PageRenderTime 37ms CodeModel.GetById 16ms app.highlight 17ms RepoModel.GetById 1ms app.codeStats 0ms

/security/nss/cmd/makepqg/makepqg.c

http://github.com/zpao/v8monkey
C | 363 lines | 274 code | 50 blank | 39 comment | 56 complexity | 413d153500c0e79f3f8845a4cbf362c6 MD5 | raw file
  1/* ***** BEGIN LICENSE BLOCK *****
  2 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  3 *
  4 * The contents of this file are subject to the Mozilla Public License Version
  5 * 1.1 (the "License"); you may not use this file except in compliance with
  6 * the License. You may obtain a copy of the License at
  7 * http://www.mozilla.org/MPL/
  8 *
  9 * Software distributed under the License is distributed on an "AS IS" basis,
 10 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 11 * for the specific language governing rights and limitations under the
 12 * License.
 13 *
 14 * The Original Code is the Netscape security libraries.
 15 *
 16 * The Initial Developer of the Original Code is
 17 * Netscape Communications Corporation.
 18 * Portions created by the Initial Developer are Copyright (C) 1994-2000
 19 * the Initial Developer. All Rights Reserved.
 20 *
 21 * Contributor(s):
 22 *
 23 * Alternatively, the contents of this file may be used under the terms of
 24 * either the GNU General Public License Version 2 or later (the "GPL"), or
 25 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 26 * in which case the provisions of the GPL or the LGPL are applicable instead
 27 * of those above. If you wish to allow use of your version of this file only
 28 * under the terms of either the GPL or the LGPL, and not to allow others to
 29 * use your version of this file under the terms of the MPL, indicate your
 30 * decision by deleting the provisions above and replace them with the notice
 31 * and other provisions required by the GPL or the LGPL. If you do not delete
 32 * the provisions above, a recipient may use your version of this file under
 33 * the terms of any one of the MPL, the GPL or the LGPL.
 34 *
 35 * ***** END LICENSE BLOCK ***** */
 36
 37#include "prtypes.h"
 38#include "prtime.h"
 39#include "prlong.h"
 40
 41#include "nss.h"
 42#include "secutil.h"
 43#include "secitem.h"
 44#include "pk11func.h"
 45#include "pk11pqg.h"
 46
 47#if defined(XP_UNIX)
 48#include <unistd.h>
 49#endif
 50
 51#include "plgetopt.h"
 52
 53#define BPB 8 /* bits per byte. */
 54
 55char  *progName;
 56
 57
 58const SEC_ASN1Template seckey_PQGParamsTemplate[] = {
 59    { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
 60    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
 61    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
 62    { SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
 63    { 0, }
 64};
 65
 66
 67
 68void
 69Usage(void)
 70{
 71    fprintf(stderr, "Usage:  %s\n", progName);
 72    fprintf(stderr, 
 73"-a   Output DER-encoded PQG params, BTOA encoded.\n"
 74"     -l prime-length       Length of prime in bits (1024 is default)\n"
 75"     -o file               Output to this file (default is stdout)\n"
 76"-b   Output DER-encoded PQG params in binary\n"
 77"     -l prime-length       Length of prime in bits (1024 is default)\n"
 78"     -o file               Output to this file (default is stdout)\n"
 79"-r   Output P, Q and G in ASCII hexadecimal. \n"
 80"     -l prime-length       Length of prime in bits (1024 is default)\n"
 81"     -o file               Output to this file (default is stdout)\n"   
 82"-g bits       Generate SEED this many bits long.\n"
 83);
 84    exit(-1);
 85
 86}
 87
 88SECStatus
 89outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
 90                FILE * outFile)
 91{
 92    PRArenaPool   * arena 		= NULL;
 93    char          * PQG;
 94    SECItem       * pItem;
