summaryrefslogtreecommitdiff
path: root/src/usr.bin/openssl/ec.c
diff options
context:
space:
mode:
authorjsing <>2014-08-26 17:47:25 +0000
committerjsing <>2014-08-26 17:47:25 +0000
commitf3755acd5513f85ff734de6a822b6f804d3776ce (patch)
tree1f859a78eae941040f58599de8c0e1e56d61fdad /src/usr.bin/openssl/ec.c
parent0779b9f30aa9875c290af18a4362799668829707 (diff)
downloadopenbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.tar.gz
openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.tar.bz2
openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.zip
Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not
a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@
Diffstat (limited to 'src/usr.bin/openssl/ec.c')
-rw-r--r--src/usr.bin/openssl/ec.c341
1 files changed, 341 insertions, 0 deletions
diff --git a/src/usr.bin/openssl/ec.c b/src/usr.bin/openssl/ec.c
new file mode 100644
index 0000000000..f1bdf55e33
--- /dev/null
+++ b/src/usr.bin/openssl/ec.c
@@ -0,0 +1,341 @@
1/* $OpenBSD: ec.c,v 1.1 2014/08/26 17:47:24 jsing Exp $ */
2/*
3 * Written by Nils Larsch for the OpenSSL project.
4 */
5/* ====================================================================
6 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <openssl/opensslconf.h>
60
61#ifndef OPENSSL_NO_EC
62
63#include <stdio.h>
64#include <stdlib.h>
65#include <string.h>
66
67#include "apps.h"
68
69#include <openssl/bio.h>
70#include <openssl/err.h>
71#include <openssl/evp.h>
72#include <openssl/pem.h>
73
74/* -inform arg - input format - default PEM (one of DER, NET or PEM)
75 * -outform arg - output format - default PEM
76 * -in arg - input file - default stdin
77 * -out arg - output file - default stdout
78 * -des - encrypt output if PEM format with DES in cbc mode
79 * -text - print a text version
80 * -param_out - print the elliptic curve parameters
81 * -conv_form arg - specifies the point encoding form
82 * -param_enc arg - specifies the parameter encoding
83 */
84
85int ec_main(int, char **);
86
87int
88ec_main(int argc, char **argv)
89{
90 int ret = 1;
91 EC_KEY *eckey = NULL;
92 const EC_GROUP *group;
93 int i, badops = 0;
94 const EVP_CIPHER *enc = NULL;
95 BIO *in = NULL, *out = NULL;
96 int informat, outformat, text = 0, noout = 0;
97 int pubin = 0, pubout = 0, param_out = 0;
98 char *infile, *outfile, *prog, *engine;
99 char *passargin = NULL, *passargout = NULL;
100 char *passin = NULL, *passout = NULL;
101 point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
102 int new_form = 0;
103 int asn1_flag = OPENSSL_EC_NAMED_CURVE;
104 int new_asn1_flag = 0;
105
106 engine = NULL;
107 infile = NULL;
108 outfile = NULL;
109 informat = FORMAT_PEM;
110 outformat = FORMAT_PEM;
111
112 prog = argv[0];
113 argc--;
114 argv++;
115 while (argc >= 1) {
116 if (strcmp(*argv, "-inform") == 0) {
117 if (--argc < 1)
118 goto bad;
119 informat = str2fmt(*(++argv));
120 } else if (strcmp(*argv, "-outform") == 0) {
121 if (--argc < 1)
122 goto bad;
123 outformat = str2fmt(*(++argv));
124 } else if (strcmp(*argv, "-in") == 0) {
125 if (--argc < 1)
126 goto bad;
127 infile = *(++argv);
128 } else if (strcmp(*argv, "-out") == 0) {
129 if (--argc < 1)
130 goto bad;
131 outfile = *(++argv);
132 } else if (strcmp(*argv, "-passin") == 0) {
133 if (--argc < 1)
134 goto bad;
135 passargin = *(++argv);
136 } else if (strcmp(*argv, "-passout") == 0) {
137 if (--argc < 1)
138 goto bad;
139 passargout = *(++argv);
140 } else if (strcmp(*argv, "-engine") == 0) {
141 if (--argc < 1)
142 goto bad;
143 engine = *(++argv);
144 } else if (strcmp(*argv, "-noout") == 0)
145 noout = 1;
146 else if (strcmp(*argv, "-text") == 0)
147 text = 1;
148 else if (strcmp(*argv, "-conv_form") == 0) {
149 if (--argc < 1)
150 goto bad;
151 ++argv;
152 new_form = 1;
153 if (strcmp(*argv, "compressed") == 0)
154 form = POINT_CONVERSION_COMPRESSED;
155 else if (strcmp(*argv, "uncompressed") == 0)
156 form = POINT_CONVERSION_UNCOMPRESSED;
157 else if (strcmp(*argv, "hybrid") == 0)
158 form = POINT_CONVERSION_HYBRID;
159 else
160 goto bad;
161 } else if (strcmp(*argv, "-param_enc") == 0) {
162 if (--argc < 1)
163 goto bad;
164 ++argv;
165 new_asn1_flag = 1;
166 if (strcmp(*argv, "named_curve") == 0)
167 asn1_flag = OPENSSL_EC_NAMED_CURVE;
168 else if (strcmp(*argv, "explicit") == 0)
169 asn1_flag = 0;
170 else
171 goto bad;
172 } else if (strcmp(*argv, "-param_out") == 0)
173 param_out = 1;
174 else if (strcmp(*argv, "-pubin") == 0)
175 pubin = 1;
176 else if (strcmp(*argv, "-pubout") == 0)
