xref: /freebsd/contrib/bearssl/tools/skey.c (revision 2aaf9152a852aba9eb2036b95f4948ee77988826)
1 /*
2  * Copyright (c) 2016 Thomas Pornin <pornin@bolet.org>
3  *
4  * Permission is hereby granted, free of charge, to any person obtaining
5  * a copy of this software and associated documentation files (the
6  * "Software"), to deal in the Software without restriction, including
7  * without limitation the rights to use, copy, modify, merge, publish,
8  * distribute, sublicense, and/or sell copies of the Software, and to
9  * permit persons to whom the Software is furnished to do so, subject to
10  * the following conditions:
11  *
12  * The above copyright notice and this permission notice shall be
13  * included in all copies or substantial portions of the Software.
14  *
15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22  * SOFTWARE.
23  */
24 
25 #include <stdio.h>
26 #include <stdlib.h>
27 #include <string.h>
28 #include <stdint.h>
29 #include <errno.h>
30 
31 #include "brssl.h"
32 #include "bearssl.h"
33 
34 typedef struct {
35 	int print_text;
36 	int print_C;
37 	const char *rawder;
38 	const char *rawpem;
39 	const char *pk8der;
40 	const char *pk8pem;
41 } outspec;
42 
43 static void
print_int_text(const char * name,const unsigned char * buf,size_t len)44 print_int_text(const char *name, const unsigned char *buf, size_t len)
45 {
46 	size_t u;
47 
48 	printf("%s = ", name);
49 	for (u = 0; u < len; u ++) {
50 		printf("%02X", buf[u]);
51 	}
52 	printf("\n");
53 }
54 
55 static void
print_int_C(const char * name,const unsigned char * buf,size_t len)56 print_int_C(const char *name, const unsigned char *buf, size_t len)
57 {
58 	size_t u;
59 
60 	printf("\nstatic const unsigned char %s[] = {", name);
61 	for (u = 0; u < len; u ++) {
62 		if (u != 0) {
63 			printf(",");
64 		}
65 		if (u % 12 == 0) {
66 			printf("\n\t");
67 		} else {
68 			printf(" ");
69 		}
70 		printf("0x%02X", buf[u]);
71 	}
72 	printf("\n};\n");
73 }
74 
75 static int
write_to_file(const char * name,const void * data,size_t len)76 write_to_file(const char *name, const void *data, size_t len)
77 {
78 	FILE *f;
79 
80 	f = fopen(name, "wb");
81 	if (f == NULL) {
82 		fprintf(stderr,
83 			"ERROR: cannot open file '%s' for writing\n",
84 			name);
85 		return 0;
86 	}
87 	if (fwrite(data, 1, len, f) != len) {
88 		fclose(f);
89 		fprintf(stderr,
90 			"ERROR: cannot write to file '%s'\n",
91 			name);
92 		return 0;
93 	}
94 	fclose(f);
95 	return 1;
96 }
97 
98 static int
write_to_pem_file(const char * name,const void * data,size_t len,const char * banner)99 write_to_pem_file(const char *name,
100 	const void *data, size_t len, const char *banner)
101 {
102 	void *pem;
103 	size_t pemlen;
104 	int r;
105 
106 	pemlen = br_pem_encode(NULL, NULL, len, banner, 0);
107 	pem = xmalloc(pemlen + 1);
108 	br_pem_encode(pem, data, len, banner, 0);
109 	r = write_to_file(name, pem, pemlen);
110 	xfree(pem);
111 	return r;
112 }
113 
114 static int
