1 /*
2 * Key generation application
3 *
4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
6 */
7
8 #include "mbedtls/build_info.h"
9
10 #include "mbedtls/platform.h"
11
12 #if defined(MBEDTLS_PK_WRITE_C) && defined(MBEDTLS_FS_IO) && \
13 defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_CTR_DRBG_C)
14 #include "mbedtls/error.h"
15 #include "mbedtls/pk.h"
16 #include "mbedtls/ecdsa.h"
17 #include "mbedtls/rsa.h"
18 #include "mbedtls/error.h"
19 #include "mbedtls/entropy.h"
20 #include "mbedtls/ctr_drbg.h"
21
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25
26 #if !defined(_WIN32)
27 #include <unistd.h>
28
29 #define DEV_RANDOM_THRESHOLD 32
30
dev_random_entropy_poll(void * data,unsigned char * output,size_t len,size_t * olen)31 int dev_random_entropy_poll(void *data, unsigned char *output,
32 size_t len, size_t *olen)
33 {
34 FILE *file;
35 size_t ret, left = len;
36 unsigned char *p = output;
37 ((void) data);
38
39 *olen = 0;
40
41 file = fopen("/dev/random", "rb");
42 if (file == NULL) {
43 return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
44 }
45
46 while (left > 0) {
47 /* /dev/random can return much less than requested. If so, try again */
48 ret = fread(p, 1, left, file);
49 if (ret == 0 && ferror(file)) {
50 fclose(file);
51 return MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
52 }
53
54 p += ret;
55 left -= ret;
56 sleep(1);
57 }
58 fclose(file);
59 *olen = len;
60
61 return 0;
62 }
63 #endif /* !_WIN32 */
64 #endif
65
66 #if defined(MBEDTLS_ECP_C)
67 #define DFL_EC_CURVE mbedtls_ecp_curve_list()->grp_id
68 #else
69 #define DFL_EC_CURVE 0
70 #endif
71
72 #if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
73 #define USAGE_DEV_RANDOM \
74 " use_dev_random=0|1 default: 0\n"
75 #else
76 #define USAGE_DEV_RANDOM ""
77 #endif /* !_WIN32 && MBEDTLS_FS_IO */
78
79 #define FORMAT_PEM 0
80 #define FORMAT_DER 1
81
82 #define DFL_TYPE MBEDTLS_PK_RSA
83 #define DFL_RSA_KEYSIZE 4096
84 #define DFL_FILENAME "keyfile.key"
85 #define DFL_FORMAT FORMAT_PEM
86 #define DFL_USE_DEV_RANDOM 0
87
88 #define USAGE \
89 "\n usage: gen_key param=<>...\n" \
90 "\n acceptable parameters:\n" \
91 " type=rsa|ec default: rsa\n" \
92 " rsa_keysize=%%d default: 4096\n" \
93 " ec_curve=%%s see below\n" \
94 " filename=%%s default: keyfile.key\n" \
95 " format=pem|der default: pem\n" \
96 USAGE_DEV_RANDOM \
97 "\n"
98
99 #if !defined(MBEDTLS_PK_WRITE_C) || !defined(MBEDTLS_PEM_WRITE_C) || \
100 !defined(MBEDTLS_FS_IO) || !defined(MBEDTLS_ENTROPY_C) || \
101 !defined(MBEDTLS_CTR_DRBG_C)
main(void)102 int main(void)
103 {
104 mbedtls_printf("MBEDTLS_PK_WRITE_C and/or MBEDTLS_FS_IO and/or "
105 "MBEDTLS_ENTROPY_C and/or MBEDTLS_CTR_DRBG_C and/or "
106 "MBEDTLS_PEM_WRITE_C"
107 "not defined.\n");
108 mbedtls_exit(0);
109 }
110 #else
111
112
113 /*
114 * global options
115 */
116 struct options {
117 int type; /* the type of key to generate */
118 int rsa_keysize; /* length of key in bits */
