pkcs8.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359
  1. /*
  2. * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <string.h>
  12. #include "apps.h"
  13. #include "progs.h"
  14. #include <openssl/pem.h>
  15. #include <openssl/err.h>
  16. #include <openssl/evp.h>
  17. #include <openssl/pkcs12.h>
  18. typedef enum OPTION_choice {
  19. OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
  20. OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT,
  21. OPT_TOPK8, OPT_NOITER, OPT_NOCRYPT,
  22. #ifndef OPENSSL_NO_SCRYPT
  23. OPT_SCRYPT, OPT_SCRYPT_N, OPT_SCRYPT_R, OPT_SCRYPT_P,
  24. #endif
  25. OPT_V2, OPT_V1, OPT_V2PRF, OPT_ITER, OPT_PASSIN, OPT_PASSOUT,
  26. OPT_TRADITIONAL,
  27. OPT_R_ENUM
  28. } OPTION_CHOICE;
  29. const OPTIONS pkcs8_options[] = {
  30. {"help", OPT_HELP, '-', "Display this summary"},
  31. {"inform", OPT_INFORM, 'F', "Input format (DER or PEM)"},
  32. {"outform", OPT_OUTFORM, 'F', "Output format (DER or PEM)"},
  33. {"in", OPT_IN, '<', "Input file"},
  34. {"out", OPT_OUT, '>', "Output file"},
  35. {"topk8", OPT_TOPK8, '-', "Output PKCS8 file"},
  36. {"noiter", OPT_NOITER, '-', "Use 1 as iteration count"},
  37. {"nocrypt", OPT_NOCRYPT, '-', "Use or expect unencrypted private key"},
  38. OPT_R_OPTIONS,
  39. {"v2", OPT_V2, 's', "Use PKCS#5 v2.0 and cipher"},
  40. {"v1", OPT_V1, 's', "Use PKCS#5 v1.5 and cipher"},
  41. {"v2prf", OPT_V2PRF, 's', "Set the PRF algorithm to use with PKCS#5 v2.0"},
  42. {"iter", OPT_ITER, 'p', "Specify the iteration count"},
  43. {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
  44. {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
  45. {"traditional", OPT_TRADITIONAL, '-', "use traditional format private key"},
  46. #ifndef OPENSSL_NO_ENGINE
  47. {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
  48. #endif
  49. #ifndef OPENSSL_NO_SCRYPT
  50. {"scrypt", OPT_SCRYPT, '-', "Use scrypt algorithm"},
  51. {"scrypt_N", OPT_SCRYPT_N, 's', "Set scrypt N parameter"},
  52. {"scrypt_r", OPT_SCRYPT_R, 's', "Set scrypt r parameter"},
  53. {"scrypt_p", OPT_SCRYPT_P, 's', "Set scrypt p parameter"},
  54. #endif
  55. {NULL}
  56. };
  57. int pkcs8_main(int argc, char **argv)
  58. {
  59. BIO *in = NULL, *out = NULL;
  60. ENGINE *e = NULL;
  61. EVP_PKEY *pkey = NULL;
  62. PKCS8_PRIV_KEY_INFO *p8inf = NULL;
  63. X509_SIG *p8 = NULL;
  64. const EVP_CIPHER *cipher = NULL;
  65. char *infile = NULL, *outfile = NULL;
  66. char *passinarg = NULL, *passoutarg = NULL, *prog;
  67. #ifndef OPENSSL_NO_UI_CONSOLE
  68. char pass[APP_PASS_LEN];
  69. #endif
  70. char *passin = NULL, *passout = NULL, *p8pass = NULL;
  71. OPTION_CHOICE o;
  72. int nocrypt = 0, ret = 1, iter = PKCS12_DEFAULT_ITER;
  73. int informat = FORMAT_PEM, outformat = FORMAT_PEM, topk8 = 0, pbe_nid = -1;
  74. int private = 0, traditional = 0;
  75. #ifndef OPENSSL_NO_SCRYPT
  76. long scrypt_N = 0, scrypt_r = 0, scrypt_p = 0;
  77. #endif
  78. prog = opt_init(argc, argv, pkcs8_options);
  79. while ((o = opt_next()) != OPT_EOF) {
  80. switch (o) {
  81. case OPT_EOF:
  82. case OPT_ERR:
  83. opthelp:
  84. BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
  85. goto end;
  86. case OPT_HELP:
  87. opt_help(pkcs8_options);
  88. ret = 0;
  89. goto end;
  90. case OPT_INFORM:
  91. if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
  92. goto opthelp;
  93. break;
  94. case OPT_IN:
  95. infile = opt_arg();
  96. break;
  97. case OPT_OUTFORM:
