mirror of
https://github.com/rn10950/RetroZilla.git
synced 2024-11-09 09:20:15 +01:00
364 lines
9.9 KiB
C
364 lines
9.9 KiB
C
|
/* ***** BEGIN LICENSE BLOCK *****
|
||
|
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
||
|
*
|
||
|
* The contents of this file are subject to the Mozilla Public License Version
|
||
|
* 1.1 (the "License"); you may not use this file except in compliance with
|
||
|
* the License. You may obtain a copy of the License at
|
||
|
* http://www.mozilla.org/MPL/
|
||
|
*
|
||
|
* Software distributed under the License is distributed on an "AS IS" basis,
|
||
|
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
||
|
* for the specific language governing rights and limitations under the
|
||
|
* License.
|
||
|
*
|
||
|
* The Original Code is the Netscape security libraries.
|
||
|
*
|
||
|
* The Initial Developer of the Original Code is
|
||
|
* Netscape Communications Corporation.
|
||
|
* Portions created by the Initial Developer are Copyright (C) 1994-2000
|
||
|
* the Initial Developer. All Rights Reserved.
|
||
|
*
|
||
|
* Contributor(s):
|
||
|
*
|
||
|
* Alternatively, the contents of this file may be used under the terms of
|
||
|
* either the GNU General Public License Version 2 or later (the "GPL"), or
|
||
|
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
||
|
* in which case the provisions of the GPL or the LGPL are applicable instead
|
||
|
* of those above. If you wish to allow use of your version of this file only
|
||
|
* under the terms of either the GPL or the LGPL, and not to allow others to
|
||
|
* use your version of this file under the terms of the MPL, indicate your
|
||
|
* decision by deleting the provisions above and replace them with the notice
|
||
|
* and other provisions required by the GPL or the LGPL. If you do not delete
|
||
|
* the provisions above, a recipient may use your version of this file under
|
||
|
* the terms of any one of the MPL, the GPL or the LGPL.
|
||
|
*
|
||
|
* ***** END LICENSE BLOCK ***** */
|
||
|
|
||
|
#include "prtypes.h"
|
||
|
#include "prtime.h"
|
||
|
#include "prlong.h"
|
||
|
|
||
|
#include "nss.h"
|
||
|
#include "secutil.h"
|
||
|
#include "secitem.h"
|
||
|
#include "pk11func.h"
|
||
|
#include "pk11pqg.h"
|
||
|
|
||
|
#if defined(XP_UNIX)
|
||
|
#include <unistd.h>
|
||
|
#endif
|
||
|
|
||
|
#include "plgetopt.h"
|
||
|
|
||
|
#define BPB 8 /* bits per byte. */
|
||
|
|
||
|
char *progName;
|
||
|
|
||
|
|
||
|
const SEC_ASN1Template seckey_PQGParamsTemplate[] = {
|
||
|
{ SEC_ASN1_SEQUENCE, 0, NULL, sizeof(SECKEYPQGParams) },
|
||
|
{ SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,prime) },
|
||
|
{ SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,subPrime) },
|
||
|
{ SEC_ASN1_INTEGER, offsetof(SECKEYPQGParams,base) },
|
||
|
{ 0, }
|
||
|
};
|
||
|
|
||
|
|
||
|
|
||
|
void
|
||
|
Usage(void)
|
||
|
{
|
||
|
fprintf(stderr, "Usage: %s\n", progName);
|
||
|
fprintf(stderr,
|
||
|
"-a Output DER-encoded PQG params, BTOA encoded.\n"
|
||
|
" -l prime-length Length of prime in bits (1024 is default)\n"
|
||
|
" -o file Output to this file (default is stdout)\n"
|
||
|
"-b Output DER-encoded PQG params in binary\n"
|
||
|
" -l prime-length Length of prime in bits (1024 is default)\n"
|
||
|
" -o file Output to this file (default is stdout)\n"
|
||
|
"-r Output P, Q and G in ASCII hexadecimal. \n"
|
||
|
" -l prime-length Length of prime in bits (1024 is default)\n"
|
||
|
" -o file Output to this file (default is stdout)\n"
|
||
|
"-g bits Generate SEED this many bits long.\n"
|
||
|
);
|
||
|
exit(-1);
|
||
|
|
||
|
}
|
||
|
|
||
|
SECStatus
|
||
|
outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
|
||
|
FILE * outFile)
|
||
|
{
|
||
|
PRArenaPool * arena = NULL;
|
||
|
char * PQG;
|
||
|
SECItem * pItem;
|
||
|
int cc;
