From e36ee88cd19bd200fc9f9dfc3e7e07da096988ae Mon Sep 17 00:00:00 2001 From: kaleb-himes Date: Wed, 3 May 2017 14:54:15 -0600 Subject: [PATCH] adding keygeneration framework and ed25519 der creation, update license --- wolfCLU/README.md | 8 +- wolfCLU/clu_include/clu_error_codes.h | 29 ++- wolfCLU/clu_include/clu_header_main.h | 110 ++++++----- wolfCLU/clu_include/clu_optargs.h | 6 +- wolfCLU/clu_include/genkey/clu_genkey.h | 64 +++++++ wolfCLU/clu_include/include.am | 3 +- wolfCLU/clu_include/x509/clu_cert.h | 7 +- wolfCLU/clu_include/x509/clu_parse.h | 2 +- wolfCLU/clu_include/x509/clu_request.h | 2 +- wolfCLU/clu_src/benchmark/clu_bench_setup.c | 2 +- wolfCLU/clu_src/benchmark/clu_benchmark.c | 2 +- wolfCLU/clu_src/clu_main.c | 6 +- wolfCLU/clu_src/crypto/clu_crypto_setup.c | 2 +- wolfCLU/clu_src/crypto/clu_decrypt.c | 4 +- wolfCLU/clu_src/crypto/clu_encrypt.c | 6 +- wolfCLU/clu_src/genkey/clu_genkey.c | 189 +++++++++++++++++++ wolfCLU/clu_src/genkey/clu_genkey_setup.c | 142 ++++++++++++++ wolfCLU/clu_src/hash/clu_hash.c | 2 +- wolfCLU/clu_src/hash/clu_hash_setup.c | 2 +- wolfCLU/clu_src/include.am | 12 +- wolfCLU/clu_src/tools/clu_funcs.c | 123 +++++++++---- wolfCLU/clu_src/tools/clu_hex_to_bin.c | 2 +- wolfCLU/clu_src/x509/clu_cert_setup.c | 193 +++++++++----------- wolfCLU/clu_src/x509/clu_parse.c | 2 +- wolfCLU/clu_src/x509/clu_request_setup.c | 2 +- 25 files changed, 721 insertions(+), 201 deletions(-) create mode 100644 wolfCLU/clu_include/genkey/clu_genkey.h create mode 100644 wolfCLU/clu_src/genkey/clu_genkey.c create mode 100644 wolfCLU/clu_src/genkey/clu_genkey_setup.c diff --git a/wolfCLU/README.md b/wolfCLU/README.md index 81fccd46..fb5bbc82 100644 --- a/wolfCLU/README.md +++ b/wolfCLU/README.md @@ -31,6 +31,12 @@ encryption or decryption are: --enable-sha512 --enable-fortress +Additional features that can be included when configuring wolfssl for +key generation are: + + --enable-ed25519 + + ##wolfCLU Install After wolfssl is installed, install wolfCLU. In the directory @@ -77,4 +83,4 @@ Please contact support@wolfssl.com with any questions or comments ## License -Copyright (c) 2006-2016 wolfSSL Inc. +Copyright (c) 2006-2017 wolfSSL Inc. diff --git a/wolfCLU/clu_include/clu_error_codes.h b/wolfCLU/clu_include/clu_error_codes.h index 15c67d0c..2a8ec134 100644 --- a/wolfCLU/clu_include/clu_error_codes.h +++ b/wolfCLU/clu_include/clu_error_codes.h @@ -1,8 +1,35 @@ +/* clu_error_codes.h + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef _WOLFSSL_CLU_ERROR_H_ +#define _WOLFSSL_CLU_ERROR_H_ + enum { USER_INPUT_ERROR = -1001, INPUT_FILE_ERROR = -1002, PEM_TO_DER_ERROR = -1003, /* converting pem to der failed */ DER_TO_PEM_ERROR = -1004, /* converting der to pem failed */ - + OUTPUT_FILE_ERROR = -1005, + FEATURE_COMING_SOON = -1006, /* Feature not yet implemented */ }; + +#endif /* _WOLFSSL_CLU_ERROR_H_ */ diff --git a/wolfCLU/clu_include/clu_header_main.h b/wolfCLU/clu_include/clu_header_main.h index ea417756..77194d31 100644 --- a/wolfCLU/clu_include/clu_header_main.h +++ b/wolfCLU/clu_include/clu_header_main.h @@ -1,6 +1,6 @@ /* clu_header_main.h * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -67,12 +67,10 @@ #include -#ifndef UTIL_H_INCLUDED - #define UTIL_H_INCLUDED - #define BLOCK_SIZE 16384 #define MEGABYTE (1024*1024) #define MAX_THREADS 64 +#define MAX_FILENAME_SZ 256 #include @@ -83,10 +81,12 @@ #define HEAP_HINT NULL #endif - /* @VERSION - * Update every time library change, - * functionality shift, - * or code update +#include "clu_include/clu_error_codes.h" + + /* @VERSION + * Update every time library change, + * functionality shift, + * or code update */ #define VERSION 0.3 @@ -112,37 +112,42 @@ int wolfCLU_hashSetup(int argc, char** argv); */ int wolfCLU_benchSetup(int argc, char** argv); -/* - * generic help function +/* + * generic help function */ void wolfCLU_help(void); -/* - * verbose help function +/* + * verbose help function */ void wolfCLU_verboseHelp(void); -/* - * encrypt help function +/* + * encrypt help function */ void wolfCLU_encryptHelp(void); -/* +/* * decrypt help function */ void wolfCLU_decryptHelp(void); -/* - * hash help function +/* + * hash help function */ void wolfCLU_hashHelp(void); -/* +/* * benchmark help function */ void wolfCLU_benchHelp(void); -/* find algorithm for encryption/decryption +/* + * genkey help function + */ +void wolfCLU_genKeyHelp(void); + +/* find algorithm for encryption/decryption * * @param name the whole line sent from user. Example: "aes-cbc-128" * @param alg the algorithm specified by the user (aes, 3des, or camellia) @@ -151,17 +156,7 @@ void wolfCLU_benchHelp(void); */ int wolfCLU_getAlgo(char* name, char** alg, char** mode, int* size); -/* generates key based on password provided - * - * @param rng the random number generator - * @param pwdKey the password based key as provided by the user - * @param size size as determined by wolfCLU_GetAlgo - * @param salt the buffer to store the resulting salt after it's generated - * @param pad a flag to let us know if there are padded bytes or not - */ -int wolfCLU_genKey(RNG* rng, byte* pwdKey, int size, byte* salt, int pad); - -/* secure entry of password +/* secure entry of password * * @param pwdKey the password provide by the user * @param size the size as determnined by wolfCLU_GetAlgo @@ -230,7 +225,8 @@ void wolfCLU_stats(double start, int blockSize, int64_t blocks); * @param pwdKey this is the user provided password to be used as the key * @param key if entered must be in hex, can be used to verify encryption with * nist test vectors. - * @param size this is set by wolfCLU_GetAlgo and is used to stretch the password + * @param size this is set by wolfCLU_GetAlgo and is used to stretch the + * password * @param in the filename or user input from command line * @param out the filename to output following en/de cryption * @param iv if entered must be in hex otherwise generated at run time @@ -238,8 +234,8 @@ void wolfCLU_stats(double start, int blockSize, int64_t blocks); * @param ivCheck a flag if user inputs a specific IV * @param inputHex a flag to specify encrypting hex data, instead of byte data */ -int wolfCLU_encrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, - char* in, char* out, byte* iv, int block, +int wolfCLU_encrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, + char* in, char* out, byte* iv, int block, int ivCheck, int inputHex); /* decryption function @@ -251,37 +247,69 @@ int wolfCLU_encrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, * @param pwdKey this is the user provided password to be used as the key * @param key if entered must be in hex, can be used to verify encryption with * nist test vectors. - * @param size this is set by wolfCLU_GetAlgo and is used to stretch the password + * @param size this is set by wolfCLU_GetAlgo and is used to stretch the + * password * @param in the filename or user input from command line * @param out the filename to output following en/de cryption * @param iv if entered must be in hex otherwise generated at run time * @param block size of block as determined by the algorithm being used - * @param keyType let's decrypt know if it's using a password based key or a + * @param keyType let's decrypt know if it's using a password based key or a * hexidecimal, user specified key. */ -int wolfCLU_decrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, - char* in, char* out, byte* iv, int block, int keyType); +int wolfCLU_decrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, + char* in, char* out, byte* iv, int block, int keyType); -/* benchmarking function +/* benchmarking function * * @param timer a timer to be started and stopped for benchmarking purposes * @param option a flag to allow benchmark execution */ int wolfCLU_benchmark(int timer, int* option); -/* hashing function +/* hashing function * - * @param in + * @param in * @param len * @param out * @param alg * @param size */ int wolfCLU_hash(char* in, char* out, char* alg, int size); + /* * get the current Version */ void wolfCLU_version(void); -#endif + +/* + * generic function to check for a specific input argument. Return the + * argv[i] where argument was found. Useful for getting following value after + * arg. + * EXAMPLE: + * -------------------- + * int ret; + * char myString[BIG_ENOUGH_FOR_INPUT]; + * ret = wolfCLU_checkForArg("-somearg"); + * if (ret > 0) + * XSTRNCPY(myString, argv[ret+1], XSTRLEN(argv[ret+1])); + * else { + * + * } + * -------------------- + * + * + */ +int wolfCLU_checkForArg(char* searchTerm, int length, int argc, char** argv); + +/* + * Verify valid output format + */ +int wolfCLU_checkOutform(char* outform); + +/* + * Verify valid input format + */ +int wolfCLU_checkInform(char* inform); + #endif /* _WOLFSSL_CLU_HEADER_ */ diff --git a/wolfCLU/clu_include/clu_optargs.h b/wolfCLU/clu_include/clu_optargs.h index 552ac54c..e1356cc7 100644 --- a/wolfCLU/clu_include/clu_optargs.h +++ b/wolfCLU/clu_include/clu_optargs.h @@ -1,6 +1,6 @@ /* clu_optargs.h * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -43,6 +43,8 @@ enum { TEXT_OUT, SILENT, REQUEST, + GEN_KEY, + OUTPUT, HELP1, /* "-help" */ HELP2, /* "-h" */ }; @@ -71,6 +73,8 @@ static struct option long_options[] = { {"text", 0, 0, TEXT_OUT }, {"silent", 0, 0, SILENT }, {"req", 0, 0, REQUEST }, + {"genkey", 0, 0, GEN_KEY }, + {"output", 0, 0, OUTPUT }, {"help", 0, 0, HELP1 }, {"h", 0, 0, HELP2 }, {"v", 0, 0, 'v' }, diff --git a/wolfCLU/clu_include/genkey/clu_genkey.h b/wolfCLU/clu_include/genkey/clu_genkey.h new file mode 100644 index 00000000..9ca55daf --- /dev/null +++ b/wolfCLU/clu_include/genkey/clu_genkey.h @@ -0,0 +1,64 @@ +/* clu_genkey.h + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifndef CLU_GENKEY_H +#define CLU_GENKEY_H + +#include +#ifdef HAVE_ED25519 + #include +#endif + +#define SALT_SIZE 8 + +enum { + PRIV_ONLY, + PUB_ONLY, + PRIV_AND_PUB +}; + +/* handles incoming arguments for certificate generation */ +int wolfCLU_genKeySetup(int argc, char** argv); + +#ifdef HAVE_ED25519 +/* Generate an ED25519 key */ +int wolfCLU_genKey_ED25519(WC_RNG* rng, char* fOutNm, int directive, + int format); +#endif + +/* Generate an ECC key */ +int wolfCLU_genKey_ECC(void); + +/* Generate an RSA key */ +int wolfCLU_genKey_RSA(void); + +/* generates key based on password provided + * + * @param rng the random number generator + * @param pwdKey the password based key as provided by the user + * @param size size as determined by wolfCLU_GetAlgo + * @param salt the buffer to store the resulting salt after it's generated + * @param pad a flag to let us know if there are padded bytes or not + */ +int wolfCLU_genKey_PWDBASED(RNG* rng, byte* pwdKey, int size, byte* salt, + int pad); + +#endif /* CLU_GENKEY_H */ diff --git a/wolfCLU/clu_include/include.am b/wolfCLU/clu_include/include.am index 669c4538..c6592758 100644 --- a/wolfCLU/clu_include/include.am +++ b/wolfCLU/clu_include/include.am @@ -8,5 +8,6 @@ nobase_include_HEADERS+=clu_include/clu_header_main.h \ clu_include/clu_error_codes.h \ clu_include/x509/clu_cert.h \ clu_include/x509/clu_parse.h \ - clu_include/x509/clu_request.h + clu_include/x509/clu_request.h \ + clu_include/genkey/clu_genkey.h diff --git a/wolfCLU/clu_include/x509/clu_cert.h b/wolfCLU/clu_include/x509/clu_cert.h index c507b4d7..acc31463 100644 --- a/wolfCLU/clu_include/x509/clu_cert.h +++ b/wolfCLU/clu_include/x509/clu_cert.h @@ -1,6 +1,6 @@ /* clu_cert.h * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -22,6 +22,11 @@ #include #include +enum { + PEM_FORM, + DER_FORM, +}; + /* handles incoming arguments for certificate generation */ int wolfCLU_certSetup(int argc, char** argv); diff --git a/wolfCLU/clu_include/x509/clu_parse.h b/wolfCLU/clu_include/x509/clu_parse.h index fafea8b8..3143a0b9 100644 --- a/wolfCLU/clu_include/x509/clu_parse.h +++ b/wolfCLU/clu_include/x509/clu_parse.h @@ -1,6 +1,6 @@ /* clu_parse.h * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_include/x509/clu_request.h b/wolfCLU/clu_include/x509/clu_request.h index 330b67c4..63e84150 100644 --- a/wolfCLU/clu_include/x509/clu_request.h +++ b/wolfCLU/clu_include/x509/clu_request.h @@ -1,6 +1,6 @@ /* clu_request.h * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/benchmark/clu_bench_setup.c b/wolfCLU/clu_src/benchmark/clu_bench_setup.c index dde4188f..36d2ed6c 100644 --- a/wolfCLU/clu_src/benchmark/clu_bench_setup.c +++ b/wolfCLU/clu_src/benchmark/clu_bench_setup.c @@ -1,6 +1,6 @@ /* clu_bench_setup.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/benchmark/clu_benchmark.c b/wolfCLU/clu_src/benchmark/clu_benchmark.c index 6e8c8564..267bb0dd 100644 --- a/wolfCLU/clu_src/benchmark/clu_benchmark.c +++ b/wolfCLU/clu_src/benchmark/clu_benchmark.c @@ -1,6 +1,6 @@ /* clu_benchmark.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/clu_main.c b/wolfCLU/clu_src/clu_main.c index db8cdb55..7488b095 100644 --- a/wolfCLU/clu_src/clu_main.c +++ b/wolfCLU/clu_src/clu_main.c @@ -1,6 +1,6 @@ /* clu_main.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -24,6 +24,7 @@ #include "clu_include/clu_optargs.h" #include "clu_include/clu_error_codes.h" #include "clu_include/x509/clu_request.h" +#include "clu_include/genkey/clu_genkey.h" /* enumerate optionals beyond ascii range to dis-allow use of alias IE we * do not want "-e" to work for encrypt, user must use "encrypt" */ @@ -67,6 +68,8 @@ int main(int argc, char** argv) /* x509 Certificate request */ case REQUEST: ret = wolfCLU_requestSetup(argc, argv); break; + case GEN_KEY: ret = wolfCLU_genKeySetup(argc, argv); + break; /* Ignore the following arguments for now. Will be handled by their respective * setups IE Crypto setup, Benchmark setup, or Hash Setup */ @@ -91,6 +94,7 @@ int main(int argc, char** argv) /* Certificate Stuff*/ case INFORM: break; case OUTFORM: break; + case OUTPUT: break; case NOOUT: break; case TEXT_OUT: break; case SILENT: break; diff --git a/wolfCLU/clu_src/crypto/clu_crypto_setup.c b/wolfCLU/clu_src/crypto/clu_crypto_setup.c index 0197b422..aca70c3c 100644 --- a/wolfCLU/clu_src/crypto/clu_crypto_setup.c +++ b/wolfCLU/clu_src/crypto/clu_crypto_setup.c @@ -1,6 +1,6 @@ /* clu_crypto_setup.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/crypto/clu_decrypt.c b/wolfCLU/clu_src/crypto/clu_decrypt.c index 067d2e20..536a5952 100644 --- a/wolfCLU/clu_src/crypto/clu_decrypt.c +++ b/wolfCLU/clu_src/crypto/clu_decrypt.c @@ -1,6 +1,6 @@ /* clu_decrypt.