Use SEC1 format for EC private keys.

This is not ECDSA specific, so it's now PEM_STRING_ECPRIVATEKEY etc.

Submitted by: Nils Larsch <nlarsch@compuserve.de>

7 files changed, 193 insertions, 365 deletions

diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index f9a34f14ae..00cd71d068 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -64,10 +64,7 @@
 #endif
 #include <openssl/bn.h>
 #include <openssl/ec.h>
-#include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
 
 #ifdef __cplusplus
 extern "C" {
@@ -106,6 +103,8 @@ struct ecdsa_st
 	BIGNUM	 *kinv; /* signing pre-calc */
 	BIGNUM	 *r;	/* signing pre-calc */
 
+	unsigned int enc_flag;
+
 	int 	references;
 	int	flags;
 	CRYPTO_EX_DATA ex_data;
@@ -113,6 +112,10 @@ struct ecdsa_st
 	struct engine_st *engine;
 };
 
+/* some values for the encoding_flag */
+#define ECDSA_PKEY_NO_PARAMETERS	0x001
+#define ECDSA_PKEY_NO_PUBKEY		0x002
+
 ECDSA_SIG *ECDSA_SIG_new(void);
 void	  ECDSA_SIG_free(ECDSA_SIG *a);
 int	  i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
@@ -153,6 +156,11 @@ int	ECDSAParameters_print_fp(FILE *fp, const ECDSA *x);
 int	ECDSA_print_fp(FILE *fp, const ECDSA *x, int off);
 #endif 
 
+/* the ECDSA_{set|get}_enc_flag() specify the encoding
+ * of the elliptic curve private key */
+unsigned int ECDSA_get_enc_flag(const ECDSA *);
+void ECDSA_set_enc_flag(ECDSA *, unsigned int);
+
 /* The ECDSA_{set|get}_conversion_type() functions set/get the
  * conversion form for ec-points (see ec.h) in a ECDSA-structure */
 void	ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t);
diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c
index 38b27592bd..048fa88de9 100644
--- a/crypto/ecdsa/ecs_asn1.c
+++ b/crypto/ecdsa/ecs_asn1.c
@@ -54,18 +54,9 @@
  */
 
 #include "ecdsa.h"
-#include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/err.h>
 #include <openssl/asn1t.h>
 
-typedef struct ecdsa_priv_key_st {
-        int               version;
-        ECPKPARAMETERS	  *parameters;
-	ASN1_OBJECT	  *named_curve;
-        ASN1_OCTET_STRING *pub_key;
-        BIGNUM            *priv_key;
-        } ECDSAPrivateKey;
-
 ASN1_SEQUENCE(ECDSA_SIG) = {
 	ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
 	ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
@@ -75,18 +66,6 @@ DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG)
 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG)
 IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
 
-ASN1_SEQUENCE(ECDSAPrivateKey) = {
-	ASN1_SIMPLE(ECDSAPrivateKey, version, LONG),
-	ASN1_SIMPLE(ECDSAPrivateKey, parameters, ECPKPARAMETERS),
-	ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING),
-	ASN1_SIMPLE(ECDSAPrivateKey, priv_key, BIGNUM)
-} ASN1_SEQUENCE_END(ECDSAPrivateKey)
-
-DECLARE_ASN1_FUNCTIONS_const(ECDSAPrivateKey)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPrivateKey)
-IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(ECDSAPrivateKey, ECDSAPrivateKey, ECDSAPrivateKey)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPrivateKey, ecdsaPrivateKey)
-
 int i2d_ECDSAParameters(ECDSA *a, unsigned char **out)
 	{
 	if (a == NULL)
@@ -145,19 +124,18 @@ ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
 	{
 	int             ok=0;
 	ECDSA           *ret=NULL;
-	ECDSAPrivateKey *priv_key=NULL;
+	EC_PRIVATEKEY   *priv_key=NULL;
 
-	if ((priv_key = ECDSAPrivateKey_new()) == NULL)
+	if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
 		{
 		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
 		return NULL;
 		}
 
-	if ((priv_key = d2i_ecdsaPrivateKey(&priv_key, in, len)) == NULL)
+	if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL)
 		{
-		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY,
-                         ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE);
-		ECDSAPrivateKey_free(priv_key);
+		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+		EC_PRIVATEKEY_free(priv_key);
 		return NULL;
 		}
 
@@ -175,10 +153,13 @@ ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
 	else
 		ret = *a;
 