119 int ec_curve; /* curve identifier for EC keys */
120 const char *filename; /* filename of the key file */
121 int format; /* the output format to use */
122 int use_dev_random; /* use /dev/random as entropy source */
123 } opt;
124
write_private_key(mbedtls_pk_context * key,const char * output_file)125 static int write_private_key(mbedtls_pk_context *key, const char *output_file)
126 {
127 int ret;
128 FILE *f;
129 unsigned char output_buf[16000];
130 unsigned char *c = output_buf;
131 size_t len = 0;
132
133 memset(output_buf, 0, 16000);
134 if (opt.format == FORMAT_PEM) {
135 if ((ret = mbedtls_pk_write_key_pem(key, output_buf, 16000)) != 0) {
136 return ret;
137 }
138
139 len = strlen((char *) output_buf);
140 } else {
141 if ((ret = mbedtls_pk_write_key_der(key, output_buf, 16000)) < 0) {
142 return ret;
143 }
144
145 len = ret;
146 c = output_buf + sizeof(output_buf) - len;
147 }
148
149 if ((f = fopen(output_file, "wb")) == NULL) {
150 return -1;
151 }
152
153 if (fwrite(c, 1, len, f) != len) {
154 fclose(f);
155 return -1;
156 }
157
158 fclose(f);
159
160 return 0;
161 }
162
main(int argc,char * argv[])163 int main(int argc, char *argv[])
164 {
165 int ret = 1;
166 int exit_code = MBEDTLS_EXIT_FAILURE;
167 mbedtls_pk_context key;
168 char buf[1024];
169 int i;
170 char *p, *q;
171 #if defined(MBEDTLS_RSA_C)
172 mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
173 #endif /* MBEDTLS_RSA_C */
174 mbedtls_entropy_context entropy;
175 mbedtls_ctr_drbg_context ctr_drbg;
176 const char *pers = "gen_key";
177 #if defined(MBEDTLS_ECP_C)
178 const mbedtls_ecp_curve_info *curve_info;
179 #endif
180
181 /*
182 * Set to sane values
183 */
184 #if defined(MBEDTLS_RSA_C)
185 mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q);
186 mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); mbedtls_mpi_init(&DP);
187 mbedtls_mpi_init(&DQ); mbedtls_mpi_init(&QP);
188 #endif /* MBEDTLS_RSA_C */
189
190 mbedtls_pk_init(&key);
191 mbedtls_ctr_drbg_init(&ctr_drbg);
192 memset(buf, 0, sizeof(buf));
193
194 #if defined(MBEDTLS_USE_PSA_CRYPTO)
195 psa_status_t status = psa_crypto_init();
196 if (status != PSA_SUCCESS) {
197 mbedtls_fprintf(stderr, "Failed to initialize PSA Crypto implementation: %d\n",
198 (int) status);
199 goto exit;
200 }
201 #endif /* MBEDTLS_USE_PSA_CRYPTO */
202
203 if (argc < 2) {
204 usage:
205 mbedtls_printf(USAGE);
206 #if defined(MBEDTLS_ECP_C)
207 mbedtls_printf(" available ec_curve values:\n");
208 curve_info = mbedtls_ecp_curve_list();
209 mbedtls_printf(" %s (default)\n", curve_info->name);
210 while ((++curve_info)->name != NULL) {
211 mbedtls_printf(" %s\n", curve_info->name);
212 }
213 #endif /* MBEDTLS_ECP_C */
214 goto exit;
215 }
216
217 opt.type = DFL_TYPE;
218 opt.rsa_keysize = DFL_RSA_KEYSIZE;
219 opt.ec_curve = DFL_EC_CURVE;
220 opt.filename = DFL_FILENAME;
221 opt.format = DFL_FORMAT;
222 opt.use_dev_random = DFL_USE_DEV_RANDOM;
223
224 for (i = 1; i < argc; i++) {
225 p = argv[i];
