1
#include <stdio.h>
2
#include <string.h>
3
#include <math.h>
4
#include <assert.h>
5

6
#include <openssl/evp.h>
7
#include <openssl/bn.h>
8
#include <openssl/ec.h>
9
#include <openssl/obj_mac.h>
10

11
#if !defined(_WIN32)
12
#include <unistd.h>
13
#else
14
#include "winglue.h"
15
#endif
16

17
#include "pattern.h"
18
#include "util.h"
19

20
const char *version = VANITYGEN_VERSION;
21

22

23
static void
24
usage(const char *progname)
25
{
26
	fprintf(stderr,
27
"Vanitygen keyconv %s\n"
28
"Usage: %s [-8] [-e|-E <password>] [-c <key>] [<key>]\n"
29
"-G            Generate a key pair and output the full public key\n"
30
"-8            Output key in PKCS#8 form\n"
31
"-e            Encrypt output key, prompt for password\n"
32
"-E <password> Encrypt output key with <password> (UNSAFE)\n"
33
"-c <key>      Combine private key parts to make complete private key\n"
34
"-v            Verbose output\n",
35
		version, progname);
36
}
37

38

39
int
40
main(int argc, char **argv)
41
{
42
	char pwbuf[128];
43
	char ecprot[128];
44
	char pbuf[1024];
45
	const char *key_in;
46
	const char *pass_in = NULL;
47
	const char *key2_in = NULL;
48
	EC_KEY *pkey;
49
	int parameter_group = -1;
50
	int privtype, addrtype;
51
	int pkcs8 = 0;
52
	int pass_prompt = 0;
53
	int verbose = 0;
54
	int generate = 0;
55
	int opt;
56
	int res;
57

58
	while ((opt = getopt(argc, argv, "8E:ec:vG")) != -1) {
59
		switch (opt) {
60
		case '8':
61
			pkcs8 = 1;
62
			break;
63
		case 'E':
64
			if (pass_prompt) {
65
				usage(argv[0]);
66
				return 1;
67
			}
68
			pass_in = optarg;
69
			if (!vg_check_password_complexity(pass_in, 1))
70
				fprintf(stderr,
71
					"WARNING: Using weak password\n");
72
			break;
73
		case 'e':
74
			if (pass_in) {
75
				usage(argv[0]);
76
				return 1;
77
			}
78
			pass_prompt = 1;
79
			break;
80
		case 'c':
81
			key2_in = optarg;
82
			break;
83
		case 'v':
84
			verbose = 1;
85
			break;
86
		case 'G':
87
			generate = 1;
88
			break;
89
		default:
90
			usage(argv[0]);
91
			return 1;
92
		}
93
	}
94

95
	OpenSSL_add_all_algorithms();
96

97
	pkey = EC_KEY_new_by_curve_name(NID_secp256k1);
98

99
	if (generate) {
100
		unsigned char *pend = (unsigned char *) pbuf;
101
		addrtype = 0;
102
		privtype = 128;
103
		EC_KEY_generate_key(pkey);
104
		res = i2o_ECPublicKey(pkey, &pend);
105
		fprintf(stderr, "Pubkey (hex): ");
106
		dumphex((unsigned char *)pbuf, res);
107
		fprintf(stderr, "Privkey (hex): ");
108
		dumpbn(EC_KEY_get0_private_key(pkey));
109
		vg_encode_address(EC_KEY_get0_public_key(pkey),
110
				  EC_KEY_get0_group(pkey),
111
				  addrtype, ecprot);
112
		printf("Address: %s\n", ecprot);
113
		vg_encode_privkey(pkey, privtype, ecprot);
114
		printf("Privkey: %s\n", ecprot);
115
		return 0;
116
	}
117

118
	if (optind >= argc) {
119
		res = fread(pbuf, 1, sizeof(pbuf) - 1, stdin);
120
		pbuf[res] = '\0';
121
		key_in = pbuf;
122
	} else {
123
		key_in = argv[optind];
124
	}
125

126
	res = vg_decode_privkey_any(pkey, &privtype, key_in, NULL);
127
	if (res < 0) {
128
		if (EVP_read_pw_string(pwbuf, sizeof(pwbuf),
129
				       "Enter import password:", 0) ||
130
		    !vg_decode_privkey_any(pkey, &privtype, key_in, pwbuf))
131
			return 1;
132
	}
133

