/* apps/ecparam.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* Hudson (tjh@cryptsoft.com).
*
*/
-#ifndef OPENSSL_NO_ECDSA
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * The elliptic curve binary polynomial software is originally written by
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_EC
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/ec.h>
-#include <openssl/ecdsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#undef PROG
#define PROG ecparam_main
-/* -inform arg - input format - default PEM (DER or PEM)
- * -outform arg - output format - default PEM
- * -in arg - input file - default stdin
- * -out arg - output file - default stdout
- * -noout
- * -text
- * -check - validate the ec parameters
- * -C
- * -noout
- * -name file - use the ecparameters with 'short name' name
- * -list_curves - prints a list of all currently available curve
- * 'short names' and exits
- * -conv_form - specifies the point conversion form
- * possible values : compressed
- * uncompressed (default)
- * hybrid
- * -param_enc - specifies the way the ec parameters are encoded
- * in the asn1 der encoding
- * possilbe values : named_curve (default)
- * explicit
- * -no_seed - if 'explicit' parameters are choosen do not
- * use the seed
- * -genkey - generates a ecdsa private key
- * -rand file
- * -engine e - use engine e, possible a hardware device
+/* -inform arg - input format - default PEM (DER or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -noout - do not print the ec parameter
+ * -text - print the ec parameters in text form
+ * -check - validate the ec parameters
+ * -C - print a 'C' function creating the parameters
+ * -name arg - use the ec parameters with 'short name' name
+ * -list_curves - prints a list of all currently available curve 'short names'
+ * -conv_form arg - specifies the point conversion form
+ * - possible values: compressed
+ * uncompressed (default)
+ * hybrid
+ * -param_enc arg - specifies the way the ec parameters are encoded
+ * in the asn1 der encoding
+ * possible values: named_curve (default)
+ * explicit
+ * -no_seed - if 'explicit' parameters are chosen do not use the seed
+ * -genkey - generate ec key
+ * -rand file - files to use for random number input
+ * -engine e - use engine e, possibly a hardware device
*/
-static const char *curve_list[20] = {
- "prime192v1 - NIST recommended curve over a 192 bit prime field",
- "prime192v2 - 192 bit prime curve from the X9.62 draft",
- "prime192v3 - 192 bit prime curve from the X9.62 draft",
- "prime239v1 - 239 bit prime curve from the X9.62 draft",
- "prime239v2 - 239 bit prime curve from the X9.62 draft",
- "prime239v3 - 239 bit prime curve from the X9.62 draft",
- "prime256v1 - NIST recommended curve over a 256 bit prime field",
- "secp112r1 - SECG recommended curve over a 112 bit prime field",
- "secp112r2 - SECG recommended curve over a 112 bit prime field",
- "secp128r1 - SECG recommended curve over a 128 bit prime field",
- "secp128r2 - SECG recommended curve over a 128 bit prime field",
- "secp160k1 - SECG recommended curve over a 160 bit prime field",
- "secp160r1 - SECG recommended curve over a 160 bit prime field",
- "secp160r2 - SECG recommended curve over a 160 bit prime field",
- "secp192k1 - SECG recommended curve over a 192 bit prime field",