print_rsa(const br_rsa_private_key * sk,outspec * os)115 print_rsa(const br_rsa_private_key *sk, outspec *os)
116 {
117 	int ret;
118 	unsigned char *n, *d, *buf;
119 	uint32_t e;
120 	size_t nlen, dlen, len;
121 	br_rsa_compute_modulus cm;
122 	br_rsa_compute_pubexp ce;
123 	br_rsa_compute_privexp cd;
124 	br_rsa_public_key pk;
125 	unsigned char ebuf[4];
126 
127 	n = NULL;
128 	d = NULL;
129 	buf = NULL;
130 	ret = 1;
131 	if (os->print_text) {
132 		print_int_text("p ", sk->p, sk->plen);
133 		print_int_text("q ", sk->q, sk->qlen);
134 		print_int_text("dp", sk->dp, sk->dplen);
135 		print_int_text("dq", sk->dq, sk->dqlen);
136 		print_int_text("iq", sk->iq, sk->iqlen);
137 	}
138 	if (os->print_C) {
139 		print_int_C("RSA_P", sk->p, sk->plen);
140 		print_int_C("RSA_Q", sk->q, sk->qlen);
141 		print_int_C("RSA_DP", sk->dp, sk->dplen);
142 		print_int_C("RSA_DQ", sk->dq, sk->dqlen);
143 		print_int_C("RSA_IQ", sk->iq, sk->iqlen);
144 		printf("\nstatic const br_rsa_private_key RSA = {\n");
145 		printf("\t%lu,\n", (unsigned long)sk->n_bitlen);
146 		printf("\t(unsigned char *)RSA_P, sizeof RSA_P,\n");
147 		printf("\t(unsigned char *)RSA_Q, sizeof RSA_Q,\n");
148 		printf("\t(unsigned char *)RSA_DP, sizeof RSA_DP,\n");
149 		printf("\t(unsigned char *)RSA_DQ, sizeof RSA_DQ,\n");
150 		printf("\t(unsigned char *)RSA_IQ, sizeof RSA_IQ\n");
151 		printf("};\n");
152 	}
153 
154 	if (os->rawder == NULL && os->rawpem == NULL
155 		&& os->pk8der == NULL && os->pk8pem == NULL)
156 	{
157 		return ret;
158 	}
159 
160 	cm = br_rsa_compute_modulus_get_default();
161 	ce = br_rsa_compute_pubexp_get_default();
162 	cd = br_rsa_compute_privexp_get_default();
163 	nlen = cm(NULL, sk);
164 	if (nlen == 0) {
165 		goto print_RSA_error;
166 	}
167 	n = xmalloc(nlen);
168 	if (cm(n, sk) != nlen) {
169 		goto print_RSA_error;
170 	}
171 	e = ce(sk);
172 	if (e == 0) {
173 		goto print_RSA_error;
174 	}
175 	dlen = cd(NULL, sk, e);
176 	if (dlen == 0) {
177 		goto print_RSA_error;
178 	}
179 	d = xmalloc(dlen);
180 	if (cd(d, sk, e) != dlen) {
181 		goto print_RSA_error;
182 	}
183 	ebuf[0] = e >> 24;
184 	ebuf[1] = e >> 16;
185 	ebuf[2] = e >> 8;
186 	ebuf[3] = e;
187 	pk.n = n;
188 	pk.nlen = nlen;
189 	pk.e = ebuf;
190 	pk.elen = sizeof ebuf;
191 
192 	if (os->rawder != NULL || os->rawpem != NULL) {
193 		len = br_encode_rsa_raw_der(NULL, sk, &pk, d, dlen);
194 		if (len == 0) {
195 			goto print_RSA_error;
196 		}
197 		buf = xmalloc(len);
198 		if (br_encode_rsa_raw_der(buf, sk, &pk, d, dlen) != len) {
199 			goto print_RSA_error;
200 		}
201 		if (os->rawder != NULL) {
202 			ret &= write_to_file(os->rawder, buf, len);
203 		}
204 		if (os->rawpem != NULL) {
205 			ret &= write_to_pem_file(os->rawpem,
206 				buf, len, "RSA PRIVATE KEY");
207 		}
208 		xfree(buf);
209 		buf = NULL;
210 	}
211 
212 	if (os->pk8der != NULL || os->pk8pem != NULL) {
213 		len = br_encode_rsa_pkcs8_der(NULL, sk, &pk, d, dlen);
214 		if (len == 0) {
215 			goto print_RSA_error;