  98. if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
  99. goto opthelp;
  100. break;
  101. case OPT_OUT:
  102. outfile = opt_arg();
  103. break;
  104. case OPT_TOPK8:
  105. topk8 = 1;
  106. break;
  107. case OPT_NOITER:
  108. iter = 1;
  109. break;
  110. case OPT_NOCRYPT:
  111. nocrypt = 1;
  112. break;
  113. case OPT_R_CASES:
  114. if (!opt_rand(o))
  115. goto end;
  116. break;
  117. case OPT_TRADITIONAL:
  118. traditional = 1;
  119. break;
  120. case OPT_V2:
  121. if (!opt_cipher(opt_arg(), &cipher))
  122. goto opthelp;
  123. break;
  124. case OPT_V1:
  125. pbe_nid = OBJ_txt2nid(opt_arg());
  126. if (pbe_nid == NID_undef) {
  127. BIO_printf(bio_err,
  128. "%s: Unknown PBE algorithm %s\n", prog, opt_arg());
  129. goto opthelp;
  130. }
  131. break;
  132. case OPT_V2PRF:
  133. pbe_nid = OBJ_txt2nid(opt_arg());
  134. if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) {
  135. BIO_printf(bio_err,
  136. "%s: Unknown PRF algorithm %s\n", prog, opt_arg());
  137. goto opthelp;
  138. }
  139. if (cipher == NULL)
  140. cipher = EVP_aes_256_cbc();
  141. break;
  142. case OPT_ITER:
  143. if (!opt_int(opt_arg(), &iter))
  144. goto opthelp;
  145. break;
  146. case OPT_PASSIN:
  147. passinarg = opt_arg();
  148. break;
  149. case OPT_PASSOUT:
  150. passoutarg = opt_arg();
  151. break;
  152. case OPT_ENGINE:
  153. e = setup_engine(opt_arg(), 0);
  154. break;
  155. #ifndef OPENSSL_NO_SCRYPT
  156. case OPT_SCRYPT:
  157. scrypt_N = 16384;
  158. scrypt_r = 8;
  159. scrypt_p = 1;
  160. if (cipher == NULL)
  161. cipher = EVP_aes_256_cbc();
  162. break;
  163. case OPT_SCRYPT_N:
  164. if (!opt_long(opt_arg(), &scrypt_N) || scrypt_N <= 0)
  165. goto opthelp;
  166. break;
  167. case OPT_SCRYPT_R:
  168. if (!opt_long(opt_arg(), &scrypt_r) || scrypt_r <= 0)
  169. goto opthelp;
  170. break;
  171. case OPT_SCRYPT_P:
  172. if (!opt_long(opt_arg(), &scrypt_p) || scrypt_p <= 0)
  173. goto opthelp;
  174. break;
  175. #endif
  176. }
  177. }
  178. argc = opt_num_rest();
  179. if (argc != 0)
  180. goto opthelp;
  181. private = 1;
  182. if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
  183. BIO_printf(bio_err, "Error getting passwords\n");
  184. goto end;
  185. }
  186. if ((pbe_nid == -1) && cipher == NULL)
  187. cipher = EVP_aes_256_cbc();
  188. in = bio_open_default(infile, 'r', informat);
  189. if (in == NULL)
  190. goto end;
  191. out = bio_open_owner(outfile, outformat, private);
  192. if (out == NULL)
  193. goto end;
  194. if (topk8) {
  195. pkey = load_key(infile, informat, 1, passin, e, "key");
  196. if (pkey == NULL)
  197. goto end;
  198. if ((p8inf = EVP_PKEY2PKCS8(pkey)) == NULL) {
  199. BIO_printf(bio_err, "Error converting key\n");
  200. ERR_print_errors(bio_err);
  201. goto end;
  202. }
  203. if (nocrypt) {
  204. assert(private);
  205. if (outformat == FORMAT_PEM) {
  206. PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
  207. } else if (outformat == FORMAT_ASN1) {
  208. i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
  209. } else {
  210. BIO_printf(bio_err, "Bad format specified for key\n");
  211. goto end;
  212. }
  213. } else {
  214. X509_ALGOR *pbe;
  215. if (cipher) {
  216. #ifndef OPENSSL_NO_SCRYPT
  217. if (scrypt_N && scrypt_r && scrypt_p)
  218. pbe = PKCS5_pbe2_set_scrypt(cipher, NULL, 0, NULL,
  219. scrypt_N, scrypt_r, scrypt_p);
  220. else
  221. #endif
  222. pbe = PKCS5_pbe2_set_iv(cipher, iter, NULL, 0, NULL,
