESSED},
121 {"uncompressed", POINT_CONVERSION_UNCOMPRESSED},
122 {"hybrid", POINT_CONVERSION_HYBRID},
123 {NULL}
124 };
125
126 static OPT_PAIR encodings[] = {
127 {"named_curve", OPENSSL_EC_NAMED_CURVE},
128 {"explicit", 0},
129 {NULL}
130 };
131
132 int ecparam_main(int argc, char **argv)
133 {
134 BIGNUM *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
135 BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL;
136 BIO *in = NULL, *out = NULL;
137 EC_GROUP *group = NULL;
138 point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
139 char *curve_name = NULL, *inrand = NULL;
140 char *infile = NULL, *outfile = NULL, *prog;
141 unsigned char *buffer = NULL;
142 OPTION_CHOICE o;
143 int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_asn1_flag = 0;
144 int informat = FORMAT_PEM, outformat = FORMAT_PEM, noout = 0, C = 0;
145 int ret = 1, private = 0;
146 int list_curves = 0, no_seed = 0, check = 0, new_form = 0;
147 int text = 0, i, need_rand = 0, genkey = 0;
148
149 prog = opt_init(argc, argv, ecparam_options);
150 while ((o = opt_next()) != OPT_EOF) {
151 switch (o) {
152 case OPT_EOF:
153 case OPT_ERR:
154 opthelp:
155 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
156 goto end;
157 case OPT_HELP:
158 opt_help(ecparam_options);
159 ret = 0;
160 goto end;
161 case OPT_INFORM:
162 if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
163 goto opthelp;
164 break;
165 case OPT_IN:
166 infile = opt_arg();
167 break;
168 case OPT_OUTFORM:
169 if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
170 goto opthelp;
171 break;
172 case OPT_OUT:
173 outfile = opt_arg();
174 break;
175 case OPT_TEXT:
176 text = 1;
177 break;
178 case OPT_C:
179 C = 1;
180 break;
181 case OPT_CHECK:
182 check = 1;
183 break;
184 case OPT_LIST_CURVES:
185 list_curves = 1;
186 break;
187 case OPT_NO_SEED:
188 no_seed = 1;
189 break;
190 case OPT_NOOUT:
191 noout = 1;
192 break;
193 case OPT_NAME:
194 curve_name = opt_arg();
195 break;
196 case OPT_CONV_FORM:
197 if (!opt_pair(opt_arg(), forms, &new_form))
198 goto opthelp;
199 form = new_form;
200 new_form = 1;
201 break;
202 case OPT_PARAM_ENC:
203 if (!opt_pair(opt_arg(), encodings, &asn1_flag))
204 goto opthelp;
205 new_asn1_flag = 1;
206 break;
207 case OPT_GENKEY:
208 genkey = need_rand = 1;
209 break;
210 case OPT_RAND:
211 inrand = opt_arg();
212 need_rand = 1;
213 break;
214 case OPT_ENGINE:
215 (void)setup_engine(opt_arg(), 0);
216 break;
217 }
218 }
219 argc = opt_num_rest();
220 argv = opt_rest();
221 private = genkey ? 1 : 0;
222
223 in = bio_open_default(infile, 'r', informat);
224 if (in == NULL)
225 goto end;
226 out = bio_open_owner(outfile, outformat, private);
227 if (out == NULL)
228 goto end;
229
230 if (list_curves) {
231 EC_builtin_curve *curves = NULL;
232 size_t crv_len = EC_get_builtin_curves(NULL, 0);
233 size_t n;
234
235 curves = app_malloc((int)sizeof(*curves) * crv_len, "list curves");
236 if (!EC_get_builtin_curves(curves, crv_len)) {
237 OPENSSL_free(curves);
238 goto end;
239 }
240
241 for (n = 0; n < crv_len; n++) {
242 const char *comment;
243 const char *sname;
244 comment = curves[n].comment;
245 sname = OBJ_nid2sn(curves[n].nid);
246 if (comment == NULL)
247 comment = "CURVE DESCRIPTION NOT AVAILABLE";
248 if (sname == NULL)
249 sname = "";
250
251 BIO_printf(out, " %-10s: ", sname);
252 BIO_printf(out, "%s\n", comment);
253 }
254
255 OPENSSL_free(curves);
256 ret = 0;
257 goto end;
258 }
259
260 if (curve_name != NULL) {
261 int nid;
262
263 /*
264 * workaround for the SECG curve names secp192r1 and secp256r1 (which