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -20,8 +20,8 @@ */ #include "clu_include/clu_header_main.h" +#include "clu_include/genkey/clu_genkey.h" -#define SALT_SIZE 8 #define MAX 1024 int wolfCLU_decrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, diff --git a/wolfCLU/clu_src/crypto/clu_encrypt.c b/wolfCLU/clu_src/crypto/clu_encrypt.c index 2f1d72d1..184d0c4c 100644 --- a/wolfCLU/clu_src/crypto/clu_encrypt.c +++ b/wolfCLU/clu_src/crypto/clu_encrypt.c @@ -1,6 +1,6 @@ /* clu_encrypt.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -20,8 +20,8 @@ */ #include "clu_include/clu_header_main.h" +#include "clu_include/genkey/clu_genkey.h" -#define SALT_SIZE 8 #define MAX 1024 int wolfCLU_encrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, @@ -123,7 +123,7 @@ int wolfCLU_encrypt(char* alg, char* mode, byte* pwdKey, byte* key, int size, } /* stretches pwdKey to fit size based on wolfCLU_getAlgo() */ - ret = wolfCLU_genKey(&rng, pwdKey, size, salt, padCounter); + ret = wolfCLU_genKey_PWDBASED(&rng, pwdKey, size, salt, padCounter); if (ret != 0) { printf("failed to set pwdKey.\n"); diff --git a/wolfCLU/clu_src/genkey/clu_genkey.c b/wolfCLU/clu_src/genkey/clu_genkey.c new file mode 100644 index 00000000..15dee89e --- /dev/null +++ b/wolfCLU/clu_src/genkey/clu_genkey.c @@ -0,0 +1,189 @@ +/* clu_genkey.c + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include "clu_include/clu_header_main.h" +#include "clu_include/genkey/clu_genkey.h" +#include "clu_include/x509/clu_cert.h" /* PER_FORM/DER_FORM */ +#include /* wc_DerToPem */ + +#ifdef HAVE_ED25519 +int wolfCLU_genKey_ED25519(WC_RNG* rng, char* fOutNm, int directive, int format) +{ + int ret = -1; /* return value */ + int fOutNmSz = XSTRLEN(fOutNm); /* file name without append */ + int fOutNmAppendSz = 6; /* # of bytes to append to file name */ + int flag_outputPub = 0; /* set if outputting both priv/pub */ + char privAppend[6] = ".priv\0"; /* last part of the priv file name */ + char pubAppend[6] = ".pub\0\0"; /* last part of the pub file name*/ + byte privKeyBuf[ED25519_KEY_SIZE*2]; /* will hold public & private parts */ + byte pubKeyBuf[ED25519_KEY_SIZE]; /* holds just the public key part */ + word32 privKeySz; /* size of private key */ + word32 pubKeySz; /* size of public key */ + ed25519_key edKeyOut; /* the ed25519 key structure */ + char* finalOutFNm; /* file name + append */ + FILE* file; /* file stream */ + + + printf("fOutNm = %s\n", fOutNm); + + /*--------------- INIT ---------------------*/ + ret = wc_ed25519_init(&edKeyOut); + if (ret != 0) + return ret; + /*--------------- MAKE KEY ---------------------*/ + ret = wc_ed25519_make_key(rng, ED25519_KEY_SIZE, &edKeyOut); + if (ret != 0) + return ret; + /*--------------- GET KEY SIZES ---------------------*/ + privKeySz = wc_ed25519_priv_size(&edKeyOut); + if (privKeySz <= 0) + return WC_KEY_SIZE_E; + + pubKeySz = wc_ed25519_pub_size(&edKeyOut); + if (pubKeySz <= 0) + return WC_KEY_SIZE_E; + /*--------------- EXPORT KEYS TO BUFFERS ---------------------*/ + ret = wc_ed25519_export_key(&edKeyOut, privKeyBuf, &privKeySz, pubKeyBuf, + &pubKeySz); + /*--------------- CONVERT TO PEM IF APPLICABLE ---------------------*/ + if (format == PEM_FORM) { + printf("Der to Pem for ed25519 key not yet implemented\n"); + printf("FEATURE COMING SOON!\n"); + return FEATURE_COMING_SOON; + } + /*--------------- OUTPUT KEYS TO FILE(S) ---------------------*/ + finalOutFNm = (char*) XMALLOC( (fOutNmSz + fOutNmAppendSz), HEAP_HINT, + DYNAMIC_TYPE_TMP_BUFFER); + if (finalOutFNm == NULL) + return MEMORY_E; + + /* get the first part of the file name setup */ + XMEMSET(finalOutFNm, 0, fOutNmSz + fOutNmAppendSz); + XMEMCPY(finalOutFNm, fOutNm, fOutNmSz); + + switch(directive) { + case PRIV_AND_PUB: + flag_outputPub = 1; + /* Fall through to PRIV_ONLY */ + case PRIV_ONLY: + /* add on the final part of the file name ".priv" */ + XMEMCPY(finalOutFNm+fOutNmSz, privAppend, fOutNmAppendSz); + printf("finalOutFNm = %s\n", finalOutFNm); + + file = fopen(finalOutFNm, "wb"); + if (!file) { + XFREE(finalOutFNm, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return OUTPUT_FILE_ERROR; + } + + ret = (int) fwrite(privKeyBuf, 1, privKeySz, file); + if (ret <= 0) { + fclose(file); + XFREE(finalOutFNm, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return OUTPUT_FILE_ERROR; + } + fclose(file); + + if (flag_outputPub == 0) { + break; + } /* else fall through to PUB_ONLY if flag_outputPub == 1*/ + case PUB_ONLY: + /* add on the final part of the file name ".pub" */ + XMEMCPY(finalOutFNm+fOutNmSz, pubAppend, fOutNmAppendSz); + printf("finalOutFNm = %s\n", finalOutFNm); + + file = fopen(finalOutFNm, "wb"); + if (!file) { + XFREE(finalOutFNm, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return OUTPUT_FILE_ERROR; + } + + ret = (int) fwrite(pubKeyBuf, 1, pubKeySz, file); + if (ret <= 0) { + fclose(file); + XFREE(finalOutFNm, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return OUTPUT_FILE_ERROR; + } + fclose(file); + break; + default: + printf("Invalid directive\n"); + XFREE(finalOutFNm, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + return BAD_FUNC_ARG; + } + + XFREE(finalOutFNm, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); + + if (ret > 0) { + /* ret > 0 indicates a successful file write, set to zero for return */ + ret = 0; + } + + return ret; +} +#endif /* HAVE_ED25519 */ + +int wolfCLU_genKey_ECC() +{ + int ret = FEATURE_COMING_SOON; + + printf("Creating a ECC key: FEATURE COMING SOON\n"); + return ret; +} + +int wolfCLU_genKey_RSA() +{ + int ret = FEATURE_COMING_SOON; + + printf("Creating a RSA key: FEATURE COMING SOON\n"); + return ret; +} + +/* + * makes a cyptographically secure key by stretching a user entered pwdKey + */ +int wolfCLU_genKey_PWDBASED(RNG* rng, byte* pwdKey, int size, byte* salt, int pad) +{ + int ret; /* return variable */ + + /* randomly generates salt */ + + ret = wc_RNG_GenerateBlock(rng, salt, SALT_SIZE-1); + + if (ret != 0) + return ret; + + /* set first value of salt to let us know + * if message has padding or not + */ + if (pad == 0) + salt[0] = 0; + + /* stretches pwdKey */ + ret = (int) wc_PBKDF2(pwdKey, pwdKey, (int) strlen((const char*)pwdKey), salt, SALT_SIZE, + 4096, size, SHA256); + if (ret != 0) + return ret; + + return 0; +} + + diff --git a/wolfCLU/clu_src/genkey/clu_genkey_setup.c b/wolfCLU/clu_src/genkey/clu_genkey_setup.c new file mode 100644 index 00000000..56a5ba76 --- /dev/null +++ b/wolfCLU/clu_src/genkey/clu_genkey_setup.c @@ -0,0 +1,142 @@ +/* clu_genkey_setup.c + * + * Copyright (C) 2006-2017 wolfSSL Inc. + * + * This file is part of wolfSSL. (formerly known as CyaSSL) + * + * wolfSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include "clu_include/clu_header_main.h" +#include "clu_include/genkey/clu_genkey.h" +#include "clu_include/x509/clu_cert.h" /* argument checking */ + +int wolfCLU_genKeySetup(int argc, char** argv) +{ + char keyOutFName[MAX_FILENAME_SZ]; /* default outFile for genKey */ + char defaultFormat[4] = "der\0"; + FILE* fStream; + WC_RNG rng; + + char* keyType = NULL; /* keyType */ + char* format = defaultFormat; + + int formatArg = DER_FORM; + int size = 0; /* keysize */ + int ret = 0; /* return variable */ + int i = 0; /* loop counter */ + + ret = wolfCLU_checkForArg("-h", 2, argc, argv); + if (ret > 0) { + wolfCLU_genKeyHelp(); + return 0; + } + + XMEMSET(keyOutFName, 0, MAX_FILENAME_SZ); + + keyType = argv[2]; + + ret = wc_InitRng(&rng); + + ret = wolfCLU_checkForArg("-out", 4, argc, argv); + if (ret > 0) { + if (argv[ret+1] != NULL) { + XSTRNCPY(keyOutFName, argv[ret+1], XSTRLEN(argv[ret+1])); + } else { + printf("ERROR: No output file name specified\n"); + wolfCLU_genKeyHelp(); + return USER_INPUT_ERROR; + } + } else { + printf("ERROR: Please specify an output file name\n"); + wolfCLU_genKeyHelp(); + return USER_INPUT_ERROR; + } + + ret = wolfCLU_checkForArg("-outform", 8, argc, argv); + if (ret > 0) { + format = argv[ret+1]; + } + ret = wolfCLU_checkOutform(format); + if (ret == PEM_FORM || ret == DER_FORM) { + printf("OUTPUT A PEM FILE\n"); + formatArg = ret; + } else { + printf("ERROR: \"%s\" is not a valid file format\n", format); + return ret; + } + + /* type of key to generate */ + if (0) { + /* force fail w/ check on condition "false" */ + } else if (XSTRNCMP(keyType, "ed25519", 7) == 0) { + + #ifdef HAVE_ED25519 + + ret = wolfCLU_checkForArg("-output", 7, argc, argv); + if (ret > 0) { + if (argv[ret+1] != NULL) { + if (XSTRNCMP(argv[ret+1], "pub", 3) == 0) + ret = wolfCLU_genKey_ED25519(&rng, keyOutFName, PUB_ONLY, + formatArg); + else if (XSTRNCMP(argv[ret+1], "priv", 4) == 0) + ret = wolfCLU_genKey_ED25519(&rng, keyOutFName, PRIV_ONLY, + formatArg); + else if (XSTRNCMP(argv[ret+1], "keypair", 7) == 0) + ret = wolfCLU_genKey_ED25519(&rng, keyOutFName, + PRIV_AND_PUB, formatArg); + } + } else { + printf("No -output \n"); + printf("DEFAULT: output public and private key pair\n"); + ret = wolfCLU_genKey_ED25519(&rng, keyOutFName, PRIV_AND_PUB, + formatArg); + } + #else + printf("Invalid option, ED25519 not enabled.\n"); + printf("Please re-configure wolfSSL with --enable-ed25519 and " + "try again\n"); + return NOT_COMPILED_IN; + #endif /* HAVE_ED25519 */ + + } else if (XSTRNCMP(keyType, "ecc", 3) == 0) { + #ifdef HAVE_ECC + printf("generate ECC key\n"); + ret = wolfCLU_genKey_ECC(); + #else + printf("Invalid option, ECC not enabled.\n"); + printf("Please re-configure wolfSSL with --enable-ecc and " + "try again\n"); + return NOT_COMPILED_IN; + #endif /* HAVE_ECC */ + } else if (XSTRNCMP(keyType, "rsa", 3) == 0) { + #ifndef NO_RSA + printf("generate RSA key\n"); + ret = wolfCLU_genKey_RSA(); + #else + printf("Invalid option, RSA not enabled.