1*6f971622SJuan Castillo /* 2*6f971622SJuan Castillo * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved. 3*6f971622SJuan Castillo * 4*6f971622SJuan Castillo * Redistribution and use in source and binary forms, with or without 5*6f971622SJuan Castillo * modification, are permitted provided that the following conditions are met: 6*6f971622SJuan Castillo * 7*6f971622SJuan Castillo * Redistributions of source code must retain the above copyright notice, this 8*6f971622SJuan Castillo * list of conditions and the following disclaimer. 9*6f971622SJuan Castillo * 10*6f971622SJuan Castillo * Redistributions in binary form must reproduce the above copyright notice, 11*6f971622SJuan Castillo * this list of conditions and the following disclaimer in the documentation 12*6f971622SJuan Castillo * and/or other materials provided with the distribution. 13*6f971622SJuan Castillo * 14*6f971622SJuan Castillo * Neither the name of ARM nor the names of its contributors may be used 15*6f971622SJuan Castillo * to endorse or promote products derived from this software without specific 16*6f971622SJuan Castillo * prior written permission. 17*6f971622SJuan Castillo * 18*6f971622SJuan Castillo * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 19*6f971622SJuan Castillo * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20*6f971622SJuan Castillo * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21*6f971622SJuan Castillo * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 22*6f971622SJuan Castillo * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 23*6f971622SJuan Castillo * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 24*6f971622SJuan Castillo * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 25*6f971622SJuan Castillo * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 26*6f971622SJuan Castillo * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 27*6f971622SJuan Castillo * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 28*6f971622SJuan Castillo * POSSIBILITY OF SUCH DAMAGE. 29*6f971622SJuan Castillo */ 30*6f971622SJuan Castillo 31*6f971622SJuan Castillo #include <getopt.h> 32*6f971622SJuan Castillo #include <stdio.h> 33*6f971622SJuan Castillo #include <stdlib.h> 34*6f971622SJuan Castillo #include <string.h> 35*6f971622SJuan Castillo 36*6f971622SJuan Castillo #include <openssl/conf.h> 37*6f971622SJuan Castillo #include <openssl/evp.h> 38*6f971622SJuan Castillo #include <openssl/pem.h> 39*6f971622SJuan Castillo 40*6f971622SJuan Castillo #include "cert.h" 41*6f971622SJuan Castillo #include "debug.h" 42*6f971622SJuan Castillo #include "key.h" 43*6f971622SJuan Castillo #include "platform_oid.h" 44*6f971622SJuan Castillo #include "sha.h" 45*6f971622SJuan Castillo 46*6f971622SJuan Castillo #define MAX_FILENAME_LEN 1024 47*6f971622SJuan Castillo 48*6f971622SJuan Castillo /* 49*6f971622SJuan Castillo * Create a new key 50*6f971622SJuan Castillo */ 51*6f971622SJuan Castillo int key_new(key_t *key) 52*6f971622SJuan Castillo { 53*6f971622SJuan Castillo RSA *rsa = NULL; 54*6f971622SJuan Castillo EVP_PKEY *k = NULL; 55*6f971622SJuan Castillo 56*6f971622SJuan Castillo /* Create key pair container */ 57*6f971622SJuan Castillo k = EVP_PKEY_new(); 58*6f971622SJuan Castillo if (k == NULL) { 59*6f971622SJuan Castillo return 0; 60*6f971622SJuan Castillo } 61*6f971622SJuan Castillo 62*6f971622SJuan Castillo /* Generate a new RSA key */ 63*6f971622SJuan Castillo rsa = RSA_generate_key(RSA_KEY_BITS, RSA_F4, NULL, NULL); 64*6f971622SJuan Castillo if (EVP_PKEY_assign_RSA(k, rsa)) { 65*6f971622SJuan Castillo key->key = k; 66*6f971622SJuan Castillo return 1; 67*6f971622SJuan Castillo } else { 68*6f971622SJuan Castillo printf("Cannot assign RSA key\n"); 69*6f971622SJuan Castillo } 70*6f971622SJuan Castillo 71*6f971622SJuan Castillo if (k) 72*6f971622SJuan Castillo EVP_PKEY_free(k); 73*6f971622SJuan Castillo return 0; 74*6f971622SJuan Castillo } 75*6f971622SJuan Castillo 76*6f971622SJuan Castillo int key_load(key_t *key) 77*6f971622SJuan Castillo { 78*6f971622SJuan Castillo FILE *fp = NULL; 79*6f971622SJuan Castillo EVP_PKEY *k = NULL; 80*6f971622SJuan Castillo 81*6f971622SJuan Castillo /* Create key pair container */ 82*6f971622SJuan Castillo k = EVP_PKEY_new(); 83*6f971622SJuan Castillo if (k == NULL) { 84*6f971622SJuan Castillo return 0; 85*6f971622SJuan Castillo } 86*6f971622SJuan Castillo 87*6f971622SJuan Castillo if (key->fn) { 88*6f971622SJuan Castillo /* Load key from file */ 89*6f971622SJuan Castillo fp = fopen(key->fn, "r"); 90*6f971622SJuan Castillo if (fp) { 91*6f971622SJuan Castillo k = PEM_read_PrivateKey(fp, &k, NULL, NULL); 92*6f971622SJuan Castillo fclose(fp); 93*6f971622SJuan Castillo if (k) { 94*6f971622SJuan Castillo key->key = k; 95*6f971622SJuan Castillo return 1; 96*6f971622SJuan Castillo } else { 97*6f971622SJuan Castillo ERROR("Cannot read key from %s\n", key->fn); 98*6f971622SJuan Castillo } 99*6f971622SJuan Castillo } else { 100*6f971622SJuan Castillo ERROR("Cannot open file %s\n", key->fn); 101*6f971622SJuan Castillo } 102*6f971622SJuan Castillo } else { 103*6f971622SJuan Castillo ERROR("Key filename not specified\n"); 104*6f971622SJuan Castillo } 105*6f971622SJuan Castillo 106*6f971622SJuan Castillo if (k) 107*6f971622SJuan Castillo EVP_PKEY_free(k); 108*6f971622SJuan Castillo 109*6f971622SJuan Castillo return 0; 110*6f971622SJuan Castillo } 111*6f971622SJuan Castillo 112*6f971622SJuan Castillo int key_store(key_t *key) 113*6f971622SJuan Castillo { 114*6f971622SJuan Castillo FILE *fp = NULL; 115*6f971622SJuan Castillo 116*6f971622SJuan Castillo if (key->fn) { 117*6f971622SJuan Castillo fp = fopen(key->fn, "w"); 118*6f971622SJuan Castillo if (fp) { 119*6f971622SJuan Castillo PEM_write_PrivateKey(fp, key->key, 120*6f971622SJuan Castillo NULL, NULL, 0, NULL, NULL); 121*6f971622SJuan Castillo fclose(fp); 122*6f971622SJuan Castillo return 1; 123*6f971622SJuan Castillo } else { 124*6f971622SJuan Castillo ERROR("Cannot create file %s\n", key->fn); 125*6f971622SJuan Castillo } 126*6f971622SJuan Castillo } else { 127*6f971622SJuan Castillo ERROR("Key filename not specified\n"); 128*6f971622SJuan Castillo } 129*6f971622SJuan Castillo 130*6f971622SJuan Castillo return 0; 131*6f971622SJuan Castillo } 132