- "secp224k1 - SECG recommended curve over a 224 bit prime field",
- "secp224r1 - NIST recommended curve over a 224 bit prime field",
- "secp256k1 - SECG recommended curve over a 256 bit prime field",
- "secp384r1 - NIST recommended curve over a 384 bit prime field",
- "secp521r1 - NIST recommended curve over a 521 bit prime field"
-};
static int ecparam_print_var(BIO *,BIGNUM *,const char *,int,unsigned char *);
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
- ENGINE *e = NULL;
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
bad:
BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
BIO_printf(bio_err, "where options are\n");
- BIO_printf(bio_err, " -inform arg input format - "
+ BIO_printf(bio_err, " -inform arg input format - "
"default PEM (DER or PEM)\n");
- BIO_printf(bio_err, " -outform arg output format - "
+ BIO_printf(bio_err, " -outform arg output format - "
"default PEM\n");
- BIO_printf(bio_err, " -in arg input file - "
+ BIO_printf(bio_err, " -in arg input file - "
"default stdin\n");
- BIO_printf(bio_err, " -out arg output file - "
+ BIO_printf(bio_err, " -out arg output file - "
"default stdout\n");
- BIO_printf(bio_err, " -noout do not print the "
+ BIO_printf(bio_err, " -noout do not print the "
"ec parameter\n");
- BIO_printf(bio_err, " -text print the ec "
+ BIO_printf(bio_err, " -text print the ec "
"parameters in text form\n");
- BIO_printf(bio_err, " -check validate the ec "
+ BIO_printf(bio_err, " -check validate the ec "
"parameters\n");
- BIO_printf(bio_err, " -C print a 'C' "
+ BIO_printf(bio_err, " -C print a 'C' "
"function creating the parameters\n");
- BIO_printf(bio_err, " -name arg use the "
+ BIO_printf(bio_err, " -name arg use the "
"ec parameters with 'short name' name\n");
- BIO_printf(bio_err, " -list_curves prints a list of "
- "all currently available curve\n");
- BIO_printf(bio_err, " 'short names'\n");
- BIO_printf(bio_err, " -conv_form arg specifies the "
+ BIO_printf(bio_err, " -list_curves prints a list of "
+ "all currently available curve 'short names'\n");
+ BIO_printf(bio_err, " -conv_form arg specifies the "
"point conversion form \n");
- BIO_printf(bio_err, " possible values :"
+ BIO_printf(bio_err, " possible values:"
" compressed\n");
- BIO_printf(bio_err, " "
+ BIO_printf(bio_err, " "
" uncompressed (default)\n");
- BIO_printf(bio_err, " "
+ BIO_printf(bio_err, " "
" hybrid\n");
- BIO_printf(bio_err, " -param_enc arg specifies the way"
+ BIO_printf(bio_err, " -param_enc arg specifies the way"
" the ec parameters are encoded\n");
- BIO_printf(bio_err, " in the asn1 der "
+ BIO_printf(bio_err, " in the asn1 der "
"encoding\n");
- BIO_printf(bio_err, " possilbe values :"
+ BIO_printf(bio_err, " possible values:"
" named_curve (default)\n");
- BIO_printf(bio_err," "
- " explicit\n");
- BIO_printf(bio_err, " -no_seed if 'explicit'"
- " parameters are choosen do not\n");
- BIO_printf(bio_err, " use the seed\n");
- BIO_printf(bio_err, " -genkey generate ecdsa"
+ BIO_printf(bio_err, " "
+ " explicit\n");
+ BIO_printf(bio_err, " -no_seed if 'explicit'"
+ " parameters are chosen do not"
+ " use the seed\n");
+ BIO_printf(bio_err, " -genkey generate ec"
" key\n");
- BIO_printf(bio_err, " -rand file files to use for"
+ BIO_printf(bio_err, " -rand file files to use for"
" random number input\n");
- BIO_printf(bio_err, " -engine e use engine e, "