\n"); + printf("Please re-configure wolfSSL with --enable-rsa and " + "try again\n"); + return NOT_COMPILED_IN; + #endif /* NO_RSA */ + } else { + printf("\"%s\" is an invalid key type, or not compiled in\n", keyType); + return USER_INPUT_ERROR; + } + + return ret; +} + + diff --git a/wolfCLU/clu_src/hash/clu_hash.c b/wolfCLU/clu_src/hash/clu_hash.c index 0e894a41..ffd24f18 100644 --- a/wolfCLU/clu_src/hash/clu_hash.c +++ b/wolfCLU/clu_src/hash/clu_hash.c @@ -1,6 +1,6 @@ /* clu_hash.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/hash/clu_hash_setup.c b/wolfCLU/clu_src/hash/clu_hash_setup.c index a306d7f9..3f4e3add 100644 --- a/wolfCLU/clu_src/hash/clu_hash_setup.c +++ b/wolfCLU/clu_src/hash/clu_hash_setup.c @@ -1,6 +1,6 @@ /* clu_hash_setup.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/include.am b/wolfCLU/clu_src/include.am index 83c9225d..782b369b 100644 --- a/wolfCLU/clu_src/include.am +++ b/wolfCLU/clu_src/include.am @@ -4,18 +4,20 @@ #/ kaleb /# bin_PROGRAMS = wolfssl -wolfssl_SOURCES = clu_src/tools/clu_funcs.c \ +wolfssl_SOURCES = clu_src/clu_main.c \ + clu_src/tools/clu_funcs.c \ clu_src/tools/clu_hex_to_bin.c \ + clu_src/crypto/clu_crypto_setup.c \ clu_src/crypto/clu_encrypt.c \ clu_src/crypto/clu_decrypt.c \ - clu_src/crypto/clu_crypto_setup.c \ clu_src/hash/clu_hash_setup.c \ clu_src/hash/clu_hash.c \ clu_src/benchmark/clu_bench_setup.c \ clu_src/benchmark/clu_benchmark.c \ - clu_src/clu_main.c \ - clu_src/x509/clu_parse.c \ clu_src/x509/clu_request_setup.c \ - clu_src/x509/clu_cert_setup.c + clu_src/x509/clu_cert_setup.c \ + clu_src/x509/clu_parse.c \ + clu_src/genkey/clu_genkey_setup.c \ + clu_src/genkey/clu_genkey.c diff --git a/wolfCLU/clu_src/tools/clu_funcs.c b/wolfCLU/clu_src/tools/clu_funcs.c index 8c546197..5171635e 100644 --- a/wolfCLU/clu_src/tools/clu_funcs.c +++ b/wolfCLU/clu_src/tools/clu_funcs.c @@ -1,6 +1,6 @@ /* clu_funcs.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as wolfSSL) * @@ -21,6 +21,7 @@ #include "clu_include/clu_header_main.h" #include "clu_include/version.h" +#include "clu_include/x509/clu_cert.h" /* for PEM_FORM and DER_FORM */ #define SALT_SIZE 8 #define DES3_BLOCK_SIZE 24 @@ -58,12 +59,15 @@ int i = 0; /* loop variable */ printf("-verbose display a more verbose help menu\n"); printf("-inform input format of the certificate file [PEM/DER]\n"); printf("-outform format to output [PEM/DER]\n"); + printf("-output used with -genkey option to specify which keys to\n" + " output [PUB/PRIV/KEYPAIR]\n"); printf("\nFor encryption: wolfssl -encrypt -help\n"); printf("For decryption: wolfssl -decrypt -help\n"); printf("For hashing: wolfssl -hash -help\n"); printf("For benchmarking: wolfssl -bench -help\n"); - printf("For x509: wolfssl -x509 -help\n\n"); + printf("For x509: wolfssl -x509 -help\n"); + printf("For key creation: wolfssl -genkey -help\n\n"); } /* @@ -335,6 +339,19 @@ void wolfCLU_certHelp() "\n\n"); } +void wolfCLU_genKeyHelp() { + printf("\n\n"); + printf("***************************************************************\n"); + printf("\ngenkey USAGE:\nwolfssl -genkey -out -outform" + " -output \n\n"); + printf("***************************************************************\n"); + printf("\nEXAMPLE: \n\nwolfssl -genkey ed25519 -out mykey -outform der " + " -output KEYPAIR" + "\n\nThe above command would output the files: mykey.priv " + " and mykey.pub\nChanging the -output option to just PRIV would only" + "\noutput the mykey.priv and using just PUB would only output" + "\nmykey.pub\n\n"); +} /* * finds algorithm for encryption/decryption @@ -424,35 +441,6 @@ int wolfCLU_getAlgo(char* name, char** alg, char** mode, int* size) return ret; } -/* - * makes a cyptographically secure key by stretching a user entered pwdKey - */ -int wolfCLU_genKey(RNG* rng, byte* pwdKey, int size, byte* salt, int pad) -{ - int ret; /* return variable */ - - /* randomly generates salt */ - - ret = wc_RNG_GenerateBlock(rng, salt, SALT_SIZE-1); - - if (ret != 0) - return ret; - - /* set first value of salt to let us know - * if message has padding or not - */ - if (pad == 0) - salt[0] = 0; - - /* stretches pwdKey */ - ret = (int) wc_PBKDF2(pwdKey, pwdKey, (int) strlen((const char*)pwdKey), salt, SALT_SIZE, - 4096, size, SHA256); - if (ret != 0) - return ret; - - return 0; -} - /* * secure data entry by turning off key echoing in the terminal */ @@ -548,3 +536,76 @@ void wolfCLU_version() printf("\nYou are using version %s of the wolfssl Command Line Utility.