ecc api cleanup; summary:

- hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7
author: Nils Larsch <nils@openssl.org> 2005-05-16 10:11:04 +0000
committer: Nils Larsch <nils@openssl.org> 2005-05-16 10:11:04 +0000
commit: 9dd84053419aa220b5e66a5f9fcf809dbd6d9369 (patch)
tree: 7818c598a88a5b457333fd9f5951836fe96834b6 /crypto/ecdsa
parent: 46a643763de6d8e39ecf6f76fa79b4d04885aa59 (diff)
download: openssl-9dd84053419aa220b5e66a5f9fcf809dbd6d9369.tar.gz
6 files changed, 140 insertions, 116 deletions
diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index 14bb363389..76c5a4aa2a 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -81,9 +81,6 @@ typedef struct ECDSA_SIG_st
 	BIGNUM *s;
 	} ECDSA_SIG;
 
-/* ecdsa_data_st is defined in ecs_locl.h  */
-typedef struct ecdsa_data_st ECDSA_DATA;
-
 /** ECDSA_SIG *ECDSA_SIG_new(void)
  * allocates and initialize a ECDSA_SIG structure
  * \return pointer to a ECDSA_SIG structure or NULL if an error occurred
@@ -115,25 +112,6 @@ int	  i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
  */
 ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
 
-/** ECDSA_DATA_new
- * creates a new ECDSA_DATA object
- * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
- */
-ECDSA_DATA *ECDSA_DATA_new(void);
-
-/** ECDSA_DATA_new_method
- * creates a new ECDSA_DATA object using a specified ENGINE
- * \param eng pointer to a ENGINE structure
- * \return pointer to a newly allocated (and initialized) ECDSA_DATA object
- */
-ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng);
-
-/** ECDSA_DATA_free
- * frees ECDSA_DATA structure
- * \param data pointer to a ECDSA_DATA structure
- */
-void ECDSA_DATA_free(ECDSA_DATA *data);
-
 /** ECDSA_do_sign
  * computes the ECDSA signature of the given hash value using
  * the supplied private key and returns the created signature.
@@ -144,6 +122,20 @@ void ECDSA_DATA_free(ECDSA_DATA *data);
  */
 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
 
+/** ECDSA_do_sign_ex
+ * computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param kinv optional pointer to a pre-computed inverse k
+ * \param rp optional pointer to the pre-computed rp value (see 
+ *        ECDSA_sign_setup
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \return pointer to a ECDSA_SIG structure or NULL
+ */
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, 
+		const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+
 /** ECDSA_do_verify
  * verifies that the supplied signature is a valid ECDSA
  * signature of the supplied hash value using the supplied public key.
@@ -186,9 +178,7 @@ int 	  ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
 int	  ECDSA_size(const EC_KEY *eckey);
 
 /** ECDSA_sign_setup
- * precompute parts of the signing operation (the computed values may be
- * passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature
- * computation).
+ * precompute parts of the signing operation. 
  * \param eckey pointer to the EC_KEY object containing a private EC key
  * \param ctx  pointer to a BN_CTX object (may be NULL)
  * \param kinv pointer to a BIGNUM pointer for the inverse of k
@@ -212,6 +202,25 @@ int 	  ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
 int	  ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, 
 		unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
 
+
+/** ECDSA_sign_ex
+ * computes ECDSA signature of a given hash value using the supplied
+ * private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
+ * \param type this parameter is ignored
+ * \param dgst pointer to the hash value to sign
+ * \param dgstlen length of the hash value
+ * \param sig buffer to hold the DER encoded signature
+ * \param siglen pointer to the length of the returned signature
+ * \param kinv optional pointer to a pre-computed inverse k
+ * \param rp optional pointer to the pre-computed rp value (see 
+ *        ECDSA_sign_setup
+ * \param eckey pointer to the EC_KEY object containing a private EC key
+ * \return 1 on success and 0 otherwise
+ */
+int	  ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, 
+		unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
+		const BIGNUM *rp, EC_KEY *eckey);
+
 /** ECDSA_verify
  * verifies that the given signature is valid ECDSA signature
  * of the supplied hash value using the specified public key.
diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
index 5315d90dd2..70f2cc4e8e 100644
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -3,7 +3,7 @@
  * Written by Nils Larsch for the OpenSSL project.
  */
 /* ====================================================================
- * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -201,9 +201,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in)
 