265 * are the same as the curves prime192v1 and prime256v1 defined in
266 * X9.62)
267 */
268 if (strcmp(curve_name, "secp192r1") == 0) {
269 BIO_printf(bio_err, "using curve name prime192v1 "
270 "instead of secp192r1\n");
271 nid = NID_X9_62_prime192v1;
272 } else if (strcmp(curve_name, "secp256r1") == 0) {
273 BIO_printf(bio_err, "using curve name prime256v1 "
274 "instead of secp256r1\n");
275 nid = NID_X9_62_prime256v1;
276 } else
277 nid = OBJ_sn2nid(curve_name);
278
279 if (nid == 0)
280 nid = EC_curve_nist2nid(curve_name);
281
282 if (nid == 0) {
283 BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
284 goto end;
285 }
286
287 group = EC_GROUP_new_by_curve_name(nid);
288 if (group == NULL) {
289 BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
290 goto end;
291 }
292 EC_GROUP_set_asn1_flag(group, asn1_flag);
293 EC_GROUP_set_point_conversion_form(group, form);
294 } else if (informat == FORMAT_ASN1)
295 group = d2i_ECPKParameters_bio(in, NULL);
296 else
297 group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
298 if (group == NULL) {
299 BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
300 ERR_print_errors(bio_err);
301 goto end;
302 }
303
304 if (new_form)
305 EC_GROUP_set_point_conversion_form(group, form);
306
307 if (new_asn1_flag)
308 EC_GROUP_set_asn1_flag(group, asn1_flag);
309
310 if (no_seed) {
311 EC_GROUP_set_seed(group, NULL, 0);
312 }
313
314 if (text) {
315 if (!ECPKParameters_print(out, group, 0))
316 goto end;
317 }
318
319 if (check) {
320 if (group == NULL)
321 BIO_printf(bio_err, "no elliptic curve parameters\n");
322 BIO_printf(bio_err, "checking elliptic curve parameters: ");
323 if (!EC_GROUP_check(group, NULL)) {
324 BIO_printf(bio_err, "failed\n");
325 ERR_print_errors(bio_err);
326 goto end;
327 }
328 BIO_printf(bio_err, "ok\n");
329
330 }
331
332 if (C) {
333 size_t buf_len = 0, tmp_len = 0;
334 const EC_POINT *point;
335 int is_prime, len = 0;
336 const EC_METHOD *meth = EC_GROUP_method_of(group);
337
338 if ((ec_p = BN_new()) == NULL
339 || (ec_a = BN_new()) == NULL
340 || (ec_b = BN_new()) == NULL
341 || (ec_gen = BN_new()) == NULL
342 || (ec_order = BN_new()) == NULL
343 || (ec_cofactor = BN_new()) == NULL) {
344 perror("Can't allocate BN");
345 goto end;
346 }
347
348 is_prime = (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field);
349 if (!is_prime) {
350 BIO_printf(bio_err, "Can only handle X9.62 prime fields\n");
351 goto end;
352 }
353
354 if (!EC_GROUP_get_curve_GFp(group, ec_p, ec_a, ec_b, NULL))
355 goto end;
356
357 if ((point = EC_GROUP_get0_generator(group)) == NULL)
358 goto end;
359 if (!EC_POINT_point2bn(group, point,
360 EC_GROUP_get_point_conversion_form(group),
361 ec_gen, NULL))
362 goto end;
363 if (!EC_GROUP_get_order(group, ec_order, NULL))
364 goto end;
365 if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
366 goto end;
367
368 if (!ec_p || !ec_a || !ec_b || !ec_gen || !ec_order || !ec_cofactor)
369 goto end;
370
371 len = BN_num_bits(ec_order);
372
373 if ((tmp_len = (size_t)BN_num_bytes(ec_p)) > buf_len)
374 buf_len = tmp_len;
375 if ((tmp_len = (size_t)BN_num_bytes(ec_a)) > buf_len)
376 buf_len = tmp_len;
377 if ((tmp_len = (size_t)BN_num_bytes(ec_b)) > buf_len)
378 buf_len = tmp_len;
379 if ((tmp_len = (size_t)BN_num_bytes(ec_gen)) > buf_len)
380 buf_len = tmp_len;
381 if ((tmp_len = (size_t)BN_num_bytes(ec_order)) > buf_len)
382 buf_len = tmp_len;
383 if ((tmp_len = (size_t)BN_num_bytes(ec_cofactor)) > buf_len)
384 buf_len = tmp_len;
385
386 buffer = app_malloc(buf_len, "BN buffer");
387
