Start adding EC support in gen_key
diff --git a/programs/pkey/gen_key.c b/programs/pkey/gen_key.c
index 19f46a4..c6a0c24 100644
--- a/programs/pkey/gen_key.c
+++ b/programs/pkey/gen_key.c
@@ -51,12 +51,10 @@
}
#else
-#define TYPE_RSA 0
-
#define FORMAT_PEM 0
#define FORMAT_DER 1
-#define DFL_TYPE TYPE_RSA
+#define DFL_TYPE POLARSSL_PK_RSA
#define DFL_RSA_KEYSIZE 4096
#define DFL_FILENAME "keyfile.key"
#define DFL_FORMAT FORMAT_PEM
@@ -109,11 +107,11 @@
}
#define USAGE \
- "\n usage: gen_key param=<>...\n" \
+ "\n usage: gen_key param=<>...\n" \
"\n acceptable parameters:\n" \
- " type=rsa default: rsa\n" \
- " rsa_keysize=%%d default: 4096\n" \
- " filename=%%s default: keyfile.key\n" \
+ " type=rsa|ec default: rsa\n" \
+ " rsa_keysize=%%d default: 4096\n" \
+ " filename=%%s default: keyfile.key\n" \
" format=pem|der default: pem\n" \
"\n"
@@ -157,7 +155,9 @@
if( strcmp( p, "type" ) == 0 )
{
if( strcmp( q, "rsa" ) == 0 )
- opt.type = TYPE_RSA;
+ opt.type = POLARSSL_PK_RSA;
+ if( strcmp( q, "ec" ) == 0 )
+ opt.type = POLARSSL_PK_ECKEY;
else
goto usage;
}
@@ -200,10 +200,15 @@
printf( "\n . Generating the private key ..." );
fflush( stdout );
-#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
- if( opt.type == TYPE_RSA )
+ if( ( ret = pk_init_ctx( &key, pk_info_from_type( opt.type ) ) ) != 0 )
{
- pk_init_ctx( &key, pk_info_from_type( POLARSSL_PK_RSA ) );
+ printf( " failed\n ! pk_init_ctx returned -0x%04x", -ret );
+ goto exit;
+ }
+
+#if defined(POLARSSL_RSA_C) && defined(POLARSSL_GENPRIME)
+ if( opt.type == POLARSSL_PK_RSA )
+ {
ret = rsa_gen_key( pk_rsa( key ), ctr_drbg_random, &ctr_drbg,
opt.rsa_keysize, 65537 );
if( ret != 0 )
@@ -211,20 +216,32 @@
printf( " failed\n ! rsa_gen_key returned -0x%04x", -ret );
goto exit;
}
-
- printf( " ok\n" );
}
else
#endif /* POLARSSL_RSA_C */
+#if defined(POLARSSL_ECP_C)
+ if( opt.type == POLARSSL_PK_ECKEY )
{
- printf( " failed\n ! key type not supported in library" );
+ // TODO: allow other curves
+ ret = ecp_gen_key( POLARSSL_ECP_DP_SECP256R1, pk_ec( key ),
+ ctr_drbg_random, &ctr_drbg );
+ if( ret != 0 )
+ {
+ printf( " failed\n ! rsa_gen_key returned -0x%04x", -ret );
+ goto exit;
+ }
+ }
+ else
+#endif /* POLARSSL_ECP_C */
+ {
+ printf( " failed\n ! key type not supported\n" );
goto exit;
}
/*
* 1.2 Print the key
*/
- printf( " . Key information ...\n" );
+ printf( " ok\n . Key information:\n" );
#if defined(POLARSSL_RSA_C)
if( pk_get_type( &key ) == POLARSSL_PK_RSA )
@@ -245,14 +262,13 @@
if( pk_get_type( &key ) == POLARSSL_PK_ECKEY )
{
ecp_keypair *ecp = pk_ec( key );
- mpi_write_file( "Q(X): ", &ecp->Q.X, 16, NULL );
- mpi_write_file( "Q(Y): ", &ecp->Q.Y, 16, NULL );
- mpi_write_file( "Q(Z): ", &ecp->Q.Z, 16, NULL );
- mpi_write_file( "D : ", &ecp->d , 16, NULL );
+ mpi_write_file( "X_Q: ", &ecp->Q.X, 16, NULL );
+ mpi_write_file( "Y_Q: ", &ecp->Q.Y, 16, NULL );
+ mpi_write_file( "D : ", &ecp->d , 16, NULL );
}
else
#endif
- printf("key type not supported yet\n");
+ printf(" ! key type not supported\n");
write_private_key( &key, opt.filename );