 	BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid));
 	/* create the key */
-	if ((key = EC_KEY_new()) == NULL)
-		goto x962_int_err;
-	if ((key->group = EC_GROUP_new_by_curve_name(nid)) == NULL)
+	if ((key = EC_KEY_new_by_curve_name(nid)) == NULL)
 		goto x962_int_err;
 	if (!EC_KEY_generate_key(key))
 		goto x962_int_err;
@@ -291,6 +289,7 @@ int test_builtin(BIO *out)
 	EC_builtin_curve *curves = NULL;
 	size_t		crv_len = 0, n = 0;
 	EC_KEY		*eckey = NULL, *wrong_eckey = NULL;
+	EC_GROUP	*group;
 	unsigned char	digest[20], wrong_digest[20];
 	unsigned char	*signature = NULL; 
 	unsigned int	sig_len;
@@ -337,9 +336,13 @@ int test_builtin(BIO *out)
 		/* create new ecdsa key (== EC_KEY) */
 		if ((eckey = EC_KEY_new()) == NULL)
 			goto builtin_err;
-		if ((eckey->group = EC_GROUP_new_by_curve_name(nid)) == NULL)
+		group = EC_GROUP_new_by_curve_name(nid);
+		if (group == NULL)
+			goto builtin_err;
+		if (EC_KEY_set_group(eckey, group) == 0)
 			goto builtin_err;
-		if (EC_GROUP_get_degree(eckey->group) < 160)
+		EC_GROUP_free(group);
+		if (EC_GROUP_get_degree(EC_KEY_get0_group(eckey)) < 160)
 			/* drop the curve */ 
 			{
 			EC_KEY_free(eckey);
@@ -356,8 +359,12 @@ int test_builtin(BIO *out)
 		/* create second key */
 		if ((wrong_eckey = EC_KEY_new()) == NULL)
 			goto builtin_err;
-		if ((wrong_eckey->group = EC_GROUP_new_by_curve_name(nid)) == NULL)
+		group = EC_GROUP_new_by_curve_name(nid);
+		if (group == NULL)
+			goto builtin_err;
+		if (EC_KEY_set_group(wrong_eckey, group) == 0)
 			goto builtin_err;
+		EC_GROUP_free(group);
 		if (!EC_KEY_generate_key(wrong_eckey))
 			{
 			BIO_printf(out, " failed\n");
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 645a7087c8..8a6d4ad45d 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -1,6 +1,6 @@
 /* crypto/ecdsa/ecs_lib.c */
 /* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -63,10 +63,11 @@
 
 const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
 
-static void ecdsa_finish(EC_KEY *);
-
 static const ECDSA_METHOD *default_ECDSA_method = NULL;
 
+static void *ecdsa_data_dup(void *);
+static void  ecdsa_data_free(void *);
+
 void ECDSA_set_default_method(const ECDSA_METHOD *meth)
 {
 	default_ECDSA_method = meth;
@@ -90,10 +91,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
 		return 0;
 
         mtmp = ecdsa->meth;
-#if 0
-        if (mtmp->finish)
-		mtmp->finish(eckey);
-#endif
 #ifndef OPENSSL_NO_ENGINE
 	if (ecdsa->engine)
 	{
@@ -102,19 +99,11 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
 	}
 #endif
         ecdsa->meth = meth;
-#if 0
-        if (meth->init) 
-		meth->init(eckey);
-#endif
-        return 1;
-}
 
-ECDSA_DATA *ECDSA_DATA_new(void)
-{
-	return ECDSA_DATA_new_method(NULL);
+        return 1;
 }
 
-ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
+static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 {
 	ECDSA_DATA *ret;
 
@@ -126,10 +115,6 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 	}
 
 	ret->init = NULL;
-	ret->finish = ecdsa_finish;
-
-	ret->kinv = NULL;
-	ret->r    = NULL;
 
 	ret->meth = ECDSA_get_default_method();
 	ret->engine = engine;
@@ -162,22 +147,30 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
 	return(ret);
 }
 
-void ECDSA_DATA_free(ECDSA_DATA *r)
+void *ecdsa_data_new(void)
 {
-	if (r->kinv)
-		BN_clear_free(r->kinv);
-	if (r->r)
-		BN_clear_free(r->r);
+	return (void *)ECDSA_DATA_new_method(NULL);
+}
+
+static void *ecdsa_data_dup(void *data)
+{
+	ECDSA_DATA *r = (ECDSA_DATA *)data;
+
+	/* XXX: dummy operation */
+	if (r == NULL)
+		return NULL;
+
+	return ecdsa_data_new();
+}
+
+static void ecdsa_data_free(void *data)
+{
+	ECDSA_DATA *r = (ECDSA_DATA *)data;
 
