1c9496f6bSchristos /*
2*4724848cSchristos * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved.
3*4724848cSchristos * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
4c9496f6bSchristos *
5*4724848cSchristos * Licensed under the OpenSSL license (the "License"). You may not use
6*4724848cSchristos * this file except in compliance with the License. You can obtain a copy
7*4724848cSchristos * in the file LICENSE in the source distribution or at
8*4724848cSchristos * https://www.openssl.org/source/license.html
9c9496f6bSchristos */
10c9496f6bSchristos
11c9496f6bSchristos #include <openssl/opensslconf.h>
12c9496f6bSchristos #include <stdio.h>
13c9496f6bSchristos #include <stdlib.h>
14c9496f6bSchristos #include <time.h>
15c9496f6bSchristos #include <string.h>
16c9496f6bSchristos #include "apps.h"
17*4724848cSchristos #include "progs.h"
18c9496f6bSchristos #include <openssl/bio.h>
19c9496f6bSchristos #include <openssl/err.h>
20c9496f6bSchristos #include <openssl/bn.h>
21c9496f6bSchristos #include <openssl/ec.h>
22c9496f6bSchristos #include <openssl/x509.h>
23c9496f6bSchristos #include <openssl/pem.h>
24c9496f6bSchristos
25*4724848cSchristos typedef enum OPTION_choice {
26*4724848cSchristos OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
27*4724848cSchristos OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_C,
28*4724848cSchristos OPT_CHECK, OPT_LIST_CURVES, OPT_NO_SEED, OPT_NOOUT, OPT_NAME,
29*4724848cSchristos OPT_CONV_FORM, OPT_PARAM_ENC, OPT_GENKEY, OPT_ENGINE,
30*4724848cSchristos OPT_R_ENUM
31*4724848cSchristos } OPTION_CHOICE;
32c9496f6bSchristos
33*4724848cSchristos const OPTIONS ecparam_options[] = {
34*4724848cSchristos {"help", OPT_HELP, '-', "Display this summary"},
35*4724848cSchristos {"inform", OPT_INFORM, 'F', "Input format - default PEM (DER or PEM)"},
36*4724848cSchristos {"outform", OPT_OUTFORM, 'F', "Output format - default PEM"},
37*4724848cSchristos {"in", OPT_IN, '<', "Input file - default stdin"},
38*4724848cSchristos {"out", OPT_OUT, '>', "Output file - default stdout"},
39*4724848cSchristos {"text", OPT_TEXT, '-', "Print the ec parameters in text form"},
40*4724848cSchristos {"C", OPT_C, '-', "Print a 'C' function creating the parameters"},
41*4724848cSchristos {"check", OPT_CHECK, '-', "Validate the ec parameters"},
42*4724848cSchristos {"list_curves", OPT_LIST_CURVES, '-',
43*4724848cSchristos "Prints a list of all curve 'short names'"},
44*4724848cSchristos {"no_seed", OPT_NO_SEED, '-',
45*4724848cSchristos "If 'explicit' parameters are chosen do not use the seed"},
46*4724848cSchristos {"noout", OPT_NOOUT, '-', "Do not print the ec parameter"},
47*4724848cSchristos {"name", OPT_NAME, 's',
48*4724848cSchristos "Use the ec parameters with specified 'short name'"},
49*4724848cSchristos {"conv_form", OPT_CONV_FORM, 's', "Specifies the point conversion form "},
50*4724848cSchristos {"param_enc", OPT_PARAM_ENC, 's',
51*4724848cSchristos "Specifies the way the ec parameters are encoded"},