- "possible a hardware device\n");
+ BIO_printf(bio_err, " -engine e use engine e, "
+ "possibly a hardware device\n");
goto end;
}
}
}
- e = setup_engine(bio_err, engine, 0);
+#ifndef OPENSSL_NO_ENGINE
+ setup_engine(bio_err, engine, 0);
+#endif
if (list_curves)
{
- int counter=0;
+ EC_builtin_curve *curves = NULL;
+ size_t crv_len = 0;
+ size_t n = 0;
- for (; counter < sizeof(curve_list)/sizeof(char *); counter++)
- if (BIO_printf(bio_err, " %s\n", curve_list[counter])
- <= 0)
- goto end;
+ crv_len = EC_get_builtin_curves(NULL, 0);
+
+ curves = OPENSSL_malloc((int)(sizeof(EC_builtin_curve) * crv_len));
+
+ if (curves == NULL)
+ goto end;
+
+ if (!EC_get_builtin_curves(curves, crv_len))
+ {
+ OPENSSL_free(curves);
+ goto end;
+ }
+
+
+ for (n = 0; n < crv_len; n++)
+ {
+ const char *comment;
+ const char *sname;
+ comment = curves[n].comment;
+ sname = OBJ_nid2sn(curves[n].nid);
+ if (comment == NULL)
+ comment = "CURVE DESCRIPTION NOT AVAILABLE";
+ if (sname == NULL)
+ sname = "";
+
+ BIO_printf(out, " %-10s: ", sname);
+ BIO_printf(out, "%s\n", comment);
+ }
+
+ OPENSSL_free(curves);
ret = 0;
goto end;
}
if (curve_name != NULL)
{
- int nid = OBJ_sn2nid(curve_name);
+ int nid;
+
+ /* workaround for the SECG curve names secp192r1
+ * and secp256r1 (which are the same as the curves
+ * prime192v1 and prime256v1 defined in X9.62)
+ */
+ if (!strcmp(curve_name, "secp192r1"))
+ {
+ BIO_printf(bio_err, "using curve name prime192v1 "
+ "instead of secp192r1\n");
+ nid = NID_X9_62_prime192v1;
+ }
+ else if (!strcmp(curve_name, "secp256r1"))
+ {
+ BIO_printf(bio_err, "using curve name prime256v1 "
+ "instead of secp256r1\n");
+ nid = NID_X9_62_prime256v1;
+ }
+ else
+ nid = OBJ_sn2nid(curve_name);
+
+ if (nid == 0)
+ nid = EC_curve_nist2nid(curve_name);
if (nid == 0)
{
goto end;
}
- group = EC_GROUP_new_by_nid(nid);
+ group = EC_GROUP_new_by_curve_name(nid);
if (group == NULL)
{
BIO_printf(bio_err, "unable to create curve (%s)\n",
if (genkey)
{
- ECDSA *ecdsa = ECDSA_new();
+ EC_KEY *eckey = EC_KEY_new();
- if (ecdsa == NULL)
+ if (eckey == NULL)
goto end;
assert(need_rand);
- ecdsa->group = group;
+ if (EC_KEY_set_group(eckey, group) == 0)
+ goto end;
- if (!ECDSA_generate_key(ecdsa))
+ if (!EC_KEY_generate_key(eckey))
{
- ecdsa->group = NULL;
- ECDSA_free(ecdsa);
+ EC_KEY_free(eckey);
goto end;
}
if (outformat == FORMAT_ASN1)
- i = i2d_ECDSAPrivateKey_bio(out, ecdsa);
+ i = i2d_ECPrivateKey_bio(out, eckey);
else if (outformat == FORMAT_PEM)
- i = PEM_write_bio_ECDSAPrivateKey(out, ecdsa, NULL,
+ i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
NULL, 0, NULL, NULL);
else
{
BIO_printf(bio_err, "bad output format specified "
"for outfile\n");
- ecdsa->group = NULL;
- ECDSA_free(ecdsa);
+ EC_KEY_free(eckey);
goto end;
}
- ecdsa->group = NULL;
- ECDSA_free(ecdsa);
+ EC_KEY_free(eckey);
}
if (need_rand)
if (group != NULL)
EC_GROUP_free(group);
apps_shutdown();
- EXIT(ret);
+ OPENSSL_EXIT(ret);
}
-int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
+static int ecparam_print_var(BIO *out, BIGNUM *in, const char *var,
int len, unsigned char *buffer)
{
BIO_printf(out, "static unsigned char %s_%d[] = {", var, len);
BIO_printf(out, "\n\t};\n\n");
return 1;
}
+#else /* !OPENSSL_NO_EC */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
#endif