1 /* $OpenBSD: ec.c,v 1.14 2019/07/14 03:30:45 guenther Exp $ */
3 * Written by Nils Larsch for the OpenSSL project.
5 /* ====================================================================
6 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
34 * 6. Redistributions of any form whatsoever must retain the following
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
59 #include <openssl/opensslconf.h>
69 #include <openssl/bio.h>
70 #include <openssl/err.h>
71 #include <openssl/evp.h>
72 #include <openssl/pem.h>
76 const EVP_CIPHER
*enc
;
77 point_conversion_form_t form
;
94 ec_opt_enc(int argc
, char **argv
, int *argsused
)
101 if ((ec_config
.enc
= EVP_get_cipherbyname(name
)) != NULL
) {
110 ec_opt_form(char *arg
)
112 if (strcmp(arg
, "compressed") == 0)
113 ec_config
.form
= POINT_CONVERSION_COMPRESSED
;
114 else if (strcmp(arg
, "uncompressed") == 0)
115 ec_config
.form
= POINT_CONVERSION_UNCOMPRESSED
;
116 else if (strcmp(arg
, "hybrid") == 0)
117 ec_config
.form
= POINT_CONVERSION_HYBRID
;
119 fprintf(stderr
, "Invalid point conversion: %s\n", arg
);
123 ec_config
.new_form
= 1;
128 ec_opt_named(char *arg
)
130 if (strcmp(arg
, "named_curve") == 0)
131 ec_config
.asn1_flag
= OPENSSL_EC_NAMED_CURVE
;
132 else if (strcmp(arg
, "explicit") == 0)
133 ec_config
.asn1_flag
= 0;
135 fprintf(stderr
, "Invalid curve type: %s\n", arg
);
139 ec_config
.new_asn1_flag
= 1;
143 static const struct option ec_options
[] = {
147 .desc
= "Specify the point conversion form (default"
149 .type
= OPTION_ARG_FUNC
,
150 .opt
.argfunc
= ec_opt_form
,
155 .desc
= "Input file (default stdin)",
157 .opt
.arg
= &ec_config
.infile
,
162 .desc
= "Input format (DER or PEM (default))",
163 .type
= OPTION_ARG_FORMAT
,
164 .opt
.value
= &ec_config
.informat
,
170 .opt
.flag
= &ec_config
.noout
,
175 .desc
= "Output file (default stdout)",
177 .opt
.arg
= &ec_config
.outfile
,
182 .desc
= "Output format (DER or PEM (default))",
183 .type
= OPTION_ARG_FORMAT
,
184 .opt
.value
= &ec_config
.outformat
,
189 .desc
= "Specify the way the ec parameters are encoded"
190 " (default \"uncompressed\")",
191 .type
= OPTION_ARG_FUNC
,
192 .opt
.argfunc
= ec_opt_named
,
196 .desc
= "Print the elliptic curve parameters",
198 .opt
.flag
= &ec_config
.param_out
,
203 .desc
= "Input file passphrase source",
205 .opt
.arg
= &ec_config
.passargin
,
210 .desc
= "Output file passphrase source",
212 .opt
.arg
= &ec_config
.passargout
,
216 .desc
= "Read public key instead of private key from input",
218 .opt
.flag
= &ec_config
.pubin
,
222 .desc
= "Output public key instead of private key in output",
224 .opt
.flag
= &ec_config
.pubout
,
228 .desc
= "Print the public/private key components and parameters",
230 .opt
.flag
= &ec_config
.text
,
234 .desc
= "Cipher to encrypt the output if using PEM format",
235 .type
= OPTION_ARGV_FUNC
,
236 .opt
.argvfunc
= ec_opt_enc
,
247 "usage: ec [-conv_form form] [-in file]\n"
248 " [-inform format] [-noout] [-out file] [-outform format]\n"
249 " [-param_enc type] [-param_out] [-passin file]\n"
250 " [-passout file] [-pubin] [-pubout] [-text] [-ciphername]\n\n");