134
	if (!res) {
135
		fprintf(stderr, "ERROR: Unrecognized key format\n");
136
		return 1;
137
	}
138

139
	if (key2_in) {
140
		BN_CTX *bnctx;
141
		BIGNUM bntmp, bntmp2;
142
		EC_KEY *pkey2;
143

144
		pkey2 = EC_KEY_new_by_curve_name(NID_secp256k1);
145
		res = vg_decode_privkey_any(pkey2, &privtype, key2_in, NULL);
146
		if (res < 0) {
147
			if (EVP_read_pw_string(pwbuf, sizeof(pwbuf),
148
					       "Enter import password:", 0) ||
149
			    !vg_decode_privkey_any(pkey2, &privtype,
150
						   key2_in, pwbuf))
151
				return 1;
152
		}
153

154
		if (!res) {
155
			fprintf(stderr, "ERROR: Unrecognized key format\n");
156
			return 1;
157
		}
158
		BN_init(&bntmp);
159
		BN_init(&bntmp2);
160
		bnctx = BN_CTX_new();
161
		EC_GROUP_get_order(EC_KEY_get0_group(pkey), &bntmp2, NULL);
162
		BN_mod_add(&bntmp,
163
			   EC_KEY_get0_private_key(pkey),
164
			   EC_KEY_get0_private_key(pkey2),
165
			   &bntmp2,
166
			   bnctx);
167
		vg_set_privkey(&bntmp, pkey);
168
		EC_KEY_free(pkey2);
169
		BN_clear_free(&bntmp);
170
		BN_clear_free(&bntmp2);
171
		BN_CTX_free(bnctx);
172
	}
173

174
	if (pass_prompt) {
175
		res = EVP_read_pw_string(pwbuf, sizeof(pwbuf),
176
					 "Enter password:", 1);
177
		if (res)
178
			return 1;
179
		pass_in = pwbuf;
180
		if (!vg_check_password_complexity(pwbuf, 1))
181
			fprintf(stderr, "WARNING: Using weak password\n");
182
	}
183

184
	switch (privtype) {
185
	case 128: addrtype = 0; break;
186
	case 239: addrtype = 111; break;
187
	default:  addrtype = 0; break;
188
	}
189

190
	if (verbose) {
191
		unsigned char *pend = (unsigned char *) pbuf;
192
		res = i2o_ECPublicKey(pkey, &pend);
193
		fprintf(stderr, "Pubkey (hex): ");
194
		dumphex((unsigned char *)pbuf, res);
195
		fprintf(stderr, "Privkey (hex): ");
196
		dumpbn(EC_KEY_get0_private_key(pkey));
197
	}
198
			
199
	if (pkcs8) {
200
		res = vg_pkcs8_encode_privkey(pbuf, sizeof(pbuf),
201
					      pkey, pass_in);
202
		if (!res) {
203
			fprintf(stderr,
204
				"ERROR: Could not encode private key\n");
205
			return 1;
206
		}
207
		printf("%s", pbuf);
208
	}
209

210
	else if (pass_in) {
211
		res = vg_protect_encode_privkey(ecprot, pkey, privtype,
212
						parameter_group, pass_in);
213

214
		if (!res) {
215
			fprintf(stderr, "ERROR: could not password-protect "
216
				"private key\n");
217
			return 1;
218
		}
219

220
		vg_encode_address(EC_KEY_get0_public_key(pkey),
221
				  EC_KEY_get0_group(pkey),
222
				  addrtype, pwbuf);
223
		printf("Address: %s\n", pwbuf);
224
		printf("Protkey: %s\n", ecprot);
225
	}
226

227
	else {
228
		vg_encode_address(EC_KEY_get0_public_key(pkey),
229
				  EC_KEY_get0_group(pkey),
230
				  addrtype, ecprot);
231
		printf("Address: %s\n", ecprot);
232
		vg_encode_privkey(pkey, privtype, ecprot);
233
		printf("Privkey: %s\n", ecprot);
234
	}
235

236
	OPENSSL_cleanse(pwbuf, sizeof(pwbuf));
237

238
	EC_KEY_free(pkey);
239
	return 0;
240
}
241

242