52*4724848cSchristos {"genkey", OPT_GENKEY, '-', "Generate ec key"},
53*4724848cSchristos OPT_R_OPTIONS,
54*4724848cSchristos #ifndef OPENSSL_NO_ENGINE
55*4724848cSchristos {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
56*4724848cSchristos #endif
57*4724848cSchristos {NULL}
58*4724848cSchristos };
59c9496f6bSchristos
60*4724848cSchristos static OPT_PAIR forms[] = {
61*4724848cSchristos {"compressed", POINT_CONVERSION_COMPRESSED},
62*4724848cSchristos {"uncompressed", POINT_CONVERSION_UNCOMPRESSED},
63*4724848cSchristos {"hybrid", POINT_CONVERSION_HYBRID},
64*4724848cSchristos {NULL}
65*4724848cSchristos };
66c9496f6bSchristos
67*4724848cSchristos static OPT_PAIR encodings[] = {
68*4724848cSchristos {"named_curve", OPENSSL_EC_NAMED_CURVE},
69*4724848cSchristos {"explicit", 0},
70*4724848cSchristos {NULL}
71*4724848cSchristos };
72c9496f6bSchristos
ecparam_main(int argc,char ** argv)73*4724848cSchristos int ecparam_main(int argc, char **argv)
74c9496f6bSchristos {
75*4724848cSchristos ENGINE *e = NULL;
76*4724848cSchristos BIGNUM *ec_gen = NULL, *ec_order = NULL, *ec_cofactor = NULL;
77*4724848cSchristos BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL;
78*4724848cSchristos BIO *in = NULL, *out = NULL;
79c9496f6bSchristos EC_GROUP *group = NULL;
80c9496f6bSchristos point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED;
81*4724848cSchristos char *curve_name = NULL;
82c9496f6bSchristos char *infile = NULL, *outfile = NULL, *prog;
83c9496f6bSchristos unsigned char *buffer = NULL;
84*4724848cSchristos OPTION_CHOICE o;
85*4724848cSchristos int asn1_flag = OPENSSL_EC_NAMED_CURVE, new_asn1_flag = 0;
86*4724848cSchristos int informat = FORMAT_PEM, outformat = FORMAT_PEM, noout = 0, C = 0;
87*4724848cSchristos int ret = 1, private = 0;
88*4724848cSchristos int list_curves = 0, no_seed = 0, check = 0, new_form = 0;
89*4724848cSchristos int text = 0, i, genkey = 0;
90c9496f6bSchristos
91*4724848cSchristos prog = opt_init(argc, argv, ecparam_options);
92*4724848cSchristos while ((o = opt_next()) != OPT_EOF) {
93*4724848cSchristos switch (o) {
94*4724848cSchristos case OPT_EOF:
95*4724848cSchristos case OPT_ERR:
96*4724848cSchristos opthelp:
97*4724848cSchristos BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
98c9496f6bSchristos goto end;
99*4724848cSchristos case OPT_HELP:
100*4724848cSchristos opt_help(ecparam_options);
101*4724848cSchristos ret = 0;
102*4724848cSchristos goto end;
103*4724848cSchristos case OPT_INFORM:
104*4724848cSchristos if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat))
105*4724848cSchristos goto opthelp;
106*4724848cSchristos break;
107*4724848cSchristos case OPT_IN:
108*4724848cSchristos infile = opt_arg();
109*4724848cSchristos break;
110*4724848cSchristos case OPT_OUTFORM:
111*4724848cSchristos if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
112*4724848cSchristos goto opthelp;
113*4724848cSchristos break;
