X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=tools%2Fskey.c;h=90ecf636d61c4797251d4c99ebb4789d8d739a5f;hp=0f672bf9fcaa87d6cfbb9eec75962b535eb33398;hb=252dba914912e694d0e69754f0167060fc4d2ba6;hpb=491a45337de8dc0a4c100abf33f5c0e187a08afd diff --git a/tools/skey.c b/tools/skey.c index 0f672bf..90ecf63 100644 --- a/tools/skey.c +++ b/tools/skey.c @@ -31,6 +31,15 @@ #include "brssl.h" #include "bearssl.h" +typedef struct { + int print_text; + int print_C; + const char *rawder; + const char *rawpem; + const char *pk8der; + const char *pk8pem; +} outspec; + static void print_int_text(const char *name, const unsigned char *buf, size_t len) { @@ -63,17 +72,70 @@ print_int_C(const char *name, const unsigned char *buf, size_t len) printf("\n};\n"); } -static void -print_rsa(const br_rsa_private_key *sk, int print_text, int print_C) +static int +write_to_file(const char *name, const void *data, size_t len) +{ + FILE *f; + + f = fopen(name, "wb"); + if (f == NULL) { + fprintf(stderr, + "ERROR: cannot open file '%s' for writing\n", + name); + return 0; + } + if (fwrite(data, 1, len, f) != len) { + fclose(f); + fprintf(stderr, + "ERROR: cannot write to file '%s'\n", + name); + return 0; + } + fclose(f); + return 1; +} + +static int +write_to_pem_file(const char *name, + const void *data, size_t len, const char *banner) +{ + void *pem; + size_t pemlen; + int r; + + pemlen = br_pem_encode(NULL, NULL, len, banner, 0); + pem = xmalloc(pemlen + 1); + br_pem_encode(pem, data, len, banner, 0); + r = write_to_file(name, pem, pemlen); + xfree(pem); + return r; +} + +static int +print_rsa(const br_rsa_private_key *sk, outspec *os) { - if (print_text) { + int ret; + unsigned char *n, *d, *buf; + uint32_t e; + size_t nlen, dlen, len; + br_rsa_compute_modulus cm; + br_rsa_compute_pubexp ce; + br_rsa_compute_privexp cd; + br_rsa_public_key pk; + unsigned char ebuf[4]; + + n = NULL; + d = NULL; + buf = NULL; + ret = 1; + if (os->print_text) { print_int_text("p ", sk->p, sk->plen); print_int_text("q ", sk->q, sk->qlen); print_int_text("dp", sk->dp, sk->dplen); print_int_text("dq", sk->dq, sk->dqlen); print_int_text("iq", sk->iq, sk->iqlen); } - if (print_C) { + if (os->print_C) { print_int_C("RSA_P", sk->p, sk->plen); print_int_C("RSA_Q", sk->q, sk->qlen); print_int_C("RSA_DP", sk->dp, sk->dplen); @@ -88,21 +150,174 @@ print_rsa(const br_rsa_private_key *sk, int print_text, int print_C) printf("\t(unsigned char *)RSA_IQ, sizeof RSA_IQ\n"); printf("};\n"); } + + if (os->rawder == NULL && os->rawpem == NULL + && os->pk8der == NULL && os->pk8pem == NULL) + { + return ret; + } + + cm = br_rsa_compute_modulus_get_default(); + ce = br_rsa_compute_pubexp_get_default(); + cd = br_rsa_compute_privexp_get_default(); + nlen = cm(NULL, sk); + if (nlen == 0) { + goto print_RSA_error; + } + n = xmalloc(nlen); + if (cm(n, sk) != nlen) { + goto print_RSA_error; + } + e = ce(sk); + if (e == 0) { + goto print_RSA_error; + } + dlen = cd(NULL, sk, e); + if (dlen == 0) { + goto print_RSA_error; + } + d = xmalloc(dlen); + if (cd(d, sk, e) != dlen) { + goto print_RSA_error; + } + ebuf[0] = e >> 24; + ebuf[1] = e >> 16; + ebuf[2] = e >> 8; + ebuf[3] = e; + pk.n = n; + pk.nlen = nlen; + pk.e = ebuf; + pk.elen = sizeof ebuf; + + if (os->rawder != NULL || os->rawpem != NULL) { + len = br_encode_rsa_raw_der(NULL, sk, &pk, d, dlen); + if (len == 0) { + goto print_RSA_error; + } + buf = xmalloc(len); + if (br_encode_rsa_raw_der(buf, sk, &pk, d, dlen) != len) { + goto print_RSA_error; + } + if (os->rawder != NULL) { + ret &= write_to_file(os->rawder, buf, len); + } + if (os->rawpem != NULL) { + ret &= write_to_pem_file(os->rawpem, + buf, len, "RSA PRIVATE KEY"); + } + xfree(buf); + buf = NULL; + } + + if (os->pk8der != NULL || os->pk8pem != NULL) { + len = br_encode_rsa_pkcs8_der(NULL, sk, &pk, d, dlen); + if (len == 0) { + goto print_RSA_error; + } + buf = xmalloc(len); + if (br_encode_rsa_pkcs8_der(buf, sk, &pk, d, dlen) != len) { + goto print_RSA_error; + } + if (os->pk8der != NULL) { + ret &= write_to_file(os->pk8der, buf, len); + } + if (os->pk8pem != NULL) { + ret &= write_to_pem_file(os->pk8pem, + buf, len, "PRIVATE KEY"); + } + xfree(buf); + buf = NULL; + } + +print_RSA_exit: + xfree(n); + xfree(d); + xfree(buf); + return ret; + +print_RSA_error: + fprintf(stderr, "ERROR: cannot encode RSA key\n"); + ret = 0; + goto print_RSA_exit; } -static void -print_ec(const br_ec_private_key *sk, int print_text, int print_C) +static int +print_ec(const br_ec_private_key *sk, outspec *os) { - if (print_text) { + br_ec_public_key pk; + unsigned kbuf[BR_EC_KBUF_PUB_MAX_SIZE]; + unsigned char *buf; + size_t len; + int r; + + if (os->print_text) { print_int_text("x", sk->x, sk->xlen); } - if (print_C) { + if (os->print_C) { print_int_C("EC_X", sk->x, sk->xlen); printf("\nstatic const br_ec_private_key EC = {\n"); printf("\t%d,\n", sk->curve); printf("\t(unsigned char *)EC_X, sizeof EC_X\n"); printf("};\n"); } + + if (os->rawder == NULL && os->rawpem == NULL + && os->pk8der == NULL && os->pk8pem == NULL) + { + return 1; + } + if (br_ec_compute_pub(br_ec_get_default(), &pk, kbuf, sk) == 0) { + fprintf(stderr, + "ERROR: cannot re-encode (unsupported curve)\n"); + return 0; + } + + r = 1; + if (os->rawder != NULL || os->rawpem != NULL) { + len = br_encode_ec_raw_der(NULL, sk, &pk); + if (len == 0) { + fprintf(stderr, "ERROR: cannot re-encode" + " (unsupported curve)\n"); + return 0; + } + buf = xmalloc(len); + if (br_encode_ec_raw_der(buf, sk, &pk) != len) { + fprintf(stderr, "ERROR: re-encode failure\n"); + xfree(buf); + return 0; + } + if (os->rawder != NULL) { + r &= write_to_file(os->rawder, buf, len); + } + if (os->rawpem != NULL) { + r &= write_to_pem_file(os->rawpem, + buf, len, "EC PRIVATE KEY"); + } + xfree(buf); + } + if (os->pk8der != NULL || os->pk8pem != NULL) { + len = br_encode_ec_pkcs8_der(NULL, sk, &pk); + if (len == 0) { + fprintf(stderr, "ERROR: cannot re-encode" + " (unsupported curve)\n"); + return 0; + } + buf = xmalloc(len); + if (br_encode_ec_pkcs8_der(buf, sk, &pk) != len) { + fprintf(stderr, "ERROR: re-encode failure\n"); + xfree(buf); + return 0; + } + if (os->pk8der != NULL) { + r &= write_to_file(os->pk8der, buf, len); + } + if (os->pk8pem != NULL) { + r &= write_to_pem_file(os->pk8pem, + buf, len, "PRIVATE KEY"); + } + xfree(buf); + } + return r; } static int @@ -158,7 +373,7 @@ parse_rsa_spec(const char *kgen_spec, unsigned *size, uint32_t *pubexp) } static int -keygen_rsa(unsigned size, uint32_t pubexp, int print_text, int print_C) +keygen_rsa(unsigned size, uint32_t pubexp, outspec *os) { br_hmac_drbg_context rng; br_prng_seeder seeder; @@ -183,17 +398,72 @@ keygen_rsa(unsigned size, uint32_t pubexp, int print_text, int print_C) if (!r) { fprintf(stderr, "ERROR: RSA key pair generation failed\n"); } else { - print_rsa(&sk, print_text, print_C); + r = print_rsa(&sk, os); } xfree(kbuf_priv); return r; } static int -decode_key(const unsigned char *buf, size_t len, int print_text, int print_C) +parse_ec_spec(const