216 		}
217 		buf = xmalloc(len);
218 		if (br_encode_rsa_pkcs8_der(buf, sk, &pk, d, dlen) != len) {
219 			goto print_RSA_error;
220 		}
221 		if (os->pk8der != NULL) {
222 			ret &= write_to_file(os->pk8der, buf, len);
223 		}
224 		if (os->pk8pem != NULL) {
225 			ret &= write_to_pem_file(os->pk8pem,
226 				buf, len, "PRIVATE KEY");
227 		}
228 		xfree(buf);
229 		buf = NULL;
230 	}
231 
232 print_RSA_exit:
233 	xfree(n);
234 	xfree(d);
235 	xfree(buf);
236 	return ret;
237 
238 print_RSA_error:
239 	fprintf(stderr, "ERROR: cannot encode RSA key\n");
240 	ret = 0;
241 	goto print_RSA_exit;
242 }
243 
244 static int
print_ec(const br_ec_private_key * sk,outspec * os)245 print_ec(const br_ec_private_key *sk, outspec *os)
246 {
247 	br_ec_public_key pk;
248 	unsigned kbuf[BR_EC_KBUF_PUB_MAX_SIZE];
249 	unsigned char *buf;
250 	size_t len;
251 	int r;
252 
253 	if (os->print_text) {
254 		print_int_text("x", sk->x, sk->xlen);
255 	}
256 	if (os->print_C) {
257 		print_int_C("EC_X", sk->x, sk->xlen);
258 		printf("\nstatic const br_ec_private_key EC = {\n");
259 		printf("\t%d,\n", sk->curve);
260 		printf("\t(unsigned char *)EC_X, sizeof EC_X\n");
261 		printf("};\n");
262 	}
263 
264 	if (os->rawder == NULL && os->rawpem == NULL
265 		&& os->pk8der == NULL && os->pk8pem == NULL)
266 	{
267 		return 1;
268 	}
269 	if (br_ec_compute_pub(br_ec_get_default(), &pk, kbuf, sk) == 0) {
270 		fprintf(stderr,
271 			"ERROR: cannot re-encode (unsupported curve)\n");
272 		return 0;
273 	}
274 
275 	r = 1;
276 	if (os->rawder != NULL || os->rawpem != NULL) {
277 		len = br_encode_ec_raw_der(NULL, sk, &pk);
278 		if (len == 0) {
279 			fprintf(stderr, "ERROR: cannot re-encode"
280 				" (unsupported curve)\n");
281 			return 0;
282 		}
283 		buf = xmalloc(len);
284 		if (br_encode_ec_raw_der(buf, sk, &pk) != len) {
285 			fprintf(stderr, "ERROR: re-encode failure\n");
286 			xfree(buf);
287 			return 0;
288 		}
289 		if (os->rawder != NULL) {
290 			r &= write_to_file(os->rawder, buf, len);
291 		}
292 		if (os->rawpem != NULL) {
293 			r &= write_to_pem_file(os->rawpem,
294 				buf, len, "EC PRIVATE KEY");
295 		}
296 		xfree(buf);
297 	}
298 	if (os->pk8der != NULL || os->pk8pem != NULL) {
299 		len = br_encode_ec_pkcs8_der(NULL, sk, &pk);
300 		if (len == 0) {
301 			fprintf(stderr, "ERROR: cannot re-encode"
302 				" (unsupported curve)\n");
303 			return 0;
304 		}
305 		buf = xmalloc(len);
306 		if (br_encode_ec_pkcs8_der(buf, sk, &pk) != len) {
307 			fprintf(stderr, "ERROR: re-encode failure\n");
308 			xfree(buf);
309 			return 0;
310 		}
311 		if (os->pk8der != NULL) {
312 			r &= write_to_file(os->pk8der, buf, len);
313 		}
314 		if (os->pk8pem != NULL) {
315 			r &= write_to_pem_file(os->pk8pem,
316 				buf, len, "PRIVATE KEY");
317 		}
318 		xfree(buf);
319 	}
320 	return r;
321 }
322 
323 static int
parse_rsa_spec(const char * kgen_spec,unsigned * size,uint32_t * pubexp)324 parse_rsa_spec(const char *kgen_spec, unsigned *size, uint32_t *pubexp)
