key_app.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342
  1. /*
  2. * Key reading application
  3. *
  4. * Copyright The Mbed TLS Contributors
  5. * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
  6. *
  7. * This file is provided under the Apache License 2.0, or the
  8. * GNU General Public License v2.0 or later.
  9. *
  10. * **********
  11. * Apache License 2.0:
  12. *
  13. * Licensed under the Apache License, Version 2.0 (the "License"); you may
  14. * not use this file except in compliance with the License.
  15. * You may obtain a copy of the License at
  16. *
  17. * http://www.apache.org/licenses/LICENSE-2.0
  18. *
  19. * Unless required by applicable law or agreed to in writing, software
  20. * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  21. * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  22. * See the License for the specific language governing permissions and
  23. * limitations under the License.
  24. *
  25. * **********
  26. *
  27. * **********
  28. * GNU General Public License v2.0 or later:
  29. *
  30. * This program is free software; you can redistribute it and/or modify
  31. * it under the terms of the GNU General Public License as published by
  32. * the Free Software Foundation; either version 2 of the License, or
  33. * (at your option) any later version.
  34. *
  35. * This program is distributed in the hope that it will be useful,
  36. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  37. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  38. * GNU General Public License for more details.
  39. *
  40. * You should have received a copy of the GNU General Public License along
  41. * with this program; if not, write to the Free Software Foundation, Inc.,
  42. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  43. *
  44. * **********
  45. */
  46. #if !defined(MBEDTLS_CONFIG_FILE)
  47. #include "mbedtls/config.h"
  48. #else
  49. #include MBEDTLS_CONFIG_FILE
  50. #endif
  51. #if defined(MBEDTLS_PLATFORM_C)
  52. #include "mbedtls/platform.h"
  53. #else
  54. #include <stdio.h>
  55. #include <stdlib.h>
  56. #define mbedtls_printf printf
  57. #define mbedtls_exit exit
  58. #define MBEDTLS_EXIT_SUCCESS EXIT_SUCCESS
  59. #define MBEDTLS_EXIT_FAILURE EXIT_FAILURE
  60. #endif /* MBEDTLS_PLATFORM_C */
  61. #if defined(MBEDTLS_BIGNUM_C) && \
  62. defined(MBEDTLS_PK_PARSE_C) && defined(MBEDTLS_FS_IO)
  63. #include "mbedtls/error.h"
  64. #include "mbedtls/rsa.h"
  65. #include "mbedtls/x509.h"
  66. #include <string.h>
  67. #endif
  68. #define MODE_NONE 0
  69. #define MODE_PRIVATE 1
  70. #define MODE_PUBLIC 2
  71. #define DFL_MODE MODE_NONE
  72. #define DFL_FILENAME "keyfile.key"
  73. #define DFL_PASSWORD ""
  74. #define DFL_PASSWORD_FILE ""
  75. #define DFL_DEBUG_LEVEL 0
  76. #define USAGE \
  77. "\n usage: key_app param=<>...\n" \
  78. "\n acceptable parameters:\n" \
  79. " mode=private|public default: none\n" \
  80. " filename=%%s default: keyfile.key\n" \
  81. " password=%%s default: \"\"\n" \
  82. " password_file=%%s default: \"\"\n" \
  83. "\n"
  84. #if !defined(MBEDTLS_BIGNUM_C) || \
  85. !defined(MBEDTLS_PK_PARSE_C) || !defined(MBEDTLS_FS_IO)
  86. int main( void )
  87. {
  88. mbedtls_printf("MBEDTLS_BIGNUM_C and/or "
  89. "MBEDTLS_PK_PARSE_C and/or MBEDTLS_FS_IO not defined.\n");
  90. mbedtls_exit( 0 );
  91. }
  92. #else
  93. /*
  94. * global options
  95. */
  96. struct options
  97. {
  98. int mode; /* the mode to run the application in */
  99. const char *filename; /* filename of the key file */