226 if ((q = strchr(p, '=')) == NULL) {
227 goto usage;
228 }
229 *q++ = '\0';
230
231 if (strcmp(p, "type") == 0) {
232 if (strcmp(q, "rsa") == 0) {
233 opt.type = MBEDTLS_PK_RSA;
234 } else if (strcmp(q, "ec") == 0) {
235 opt.type = MBEDTLS_PK_ECKEY;
236 } else {
237 goto usage;
238 }
239 } else if (strcmp(p, "format") == 0) {
240 if (strcmp(q, "pem") == 0) {
241 opt.format = FORMAT_PEM;
242 } else if (strcmp(q, "der") == 0) {
243 opt.format = FORMAT_DER;
244 } else {
245 goto usage;
246 }
247 } else if (strcmp(p, "rsa_keysize") == 0) {
248 opt.rsa_keysize = atoi(q);
249 if (opt.rsa_keysize < 1024 ||
250 opt.rsa_keysize > MBEDTLS_MPI_MAX_BITS) {
251 goto usage;
252 }
253 }
254 #if defined(MBEDTLS_ECP_C)
255 else if (strcmp(p, "ec_curve") == 0) {
256 if ((curve_info = mbedtls_ecp_curve_info_from_name(q)) == NULL) {
257 goto usage;
258 }
259 opt.ec_curve = curve_info->grp_id;
260 }
261 #endif
262 else if (strcmp(p, "filename") == 0) {
263 opt.filename = q;
264 } else if (strcmp(p, "use_dev_random") == 0) {
265 opt.use_dev_random = atoi(q);
266 if (opt.use_dev_random < 0 || opt.use_dev_random > 1) {
267 goto usage;
268 }
269 } else {
270 goto usage;
271 }
272 }
273
274 mbedtls_printf("\n . Seeding the random number generator...");
275 fflush(stdout);
276
277 mbedtls_entropy_init(&entropy);
278 #if !defined(_WIN32) && defined(MBEDTLS_FS_IO)
279 if (opt.use_dev_random) {
280 if ((ret = mbedtls_entropy_add_source(&entropy, dev_random_entropy_poll,
281 NULL, DEV_RANDOM_THRESHOLD,
282 MBEDTLS_ENTROPY_SOURCE_STRONG)) != 0) {
283 mbedtls_printf(" failed\n ! mbedtls_entropy_add_source returned -0x%04x\n",
284 (unsigned int) -ret);
285 goto exit;
286 }
287
288 mbedtls_printf("\n Using /dev/random, so can take a long time! ");
289 fflush(stdout);
290 }
291 #endif /* !_WIN32 && MBEDTLS_FS_IO */
292
293 if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
294 (const unsigned char *) pers,
295 strlen(pers))) != 0) {
296 mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n",
297 (unsigned int) -ret);
298 goto exit;
299 }
300
301 /*
302 * 1.1. Generate the key
303 */
304 mbedtls_printf("\n . Generating the private key ...");
305 fflush(stdout);
306
307 if ((ret = mbedtls_pk_setup(&key,
308 mbedtls_pk_info_from_type((mbedtls_pk_type_t) opt.type))) != 0) {
309 mbedtls_printf(" failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int) -ret);
310 goto exit;
311 }
312
313 #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_GENPRIME)
314 if (opt.type == MBEDTLS_PK_RSA) {
315 ret = mbedtls_rsa_gen_key(mbedtls_pk_rsa(key), mbedtls_ctr_drbg_random, &ctr_drbg,
316 opt.rsa_keysize, 65537);
317 if (ret != 0) {
318 mbedtls_printf(" failed\n ! mbedtls_rsa_gen_key returned -0x%04x",
319 (unsigned int) -ret);
320 goto exit;
321 }
322 } else
323 #endif /* MBEDTLS_RSA_C */
324 #if defined(MBEDTLS_ECP_C)
325 if (opt.type == MBEDTLS_PK_ECKEY) {
326 ret = mbedtls_ecp_gen_key((mbedtls_ecp_group_id) opt.ec_curve,