  223. pbe_nid);
  224. } else {
  225. pbe = PKCS5_pbe_set(pbe_nid, iter, NULL, 0);
  226. }
  227. if (pbe == NULL) {
  228. BIO_printf(bio_err, "Error setting PBE algorithm\n");
  229. ERR_print_errors(bio_err);
  230. goto end;
  231. }
  232. if (passout != NULL) {
  233. p8pass = passout;
  234. } else if (1) {
  235. /* To avoid bit rot */
  236. #ifndef OPENSSL_NO_UI_CONSOLE
  237. p8pass = pass;
  238. if (EVP_read_pw_string
  239. (pass, sizeof(pass), "Enter Encryption Password:", 1)) {
  240. X509_ALGOR_free(pbe);
  241. goto end;
  242. }
  243. } else {
  244. #endif
  245. BIO_printf(bio_err, "Password required\n");
  246. goto end;
  247. }
  248. p8 = PKCS8_set0_pbe(p8pass, strlen(p8pass), p8inf, pbe);
  249. if (p8 == NULL) {
  250. X509_ALGOR_free(pbe);
  251. BIO_printf(bio_err, "Error encrypting key\n");
  252. ERR_print_errors(bio_err);
  253. goto end;
  254. }
  255. assert(private);
  256. if (outformat == FORMAT_PEM)
  257. PEM_write_bio_PKCS8(out, p8);
  258. else if (outformat == FORMAT_ASN1)
  259. i2d_PKCS8_bio(out, p8);
  260. else {
  261. BIO_printf(bio_err, "Bad format specified for key\n");
  262. goto end;
  263. }
  264. }
  265. ret = 0;
  266. goto end;
  267. }
  268. if (nocrypt) {
  269. if (informat == FORMAT_PEM) {
  270. p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in, NULL, NULL, NULL);
  271. } else if (informat == FORMAT_ASN1) {
  272. p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
  273. } else {
  274. BIO_printf(bio_err, "Bad format specified for key\n");
  275. goto end;
  276. }
  277. } else {
  278. if (informat == FORMAT_PEM) {
  279. p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
  280. } else if (informat == FORMAT_ASN1) {
  281. p8 = d2i_PKCS8_bio(in, NULL);
  282. } else {
  283. BIO_printf(bio_err, "Bad format specified for key\n");
  284. goto end;
  285. }
  286. if (p8 == NULL) {
  287. BIO_printf(bio_err, "Error reading key\n");
  288. ERR_print_errors(bio_err);
  289. goto end;
  290. }
  291. if (passin != NULL) {
  292. p8pass = passin;
  293. } else if (1) {
  294. #ifndef OPENSSL_NO_UI_CONSOLE
  295. p8pass = pass;
  296. if (EVP_read_pw_string(pass, sizeof(pass), "Enter Password:", 0)) {
  297. BIO_printf(bio_err, "Can't read Password\n");
  298. goto end;
  299. }
  300. } else {
  301. #endif
  302. BIO_printf(bio_err, "Password required\n");
  303. goto end;
  304. }
  305. p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
  306. }
  307. if (p8inf == NULL) {
  308. BIO_printf(bio_err, "Error decrypting key\n");
  309. ERR_print_errors(bio_err);
  310. goto end;
  311. }
  312. if ((pkey = EVP_PKCS82PKEY(p8inf)) == NULL) {
  313. BIO_printf(bio_err, "Error converting key\n");
  314. ERR_print_errors(bio_err);
  315. goto end;
  316. }
  317. assert(private);
  318. if (outformat == FORMAT_PEM) {
  319. if (traditional)
  320. PEM_write_bio_PrivateKey_traditional(out, pkey, NULL, NULL, 0,
  321. NULL, passout);
  322. else
  323. PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
  324. } else if (outformat == FORMAT_ASN1) {
  325. i2d_PrivateKey_bio(out, pkey);
  326. } else {
  327. BIO_printf(bio_err, "Bad format specified for key\n");
  328. goto end;
  329. }
  330. ret = 0;
  331. end:
  332. X509_SIG_free(p8);
  333. PKCS8_PRIV_KEY_INFO_free(p8inf);
  334. EVP_PKEY_free(pkey);
  335. release_engine(e);
  336. BIO_free_all(out);
  337. BIO_free(in);
  338. OPENSSL_free(passin);
  339. OPENSSL_free(passout);
  340. return ret;
  341. }