  100. const char *password; /* password for the private key */
  101. const char *password_file; /* password_file for the private key */
  102. } opt;
  103. int main( int argc, char *argv[] )
  104. {
  105. int ret = 1;
  106. int exit_code = MBEDTLS_EXIT_FAILURE;
  107. char buf[1024];
  108. int i;
  109. char *p, *q;
  110. mbedtls_pk_context pk;
  111. mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
  112. /*
  113. * Set to sane values
  114. */
  115. mbedtls_pk_init( &pk );
  116. memset( buf, 0, sizeof(buf) );
  117. mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
  118. mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
  119. mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );
  120. if( argc == 0 )
  121. {
  122. usage:
  123. mbedtls_printf( USAGE );
  124. goto cleanup;
  125. }
  126. opt.mode = DFL_MODE;
  127. opt.filename = DFL_FILENAME;
  128. opt.password = DFL_PASSWORD;
  129. opt.password_file = DFL_PASSWORD_FILE;
  130. for( i = 1; i < argc; i++ )
  131. {
  132. p = argv[i];
  133. if( ( q = strchr( p, '=' ) ) == NULL )
  134. goto usage;
  135. *q++ = '\0';
  136. if( strcmp( p, "mode" ) == 0 )
  137. {
  138. if( strcmp( q, "private" ) == 0 )
  139. opt.mode = MODE_PRIVATE;
  140. else if( strcmp( q, "public" ) == 0 )
  141. opt.mode = MODE_PUBLIC;
  142. else
  143. goto usage;
  144. }
  145. else if( strcmp( p, "filename" ) == 0 )
  146. opt.filename = q;
  147. else if( strcmp( p, "password" ) == 0 )
  148. opt.password = q;
  149. else if( strcmp( p, "password_file" ) == 0 )
  150. opt.password_file = q;
  151. else
  152. goto usage;
  153. }
  154. if( opt.mode == MODE_PRIVATE )
  155. {
  156. if( strlen( opt.password ) && strlen( opt.password_file ) )
  157. {
  158. mbedtls_printf( "Error: cannot have both password and password_file\n" );
  159. goto usage;
  160. }
  161. if( strlen( opt.password_file ) )
  162. {
  163. FILE *f;
  164. mbedtls_printf( "\n . Loading the password file ..." );
  165. if( ( f = fopen( opt.password_file, "rb" ) ) == NULL )
  166. {
  167. mbedtls_printf( " failed\n ! fopen returned NULL\n" );
  168. goto cleanup;
  169. }
  170. if( fgets( buf, sizeof(buf), f ) == NULL )
  171. {
  172. fclose( f );
  173. mbedtls_printf( "Error: fgets() failed to retrieve password\n" );
  174. goto cleanup;
  175. }
  176. fclose( f );
  177. i = (int) strlen( buf );
  178. if( buf[i - 1] == '\n' ) buf[i - 1] = '\0';
  179. if( buf[i - 2] == '\r' ) buf[i - 2] = '\0';
  180. opt.password = buf;
  181. }
  182. /*
  183. * 1.1. Load the key
  184. */
  185. mbedtls_printf( "\n . Loading the private key ..." );
  186. fflush( stdout );
  187. ret = mbedtls_pk_parse_keyfile( &pk, opt.filename, opt.password );
  188. if( ret != 0 )
  189. {
  190. mbedtls_printf( " failed\n ! mbedtls_pk_parse_keyfile returned -0x%04x\n", -ret );
  191. goto cleanup;
  192. }
  193. mbedtls_printf( " ok\n" );
  194. /*
  195. * 1.2 Print the key
  196. */
  197. mbedtls_printf( " . Key information ...\n" );
  198. #if defined(MBEDTLS_RSA_C)
  199. if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
  200. {
  201. mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
  202. if( ( ret = mbedtls_rsa_export ( rsa, &N, &P, &Q, &D, &E ) ) != 0 ||
  203. ( ret = mbedtls_rsa_export_crt( rsa, &DP, &DQ, &QP ) ) != 0 )
  204. {
  205. mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" );
  206. goto cleanup;
  207. }
  208. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) );
  209. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) );