|
||
|
SECStatus rv;
|
||
|
SECItem encodedParams;
|
||
|
|
||
|
if (output_raw) {
|
||
|
SECItem item;
|
||
|
|
||
|
rv = PK11_PQG_GetPrimeFromParams(pqgParams, &item);
|
||
|
if (rv) {
|
||
|
SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
|
||
|
return rv;
|
||
|
}
|
||
|
SECU_PrintInteger(outFile, &item, "Prime", 1);
|
||
|
SECITEM_FreeItem(&item, PR_FALSE);
|
||
|
|
||
|
rv = PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
|
||
|
if (rv) {
|
||
|
SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
|
||
|
return rv;
|
||
|
}
|
||
|
SECU_PrintInteger(outFile, &item, "Subprime", 1);
|
||
|
SECITEM_FreeItem(&item, PR_FALSE);
|
||
|
|
||
|
rv = PK11_PQG_GetBaseFromParams(pqgParams, &item);
|
||
|
if (rv) {
|
||
|
SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
|
||
|
return rv;
|
||
|
}
|
||
|
SECU_PrintInteger(outFile, &item, "Base", 1);
|
||
|
SECITEM_FreeItem(&item, PR_FALSE);
|
||
|
|
||
|
fprintf(outFile, "\n");
|
||
|
return SECSuccess;
|
||
|
}
|
||
|
|
||
|
encodedParams.data = NULL;
|
||
|
encodedParams.len = 0;
|
||
|
arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
||
|
if (!arena) {
|
||
|
SECU_PrintError(progName, "PORT_NewArena");
|
||
|
return SECFailure;
|
||
|
}
|
||
|
pItem = SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
|
||
|
seckey_PQGParamsTemplate);
|
||
|
if (!pItem) {
|
||
|
SECU_PrintError(progName, "SEC_ASN1EncodeItem");
|
||
|
PORT_FreeArena(arena, PR_FALSE);
|
||
|
return SECFailure;
|
||
|
}
|
||
|
if (output_binary) {
|
||
|
size_t len;
|
||
|
len = fwrite(encodedParams.data, 1, encodedParams.len, outFile);
|
||
|
PORT_FreeArena(arena, PR_FALSE);
|
||
|
if (len != encodedParams.len) {
|
||
|
fprintf(stderr, "%s: fwrite failed\n", progName);
|
||
|
return SECFailure;
|
||
|
}
|
||
|
return SECSuccess;
|
||
|
}
|
||
|
|
||
|
/* must be output ASCII */
|
||
|
PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);
|
||
|
PORT_FreeArena(arena, PR_FALSE);
|
||
|
if (!PQG) {
|
||
|
SECU_PrintError(progName, "BTOA_DataToAscii");
|
||
|
return SECFailure;
|
||
|
}
|
||
|
|
||
|
cc = fprintf(outFile,"%s\n",PQG);
|
||
|
PORT_Free(PQG);
|
||
|
if (cc <= 0) {
|
||
|
fprintf(stderr, "%s: fprintf failed\n", progName);
|
||
|
return SECFailure;
|
||
|
}
|
||
|
return SECSuccess;
|
||
|
}
|
||
|
|
||
|
SECStatus
|
||
|
outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
|
||
|
FILE * outFile)
|
||
|
{
|
||
|
SECStatus rv = SECSuccess;
|
||
|
if (output_raw) {
|
||
|
SECItem item;
|
||
|
unsigned int counter;
|
||
|
|
||
|
rv = PK11_PQG_GetHFromVerify(pqgVerify, &item);
|
||
|
if (rv) {
|
||
|
SECU_PrintError(progName, "PK11_PQG_GetHFromVerify");
|
||
|
return rv;
|
||
|
}
|
||
|
SECU_PrintInteger(outFile, &item, "h", 1);
|
||
|
SECITEM_FreeItem(&item, PR_FALSE);
|
||
|
|
||
|
rv = PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
|
||
|
if (rv) {
|
||
|
SECU_PrintError(progName, "PK11_PQG_GetSeedFromVerify");
|
||
|
return rv;
|
||
|
}
|
||
|
SECU_PrintInteger(outFile, &item, "SEED", 1);
|
||
|
fprintf(outFile, " g: %d\n", item.len * BPB);
|
||
|
SECITEM_FreeItem(&item, PR_FALSE);
|
||
|
|
||
|
counter = PK11_PQG_GetCounterFromVerify(pqgVerify);
|
||
|
fprintf(outFile, " counter: %d\n", counter);
|
||
|
fprintf(outFile, "\n");
|
||
|
}
|
||
|
return rv;
|
||
|
}
|
||
|
|
||
|
int
|
||
|
main(int argc, char **argv)
|
||
|
{
|
||
|
FILE * outFile = NULL;
|
||
|
char * outFileName = NULL;
|
||
|
PQGParams * pqgParams = NULL;
|
||
|
PQGVerify * pqgVerify = NULL;
|
||
|
int keySizeInBits = 1024;
|
||
|
int j;
|
||
|
int g = 0;
|
||
|
SECStatus rv = 0;
|
||
|
SECStatus passed = 0;
|
||
|
PRBool output_ascii = PR_FALSE;
|
||
|
PRBool output_binary = PR_FALSE;
|
||
|
PRBool output_raw = PR_FALSE;
|
||
|
PLOptState *optstate;
|
||
|
PLOptStatus status;
|
||
|
|
||
|
|
||
|
progName = strrchr(argv[0], '/');