325 {
326 	const char *p;
327 	char *end;
328 	unsigned long ul;
329 
330 	p = kgen_spec;
331 	if (*p != 'r' && *p != 'R') {
332 		return 0;
333 	}
334 	p ++;
335 	if (*p != 's' && *p != 'S') {
336 		return 0;
337 	}
338 	p ++;
339 	if (*p != 'a' && *p != 'A') {
340 		return 0;
341 	}
342 	p ++;
343 	if (*p == 0) {
344 		*size = 2048;
345 		*pubexp = 3;
346 		return 1;
347 	} else if (*p != ':') {
348 		return 0;
349 	}
350 	p ++;
351 	ul = strtoul(p, &end, 10);
352 	if (ul < 512 || ul > 32768) {
353 		return 0;
354 	}
355 	*size = ul;
356 	p = end;
357 	if (*p == 0) {
358 		*pubexp = 3;
359 		return 1;
360 	} else if (*p != ':') {
361 		return 0;
362 	}
363 	p ++;
364 	ul = strtoul(p, &end, 10);
365 	if ((ul & 1) == 0 || ul == 1 || ((ul >> 30) >> 2) != 0) {
366 		return 0;
367 	}
368 	*pubexp = ul;
369 	if (*end != 0) {
370 		return 0;
371 	}
372 	return 1;
373 }
374 
375 static int
keygen_rsa(unsigned size,uint32_t pubexp,outspec * os)376 keygen_rsa(unsigned size, uint32_t pubexp, outspec *os)
377 {
378 	br_hmac_drbg_context rng;
379 	br_prng_seeder seeder;
380 	br_rsa_keygen kg;
381 	br_rsa_private_key sk;
382 	unsigned char *kbuf_priv;
383 	uint32_t r;
384 
385 	seeder = br_prng_seeder_system(NULL);
386 	if (seeder == 0) {
387 		fprintf(stderr, "ERROR: no system source of randomness\n");
388 		return 0;
389 	}
390 	br_hmac_drbg_init(&rng, &br_sha256_vtable, NULL, 0);
391 	if (!seeder(&rng.vtable)) {
392 		fprintf(stderr, "ERROR: system source of randomness failed\n");
393 		return 0;
394 	}
395 	kbuf_priv = xmalloc(BR_RSA_KBUF_PRIV_SIZE(size));
396 	kg = br_rsa_keygen_get_default();
397 	r = kg(&rng.vtable, &sk, kbuf_priv, NULL, NULL, size, pubexp);
398 	if (!r) {
399 		fprintf(stderr, "ERROR: RSA key pair generation failed\n");
400 	} else {
401 		r = print_rsa(&sk, os);
402 	}
403 	xfree(kbuf_priv);
404 	return r;
405 }
406 
407 static int
parse_ec_spec(const char * kgen_spec,int * curve)408 parse_ec_spec(const char *kgen_spec, int *curve)
409 {
410 	const char *p;
411 
412 	*curve = 0;
413 	p = kgen_spec;
414 	if (*p != 'e' && *p != 'E') {
415 		return 0;
416 	}
417 	p ++;
418 	if (*p != 'c' && *p != 'C') {
419 		return 0;
420 	}
421 	p ++;
422 	if (*p == 0) {
423 		*curve = BR_EC_secp256r1;
424 		return 1;
425 	}
426 	if (*p != ':') {
427 		return 0;
428 	}
429 	*curve = get_curve_by_name(p);
430 	return *curve > 0;
431 }
432 
433 static int
keygen_ec(int curve,outspec * os)434 keygen_ec(int curve, outspec *os)
435 {
436 	br_hmac_drbg_context rng;
437 	br_prng_seeder seeder;
438 	const br_ec_impl *impl;
439 	br_ec_private_key sk;
440 	unsigned char kbuf_priv[BR_EC_KBUF_PRIV_MAX_SIZE];
441 	size_t len;
442 
443 	seeder = br_prng_seeder_system(NULL);
444 	if (seeder == 0) {
445 		fprintf(stderr, "ERROR: no system source of randomness\n");
446 		return 0;
447 	}
448 	br_hmac_drbg_init(&rng, &br_sha256_vtable, NULL, 0);
449 	if (!seeder(&rng.vtable)) {
450 		fprintf(stderr, "ERROR: system source of randomness failed\n");