-	if (ret->group)
-		EC_GROUP_clear_free(ret->group);
+	if (priv_key->parameters)
+		{
+		if (ret->group)
+			EC_GROUP_clear_free(ret->group);
+		ret->group = EC_ASN1_pkparameters2group(priv_key->parameters);
+		}
 
-	ret->group = EC_ASN1_pkparameters2group(priv_key->parameters);
 	if (ret->group == NULL)
 		{
 		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
@@ -186,9 +167,14 @@ ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
 		}
 
 	ret->version = priv_key->version;
-	if (priv_key->priv_key)
+
+	if (priv_key->privateKey)
 		{
-		if ((ret->priv_key = BN_dup(priv_key->priv_key)) == NULL)
+		ret->priv_key = BN_bin2bn(
+			M_ASN1_STRING_data(priv_key->privateKey),
+			M_ASN1_STRING_length(priv_key->privateKey),
+			ret->priv_key);
+		if (ret->priv_key == NULL)
 			{
 			ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY,
                                  ERR_R_BN_LIB);
@@ -202,100 +188,146 @@ ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
 		goto err;
 		}
 
-	if ((ret->pub_key = EC_POINT_new(ret->group)) == NULL)
+	if (priv_key->publicKey)
 		{
-		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
-		goto err;
+		if (ret->pub_key)
+			EC_POINT_clear_free(ret->pub_key);
+		ret->pub_key = EC_POINT_new(ret->group);
+		if (ret->pub_key == NULL)
+			{
+			ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+			goto err;
+			}
+		if (!EC_POINT_oct2point(ret->group, ret->pub_key,
+			M_ASN1_STRING_data(priv_key->publicKey),
+			M_ASN1_STRING_length(priv_key->publicKey), NULL))
+			{
+			ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+			goto err;
+			}
 		}
 
-	if (!EC_POINT_oct2point(ret->group, ret->pub_key, 
-                priv_key->pub_key->data, priv_key->pub_key->length, NULL))
+	ok = 1;
+err:
+	if (!ok)
 		{
-		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
-		goto err;
+		if (ret)
+			ECDSA_free(ret);
+		ret = NULL;
 		}
 
-	ok = 1;
-
-err :	if (!ok)
-	{
-		if (ret) ECDSA_free(ret);
-		ret = NULL;
-	}
 	if (priv_key)
-		ECDSAPrivateKey_free(priv_key);
+		EC_PRIVATEKEY_free(priv_key);
+
 	return(ret);
-}
+	}
 
 int	i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out)
-{
-	int ret=0, ok=0;
+	{
+	int             ret=0, ok=0;
 	unsigned char   *buffer=NULL;
-	size_t		buf_len=0;
-	ECDSAPrivateKey *priv_key=NULL;
+	size_t          buf_len=0, tmp_len;
+	EC_PRIVATEKEY   *priv_key=NULL;
 
-	if (a == NULL || a->group == NULL)
+	if (a == NULL || a->group == NULL || a->priv_key == NULL)
 		{
 		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
                          ERR_R_PASSED_NULL_PARAMETER);
 		goto err;
 		}
 
-	if ((priv_key = ECDSAPrivateKey_new()) == NULL)
+	if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
 		{
 		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
                          ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
 
-	if ((priv_key->parameters = EC_ASN1_group2pkparameters(a->group, 
-                                    priv_key->parameters)) == NULL)
+	priv_key->version = a->version;
+
+	buf_len = (size_t)BN_num_bytes(a->priv_key);
+	buffer = OPENSSL_malloc(buf_len);
+	if (buffer == NULL)
 		{
-		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
+                         ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
-
-	priv_key->version      = a->version;
-
-	if (BN_copy(priv_key->priv_key, a->priv_key) == NULL)
+	
+	if (!BN_bn2bin(a->priv_key, buffer))
 		{
 		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_BN_LIB);
 		goto err;
 		}
 