|
||
|
if (!progName)
|
||
|
progName = strrchr(argv[0], '\\');
|
||
|
progName = progName ? progName+1 : argv[0];
|
||
|
|
||
|
/* Parse command line arguments */
|
||
|
optstate = PL_CreateOptState(argc, argv, "?abg:l:o:r" );
|
||
|
while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
|
||
|
switch (optstate->option) {
|
||
|
|
||
|
case 'l':
|
||
|
keySizeInBits = atoi(optstate->value);
|
||
|
break;
|
||
|
|
||
|
case 'a':
|
||
|
output_ascii = PR_TRUE;
|
||
|
break;
|
||
|
|
||
|
case 'b':
|
||
|
output_binary = PR_TRUE;
|
||
|
break;
|
||
|
|
||
|
case 'r':
|
||
|
output_raw = PR_TRUE;
|
||
|
break;
|
||
|
|
||
|
case 'o':
|
||
|
if (outFileName) {
|
||
|
PORT_Free(outFileName);
|
||
|
}
|
||
|
outFileName = PORT_Strdup(optstate->value);
|
||
|
if (!outFileName) {
|
||
|
rv = -1;
|
||
|
}
|
||
|
break;
|
||
|
|
||
|
case 'g':
|
||
|
g = atoi(optstate->value);
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
case '?':
|
||
|
Usage();
|
||
|
break;
|
||
|
|
||
|
}
|
||
|
}
|
||
|
PL_DestroyOptState(optstate);
|
||
|
|
||
|
if (status == PL_OPT_BAD) {
|
||
|
Usage();
|
||
|
}
|
||
|
|
||
|
/* exactly 1 of these options must be set. */
|
||
|
if (1 != ((output_ascii != PR_FALSE) +
|
||
|
(output_binary != PR_FALSE) +
|
||
|
(output_raw != PR_FALSE))) {
|
||
|
Usage();
|
||
|
}
|
||
|
|
||
|
j = PQG_PBITS_TO_INDEX(keySizeInBits);
|
||
|
if (j < 0) {
|
||
|
fprintf(stderr, "%s: Illegal prime length, \n"
|
||
|
"\tacceptable values are between 512 and 1024,\n"
|
||
|
"\tand divisible by 64\n", progName);
|
||
|
return 2;
|
||
|
}
|
||
|
if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
|
||
|
fprintf(stderr, "%s: Illegal g bits, \n"
|
||
|
"\tacceptable values are between 160 and 2040,\n"
|
||
|
"\tand divisible by 8\n", progName);
|
||
|
return 3;
|
||
|
}
|
||
|
|
||
|
if (!rv && outFileName) {
|
||
|
outFile = fopen(outFileName, output_binary ? "wb" : "w");
|
||
|
if (!outFile) {
|
||
|
fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
|
||
|
progName, outFileName);
|
||
|
rv = -1;
|
||
|
}
|
||
|
}
|
||
|
if (outFileName) {
|
||
|
PORT_Free(outFileName);
|
||
|
}
|
||
|
if (rv != 0) {
|
||
|
return 1;
|
||
|
}
|
||
|
|
||
|
if (outFile == NULL) {
|
||
|
outFile = stdout;
|
||
|
}
|
||
|
|
||
|
|
||
|
NSS_NoDB_Init(NULL);
|
||
|
|
||
|
if (g)
|
||
|
rv = PK11_PQG_ParamGenSeedLen((unsigned)j, (unsigned)(g/8),
|
||
|
&pqgParams, &pqgVerify);
|
||
|
else
|
||
|
rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
|
||
|
/* below here, must go to loser */
|
||
|
|
||
|
if (rv != SECSuccess || pqgParams == NULL || pqgVerify == NULL) {
|
||
|
SECU_PrintError(progName, "PQG parameter generation failed.\n");
|
||
|
goto loser;
|
||
|
}
|
||
|
fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
|
||
|
|
||
|
rv = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
|
||
|
if (rv) {
|
||
|
fprintf(stderr, "%s: failed to output PQG params.\n", progName);
|
||
|
goto loser;
|
||
|
}
|
||
|
rv = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
|
||
|
if (rv) {
|
||
|
fprintf(stderr, "%s: failed to output PQG Verify.\n", progName);
|
||
|
goto loser;
|
||
|
}
|
||
|
|
||
|
rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed);
|
||
|
if (rv != SECSuccess) {
|
||
|
fprintf(stderr, "%s: PQG parameter verification aborted.\n", progName);
|
||
|
goto loser;
|
||
|
}
|
||
|
if (passed != SECSuccess) {
|
||
|
fprintf(stderr, "%s: PQG parameters failed verification.\n", progName);
|
||
|
goto loser;
|
||
|
}
|
||
|
fprintf(stderr, "%s: PQG parameters passed verification.\n", progName);
|
||
|
|
||
|
PK11_PQG_DestroyParams(pqgParams);
|
||
|
PK11_PQG_DestroyVerify(pqgVerify);
|
||
|
return 0;
|
||
|
|
||
|
loser:
|
||
|
PK11_PQG_DestroyParams(pqgParams);
|
||
|
PK11_PQG_DestroyVerify(pqgVerify);
|
||
|
return 1;
|
||
|
}
|