451 		return 0;
452 	}
453 	impl = br_ec_get_default();
454 	len = br_ec_keygen(&rng.vtable, impl, &sk, kbuf_priv, curve);
455 	if (len == 0) {
456 		fprintf(stderr, "ERROR: curve is not supported\n");
457 		return 0;
458 	}
459 	return print_ec(&sk, os);
460 }
461 
462 static int
decode_key(const unsigned char * buf,size_t len,outspec * os)463 decode_key(const unsigned char *buf, size_t len, outspec *os)
464 {
465 	br_skey_decoder_context dc;
466 	int err, ret;
467 
468 	br_skey_decoder_init(&dc);
469 	br_skey_decoder_push(&dc, buf, len);
470 	err = br_skey_decoder_last_error(&dc);
471 	if (err != 0) {
472 		const char *errname, *errmsg;
473 
474 		fprintf(stderr, "ERROR (decoding): err=%d\n", err);
475 		errname = find_error_name(err, &errmsg);
476 		if (errname != NULL) {
477 			fprintf(stderr, "  %s: %s\n", errname, errmsg);
478 		} else {
479 			fprintf(stderr, "  (unknown)\n");
480 		}
481 		return 0;
482 	}
483 	ret = 1;
484 	switch (br_skey_decoder_key_type(&dc)) {
485 		const br_rsa_private_key *rk;
486 		const br_ec_private_key *ek;
487 
488 	case BR_KEYTYPE_RSA:
489 		rk = br_skey_decoder_get_rsa(&dc);
490 		printf("RSA key (%lu bits)\n", (unsigned long)rk->n_bitlen);
491 		ret = print_rsa(rk, os);
492 		break;
493 
494 	case BR_KEYTYPE_EC:
495 		ek = br_skey_decoder_get_ec(&dc);
496 		printf("EC key (curve = %d: %s)\n",
497 			ek->curve, ec_curve_name(ek->curve));
498 		ret = print_ec(ek, os);
499 		break;
500 
501 	default:
502 		fprintf(stderr, "Unknown key type: %d\n",
503 			br_skey_decoder_key_type(&dc));
504 		ret = 0;
505 		break;
506 	}
507 
508 	return ret;
509 }
510 
511 static void
usage_skey(void)512 usage_skey(void)
513 {
514 	fprintf(stderr,
515 "usage: brssl skey [ options ] file...\n");
516 	fprintf(stderr,
517 "options:\n");
518 	fprintf(stderr,
519 "   -q             suppress verbose messages\n");
520 	fprintf(stderr,
521 "   -text          print private key details (human-readable)\n");
522 	fprintf(stderr,
523 "   -C             print private key details (C code)\n");
524 	fprintf(stderr,
525 "   -rawder file   save private key in 'file' (raw format, DER)\n");
526 	fprintf(stderr,
527 "   -rawpem file   save private key in 'file' (raw format, PEM)\n");
528 	fprintf(stderr,
529 "   -pk8der file   save private key in 'file' (PKCS#8 format, DER)\n");
530 	fprintf(stderr,
531 "   -pk8pem file   save private key in 'file' (PKCS#8 format, PEM)\n");
532 	fprintf(stderr,
533 "   -gen spec      generate a new key using the provided key specification\n");
534 	fprintf(stderr,
535 "   -list          list known elliptic curve names\n");
536 	fprintf(stderr,
537 "Key specification begins with a key type, followed by optional parameters\n");
538 	fprintf(stderr,
539 "that depend on the key type, separated by colon characters:\n");
540 	fprintf(stderr,
541 "   rsa[:size[:pubexep]]   RSA key (defaults: size = 2048, pubexp = 3)\n");
542 	fprintf(stderr,
543 "   ec[:curvename]         EC key (default curve: secp256r1)\n");