177 pubout = 1;
178 else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
179 BIO_printf(bio_err, "unknown option %s\n", *argv);
180 badops = 1;
181 break;
182 }
183 argc--;
184 argv++;
185 }
186
187 if (badops) {
188bad:
189 BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
190 BIO_printf(bio_err, "where options are\n");
191 BIO_printf(bio_err, " -inform arg input format - "
192 "DER or PEM\n");
193 BIO_printf(bio_err, " -outform arg output format - "
194 "DER or PEM\n");
195 BIO_printf(bio_err, " -in arg input file\n");
196 BIO_printf(bio_err, " -passin arg input file pass "
197 "phrase source\n");
198 BIO_printf(bio_err, " -out arg output file\n");
199 BIO_printf(bio_err, " -passout arg output file pass "
200 "phrase source\n");
201 BIO_printf(bio_err, " -engine e use engine e, "
202 "possibly a hardware device.\n");
203 BIO_printf(bio_err, " -des encrypt PEM output, "
204 "instead of 'des' every other \n"
205 " cipher "
206 "supported by OpenSSL can be used\n");
207 BIO_printf(bio_err, " -text print the key\n");
208 BIO_printf(bio_err, " -noout don't print key out\n");
209 BIO_printf(bio_err, " -param_out print the elliptic "
210 "curve parameters\n");
211 BIO_printf(bio_err, " -conv_form arg specifies the "
212 "point conversion form \n");
213 BIO_printf(bio_err, " possible values:"
214 " compressed\n");
215 BIO_printf(bio_err, " "
216 " uncompressed (default)\n");
217 BIO_printf(bio_err, " "
218 " hybrid\n");
219 BIO_printf(bio_err, " -param_enc arg specifies the way"
220 " the ec parameters are encoded\n");
221 BIO_printf(bio_err, " in the asn1 der "
222 "encoding\n");
223 BIO_printf(bio_err, " possible values:"
224 " named_curve (default)\n");
225 BIO_printf(bio_err, " "
226 "explicit\n");
227 goto end;
228 }
229 ERR_load_crypto_strings();
230
231#ifndef OPENSSL_NO_ENGINE
232 setup_engine(bio_err, engine, 0);
233#endif
234
235 if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
236 BIO_printf(bio_err, "Error getting passwords\n");
237 goto end;
238 }
239 in = BIO_new(BIO_s_file());
240 out = BIO_new(BIO_s_file());
241 if ((in == NULL) || (out == NULL)) {
242 ERR_print_errors(bio_err);
243 goto end;
244 }
245 if (infile == NULL)
246 BIO_set_fp(in, stdin, BIO_NOCLOSE);
247 else {
248 if (BIO_read_filename(in, infile) <= 0) {
249 perror(infile);
250 goto end;
251 }
252 }
253
254 BIO_printf(bio_err, "read EC key\n");
255 if (informat == FORMAT_ASN1) {
256 if (pubin)
257 eckey = d2i_EC_PUBKEY_bio(in, NULL);
258 else
259 eckey = d2i_ECPrivateKey_bio(in, NULL);
260 } else if (informat == FORMAT_PEM) {
261 if (pubin)
262 eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL,
263 NULL);
264 else
265 eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL,
266 passin);
267 } else {
268 BIO_printf(bio_err, "bad input format specified for key\n");
269 goto end;
270 }
271 if (eckey == NULL) {
272 BIO_printf(bio_err, "unable to load Key\n");
273 ERR_print_errors(bio_err);
274 goto end;
275 }
276 if (outfile == NULL) {
277 BIO_set_fp(out, stdout, BIO_NOCLOSE);
278 } else {
279 if (BIO_write_filename(out, outfile) <= 0) {
280 perror(outfile);
281 goto end;
282 }
283 }
284
285 group = EC_KEY_get0_group(eckey);
286
287 if (new_form)
288 EC_KEY_set_conv_form(eckey, form);
289
290 if (new_asn1_flag)
291 EC_KEY_set_asn1_flag(eckey, asn1_flag);
292
293 if (text)
294 if (!EC_KEY_print(out, eckey, 0)) {
295 perror(outfile);
296 ERR_print_errors(bio_err);
297 goto end;
298 }
299 if (noout) {
300 ret = 0;
301 goto end;
302 }
303 BIO_printf(bio_err, "writing EC key\n");
304 if (outformat == FORMAT_ASN1) {
305 if (param_out)
306 i = i2d_ECPKParameters_bio(out, group);
307 else if (pubin || pubout)
308 i = i2d_EC_PUBKEY_bio(out, eckey);
309 else
310 i = i2d_ECPrivateKey_bio(out, eckey);
311 } else if (outformat == FORMAT_PEM) {
312 if (param_out)
313 i = PEM_write_bio_ECPKParameters(out, group);
314 else if (pubin || pubout)
315 i = PEM_write_bio_EC_PUBKEY(out, eckey);
316 else
317 i = PEM_write_bio_ECPrivateKey(out, eckey, enc,
318 NULL, 0, NULL, passout);
319 } else {
320 BIO_printf(bio_err, "bad output format specified for "
321 "outfile\n");
322 goto end;
323 }
324
325 if (!i) {
326 BIO_printf(bio_err, "unable to write private key\n");
327 ERR_print_errors(bio_err);
328 } else
329 ret = 0;
330end:
331 BIO_free(in);
332 if (out)
333 BIO_free_all(out);
334 if (eckey)
335 EC_KEY_free(eckey);
336 free(passin);
337 free(passout);
338
339 return (ret);
340}
341#endif
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 00:22:43 +0000