\n\n" , LIBWOLFSSL_VERSION_STRING); } + +int wolfCLU_checkForArg(char* searchTerm, int length, int argc, char** argv) +{ + int i; + int ret = 0; + int argFound = 0; + + for (i = 0; i < argc; i++) { + if (argv[i] == NULL) { + ret = 0; + break; /* stop checking if no more args*/ + } else if (XSTRNCMP(argv[i], searchTerm, length) == 0) { + /* EXCEPTIONS: */ + if (XSTRNCMP(searchTerm, "-in", 3) == 0 && + XSTRNCMP(searchTerm, "-inform", 7) != 0) { + if (XSTRNCMP(argv[i], "-inform", 7) == 0) { + continue; + } + } + if (XSTRNCMP(searchTerm, "-out", 3) == 0 && + XSTRNCMP(searchTerm, "-outform", 8) != 0 && + XSTRNCMP(searchTerm, "-output", 7) != 0) { + if (XSTRNCMP(argv[i], "-outform", 8) == 0 || + XSTRNCMP(argv[i], "-output", 7) == 0) { + continue; + } + } + /* END EXCEPTIONS */ + ret = i; + if (argFound == 1) { + printf("ERROR: argument found twice: \"%s\"\n", searchTerm); + return USER_INPUT_ERROR; + } + argFound = 1; + } + } + + return ret; +} + +int wolfCLU_checkOutform(char* outform) +{ + if (outform == NULL) { + printf("Usage: -outform [PEM/DER]\n"); + printf("missing outform required argument\n"); + return USER_INPUT_ERROR; + } else if (XSTRNCMP(outform, "pem", 3) == 0) { + return PEM_FORM; + } else if (XSTRNCMP(outform, "der", 3) == 0) { + return DER_FORM; + } else { + printf("Usage: -outform [PEM/DER]\n"); + printf("\"%s\" is not a valid output format\n", outform); + } + return USER_INPUT_ERROR; +} + +int wolfCLU_checkInform(char* inform) +{ + if (inform == NULL) { + printf("Usage: -inform [PEM/DER]\n"); + printf("missing inform required argument\n"); + return USER_INPUT_ERROR; + } else if (XSTRNCMP(inform, "pem", 3) == 0) { + return PEM_FORM; + } else if (XSTRNCMP(inform, "der", 3) == 0) { + return DER_FORM; + } else { + printf("Usage: -inform [PEM/DER]\n"); + printf("\"%s\" is not a valid input format\n", inform); + } + return USER_INPUT_ERROR; +} diff --git a/wolfCLU/clu_src/tools/clu_hex_to_bin.c b/wolfCLU/clu_src/tools/clu_hex_to_bin.c index b232904e..b1760c33 100644 --- a/wolfCLU/clu_src/tools/clu_hex_to_bin.c +++ b/wolfCLU/clu_src/tools/clu_hex_to_bin.c @@ -1,6 +1,6 @@ /* clu_hex_to_bin.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/x509/clu_cert_setup.c b/wolfCLU/clu_src/x509/clu_cert_setup.c index 27be434b..9d4085f2 100644 --- a/wolfCLU/clu_src/x509/clu_cert_setup.c +++ b/wolfCLU/clu_src/x509/clu_cert_setup.c @@ -1,6 +1,6 @@ /* clu_cert_setup.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * @@ -22,6 +22,7 @@ #include #include #include +#include "clu_include/clu_header_main.h" #include "clu_include/clu_error_codes.h" #include "clu_include/x509/clu_cert.h" #include "clu_include/x509/clu_parse.h" @@ -53,135 +54,121 @@ int wolfCLU_certSetup(int argc, char** argv) char* outform; /* the output format */ - for (i = 2; i < argc; i++) { /*---------------------------------------------------------------------------*/ /* help */ /*---------------------------------------------------------------------------*/ - if (XSTRNCMP(argv[i], "-help", 5) == 0) { - wolfCLU_certHelp(); - return 0; - } else if (XSTRNCMP(argv[i], "-h", 2) == 0) { - wolfCLU_certHelp(); - return 0; + ret = wolfCLU_checkForArg("-h", 2, argc, argv); + if (ret > 0) { + wolfCLU_certHelp(); + return 0; + } + /*---------------------------------------------------------------------------*/ /* inform pem/der/??OTHER?? */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-inform", 7) == 0) { - inform = argv[i+1]; - if (inform == NULL) { - printf("Usage: -inform [PEM/DER]\n"); - printf("missing inform required argument\n"); - return USER_INPUT_ERROR; - } - if (inpem_flag || inder_flag) { - printf("ERROR: inform set more than once.\n"); - return USER_INPUT_ERROR; - } - else if (XSTRNCMP(inform, "pem", 3) == 0) - inpem_flag = 1; - else if (XSTRNCMP(inform, "der", 3) == 0) - inder_flag = 1; - else { - printf("Usage: -inform [PEM/DER]\n"); - printf("missing inform required argument\n"); - return USER_INPUT_ERROR; - } - i++; - continue; + ret = wolfCLU_checkForArg("-inform", 7, argc, argv); + if (ret > 0) { + inform = argv[ret+1]; + } else { + return ret; + } + + ret = wolfCLU_checkInform(inform); + if (ret == PEM_FORM) { + inpem_flag = 1; + } else if (ret == DER_FORM) { + inder_flag = 1; + } else { + return ret; + } /*---------------------------------------------------------------------------*/ /* outform pem/der/??OTHER?? */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-outform", 8) == 0) { - outform = argv[i+1]; + ret = wolfCLU_checkForArg("-outform", 8, argc, argv); + if (ret > 0) { + outform = argv[ret+1]; + } else { + return ret; + } + + ret = wolfCLU_checkOutform(outform); + if (ret == PEM_FORM) { + outpem_flag = 1; + } else if (ret == DER_FORM) { + outder_flag = 1; + } else { + return ret; + } - if (outform == NULL) { - printf("Usage: -outform [PEM/DER]\n"); - printf("missing outform required argument\n"); - return USER_INPUT_ERROR; - } - if (outpem_flag || outder_flag) { - printf("ERROR: outform set more than once.