544 }
545 
546 /* see brssl.h */
547 int
do_skey(int argc,char * argv[])548 do_skey(int argc, char *argv[])
549 {
550 	int retcode;
551 	int verbose;
552 	int i, num_files;
553 	outspec os;
554 	unsigned char *buf;
555 	size_t len;
556 	pem_object *pos;
557 	const char *kgen_spec;
558 
559 	retcode = 0;
560 	verbose = 1;
561 	os.print_text = 0;
562 	os.print_C = 0;
563 	os.rawder = NULL;
564 	os.rawpem = NULL;
565 	os.pk8der = NULL;
566 	os.pk8pem = NULL;
567 	num_files = 0;
568 	buf = NULL;
569 	pos = NULL;
570 	kgen_spec = NULL;
571 	for (i = 0; i < argc; i ++) {
572 		const char *arg;
573 
574 		arg = argv[i];
575 		if (arg[0] != '-') {
576 			num_files ++;
577 			continue;
578 		}
579 		argv[i] = NULL;
580 		if (eqstr(arg, "-v") || eqstr(arg, "-verbose")) {
581 			verbose = 1;
582 		} else if (eqstr(arg, "-q") || eqstr(arg, "-quiet")) {
583 			verbose = 0;
584 		} else if (eqstr(arg, "-text")) {
585 			os.print_text = 1;
586 		} else if (eqstr(arg, "-C")) {
587 			os.print_C = 1;
588 		} else if (eqstr(arg, "-rawder")) {
589 			if (++ i >= argc) {
590 				fprintf(stderr,
591 					"ERROR: no argument for '-rawder'\n");
592 				usage_skey();
593 				goto skey_exit_error;
594 			}
595 			if (os.rawder != NULL) {
596 				fprintf(stderr,
597 					"ERROR: multiple '-rawder' options\n");
598 				usage_skey();
599 				goto skey_exit_error;
600 			}
601 			os.rawder = argv[i];
602 			argv[i] = NULL;
603 		} else if (eqstr(arg, "-rawpem")) {
604 			if (++ i >= argc) {
605 				fprintf(stderr,
606 					"ERROR: no argument for '-rawpem'\n");
607 				usage_skey();
608 				goto skey_exit_error;
609 			}
610 			if (os.rawpem != NULL) {
611 				fprintf(stderr,
612 					"ERROR: multiple '-rawpem' options\n");
613 				usage_skey();
614 				goto skey_exit_error;
615 			}
616 			os.rawpem = argv[i];
617 			argv[i] = NULL;
618 		} else if (eqstr(arg, "-pk8der")) {
619 			if (++ i >= argc) {
620 				fprintf(stderr,
621 					"ERROR: no argument for '-pk8der'\n");
622 				usage_skey();
623 				goto skey_exit_error;
624 			}
625 			if (os.pk8der != NULL) {
626 				fprintf(stderr,
627 					"ERROR: multiple '-pk8der' options\n");
628 				usage_skey();
629 				goto skey_exit_error;
630 			}
631 			os.pk8der = argv[i];
632 			argv[i] = NULL;
633 		} else if (eqstr(arg, "-pk8pem")) {
634 			if (++ i >= argc) {
635 				fprintf(stderr,
636 					"ERROR: no argument for '-pk8pem'\n");
637 				usage_skey();
638 				goto skey_exit_error;
639 			}
640 			if (os.pk8pem != NULL) {
641 				fprintf(stderr,
642 					"ERROR: multiple '-pk8pem' options\n");
643 				usage_skey();
644 				goto skey_exit_error;
645 			}
646 			os.pk8pem = argv[i];
647 			argv[i] = NULL;
648 		} else if (eqstr(arg, "-gen")) {
649 			if (++ i >= argc) {
650 				fprintf(stderr,
651 					"ERROR: no argument for '-gen'\n");
652 				usage_skey();
653 				goto skey_exit_error;
654 			}
655 			if (kgen_spec != NULL) {
656 				fprintf(stderr,
657 					"ERROR: multiple '-gen' options\n");
