141 lines
3.8 KiB
C
141 lines
3.8 KiB
C
/* ecc_keys.c
|
|
*
|
|
* Copyright (C) 2006-2020 wolfSSL Inc.
|
|
*
|
|
* This file is part of wolfSSL. (formerly known as CyaSSL)
|
|
*
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
|
*/
|
|
|
|
/*
|
|
./configure && make && sudo make install
|
|
gcc -lwolfssl -o ecc_pub ecc_pub.c
|
|
*/
|
|
|
|
#ifndef WOLFSSL_USER_SETTINGS
|
|
#include <wolfssl/options.h>
|
|
#endif
|
|
#include <wolfssl/wolfcrypt/settings.h>
|
|
#include <wolfssl/wolfcrypt/ecc.h>
|
|
#include <wolfssl/wolfcrypt/asn_public.h>
|
|
#include <wolfssl/wolfcrypt/random.h>
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
|
|
#define ECC_CURVE_SZ 32 /* SECP256R1 curve size in bytes */
|
|
#define ECC_CURVE_ID ECC_SECP256R1
|
|
|
|
#define MAX_DER_SZ 256
|
|
|
|
int main()
|
|
{
|
|
int ret;
|
|
ecc_key key;
|
|
WC_RNG rng;
|
|
byte der[MAX_DER_SZ];
|
|
byte buf[MAX_DER_SZ];
|
|
word32 idx;
|
|
FILE* derFile;
|
|
size_t sz;
|
|
|
|
wc_InitRng(&rng);
|
|
wc_ecc_init(&key);
|
|
|
|
ret = wc_ecc_make_key_ex(&rng, ECC_CURVE_SZ, &key, ECC_CURVE_ID);
|
|
if (ret != 0) {
|
|
printf("error %d making ecc key\n", ret);
|
|
return ret;
|
|
}
|
|
|
|
/* write private key */
|
|
ret = wc_EccKeyToDer(&key, der, sizeof(der));
|
|
if (ret < 0) {
|
|
printf("error %d in ecc to der\n", ret);
|
|
return ret;
|
|
}
|
|
sz = ret;
|
|
|
|
printf("writing private key to ecc-key.der (%d bytes)\n", (int)sz);
|
|
derFile = fopen("ecc-key.der", "w");
|
|
if (!derFile) {
|
|
printf("error loading file\n");
|
|
return -1;
|
|
}
|
|
|
|
fwrite(der, 1, sz, derFile);
|
|
fclose(derFile);
|
|
wc_ecc_free(&key);
|
|
|
|
/* open and read from der file */
|
|
printf("reading in private key\n");
|
|
derFile = fopen("ecc-key.der", "rb");
|
|
if (!derFile) {
|
|
printf("error reading from file\n");
|
|
return -1;
|
|
}
|
|
sz = fread(buf, 1, sizeof(buf), derFile);
|
|
fclose(derFile);
|
|
|
|
/* load private ecc key */
|
|
printf("loading private key in ecc struct\n");
|
|
wc_ecc_init(&key);
|
|
idx = 0;
|
|
if (wc_EccPrivateKeyDecode(buf, &idx, &key, (word32)sz) != 0) {
|
|
printf("error decoding private key\n");
|
|
return -1;
|
|
}
|
|
wc_ecc_free(&key);
|
|
|
|
/* Or the der file can be loaded into a TLS connection using something like
|
|
|
|
int wc_DerToPem(der, sizeof(der), pemOut, sizeof(pemOut),
|
|
ECC_PRIVATEKEY_TYPE);
|
|
|
|
int wolfSSL_use_PrivateKey_file(&ssl, pemOut, SSL_FILETYPE_PEM);
|
|
|
|
*/
|
|
|
|
/* to store a public key */
|
|
wc_ecc_init(&key);
|
|
ret = wc_ecc_make_key_ex(&rng, ECC_CURVE_SZ, &key, ECC_CURVE_ID);
|
|
if (ret != 0) {
|
|
printf("error %d making ecc key\n", ret);
|
|
return ret;
|
|
}
|
|
|
|
printf("exporting public key\n");
|
|
memset(buf, 0, sizeof(buf));
|
|
sz = sizeof(buf);
|
|
if (wc_ecc_export_x963(&key, buf, (word32*)&sz) != 0) {
|
|
printf("error exporting public ecc key\n");
|
|
return -1;
|
|
}
|
|
|
|
printf("storing public key into ecc-public.x963 (%d bytes)\n", (int)sz);
|
|
derFile = fopen("ecc-public.x963", "w"); /* reused the derFile pointer */
|
|
if (!derFile) {
|
|
printf("error loading file\n");
|
|
return -1;
|
|
}
|
|
fwrite(buf, 1, sz, derFile);
|
|
|
|
/* close stuff up */
|
|
fclose(derFile);
|
|
wc_ecc_free(&key);
|
|
wc_FreeRng(&rng);
|
|
return 0;
|
|
}
|