-	buf_len = EC_POINT_point2oct(a->group, a->pub_key, 
-                           ECDSA_get_conversion_form(a), NULL, 0, NULL);
-	if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
+	if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len))
 		{
-		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB);
 		goto err;
-		}
-	if (!EC_POINT_point2oct(a->group, a->pub_key, 
-			ECDSA_get_conversion_form(a), buffer, buf_len, NULL))
+		}	
+
+	if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PARAMETERS))
 		{
-		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
-		goto err;
+		if ((priv_key->parameters = EC_ASN1_group2pkparameters(
+			a->group, priv_key->parameters)) == NULL)
+			{
+			ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+			goto err;
+			}
 		}
-	if (!M_ASN1_OCTET_STRING_set(priv_key->pub_key, buffer, buf_len))
+
+	if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PUBKEY))
 		{
-		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB);
-		goto err;
+		priv_key->publicKey = M_ASN1_BIT_STRING_new();
+		if (priv_key->publicKey == NULL)
+			{
+			ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
+				ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+
+		tmp_len = EC_POINT_point2oct(a->group, a->pub_key, 
+                           ECDSA_get_conversion_form(a), NULL, 0, NULL);
+
+		if (tmp_len > buf_len)
+			buffer = OPENSSL_realloc(buffer, tmp_len);
+		if (buffer == NULL)
+			{
+			ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
+				ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+
+		buf_len = tmp_len;
+
+		if (!EC_POINT_point2oct(a->group, a->pub_key, 
+			ECDSA_get_conversion_form(a), buffer, buf_len, NULL))
+			{
+			ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+			goto err;
+			}
+
+		if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, 
+				buf_len))
+			{
+			ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB);
+			goto err;
+			}
 		}
-	if ((ret = i2d_ecdsaPrivateKey(priv_key, out)) == 0)
+
+	if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0)
 		{
-		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, 
-                         ECDSA_R_I2D_ECDSA_PRIVATEKEY);
+		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
 		goto err;
 		}
 	ok=1;
-	
 err:
 	if (buffer)
 		OPENSSL_free(buffer);
 	if (priv_key)
-		ECDSAPrivateKey_free(priv_key);	
+		EC_PRIVATEKEY_free(priv_key);
 	return(ok?ret:0);
-}
+	}
 
 
 ECDSA 	*ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len)
diff --git a/crypto/ecdsa/ecs_key.c b/crypto/ecdsa/ecs_key.c
index 03916eac61..a186f3aa88 100644
--- a/crypto/ecdsa/ecs_key.c
+++ b/crypto/ecdsa/ecs_key.c
@@ -1,61 +1,60 @@
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* crypto/ecdsa/ecs_key.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
  * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
  */
-#include "cryptlib.h"
-#include <openssl/ecdsa.h>
+
+#include "ecdsa.h"
+#include <openssl/err.h>
 
 int ECDSA_generate_key(ECDSA *ecdsa)
 {	
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 5f10c2ede7..88cd18386c 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -52,64 +52,7 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
 
-#include "cryptlib.h"
 #include "ecdsa.h"
 #include <openssl/engine.h>
 
@@ -186,6 +129,8 @@ ECDSA *ECDSA_new_method(ENGINE *engine)
 	ret->kinv = NULL;
 	ret->r = NULL;
 
+	ret->enc_flag = 0;
+
 	ret->references = 1;
 	ret->flags = ret->meth->flags;
 	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
@@ -316,3 +261,13 @@ point_conversion_form_t ECDSA_get_default_conversion_form(void)
 {
 	return default_conversion_form;
 }
+
+unsigned int ECDSA_get_enc_flag(const ECDSA *ecdsa)
+{
+	return ecdsa->enc_flag;
+}
+
+void ECDSA_set_enc_flag(ECDSA *ecdsa, unsigned int flag)
+{
+	ecdsa->enc_flag = flag;
+}
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index 96797f332b..915ece7bf4 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -52,64 +52,9 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include "cryptlib.h"
-#include <openssl/ecdsa.h>
+
+#include "ecdsa.h"
+#include <openssl/err.h>
 
 /* TODO : general case */
 #define	EC_POINT_get_affine_coordinates EC_POINT_get_affine_coordinates_GFp
diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c
index eb18685e37..c1d3e3bf3c 100644
--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -52,64 +52,8 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include "cryptlib.h"
-#include <openssl/ecdsa.h>
+
+#include "ecdsa.h"
 #include <openssl/engine.h>
 
 ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa)
diff --git a/crypto/ecdsa/ecs_vrf.c b/crypto/ecdsa/ecs_vrf.c
index dddbcfc60c..58c98b5593 100644
--- a/crypto/ecdsa/ecs_vrf.c
+++ b/crypto/ecdsa/ecs_vrf.c
@@ -52,63 +52,8 @@
  * Hudson (tjh@cryptsoft.com).
  *
  */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <openssl/ecdsa.h>
+
+#include "ecdsa.h"
 #include <openssl/engine.h>
 
 /* returns