327 mbedtls_pk_ec(key),
328 mbedtls_ctr_drbg_random, &ctr_drbg);
329 if (ret != 0) {
330 mbedtls_printf(" failed\n ! mbedtls_ecp_gen_key returned -0x%04x",
331 (unsigned int) -ret);
332 goto exit;
333 }
334 } else
335 #endif /* MBEDTLS_ECP_C */
336 {
337 mbedtls_printf(" failed\n ! key type not supported\n");
338 goto exit;
339 }
340
341 /*
342 * 1.2 Print the key
343 */
344 mbedtls_printf(" ok\n . Key information:\n");
345
346 #if defined(MBEDTLS_RSA_C)
347 if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
348 mbedtls_rsa_context *rsa = mbedtls_pk_rsa(key);
349
350 if ((ret = mbedtls_rsa_export(rsa, &N, &P, &Q, &D, &E)) != 0 ||
351 (ret = mbedtls_rsa_export_crt(rsa, &DP, &DQ, &QP)) != 0) {
352 mbedtls_printf(" failed\n ! could not export RSA parameters\n\n");
353 goto exit;
354 }
355
356 mbedtls_mpi_write_file("N: ", &N, 16, NULL);
357 mbedtls_mpi_write_file("E: ", &E, 16, NULL);
358 mbedtls_mpi_write_file("D: ", &D, 16, NULL);
359 mbedtls_mpi_write_file("P: ", &P, 16, NULL);
360 mbedtls_mpi_write_file("Q: ", &Q, 16, NULL);
361 mbedtls_mpi_write_file("DP: ", &DP, 16, NULL);
362 mbedtls_mpi_write_file("DQ: ", &DQ, 16, NULL);
363 mbedtls_mpi_write_file("QP: ", &QP, 16, NULL);
364 } else
365 #endif
366 #if defined(MBEDTLS_ECP_C)
367 if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
368 mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(key);
369 mbedtls_printf("curve: %s\n",
370 mbedtls_ecp_curve_info_from_grp_id(ecp->MBEDTLS_PRIVATE(grp).id)->name);
371 mbedtls_mpi_write_file("X_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, NULL);
372 mbedtls_mpi_write_file("Y_Q: ", &ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, NULL);
373 mbedtls_mpi_write_file("D: ", &ecp->MBEDTLS_PRIVATE(d), 16, NULL);
374 } else
375 #endif
376 mbedtls_printf(" ! key type not supported\n");
377
378 /*
379 * 1.3 Export key
380 */
381 mbedtls_printf(" . Writing key to file...");
382
383 if ((ret = write_private_key(&key, opt.filename)) != 0) {
384 mbedtls_printf(" failed\n");
385 goto exit;
386 }
387
388 mbedtls_printf(" ok\n");
389
390 exit_code = MBEDTLS_EXIT_SUCCESS;
391
392 exit:
393
394 if (exit_code != MBEDTLS_EXIT_SUCCESS) {
395 #ifdef MBEDTLS_ERROR_C
396 mbedtls_strerror(ret, buf, sizeof(buf));
397 mbedtls_printf(" - %s\n", buf);
398 #else
399 mbedtls_printf("\n");
400 #endif
401 }
402
403 #if defined(MBEDTLS_RSA_C)
404 mbedtls_mpi_free(&N); mbedtls_mpi_free(&P); mbedtls_mpi_free(&Q);
405 mbedtls_mpi_free(&D); mbedtls_mpi_free(&E); mbedtls_mpi_free(&DP);
406 mbedtls_mpi_free(&DQ); mbedtls_mpi_free(&QP);
407 #endif /* MBEDTLS_RSA_C */
408
409 mbedtls_pk_free(&key);
410 mbedtls_ctr_drbg_free(&ctr_drbg);
411 mbedtls_entropy_free(&entropy);
412 #if defined(MBEDTLS_USE_PSA_CRYPTO)
413 mbedtls_psa_crypto_free();
414 #endif /* MBEDTLS_USE_PSA_CRYPTO */
415
416 mbedtls_exit(exit_code);
417 }
418 #endif /* MBEDTLS_PK_WRITE_C && MBEDTLS_PEM_WRITE_C && MBEDTLS_FS_IO &&
419 * MBEDTLS_ENTROPY_C && MBEDTLS_CTR_DRBG_C */
420