114*4724848cSchristos case OPT_OUT:
115*4724848cSchristos outfile = opt_arg();
116*4724848cSchristos break;
117*4724848cSchristos case OPT_TEXT:
118c9496f6bSchristos text = 1;
119*4724848cSchristos break;
120*4724848cSchristos case OPT_C:
121c9496f6bSchristos C = 1;
122*4724848cSchristos break;
123*4724848cSchristos case OPT_CHECK:
124c9496f6bSchristos check = 1;
125*4724848cSchristos break;
126*4724848cSchristos case OPT_LIST_CURVES:
127c9496f6bSchristos list_curves = 1;
128*4724848cSchristos break;
129*4724848cSchristos case OPT_NO_SEED:
130c9496f6bSchristos no_seed = 1;
131*4724848cSchristos break;
132*4724848cSchristos case OPT_NOOUT:
133c9496f6bSchristos noout = 1;
134*4724848cSchristos break;
135*4724848cSchristos case OPT_NAME:
136*4724848cSchristos curve_name = opt_arg();
137*4724848cSchristos break;
138*4724848cSchristos case OPT_CONV_FORM:
139*4724848cSchristos if (!opt_pair(opt_arg(), forms, &new_form))
140*4724848cSchristos goto opthelp;
141*4724848cSchristos form = new_form;
142*4724848cSchristos new_form = 1;
143*4724848cSchristos break;
144*4724848cSchristos case OPT_PARAM_ENC:
145*4724848cSchristos if (!opt_pair(opt_arg(), encodings, &asn1_flag))
146*4724848cSchristos goto opthelp;
147*4724848cSchristos new_asn1_flag = 1;
148*4724848cSchristos break;
149*4724848cSchristos case OPT_GENKEY:
150c9496f6bSchristos genkey = 1;
151*4724848cSchristos break;
152*4724848cSchristos case OPT_R_CASES:
153*4724848cSchristos if (!opt_rand(o))
154*4724848cSchristos goto end;
155*4724848cSchristos break;
156*4724848cSchristos case OPT_ENGINE:
157*4724848cSchristos e = setup_engine(opt_arg(), 0);
158c9496f6bSchristos break;
159c9496f6bSchristos }
160c9496f6bSchristos }
161*4724848cSchristos argc = opt_num_rest();
162*4724848cSchristos if (argc != 0)
163*4724848cSchristos goto opthelp;
164c9496f6bSchristos
165*4724848cSchristos private = genkey ? 1 : 0;
166*4724848cSchristos
167*4724848cSchristos in = bio_open_default(infile, 'r', informat);
168*4724848cSchristos if (in == NULL)
169c9496f6bSchristos goto end;
170*4724848cSchristos out = bio_open_owner(outfile, outformat, private);
171*4724848cSchristos if (out == NULL)
172c9496f6bSchristos goto end;
173c9496f6bSchristos
174c9496f6bSchristos if (list_curves) {
175c9496f6bSchristos EC_builtin_curve *curves = NULL;
176*4724848cSchristos size_t crv_len = EC_get_builtin_curves(NULL, 0);
177*4724848cSchristos size_t n;
178c9496f6bSchristos
179*4724848cSchristos curves = app_malloc((int)sizeof(*curves) * crv_len, "list curves");
180c9496f6bSchristos if (!EC_get_builtin_curves(curves, crv_len)) {
181c9496f6bSchristos OPENSSL_free(curves);
182c9496f6bSchristos goto end;
183c9496f6bSchristos }
184c9496f6bSchristos
185c9496f6bSchristos for (n = 0; n < crv_len; n++) {
186c9496f6bSchristos const char *comment;
187c9496f6bSchristos const char *sname;
188c9496f6bSchristos comment = curves[n].comment;
189c9496f6bSchristos sname = OBJ_nid2sn(curves[n].nid);
190c9496f6bSchristos if (comment == NULL)