-#if 0
-	if (r->meth->finish)
-		r->meth->finish(r);
-#endif
 #ifndef OPENSSL_NO_ENGINE
 	if (r->engine)
 		ENGINE_finish(r->engine);
 #endif
-
 	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
 
 	OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA));
@@ -187,23 +180,23 @@ void ECDSA_DATA_free(ECDSA_DATA *r)
 
 ECDSA_DATA *ecdsa_check(EC_KEY *key)
 {
-	if (key->meth_data)
+	ECDSA_DATA *ecdsa_data;
+ 
+	void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup,
+					ecdsa_data_free, ecdsa_data_free);
+	if (data == NULL)
 	{
-		if (key->meth_data->finish != ecdsa_finish)
-		{
-			key->meth_data->finish(key);
-			key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new();
-		}
+		ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
+		if (ecdsa_data == NULL)
+			return NULL;
+		EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
+			ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
 	}
 	else
-		key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new();
-	return (ECDSA_DATA *)key->meth_data;
-}
+		ecdsa_data = (ECDSA_DATA *)data;
+	
 
-static void ecdsa_finish(EC_KEY *key)
-{
-	if (key->meth_data && key->meth_data->finish == ecdsa_finish)
-		ECDSA_DATA_free((ECDSA_DATA *)key->meth_data);
+	return ecdsa_data;
 }
 
 int ECDSA_size(const EC_KEY *r)
@@ -212,11 +205,12 @@ int ECDSA_size(const EC_KEY *r)
 	ASN1_INTEGER bs;
 	BIGNUM	*order=NULL;
 	unsigned char buf[4];
+	const EC_GROUP *group = EC_KEY_get0_group(r);
 
-	if (r == NULL || r->group == NULL)
+	if (r == NULL || group == NULL)
 		return 0;
 	if ((order = BN_new()) == NULL) return 0;
-	if (!EC_GROUP_get_order(r->group,order,NULL))
+	if (!EC_GROUP_get_order(group,order,NULL))
 	{
 		BN_clear_free(order);
 		return 0;
diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h
index 343b866249..3a69a840e2 100644
--- a/crypto/ecdsa/ecs_locl.h
+++ b/crypto/ecdsa/ecs_locl.h
@@ -69,7 +69,7 @@ struct ecdsa_method
 	{
 	const char *name;
 	ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, 
-			EC_KEY *eckey);
+			const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
 	int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, 
 			BIGNUM **r);
 	int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, 
@@ -82,18 +82,15 @@ struct ecdsa_method
 	char *app_data;
 	};
 
-struct ecdsa_data_st {
+typedef struct ecdsa_data_st {
 	/* EC_KEY_METH_DATA part */
 	int (*init)(EC_KEY *);
-	void (*finish)(EC_KEY *);
 	/* method (ECDSA) specific part */
-	BIGNUM	*kinv;	/* signing pre-calc */
-	BIGNUM	*r;	/* signing pre-calc */
 	ENGINE	*engine;
 	int	flags;
 	const ECDSA_METHOD *meth;
 	CRYPTO_EX_DATA ex_data;
-};
+} ECDSA_DATA;
 
 /** ecdsa_check
  * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index ea776db8d8..8be45ddc93 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -62,7 +62,7 @@
 #include <openssl/bn.h>
 
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, 
-		EC_KEY *eckey);
+		const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
 static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, 
 		BIGNUM **rp);
 static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, 
@@ -92,14 +92,14 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 	BN_CTX   *ctx = NULL;
 	BIGNUM	 *k = NULL, *r = NULL, *order = NULL, *X = NULL;
 	EC_POINT *tmp_point=NULL;
-	EC_GROUP *group;
+	const EC_GROUP *group;
 	int 	 ret = 0;
-	if (!eckey  || !eckey->group || !eckey->pub_key || !eckey->priv_key)
+
+	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
 		return 0;
 	}
-	group = eckey->group;
 
 	if (ctx_in == NULL) 
 	{
@@ -210,24 +210,27 @@ err:
 
 
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, 
-		EC_KEY *eckey)
+		const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
 {
 	int     ok = 0;
-	BIGNUM *kinv=NULL, *r, *s, *m=NULL,*tmp=NULL,*order=NULL;
+	BIGNUM *kinv=NULL, *s, *m=NULL,*tmp=NULL,*order=NULL;
+	const BIGNUM *ckinv;
 	BN_CTX     *ctx = NULL;
-	EC_GROUP   *group;
+	const EC_GROUP   *group;
 	ECDSA_SIG  *ret;
 	ECDSA_DATA *ecdsa;
+	const BIGNUM *priv_key;
 