388 BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n{\n", len);
389 print_bignum_var(out, ec_p, "ec_p", len, buffer);
390 print_bignum_var(out, ec_a, "ec_a", len, buffer);
391 print_bignum_var(out, ec_b, "ec_b", len, buffer);
392 print_bignum_var(out, ec_gen, "ec_gen", len, buffer);
393 print_bignum_var(out, ec_order, "ec_order", len, buffer);
394 print_bignum_var(out, ec_cofactor, "ec_cofactor", len, buffer);
395 BIO_printf(out, " int ok = 0;\n"
396 " EC_GROUP *group = NULL;\n"
397 " EC_POINT *point = NULL;\n"
398 " BIGNUM *tmp_1 = NULL;\n"
399 " BIGNUM *tmp_2 = NULL;\n"
400 " BIGNUM *tmp_3 = NULL;\n"
401 "\n");
402
403 BIO_printf(out, " if ((tmp_1 = BN_bin2bn(ec_p_%d, sizeof (ec_p_%d), NULL)) == NULL)\n"
404 " goto err;\n", len, len);
405 BIO_printf(out, " if ((tmp_2 = BN_bin2bn(ec_a_%d, sizeof (ec_a_%d), NULL)) == NULL)\n"
406 " goto err;\n", len, len);
407 BIO_printf(out, " if ((tmp_3 = BN_bin2bn(ec_b_%d, sizeof (ec_b_%d), NULL)) == NULL)\n"
408 " goto err;\n", len, len);
409 BIO_printf(out, " if ((group = EC_GROUP_new_curve_GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)\n"
410 " goto err;\n"
411 "\n");
412 BIO_printf(out, " /* build generator */\n");
413 BIO_printf(out, " if ((tmp_1 = BN_bin2bn(ec_gen_%d, sizeof (ec_gen_%d), tmp_1)) == NULL)\n"
414 " goto err;\n", len, len);
415 BIO_printf(out, " point = EC_POINT_bn2point(group, tmp_1, NULL, NULL);\n");
416 BIO_printf(out, " if (point == NULL)\n"
417 " goto err;\n");
418 BIO_printf(out, " if ((tmp_2 = BN_bin2bn(ec_order_%d, sizeof (ec_order_%d), tmp_2)) == NULL)\n"
419 " goto err;\n", len, len);
420 BIO_printf(out, " if ((tmp_3 = BN_bin2bn(ec_cofactor_%d, sizeof (ec_cofactor_%d), tmp_3)) == NULL)\n"
421 " goto err;\n", len, len);
422 BIO_printf(out, " if (!EC_GROUP_set_generator(group, point, tmp_2, tmp_3))\n"
423 " goto err;\n"
424 "ok = 1;"
425 "\n");
426 BIO_printf(out, "err:\n"
427 " BN_free(tmp_1);\n"
428 " BN_free(tmp_2);\n"
429 " BN_free(tmp_3);\n"
430 " EC_POINT_free(point);\n"
431 " if (!ok) {\n"
432 " EC_GROUP_free(group);\n"
433 " return NULL;\n"
434 " }\n"
435 " return (group);\n"
436 "}\n");
437 }
438
439 if (!noout) {
440 if (outformat == FORMAT_ASN1)
441 i = i2d_ECPKParameters_bio(out, group);
442 else
443 i = PEM_write_bio_ECPKParameters(out, group);
444 if (!i) {
445 BIO_printf(bio_err, "unable to write elliptic "
446 "curve parameters\n");
447 ERR_print_errors(bio_err);
448 goto end;
449 }
450 }
451
452 if (need_rand) {
453 app_RAND_load_file(NULL, (inrand != NULL));
454 if (inrand != NULL)
455 BIO_printf(bio_err, "%ld semi-random bytes loaded\n",
456 app_RAND_load_files(inrand));
457 }
458
459 if (genkey) {
460 EC_KEY *eckey = EC_KEY_new();
461
462 if (eckey == NULL)
463 goto end;
464
465 assert(need_rand);
466
467 if (EC_KEY_set_group(eckey, group) == 0)
468 goto end;
469
470 if (!EC_KEY_generate_key(eckey)) {
471 EC_KEY_free(eckey);
472 goto end;
473 }
474 assert(private);
475 if (outformat == FORMAT_ASN1)
476 i = i2d_ECPrivateKey_bio(out, eckey);
477 else
478 i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
479 NULL, 0, NULL, NULL);
480 EC_KEY_free(eckey);
481 }
482
483 if (need_rand)
484 app_RAND_write_file(NULL);
485
486 ret = 0;
487 end:
488 BN_free(ec_p);
489 BN_free(ec_a);
490 BN_free(ec_b);
491 BN_free(ec_gen);
492 BN_free(ec_order);
493 BN_free(ec_cofactor);
494 OPENSSL_free(buffer);
495 BIO_free(in);
496 BIO_free_all(out);
497 EC_GROUP_free(group);
498 return (ret);
499 }
500
501 #else /* !OPENSSL_NO_EC */
502
503 # if PEDANTIC
504 static void *dummy = &dummy;
505 # endif
506
507 #endif
A mirror of the official openssl repository