191c9496f6bSchristos comment = "CURVE DESCRIPTION NOT AVAILABLE";
192c9496f6bSchristos if (sname == NULL)
193c9496f6bSchristos sname = "";
194c9496f6bSchristos
195c9496f6bSchristos BIO_printf(out, " %-10s: ", sname);
196c9496f6bSchristos BIO_printf(out, "%s\n", comment);
197c9496f6bSchristos }
198c9496f6bSchristos
199c9496f6bSchristos OPENSSL_free(curves);
200c9496f6bSchristos ret = 0;
201c9496f6bSchristos goto end;
202c9496f6bSchristos }
203c9496f6bSchristos
204c9496f6bSchristos if (curve_name != NULL) {
205c9496f6bSchristos int nid;
206c9496f6bSchristos
207c9496f6bSchristos /*
208c9496f6bSchristos * workaround for the SECG curve names secp192r1 and secp256r1 (which
209c9496f6bSchristos * are the same as the curves prime192v1 and prime256v1 defined in
210c9496f6bSchristos * X9.62)
211c9496f6bSchristos */
212*4724848cSchristos if (strcmp(curve_name, "secp192r1") == 0) {
213c9496f6bSchristos BIO_printf(bio_err, "using curve name prime192v1 "
214c9496f6bSchristos "instead of secp192r1\n");
215c9496f6bSchristos nid = NID_X9_62_prime192v1;
216*4724848cSchristos } else if (strcmp(curve_name, "secp256r1") == 0) {
217c9496f6bSchristos BIO_printf(bio_err, "using curve name prime256v1 "
218c9496f6bSchristos "instead of secp256r1\n");
219c9496f6bSchristos nid = NID_X9_62_prime256v1;
220*4724848cSchristos } else {
221c9496f6bSchristos nid = OBJ_sn2nid(curve_name);
222*4724848cSchristos }
223c9496f6bSchristos
224c9496f6bSchristos if (nid == 0)
225c9496f6bSchristos nid = EC_curve_nist2nid(curve_name);
226c9496f6bSchristos
227c9496f6bSchristos if (nid == 0) {
228c9496f6bSchristos BIO_printf(bio_err, "unknown curve name (%s)\n", curve_name);
229c9496f6bSchristos goto end;
230c9496f6bSchristos }
231c9496f6bSchristos
232c9496f6bSchristos group = EC_GROUP_new_by_curve_name(nid);
233c9496f6bSchristos if (group == NULL) {
234c9496f6bSchristos BIO_printf(bio_err, "unable to create curve (%s)\n", curve_name);
235c9496f6bSchristos goto end;
236c9496f6bSchristos }
237c9496f6bSchristos EC_GROUP_set_asn1_flag(group, asn1_flag);
238c9496f6bSchristos EC_GROUP_set_point_conversion_form(group, form);
239c9496f6bSchristos } else if (informat == FORMAT_ASN1) {
240c9496f6bSchristos group = d2i_ECPKParameters_bio(in, NULL);
241c9496f6bSchristos } else {
242*4724848cSchristos group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
243c9496f6bSchristos }
244c9496f6bSchristos if (group == NULL) {
245c9496f6bSchristos BIO_printf(bio_err, "unable to load elliptic curve parameters\n");
246c9496f6bSchristos ERR_print_errors(bio_err);
247c9496f6bSchristos goto end;
248c9496f6bSchristos }
249c9496f6bSchristos
250c9496f6bSchristos if (new_form)
251c9496f6bSchristos EC_GROUP_set_point_conversion_form(group, form);
252c9496f6bSchristos
253c9496f6bSchristos if (new_asn1_flag)
254c9496f6bSchristos EC_GROUP_set_asn1_flag(group, asn1_flag);
255c9496f6bSchristos
256c9496f6bSchristos if (no_seed) {
257c9496f6bSchristos EC_GROUP_set_seed(group, NULL, 0);