char *kgen_spec, int *curve) +{ + const char *p; + + *curve = 0; + p = kgen_spec; + if (*p != 'e' && *p != 'E') { + return 0; + } + p ++; + if (*p != 'c' && *p != 'C') { + return 0; + } + p ++; + if (*p == 0) { + *curve = BR_EC_secp256r1; + return 1; + } + if (*p != ':') { + return 0; + } + *curve = get_curve_by_name(p); + return *curve > 0; +} + +static int +keygen_ec(int curve, outspec *os) +{ + br_hmac_drbg_context rng; + br_prng_seeder seeder; + const br_ec_impl *impl; + br_ec_private_key sk; + unsigned char kbuf_priv[BR_EC_KBUF_PRIV_MAX_SIZE]; + size_t len; + + seeder = br_prng_seeder_system(NULL); + if (seeder == 0) { + fprintf(stderr, "ERROR: no system source of randomness\n"); + return 0; + } + br_hmac_drbg_init(&rng, &br_sha256_vtable, NULL, 0); + if (!seeder(&rng.vtable)) { + fprintf(stderr, "ERROR: system source of randomness failed\n"); + return 0; + } + impl = br_ec_get_default(); + len = br_ec_keygen(&rng.vtable, impl, &sk, kbuf_priv, curve); + if (len == 0) { + fprintf(stderr, "ERROR: curve is not supported\n"); + return 0; + } + return print_ec(&sk, os); +} + +static int +decode_key(const unsigned char *buf, size_t len, outspec *os) { br_skey_decoder_context dc; - int err; + int err, ret; br_skey_decoder_init(&dc); br_skey_decoder_push(&dc, buf, len); @@ -208,8 +478,9 @@ decode_key(const unsigned char *buf, size_t len, int print_text, int print_C) } else { fprintf(stderr, " (unknown)\n"); } - return -1; + return 0; } + ret = 1; switch (br_skey_decoder_key_type(&dc)) { const br_rsa_private_key *rk; const br_ec_private_key *ek; @@ -217,23 +488,24 @@ decode_key(const unsigned char *buf, size_t len, int print_text, int print_C) case BR_KEYTYPE_RSA: rk = br_skey_decoder_get_rsa(&dc); printf("RSA key (%lu bits)\n", (unsigned long)rk->n_bitlen); - print_rsa(rk, print_text, print_C); + ret = print_rsa(rk, os); break; case BR_KEYTYPE_EC: ek = br_skey_decoder_get_ec(&dc); printf("EC key (curve = %d: %s)\n", ek->curve, ec_curve_name(ek->curve)); - print_ec(ek, print_text, print_C); + ret = print_ec(ek, os); break; default: fprintf(stderr, "Unknown key type: %d\n", br_skey_decoder_key_type(&dc)); - return -1; + ret = 0; + break; } - return 0; + return ret; } static void @@ -244,19 +516,31 @@ usage_skey(void) fprintf(stderr, "options:\n"); fprintf(stderr, -" -q suppress verbose messages\n"); +" -q suppress verbose messages\n"); + fprintf(stderr, +" -text print private key details (human-readable)\n"); fprintf(stderr, -" -text print public key details (human-readable)\n"); +" -C print private key details (C code)\n"); fprintf(stderr, -" -C print public key details (C code)\n"); +" -rawder file save private key in 'file' (raw format, DER)\n"); fprintf(stderr, -" -gen spec generate a new key using the provided key specification\n"); +" -rawpem file save private key in 'file' (raw format, PEM)\n"); + fprintf(stderr, +" -pk8der file save private key in 'file' (PKCS#8 format, DER)\n"); + fprintf(stderr, +" -pk8pem file save private key in 'file' (PKCS#8 format, PEM)\n"); + fprintf(stderr, +" -gen spec generate a new key using the provided key specification\n"); + fprintf(stderr, +" -list list known elliptic curve names\n"); fprintf(stderr, "Key specification begins with a key type, followed by optional parameters\n"); fprintf(stderr, "that depend on the key type, separated by colon characters:\n"); fprintf(stderr, " rsa[:size[:pubexep]] RSA key (defaults: size = 2048, pubexp = 3)\n"); + fprintf(stderr, +" ec[:curvename] EC key (default curve: secp256r1)\n"); } /* see brssl.h */ @@ -266,7 +550,7 @@ do_skey(int argc, char *argv[]) int retcode; int verbose; int i, num_files; - int print_text, print_C; + outspec os; unsigned char *buf; size_t len; pem_object *pos; @@ -274,8 +558,12 @@ do_skey(int argc, char *argv[]) retcode = 0; verbose = 1; - print_text = 0; - print_C = 0; + os.print_text = 0; + os.print_C = 0; + os.rawder = NULL; + os.rawpem = NULL; + os.pk8der = NULL; + os.pk8pem = NULL; num_files = 0; buf = NULL; pos = NULL; @@ -294,9 +582,69 @@ do_skey(int argc, char *argv[]) } else if (eqstr(arg, "-q") || eqstr(arg, "-quiet")) { verbose = 0; } else if (eqstr(arg, "-text")) { - print_text = 1; + os.print_text = 1; } else if (eqstr(arg, "-C")) { - print_C = 1; + os.print_C = 1; + } else if (eqstr(arg, "-rawder")) { + if (++ i >= argc) { + fprintf(stderr, + "ERROR: no argument for '-rawder'\n"); + usage_skey(); + goto skey_exit_error; + } + if (os.rawder != NULL) { + fprintf(stderr, + "ERROR: multiple '-rawder' options\n"); + usage_skey(); + goto skey_exit_error; + } + os.rawder = argv[i]; + argv[i] = NULL; + } else if (eqstr(arg, "-rawpem")) { + if (++ i >= argc) { + fprintf(stderr, + "ERROR: no argument for '-rawpem'\n"); + usage_skey(); + goto skey_exit_error; + } + if (os.rawpem != NULL) { + fprintf(stderr, + "ERROR: multiple '-rawpem' options\n"); + usage_skey(); + goto skey_exit_error; + } + os.rawpem = argv[i]; + argv[i] = NULL; + } else if (eqstr(arg, "-pk8der")) { + if (++ i >= argc) { + fprintf(stderr, + "ERROR: no argument for '-pk8der'\n"); + usage_skey(); + goto skey_exit_error; + } + if (os.pk8der != NULL) { + fprintf(stderr, + "ERROR: multiple '-pk8der' options\n"); + usage_skey(); + goto skey_exit_error; + } + os.pk8der = argv[i]; + argv[i] = NULL; + } else if (eqstr(arg, "-pk8pem")) { + if (++ i >= argc) { + fprintf(stderr, + "ERROR: no argument for '-pk8pem'\n"); + usage_skey(); + goto skey_exit_error; + } + if (os.pk8pem != NULL) { + fprintf(stderr, + "ERROR: multiple '-pk8pem' options\n"); + usage_skey(); + goto skey_exit_error; + } + os.pk8pem = argv[i]; + argv[i] = NULL; } else if (eqstr(arg, "-gen")) { if (++ i >= argc) { fprintf(stderr, @@ -312,6 +660,9 @@ do_skey(int argc, char *argv[]) } kgen_spec = argv[i]; argv[i] = NULL; + } else if (eqstr(arg, "-list")) { + list_curves(); + goto skey_exit; } else { fprintf(stderr, "ERROR: unknown option: '%s'\n", arg); usage_skey(); @@ -321,6 +672,7 @@ do_skey(int argc, char *argv[]) if (kgen_spec != NULL) { unsigned rsa_size; uint32_t rsa_pubexp; + int curve; if (num_files != 0) { fprintf(stderr, @@ -330,7 +682,13 @@ do_skey(int argc, char *argv[]) } if (parse_rsa_spec(kgen_spec, &rsa_size, &rsa_pubexp)) { - keygen_rsa(rsa_size, rsa_pubexp, print_text, print_C); + if (!keygen_rsa(rsa_size, rsa_pubexp, &os)) { + goto skey_exit_error; + } + } else if (parse_ec_spec(kgen_spec, &curve)) { + if (!keygen_ec(curve, &os)) { + goto skey_exit_error; + } } else { fprintf(stderr, "ERROR: unknown key specification: '%s'\n", @@ -360,7 +718,7 @@ do_skey(int argc, char *argv[]) fprintf(stderr, "File '%s': ASN.1/DER object\n", fname); } - if (decode_key(buf, len, print_text, print_C) < 0) { + if (!decode_key(buf, len, &os)) { goto skey_exit_error; } } else { @@ -382,9 +740,8 @@ do_skey(int argc, char *argv[]) || eqstr(name, "EC PRIVATE KEY") || eqstr(name, "PRIVATE KEY")) { - if (decode_key(pos[u].data, - pos[u].data_len, - print_text, print_C) < 0) + if (!decode_key(pos[u].data, + pos[u].data_len, &os)) { goto skey_exit_error; }