-	ecdsa = ecdsa_check(eckey);
-
-	if (!eckey->group || !eckey->pub_key || !eckey->priv_key || !ecdsa)
+	ecdsa    = ecdsa_check(eckey);
+	group    = EC_KEY_get0_group(eckey);
+	priv_key = EC_KEY_get0_private_key(eckey);
+	
+	if (group == NULL || priv_key == NULL || ecdsa == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
 		return NULL;
 	}
 
-	group = eckey->group;
 	ret = ECDSA_SIG_new();
 	if (!ret)
 	{
@@ -262,26 +265,26 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 	}
 	do
 	{
-		if (ecdsa->kinv == NULL || ecdsa->r == NULL)
+		if (in_kinv == NULL || in_r == NULL)
 		{
 			if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r))
 			{
 				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
 				goto err;
 			}
-			r = ret->r;
+			ckinv = kinv;
 		}
 		else
 		{
-			BN_free(ret->r);
-			kinv   = ecdsa->kinv;
-			r      = ecdsa->r;
-			ret->r = r;
-			ecdsa->kinv = NULL;
-			ecdsa->r    = NULL;
+			ckinv  = in_kinv;
+			if (BN_copy(ret->r, in_r) == NULL)
+			{
+				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+				goto err;
+			}
 		}
 
-		if (!BN_mod_mul(tmp, eckey->priv_key, r, order, ctx))
+		if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
@@ -291,7 +294,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
 		}
-		if (!BN_mod_mul(s, s, kinv, order, ctx))
+		if (!BN_mod_mul(s, s, ckinv, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
 			goto err;
@@ -326,16 +329,17 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 	BN_CTX   *ctx;
 	BIGNUM   *order, *u1, *u2, *m, *X;
 	EC_POINT *point = NULL;
-	EC_GROUP *group;
+	const EC_GROUP *group;
+	const EC_POINT *pub_key;
+
 	/* check input values */
-	if (!eckey || !eckey->group || !eckey->pub_key || !sig)
+	if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL ||
+	    (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL)
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
 		return -1;
 	}
 
-	group = eckey->group;
-
 	ctx = BN_CTX_new();
 	if (!ctx)
 	{
@@ -398,7 +402,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
 		goto err;
 	}
-	if (!EC_POINT_mul(group, point, u1, eckey->pub_key, u2, ctx))
+	if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
 		goto err;
diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c
index ee6aef8010..5143923050 100644
--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -58,27 +58,40 @@
 #include <openssl/engine.h>
 #endif
 
-ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
+{
+	return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey);
+}
+
+ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dlen,
+	const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey)
 {
 	ECDSA_DATA *ecdsa = ecdsa_check(eckey);
 	if (ecdsa == NULL)
 		return NULL;
-	return ecdsa->meth->ecdsa_do_sign(dgst, dlen, eckey);
+	return ecdsa->meth->ecdsa_do_sign(dgst, dlen, NULL, NULL, eckey);
 }
 
 int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char 
 		*sig, unsigned int *siglen, EC_KEY *eckey)
 {
+	return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey);
+}
+
+int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char 
+	*sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, 
+	EC_KEY *eckey)
+{
 	ECDSA_SIG *s;
-	s=ECDSA_do_sign(dgst,dlen,eckey);
+	s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey);
 	if (s == NULL)
 	{
 		*siglen=0;
-		return(0);
+		return 0;
 	}
-	*siglen=i2d_ECDSA_SIG(s,&sig);
+	*siglen = i2d_ECDSA_SIG(s, &sig);
 	ECDSA_SIG_free(s);
-	return(1);
+	return 1;
 }
 
 int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
author	Nils Larsch <nils@openssl.org>	2005-05-16 10:11:04 +0000
committer	Nils Larsch <nils@openssl.org>	2005-05-16 10:11:04 +0000
commit	9dd84053419aa220b5e66a5f9fcf809dbd6d9369 (patch)
tree	7818c598a88a5b457333fd9f5951836fe96834b6 /crypto/ecdsa
parent	46a643763de6d8e39ecf6f76fa79b4d04885aa59 (diff)
download	openssl-9dd84053419aa220b5e66a5f9fcf809dbd6d9369.tar.gz