258c9496f6bSchristos }
259c9496f6bSchristos
260c9496f6bSchristos if (text) {
261c9496f6bSchristos if (!ECPKParameters_print(out, group, 0))
262c9496f6bSchristos goto end;
263c9496f6bSchristos }
264c9496f6bSchristos
265c9496f6bSchristos if (check) {
266c9496f6bSchristos BIO_printf(bio_err, "checking elliptic curve parameters: ");
267c9496f6bSchristos if (!EC_GROUP_check(group, NULL)) {
268c9496f6bSchristos BIO_printf(bio_err, "failed\n");
269c9496f6bSchristos ERR_print_errors(bio_err);
270c9496f6bSchristos goto end;
271c9496f6bSchristos }
272c9496f6bSchristos BIO_printf(bio_err, "ok\n");
273c9496f6bSchristos
274c9496f6bSchristos }
275c9496f6bSchristos
276c9496f6bSchristos if (C) {
277c9496f6bSchristos size_t buf_len = 0, tmp_len = 0;
278c9496f6bSchristos const EC_POINT *point;
279c9496f6bSchristos int is_prime, len = 0;
280c9496f6bSchristos const EC_METHOD *meth = EC_GROUP_method_of(group);
281c9496f6bSchristos
282*4724848cSchristos if ((ec_p = BN_new()) == NULL
283*4724848cSchristos || (ec_a = BN_new()) == NULL
284*4724848cSchristos || (ec_b = BN_new()) == NULL
285*4724848cSchristos || (ec_gen = BN_new()) == NULL
286*4724848cSchristos || (ec_order = BN_new()) == NULL
287*4724848cSchristos || (ec_cofactor = BN_new()) == NULL) {
288*4724848cSchristos perror("Can't allocate BN");
289c9496f6bSchristos goto end;
290c9496f6bSchristos }
291c9496f6bSchristos
292c9496f6bSchristos is_prime = (EC_METHOD_get_field_type(meth) == NID_X9_62_prime_field);
293*4724848cSchristos if (!is_prime) {
294*4724848cSchristos BIO_printf(bio_err, "Can only handle X9.62 prime fields\n");
295c9496f6bSchristos goto end;
296c9496f6bSchristos }
297c9496f6bSchristos
298*4724848cSchristos if (!EC_GROUP_get_curve(group, ec_p, ec_a, ec_b, NULL))
299*4724848cSchristos goto end;
300*4724848cSchristos
301c9496f6bSchristos if ((point = EC_GROUP_get0_generator(group)) == NULL)
302c9496f6bSchristos goto end;
303c9496f6bSchristos if (!EC_POINT_point2bn(group, point,
304c9496f6bSchristos EC_GROUP_get_point_conversion_form(group),
305c9496f6bSchristos ec_gen, NULL))
306c9496f6bSchristos goto end;
307c9496f6bSchristos if (!EC_GROUP_get_order(group, ec_order, NULL))
308c9496f6bSchristos goto end;
309c9496f6bSchristos if (!EC_GROUP_get_cofactor(group, ec_cofactor, NULL))
310c9496f6bSchristos goto end;
311c9496f6bSchristos
312c9496f6bSchristos if (!ec_p || !ec_a || !ec_b || !ec_gen || !ec_order || !ec_cofactor)
313c9496f6bSchristos goto end;
314c9496f6bSchristos
315c9496f6bSchristos len = BN_num_bits(ec_order);
316c9496f6bSchristos
317c9496f6bSchristos if ((tmp_len = (size_t)BN_num_bytes(ec_p)) > buf_len)
318c9496f6bSchristos buf_len = tmp_len;
319c9496f6bSchristos if ((tmp_len = (size_t)BN_num_bytes(ec_a)) > buf_len)
320c9496f6bSchristos buf_len = tmp_len;
321c9496f6bSchristos if ((tmp_len = (size_t)BN_num_bytes(ec_b)) > buf_len)
322c9496f6bSchristos buf_len = tmp_len;
323c9496f6bSchristos if ((tmp_len = (size_t)BN_num_bytes(ec_gen)) > buf_len)