658 				usage_skey();
659 				goto skey_exit_error;
660 			}
661 			kgen_spec = argv[i];
662 			argv[i] = NULL;
663 		} else if (eqstr(arg, "-list")) {
664 			list_curves();
665 			goto skey_exit;
666 		} else {
667 			fprintf(stderr, "ERROR: unknown option: '%s'\n", arg);
668 			usage_skey();
669 			goto skey_exit_error;
670 		}
671 	}
672 	if (kgen_spec != NULL) {
673 		unsigned rsa_size;
674 		uint32_t rsa_pubexp;
675 		int curve;
676 
677 		if (num_files != 0) {
678 			fprintf(stderr,
679 				"ERROR: key files provided while generating\n");
680 			usage_skey();
681 			goto skey_exit_error;
682 		}
683 
684 		if (parse_rsa_spec(kgen_spec, &rsa_size, &rsa_pubexp)) {
685 			if (!keygen_rsa(rsa_size, rsa_pubexp, &os)) {
686 				goto skey_exit_error;
687 			}
688 		} else if (parse_ec_spec(kgen_spec, &curve)) {
689 			if (!keygen_ec(curve, &os)) {
690 				goto skey_exit_error;
691 			}
692 		} else {
693 			fprintf(stderr,
694 				"ERROR: unknown key specification: '%s'\n",
695 				kgen_spec);
696 			usage_skey();
697 			goto skey_exit_error;
698 		}
699 	} else if (num_files == 0) {
700 		fprintf(stderr, "ERROR: no private key provided\n");
701 		usage_skey();
702 		goto skey_exit_error;
703 	}
704 
705 	for (i = 0; i < argc; i ++) {
706 		const char *fname;
707 
708 		fname = argv[i];
709 		if (fname == NULL) {
710 			continue;
711 		}
712 		buf = read_file(fname, &len);
713 		if (buf == NULL) {
714 			goto skey_exit_error;
715 		}
716 		if (looks_like_DER(buf, len)) {
717 			if (verbose) {
718 				fprintf(stderr, "File '%s': ASN.1/DER object\n",
719 					fname);
720 			}
721 			if (!decode_key(buf, len, &os)) {
722 				goto skey_exit_error;
723 			}
724 		} else {
725 			size_t u, num;
726 
727 			if (verbose) {
728 				fprintf(stderr, "File '%s': decoding as PEM\n",
729 					fname);
730 			}
731 			pos = decode_pem(buf, len, &num);
732 			if (pos == NULL) {
733 				goto skey_exit_error;
734 			}
735 			for (u = 0; pos[u].name; u ++) {
736 				const char *name;
737 
738 				name = pos[u].name;
739 				if (eqstr(name, "RSA PRIVATE KEY")
740 					|| eqstr(name, "EC PRIVATE KEY")
741 					|| eqstr(name, "PRIVATE KEY"))
742 				{
743 					if (!decode_key(pos[u].data,
744 						pos[u].data_len, &os))
745 					{
746 						goto skey_exit_error;
747 					}
748 				} else {
749 					if (verbose) {
750 						fprintf(stderr,
751 							"(skipping '%s')\n",
752 							name);
753 					}
754 				}
755 			}
756 			for (u = 0; pos[u].name; u ++) {
757 				free_pem_object_contents(&pos[u]);
758 			}
759 			xfree(pos);
760 			pos = NULL;
761 		}
762 		xfree(buf);
763 		buf = NULL;
764 	}
765 
766 	/*
767 	 * Release allocated structures.
768 	 */
769 skey_exit:
770 	xfree(buf);
771 	if (pos != NULL) {
772 		size_t u;
773 
774 		for (u = 0; pos[u].name; u ++) {
775 			free_pem_object_contents(&pos[u]);
776 		}
777 		xfree(pos);
778 	}
779 	return retcode;
780 
781 skey_exit_error:
782 	retcode = -1;
783 	goto skey_exit;
784 }
785