251 options_usage(ec_options
);
253 fprintf(stderr
, "\n");
255 fprintf(stderr
, "Valid ciphername values:\n\n");
256 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH
, show_cipher
, &n
);
257 fprintf(stderr
, "\n");
261 ec_main(int argc
, char **argv
)
264 EC_KEY
*eckey
= NULL
;
265 const EC_GROUP
*group
;
267 BIO
*in
= NULL
, *out
= NULL
;
268 char *passin
= NULL
, *passout
= NULL
;
270 if (single_execution
) {
271 if (pledge("stdio cpath wpath rpath tty", NULL
) == -1) {
277 memset(&ec_config
, 0, sizeof(ec_config
));
279 ec_config
.asn1_flag
= OPENSSL_EC_NAMED_CURVE
;
280 ec_config
.form
= POINT_CONVERSION_UNCOMPRESSED
;
281 ec_config
.informat
= FORMAT_PEM
;
282 ec_config
.outformat
= FORMAT_PEM
;
284 if (options_parse(argc
, argv
, ec_options
, NULL
, NULL
) != 0) {
289 if (!app_passwd(bio_err
, ec_config
.passargin
, ec_config
.passargout
,
290 &passin
, &passout
)) {
291 BIO_printf(bio_err
, "Error getting passwords\n");
294 in
= BIO_new(BIO_s_file());
295 out
= BIO_new(BIO_s_file());
296 if (in
== NULL
|| out
== NULL
) {
297 ERR_print_errors(bio_err
);
300 if (ec_config
.infile
== NULL
)
301 BIO_set_fp(in
, stdin
, BIO_NOCLOSE
);
303 if (BIO_read_filename(in
, ec_config
.infile
) <= 0) {
304 perror(ec_config
.infile
);
309 BIO_printf(bio_err
, "read EC key\n");
310 if (ec_config
.informat
== FORMAT_ASN1
) {
312 eckey
= d2i_EC_PUBKEY_bio(in
, NULL
);
314 eckey
= d2i_ECPrivateKey_bio(in
, NULL
);
315 } else if (ec_config
.informat
== FORMAT_PEM
) {
317 eckey
= PEM_read_bio_EC_PUBKEY(in
, NULL
, NULL
,
320 eckey
= PEM_read_bio_ECPrivateKey(in
, NULL
, NULL
,
323 BIO_printf(bio_err
, "bad input format specified for key\n");
327 BIO_printf(bio_err
, "unable to load Key\n");
328 ERR_print_errors(bio_err
);
331 if (ec_config
.outfile
== NULL
) {
332 BIO_set_fp(out
, stdout
, BIO_NOCLOSE
);
334 if (BIO_write_filename(out
, ec_config
.outfile
) <= 0) {
335 perror(ec_config
.outfile
);
340 group
= EC_KEY_get0_group(eckey
);
342 if (ec_config
.new_form
)
343 EC_KEY_set_conv_form(eckey
, ec_config
.form
);
345 if (ec_config
.new_asn1_flag
)
346 EC_KEY_set_asn1_flag(eckey
, ec_config
.asn1_flag
);
349 if (!EC_KEY_print(out
, eckey
, 0)) {
350 perror(ec_config
.outfile
);
351 ERR_print_errors(bio_err
);
354 if (ec_config
.noout
) {
358 BIO_printf(bio_err
, "writing EC key\n");
359 if (ec_config
.outformat
== FORMAT_ASN1
) {
360 if (ec_config
.param_out
)
361 i
= i2d_ECPKParameters_bio(out
, group
);
362 else if (ec_config
.pubin
|| ec_config
.pubout
)
363 i
= i2d_EC_PUBKEY_bio(out
, eckey
);
365 i
= i2d_ECPrivateKey_bio(out
, eckey
);
366 } else if (ec_config
.outformat
== FORMAT_PEM
) {
367 if (ec_config
.param_out
)
368 i
= PEM_write_bio_ECPKParameters(out
, group
);
369 else if (ec_config
.pubin
|| ec_config
.pubout
)
370 i
= PEM_write_bio_EC_PUBKEY(out
, eckey
);
372 i
= PEM_write_bio_ECPrivateKey(out
, eckey
,
373 ec_config
.enc
, NULL
, 0, NULL
, passout
);
375 BIO_printf(bio_err
, "bad output format specified for "
381 BIO_printf(bio_err
, "unable to write private key\n");
382 ERR_print_errors(bio_err
);