324c9496f6bSchristos buf_len = tmp_len;
325c9496f6bSchristos if ((tmp_len = (size_t)BN_num_bytes(ec_order)) > buf_len)
326c9496f6bSchristos buf_len = tmp_len;
327c9496f6bSchristos if ((tmp_len = (size_t)BN_num_bytes(ec_cofactor)) > buf_len)
328c9496f6bSchristos buf_len = tmp_len;
329c9496f6bSchristos
330*4724848cSchristos buffer = app_malloc(buf_len, "BN buffer");
331c9496f6bSchristos
332*4724848cSchristos BIO_printf(out, "EC_GROUP *get_ec_group_%d(void)\n{\n", len);
333*4724848cSchristos print_bignum_var(out, ec_p, "ec_p", len, buffer);
334*4724848cSchristos print_bignum_var(out, ec_a, "ec_a", len, buffer);
335*4724848cSchristos print_bignum_var(out, ec_b, "ec_b", len, buffer);
336*4724848cSchristos print_bignum_var(out, ec_gen, "ec_gen", len, buffer);
337*4724848cSchristos print_bignum_var(out, ec_order, "ec_order", len, buffer);
338*4724848cSchristos print_bignum_var(out, ec_cofactor, "ec_cofactor", len, buffer);
339*4724848cSchristos BIO_printf(out, " int ok = 0;\n"
340*4724848cSchristos " EC_GROUP *group = NULL;\n"
341*4724848cSchristos " EC_POINT *point = NULL;\n"
342*4724848cSchristos " BIGNUM *tmp_1 = NULL;\n"
343*4724848cSchristos " BIGNUM *tmp_2 = NULL;\n"
344*4724848cSchristos " BIGNUM *tmp_3 = NULL;\n"
345*4724848cSchristos "\n");
346*4724848cSchristos
347*4724848cSchristos BIO_printf(out, " if ((tmp_1 = BN_bin2bn(ec_p_%d, sizeof(ec_p_%d), NULL)) == NULL)\n"
348*4724848cSchristos " goto err;\n", len, len);
349*4724848cSchristos BIO_printf(out, " if ((tmp_2 = BN_bin2bn(ec_a_%d, sizeof(ec_a_%d), NULL)) == NULL)\n"
350*4724848cSchristos " goto err;\n", len, len);
351*4724848cSchristos BIO_printf(out, " if ((tmp_3 = BN_bin2bn(ec_b_%d, sizeof(ec_b_%d), NULL)) == NULL)\n"
352*4724848cSchristos " goto err;\n", len, len);
353*4724848cSchristos BIO_printf(out, " if ((group = EC_GROUP_new_curve_GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL)\n"
354*4724848cSchristos " goto err;\n"
355*4724848cSchristos "\n");
356*4724848cSchristos BIO_printf(out, " /* build generator */\n");
357*4724848cSchristos BIO_printf(out, " if ((tmp_1 = BN_bin2bn(ec_gen_%d, sizeof(ec_gen_%d), tmp_1)) == NULL)\n"
358*4724848cSchristos " goto err;\n", len, len);
359*4724848cSchristos BIO_printf(out, " point = EC_POINT_bn2point(group, tmp_1, NULL, NULL);\n");
360*4724848cSchristos BIO_printf(out, " if (point == NULL)\n"
361*4724848cSchristos " goto err;\n");
362*4724848cSchristos BIO_printf(out, " if ((tmp_2 = BN_bin2bn(ec_order_%d, sizeof(ec_order_%d), tmp_2)) == NULL)\n"
363*4724848cSchristos " goto err;\n", len, len);
364*4724848cSchristos BIO_printf(out, " if ((tmp_3 = BN_bin2bn(ec_cofactor_%d, sizeof(ec_cofactor_%d), tmp_3)) == NULL)\n"
365*4724848cSchristos " goto err;\n", len, len);
366*4724848cSchristos BIO_printf(out, " if (!EC_GROUP_set_generator(group, point, tmp_2, tmp_3))\n"
367*4724848cSchristos " goto err;\n"
368*4724848cSchristos "ok = 1;"
369*4724848cSchristos "\n");