 95    int             cc;
 96    SECStatus       rv;
 97    SECItem         encodedParams;
 98
 99    if (output_raw) {
100    	SECItem item;
101
102	rv = PK11_PQG_GetPrimeFromParams(pqgParams, &item);
103	if (rv) {
104	    SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
105	    return rv;
106	}
107	SECU_PrintInteger(outFile, &item,    "Prime",    1);
108	SECITEM_FreeItem(&item, PR_FALSE);
109
110	rv = PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
111	if (rv) {
112	    SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
113	    return rv;
114	}
115	SECU_PrintInteger(outFile, &item, "Subprime", 1);
116	SECITEM_FreeItem(&item, PR_FALSE);
117
118	rv = PK11_PQG_GetBaseFromParams(pqgParams, &item);
119	if (rv) {
120	    SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
121	    return rv;
122	}
123	SECU_PrintInteger(outFile, &item,     "Base",     1);
124	SECITEM_FreeItem(&item, PR_FALSE);
125
126	fprintf(outFile, "\n");
127	return SECSuccess;
128    }
129
130    encodedParams.data = NULL;
131    encodedParams.len  = 0;
132    arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
133    if (!arena) {
134    	SECU_PrintError(progName, "PORT_NewArena");
135	return SECFailure;
136    }
137    pItem = SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
138			       seckey_PQGParamsTemplate);
139    if (!pItem) {
140    	SECU_PrintError(progName, "SEC_ASN1EncodeItem");
141	PORT_FreeArena(arena, PR_FALSE);
142    	return SECFailure;
143    }
144    if (output_binary) {
145	size_t len;
146	len = fwrite(encodedParams.data, 1, encodedParams.len, outFile);
147	PORT_FreeArena(arena, PR_FALSE);
148	if (len != encodedParams.len) {
149	     fprintf(stderr, "%s: fwrite failed\n", progName);
150	     return SECFailure;
151	}
152	return SECSuccess;
153    }
154
155    /* must be output ASCII */
156    PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);    
157    PORT_FreeArena(arena, PR_FALSE);
158    if (!PQG) {
159    	SECU_PrintError(progName, "BTOA_DataToAscii");
160	return SECFailure;
161    }
162
163    cc = fprintf(outFile,"%s\n",PQG);
164    PORT_Free(PQG);
165    if (cc <= 0) {
166	 fprintf(stderr, "%s: fprintf failed\n", progName);
167	 return SECFailure;
168    }
169    return SECSuccess;
170}
171
172SECStatus
173outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
174                FILE * outFile)
175{
176    SECStatus rv = SECSuccess;
177    if (output_raw) {
178    	SECItem item;
179	unsigned int counter;
180
181	rv = PK11_PQG_GetHFromVerify(pqgVerify, &item);
182	if (rv) {
183	    SECU_PrintError(progName, "PK11_PQG_GetHFromVerify");
184	    return rv;
185	}
186	SECU_PrintInteger(outFile, &item,        "h",        1);
187	SECITEM_FreeItem(&item, PR_FALSE);
188
189	rv = PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
190	if (rv) {
191	    SECU_PrintError(progName, "PK11_PQG_GetSeedFromVerify");
192	    return rv;
193	}
194	SECU_PrintInteger(outFile, &item,     "SEED",     1);
195	fprintf(outFile, "    g:       %d\n", item.len * BPB);
196	SECITEM_FreeItem(&item, PR_FALSE);
197
198	counter = PK11_PQG_GetCounterFromVerify(pqgVerify);
199	fprintf(outFile, "    counter: %d\n", counter);
200	fprintf(outFile, "\n");
201    }
202    return rv;
203}
204
205int
206main(int argc, char **argv)
207{
208    FILE          * outFile 		= NULL;
209    char          * outFileName         = NULL;
210    PQGParams     * pqgParams 		= NULL;
211    PQGVerify     * pqgVerify           = NULL;
212    int             keySizeInBits	= 1024;
213    int             j;
214    int             g                   = 0;
215    SECStatus       rv 			= 0;
216    SECStatus       passed 		= 0;
217    PRBool          output_ascii	= PR_FALSE;
218    PRBool          output_binary	= PR_FALSE;
219    PRBool          output_raw		= PR_FALSE;