  210. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D: ", &D, 16, NULL ) );
  211. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "P: ", &P, 16, NULL ) );
  212. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q: ", &Q, 16, NULL ) );
  213. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DP: ", &DP, 16, NULL ) );
  214. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "DQ: ", &DQ, 16, NULL ) );
  215. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "QP: ", &QP, 16, NULL ) );
  216. }
  217. else
  218. #endif
  219. #if defined(MBEDTLS_ECP_C)
  220. if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
  221. {
  222. mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
  223. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) );
  224. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) );
  225. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) );
  226. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "D : ", &ecp->d , 16, NULL ) );
  227. }
  228. else
  229. #endif
  230. {
  231. mbedtls_printf("Do not know how to print key information for this type\n" );
  232. goto cleanup;
  233. }
  234. }
  235. else if( opt.mode == MODE_PUBLIC )
  236. {
  237. /*
  238. * 1.1. Load the key
  239. */
  240. mbedtls_printf( "\n . Loading the public key ..." );
  241. fflush( stdout );
  242. ret = mbedtls_pk_parse_public_keyfile( &pk, opt.filename );
  243. if( ret != 0 )
  244. {
  245. mbedtls_printf( " failed\n ! mbedtls_pk_parse_public_keyfile returned -0x%04x\n", -ret );
  246. goto cleanup;
  247. }
  248. mbedtls_printf( " ok\n" );
  249. mbedtls_printf( " . Key information ...\n" );
  250. #if defined(MBEDTLS_RSA_C)
  251. if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_RSA )
  252. {
  253. mbedtls_rsa_context *rsa = mbedtls_pk_rsa( pk );
  254. if( ( ret = mbedtls_rsa_export( rsa, &N, NULL, NULL,
  255. NULL, &E ) ) != 0 )
  256. {
  257. mbedtls_printf( " failed\n ! could not export RSA parameters\n\n" );
  258. goto cleanup;
  259. }
  260. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "N: ", &N, 16, NULL ) );
  261. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "E: ", &E, 16, NULL ) );
  262. }
  263. else
  264. #endif
  265. #if defined(MBEDTLS_ECP_C)
  266. if( mbedtls_pk_get_type( &pk ) == MBEDTLS_PK_ECKEY )
  267. {
  268. mbedtls_ecp_keypair *ecp = mbedtls_pk_ec( pk );
  269. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL ) );
  270. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL ) );
  271. MBEDTLS_MPI_CHK( mbedtls_mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL ) );
  272. }
  273. else
  274. #endif
  275. {
  276. mbedtls_printf("Do not know how to print key information for this type\n" );
  277. goto cleanup;
  278. }
  279. }
  280. else
  281. goto usage;
  282. exit_code = MBEDTLS_EXIT_SUCCESS;
  283. cleanup:
  284. #if defined(MBEDTLS_ERROR_C)
  285. if( exit_code != MBEDTLS_EXIT_SUCCESS )
  286. {
  287. mbedtls_strerror( ret, buf, sizeof( buf ) );
  288. mbedtls_printf( " ! Last error was: %s\n", buf );
  289. }
  290. #endif
  291. mbedtls_pk_free( &pk );
  292. mbedtls_mpi_free( &N ); mbedtls_mpi_free( &P ); mbedtls_mpi_free( &Q );
  293. mbedtls_mpi_free( &D ); mbedtls_mpi_free( &E ); mbedtls_mpi_free( &DP );
  294. mbedtls_mpi_free( &DQ ); mbedtls_mpi_free( &QP );
  295. #if defined(_WIN32)
  296. mbedtls_printf( " + Press Enter to exit this program.\n" );
  297. fflush( stdout ); getchar();
  298. #endif
  299. mbedtls_exit( exit_code );
  300. }
  301. #endif /* MBEDTLS_BIGNUM_C && MBEDTLS_PK_PARSE_C && MBEDTLS_FS_IO */