370*4724848cSchristos BIO_printf(out, "err:\n"
371*4724848cSchristos " BN_free(tmp_1);\n"
372*4724848cSchristos " BN_free(tmp_2);\n"
373*4724848cSchristos " BN_free(tmp_3);\n"
374*4724848cSchristos " EC_POINT_free(point);\n"
375*4724848cSchristos " if (!ok) {\n"
376*4724848cSchristos " EC_GROUP_free(group);\n"
377*4724848cSchristos " return NULL;\n"
378*4724848cSchristos " }\n"
379*4724848cSchristos " return (group);\n"
380*4724848cSchristos "}\n");
381c9496f6bSchristos }
382c9496f6bSchristos
383*4724848cSchristos if (outformat == FORMAT_ASN1 && genkey)
384*4724848cSchristos noout = 1;
385c9496f6bSchristos
386c9496f6bSchristos if (!noout) {
387c9496f6bSchristos if (outformat == FORMAT_ASN1)
388c9496f6bSchristos i = i2d_ECPKParameters_bio(out, group);
389*4724848cSchristos else
390c9496f6bSchristos i = PEM_write_bio_ECPKParameters(out, group);
391c9496f6bSchristos if (!i) {
392c9496f6bSchristos BIO_printf(bio_err, "unable to write elliptic "
393c9496f6bSchristos "curve parameters\n");
394c9496f6bSchristos ERR_print_errors(bio_err);
395c9496f6bSchristos goto end;
396c9496f6bSchristos }
397c9496f6bSchristos }
398c9496f6bSchristos
399c9496f6bSchristos if (genkey) {
400c9496f6bSchristos EC_KEY *eckey = EC_KEY_new();
401c9496f6bSchristos
402c9496f6bSchristos if (eckey == NULL)
403c9496f6bSchristos goto end;
404c9496f6bSchristos
405*4724848cSchristos if (EC_KEY_set_group(eckey, group) == 0) {
406*4724848cSchristos BIO_printf(bio_err, "unable to set group when generating key\n");
407*4724848cSchristos EC_KEY_free(eckey);
408*4724848cSchristos ERR_print_errors(bio_err);
409c9496f6bSchristos goto end;
410*4724848cSchristos }
411*4724848cSchristos
412*4724848cSchristos if (new_form)
413*4724848cSchristos EC_KEY_set_conv_form(eckey, form);
414c9496f6bSchristos
415c9496f6bSchristos if (!EC_KEY_generate_key(eckey)) {
416*4724848cSchristos BIO_printf(bio_err, "unable to generate key\n");
417c9496f6bSchristos EC_KEY_free(eckey);
418*4724848cSchristos ERR_print_errors(bio_err);
419c9496f6bSchristos goto end;
420c9496f6bSchristos }
421*4724848cSchristos assert(private);
422c9496f6bSchristos if (outformat == FORMAT_ASN1)
423c9496f6bSchristos i = i2d_ECPrivateKey_bio(out, eckey);
424*4724848cSchristos else
425c9496f6bSchristos i = PEM_write_bio_ECPrivateKey(out, eckey, NULL,
426c9496f6bSchristos NULL, 0, NULL, NULL);
427c9496f6bSchristos EC_KEY_free(eckey);
428c9496f6bSchristos }
429c9496f6bSchristos
430c9496f6bSchristos ret = 0;
431c9496f6bSchristos end:
432c9496f6bSchristos BN_free(ec_p);
433c9496f6bSchristos BN_free(ec_a);
434c9496f6bSchristos BN_free(ec_b);
435c9496f6bSchristos BN_free(ec_gen);
436c9496f6bSchristos BN_free(ec_order);
437c9496f6bSchristos BN_free(ec_cofactor);
438c9496f6bSchristos OPENSSL_free(buffer);
439c9496f6bSchristos EC_GROUP_free(group);
440c9496f6bSchristos release_engine(e);
441c9496f6bSchristos BIO_free(in);
442c9496f6bSchristos BIO_free_all(out);
443*4724848cSchristos return ret;
444c9496f6bSchristos }
445