\n"); - } - else if (XSTRNCMP(outform, "pem", 3) == 0) - outpem_flag = 1; - else if (XSTRNCMP(outform, "der", 3) == 0) - outder_flag = 1; - else { - printf("Usage: -outform [PEM/DER]\n"); - printf("missing outform required argument\n"); - return USER_INPUT_ERROR; - } - i++; - continue; /*---------------------------------------------------------------------------*/ /* in file */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-in", 3) == 0) { - /* set flag for in file and flag for input file OK if exists - * check for error case below. If no error then read in file */ - infile = argv[i+1]; - if (infile_flag) { - printf("ERROR: input file set more than once\n"); - return USER_INPUT_ERROR; - } - if (access(infile, F_OK) != -1) { - printf("input file is \"%s\"\n", infile); - infile_flag = 1; - } else { - printf("ERROR: input file \"%s\" does not exist\n", infile); - return INPUT_FILE_ERROR; - } - i++; - continue; + ret = wolfCLU_checkForArg("-in", 3, argc, argv); + if (ret > 0) { + /* set flag for in file and flag for input file OK if exists + * check for error case below. If no error then read in file */ + infile = argv[ret+1]; + } else { + return ret; + } + + if (access(infile, F_OK) != -1) { + printf("input file is \"%s\"\n", infile); + infile_flag = 1; + } else { + printf("ERROR: input file \"%s\" does not exist\n", infile); + return INPUT_FILE_ERROR; + } /*---------------------------------------------------------------------------*/ /* out file */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-out", 4) == 0) { - /* set flag for out file, check for error case below. If no error - * then write outfile */ - if (outfile_flag) { - printf("ERROR: output file set more than once\n"); - return USER_INPUT_ERROR; - } - outfile_flag = 1; - outfile = argv[i+1]; - if (access(outfile, F_OK) != -1) { - printf("output file set: \"%s\"\n", outfile); - } else { - printf("output file \"%s\"did not exist, it will be created.\n", - outfile); - } - i++; - continue; + ret = wolfCLU_checkForArg("-out", 4, argc, argv); + if (ret > 0) { + /* set flag for out file, check for error case below. If no error + * then write outfile */ + outfile_flag = 1; + outfile = argv[ret+1]; + } else { + return ret; + } + + if (access(outfile, F_OK) != -1) { + printf("output file set: \"%s\"\n", outfile); + } else { + printf("output file \"%s\"did not exist, it will be created.\n", + outfile); + } /*---------------------------------------------------------------------------*/ /* noout */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-noout", 6) == 0) { - /* set flag for no output file */ - noout_flag = 1; - continue; + ret = wolfCLU_checkForArg("-noout", 6, argc, argv); + if (ret > 0) { + /* set flag for no output file */ + noout_flag = 1; + } /* Optional flag do not return error */ /*---------------------------------------------------------------------------*/ /* text */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-text", 5) == 0) { - /* set flag for converting to human readable. - * return NOT_YET_IMPLEMENTED error */ - text_flag = 1; - continue; + ret = wolfCLU_checkForArg("-text", 5, argc, argv); + if (ret > 0) { + /* set flag for converting to human readable. + * return NOT_YET_IMPLEMENTED error + */ + text_flag = 1; + } /* Optional flag do not return error */ /*---------------------------------------------------------------------------*/ /* silent */ /*---------------------------------------------------------------------------*/ - } else if (XSTRNCMP(argv[i], "-silent", 7) == 0) { - /* set flag for converting to human readable. - * return NOT_YET_IMPLEMENTED error */ - silent_flag = 1; - continue; + ret = wolfCLU_checkForArg("-silent", 7, argc, argv); + if (ret > 0) { + /* set flag for converting to human readable. + * return NOT_YET_IMPLEMENTED error + */ + silent_flag = 1; + } /* Optional flag do not return error */ /*---------------------------------------------------------------------------*/ -/* END */ +/* END ARG PROCESSING */ /*---------------------------------------------------------------------------*/ - } - } - ret = error_check(inpem_flag, inder_flag, outpem_flag, outder_flag, noout_flag); diff --git a/wolfCLU/clu_src/x509/clu_parse.c b/wolfCLU/clu_src/x509/clu_parse.c index 1e6db105..1a931de6 100644 --- a/wolfCLU/clu_src/x509/clu_parse.c +++ b/wolfCLU/clu_src/x509/clu_parse.c @@ -1,6 +1,6 @@ /* clu_parse.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) * diff --git a/wolfCLU/clu_src/x509/clu_request_setup.c b/wolfCLU/clu_src/x509/clu_request_setup.c index dc91ec4e..d2c2894b 100644 --- a/wolfCLU/clu_src/x509/clu_request_setup.c +++ b/wolfCLU/clu_src/x509/clu_request_setup.c @@ -1,6 +1,6 @@ /* clu_request_setup.c * - * Copyright (C) 2006-2016 wolfSSL Inc. + * Copyright (C) 2006-2017 wolfSSL Inc. * * This file is part of wolfSSL. (formerly known as CyaSSL) *