220    PLOptState *optstate;
221    PLOptStatus status;
222
223
224    progName = strrchr(argv[0], '/');
225    if (!progName)
226	progName = strrchr(argv[0], '\\');
227    progName = progName ? progName+1 : argv[0];
228
229    /* Parse command line arguments */
230    optstate = PL_CreateOptState(argc, argv, "?abg:l:o:r" );
231    while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
232	switch (optstate->option) {
233
234	  case 'l':
235	    keySizeInBits = atoi(optstate->value);
236	    break;
237
238	  case 'a':
239	    output_ascii = PR_TRUE;  
240	    break;
241
242	  case 'b':
243	    output_binary = PR_TRUE;
244	    break;
245
246	  case 'r':
247	    output_raw = PR_TRUE;
248	    break;
249
250	  case 'o':
251	    if (outFileName) {
252	    	PORT_Free(outFileName);
253	    }
254	    outFileName = PORT_Strdup(optstate->value);
255	    if (!outFileName) {
256		rv = -1;
257	    }
258	    break;
259
260	  case 'g':
261	    g = atoi(optstate->value);
262	    break;
263
264	  default:
265	  case '?':
266	    Usage();
267	    break;
268
269	}
270    }
271    PL_DestroyOptState(optstate);
272
273    if (status == PL_OPT_BAD) {
274        Usage();
275    }
276
277    /* exactly 1 of these options must be set. */
278    if (1 != ((output_ascii  != PR_FALSE) + 
279	      (output_binary != PR_FALSE) +
280	      (output_raw    != PR_FALSE))) {
281	Usage();
282    }
283
284    j = PQG_PBITS_TO_INDEX(keySizeInBits);
285    if (j < 0) {
286	fprintf(stderr, "%s: Illegal prime length, \n"
287			"\tacceptable values are between 512 and 1024,\n"
288			"\tand divisible by 64\n", progName);
289	return 2;
290    }
291    if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
292	fprintf(stderr, "%s: Illegal g bits, \n"
293			"\tacceptable values are between 160 and 2040,\n"
294			"\tand divisible by 8\n", progName);
295	return 3;
296    }
297
298    if (!rv && outFileName) {
299	outFile = fopen(outFileName, output_binary ? "wb" : "w");
300	if (!outFile) {
301	    fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
302		    progName, outFileName);
303	    rv = -1;
304	}
305    }
306    if (outFileName) {
307	PORT_Free(outFileName);
308    }
309    if (rv != 0) {
310	return 1;
311    }
312
313    if (outFile == NULL) {
314	outFile = stdout;
315    }
316
317
318    NSS_NoDB_Init(NULL);
319
320    if (g) 
321	rv = PK11_PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8), 
322	                         &pqgParams, &pqgVerify);
323    else 
324	rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
325    /* below here, must go to loser */
326
327    if (rv != SECSuccess || pqgParams == NULL || pqgVerify == NULL) {
328	SECU_PrintError(progName, "PQG parameter generation failed.\n");
329	goto loser;
330    } 
331    fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
332
333    rv = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
334    if (rv) {
335    	fprintf(stderr, "%s: failed to output PQG params.\n", progName);
336	goto loser;
337    }
338    rv = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
339    if (rv) {
340    	fprintf(stderr, "%s: failed to output PQG Verify.\n", progName);
341	goto loser;
342    }
343
344    rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed);
345    if (rv != SECSuccess) {
346	fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName);
347	goto loser;
348    }
349    if (passed != SECSuccess) {
350	fprintf(stderr, "%s: PQG parameters failed verification.\n", progName);
351	goto loser;
352    } 
353    fprintf(stderr, "%s: PQG parameters passed verification.\n", progName);
354
355    PK11_PQG_DestroyParams(pqgParams);
356    PK11_PQG_DestroyVerify(pqgVerify);
357    return 0;
358
359loser:
360    PK11_PQG_DestroyParams(pqgParams);
361    PK11_PQG_DestroyVerify(pqgVerify);
362    return 1;
363}