diff options
| author | Bodo Möller <bodo@openssl.org> | 2002-08-07 10:49:54 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2002-08-07 10:49:54 +0000 |
| commit | 14a7cfb32a0347a4bc620ae1b552b21c4c1e270b (patch) | |
| tree | 13c4bcc3d58ba7db5e598cd668670873b51e8ce3 /crypto | |
| parent | 7a8645d1716d7f84435b0f3d8d2fd122d6f75113 (diff) | |
| download | openssl-14a7cfb32a0347a4bc620ae1b552b21c4c1e270b.tar.gz | |
use a generic EC_KEY structure (EC keys are not ECDSA specific)
Submitted by: Nils Larsch
Diffstat (limited to 'crypto')
38 files changed, 1625 insertions, 1484 deletions
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index 3c659ab87b..56699e57e6 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -439,19 +439,19 @@ d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -d2i_pr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c +d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +d2i_pr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +d2i_pr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +d2i_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +d2i_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +d2i_pr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +d2i_pr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +d2i_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +d2i_pr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +d2i_pr.o: ../cryptlib.h d2i_pr.c d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -459,19 +459,19 @@ d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -d2i_pu.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c +d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +d2i_pu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +d2i_pu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +d2i_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +d2i_pu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +d2i_pu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +d2i_pu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +d2i_pu.o: ../cryptlib.h d2i_pu.c evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -512,19 +512,19 @@ i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -i2d_pr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c +i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h +i2d_pr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +i2d_pr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +i2d_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +i2d_pr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +i2d_pr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +i2d_pr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +i2d_pr.o: ../cryptlib.h i2d_pr.c i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h @@ -532,19 +532,19 @@ i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -i2d_pu.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h -i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h -i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c +i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h +i2d_pu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +i2d_pu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +i2d_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h +i2d_pu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +i2d_pu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +i2d_pu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h +i2d_pu.o: ../cryptlib.h i2d_pu.c n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h @@ -708,13 +708,13 @@ t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h -t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h -t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c +t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/err.h +t_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +t_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +t_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_pkey.o: ../cryptlib.h t_pkey.c t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 303fe5da8b..1be3e02298 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -1010,6 +1010,7 @@ void ERR_load_ASN1_strings(void); #define ASN1_F_I2D_ASN1_TIME 160 #define ASN1_F_I2D_DSA_PUBKEY 161 #define ASN1_F_I2D_ECDSA_PUBKEY 174 +#define ASN1_F_I2D_EC_PUBKEY 176 #define ASN1_F_I2D_NETSCAPE_RSA 162 #define ASN1_F_I2D_PRIVATEKEY 163 #define ASN1_F_I2D_PUBLICKEY 164 diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index dbb9753bb9..d64f987ac6 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -128,7 +128,8 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, {ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, {ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"}, -{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0), "i2d_ECDSA_PUBKEY"}, +{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0), "I2D_ECDSA_PUBKEY"}, +{ERR_PACK(0,ASN1_F_I2D_EC_PUBKEY,0), "i2d_EC_PUBKEY"}, {ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"}, {ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"}, {ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"}, diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index d56e5fdc6e..8d0dc27904 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -68,8 +68,8 @@ #ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> #endif EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, @@ -111,9 +111,9 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, } break; #endif -#ifndef OPENSSL_NO_ECDSA - case EVP_PKEY_ECDSA: - if ((ret->pkey.ecdsa = d2i_ECDSAPrivateKey(NULL, +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + if ((ret->pkey.eckey = d2i_ECPrivateKey(NULL, (const unsigned char **)pp, length)) == NULL) { ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); @@ -154,7 +154,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA; else if (sk_ASN1_TYPE_num(inkey) == 4) - keytype = EVP_PKEY_ECDSA; + keytype = EVP_PKEY_EC; else keytype = EVP_PKEY_RSA; sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); return d2i_PrivateKey(keytype, a, pp, length); diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index f66d72fd7b..cf97b83eac 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -68,8 +68,8 @@ #ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> #endif EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, @@ -111,10 +111,11 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, } break; #endif -#ifndef OPENSSL_NO_ECDSA - case EVP_PKEY_ECDSA: - if ((ret->pkey.ecdsa = ECDSAPublicKey_set_octet_string(&(ret->pkey.ecdsa), - (const unsigned char **)pp, length)) == NULL) +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + if ((ret->pkey.eckey = ECPublicKey_set_octet_string( + &(ret->pkey.eckey), (const unsigned char **)pp, + length)) == NULL) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index a40c64d3f4..bbf2a0d2d6 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -67,8 +67,8 @@ #ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> #endif int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) @@ -86,10 +86,10 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); } #endif -#ifndef OPENSSL_NO_ECDSA - if (a->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + if (a->type == EVP_PKEY_EC) { - return(i2d_ECDSAPrivateKey(a->pkey.ecdsa, pp)); + return(i2d_ECPrivateKey(a->pkey.eckey, pp)); } #endif diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c index 2fcc5554a7..85220b44d6 100644 --- a/crypto/asn1/i2d_pu.c +++ b/crypto/asn1/i2d_pu.c @@ -67,8 +67,8 @@ #ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> #endif int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) @@ -83,9 +83,9 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) case EVP_PKEY_DSA: return(i2d_DSAPublicKey(a->pkey.dsa,pp)); #endif -#ifndef OPENSSL_NO_ECDSA - case EVP_PKEY_ECDSA: - return(ECDSAPublicKey_get_octet_string(a->pkey.ecdsa, pp)); +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + return(ECPublicKey_get_octet_string(a->pkey.eckey, pp)); #endif default: ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index 652b26b7b0..fb01e38d79 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -70,8 +70,8 @@ #ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> #endif static int print(BIO *fp,const char *str,BIGNUM *num, @@ -257,6 +257,22 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off) BIO_free(b); return(ret); } + +int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off) + { + BIO *b; + int ret; + + if ((b=BIO_new(BIO_s_file())) == NULL) + { + ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB); + return(0); + } + BIO_set_fp(b, fp, BIO_NOCLOSE); + ret = EC_KEY_print(b, x, off); + BIO_free(b); + return(ret); + } #endif int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) @@ -436,29 +452,8 @@ err: OPENSSL_free(buffer); return(ret); } -#endif /* OPENSSL_NO_EC */ - - -#ifndef OPENSSL_NO_ECDSA -#ifndef OPENSSL_NO_FP_API -int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off) -{ - BIO *b; - int ret; - - if ((b=BIO_new(BIO_s_file())) == NULL) - { - ECDSAerr(ECDSA_F_ECDSA_PRINT_FP, ERR_R_BIO_LIB); - return(0); - } - BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = ECDSA_print(b, x, off); - BIO_free(b); - return(ret); -} -#endif -int ECDSA_print(BIO *bp, const ECDSA *x, int off) +int EC_KEY_print(BIO *bp, const EC_KEY *x, int off) { char str[128]; unsigned char *buffer=NULL; @@ -474,7 +469,7 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) } if ((pub_key = EC_POINT_point2bn(x->group, x->pub_key, - ECDSA_get_conversion_form(x), NULL, ctx)) == NULL) + x->conv_form, NULL, ctx)) == NULL) { reason = ERR_R_EC_LIB; goto err; @@ -516,7 +511,7 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) ret=1; err: if (!ret) - ECDSAerr(ECDSA_F_ECDSA_PRINT, reason); + ECerr(EC_F_EC_KEY_PRINT, reason); if (pub_key) BN_free(pub_key); if (ctx) @@ -525,7 +520,7 @@ err: OPENSSL_free(buffer); return(ret); } -#endif +#endif /* OPENSSL_NO_EC */ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, int off) @@ -690,26 +685,26 @@ err: #endif /* !OPENSSL_NO_DSA */ -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_FP_API -int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x) +int ECParameters_print_fp(FILE *fp, const EC_KEY *x) { BIO *b; int ret; if ((b=BIO_new(BIO_s_file())) == NULL) - { - ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT_FP, ERR_R_BIO_LIB); + { + ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB); return(0); - } + } BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = ECDSAParameters_print(b, x); + ret = ECParameters_print(b, x); BIO_free(b); return(ret); } #endif -int ECDSAParameters_print(BIO *bp, const ECDSA *x) +int ECParameters_print(BIO *bp, const EC_KEY *x) { int reason=ERR_R_EC_LIB, ret=0; BIGNUM *order=NULL; @@ -741,7 +736,7 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x) err: if (order) BN_free(order); - ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT, reason); + ECerr(EC_F_ECPARAMETERS_PRINT, reason); return(ret); } diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index bfa58cc967..7cf09a4646 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -134,11 +134,11 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) } else #endif -#ifndef OPENSSL_NO_ECDSA - if (pkey != NULL && pkey->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + if (pkey != NULL && pkey->type == EVP_PKEY_EC) { - BIO_printf(bp, "%12sECDSA Public Key: \n",""); - ECDSA_print(bp, pkey->pkey.ecdsa, 16); + BIO_printf(bp, "%12sEC Public Key: \n",""); + EC_KEY_print(bp, pkey->pkey.eckey, 16); } else #endif diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index 86821119d8..499e12834a 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -93,11 +93,11 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) } else #endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) { - BIO_printf(out, " ECDSA Public Key:\n"); - ECDSA_print(out, pkey->pkey.ecdsa,2); + BIO_printf(out, " EC Public Key:\n"); + EC_KEY_print(out, pkey->pkey.eckey,2); } else #endif diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index ae6d5ce041..5074a74928 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -66,8 +66,8 @@ #ifndef OPENSSL_NO_DSA #include <openssl/dsa.h> #endif -#ifndef OPENSSL_NO_ECDSA -#include <openssl/ecdsa.h> +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> #endif #include <openssl/objects.h> #include <openssl/x509.h> @@ -232,11 +232,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) } else #endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) { - BIO_printf(bp, "%12sECDSA Public Key:\n",""); - ECDSA_print(bp, pkey->pkey.ecdsa, 16); + BIO_printf(bp, "%12sEC Public Key:\n",""); + EC_KEY_print(bp, pkey->pkey.eckey, 16); } else #endif diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 68ddeb43f2..c32a6eaa49 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -129,14 +129,14 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) OPENSSL_free(p); } #endif -#ifndef OPENSSL_NO_ECDSA - else if (pkey->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + else if (pkey->type == EVP_PKEY_EC) { int nid=0; unsigned char *pp; - ECDSA *ecdsa; + EC_KEY *eckey; - ecdsa = pkey->pkey.ecdsa; + eckey = pkey->pkey.eckey; ASN1_TYPE_free(a->parameter); if ((a->parameter = ASN1_TYPE_new()) == NULL) @@ -145,8 +145,8 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) goto err; } - if (EC_GROUP_get_asn1_flag(ecdsa->group) - && (nid = EC_GROUP_get_nid(ecdsa->group))) + if (EC_GROUP_get_asn1_flag(eckey->group) + && (nid = EC_GROUP_get_nid(eckey->group))) { /* just set the OID */ a->parameter->type = V_ASN1_OBJECT; @@ -154,9 +154,9 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } else /* explicit parameters */ { - if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0) + if ((i = i2d_ECParameters(eckey, NULL)) == 0) { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB); + X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); goto err; } if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL) @@ -165,9 +165,9 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) goto err; } pp = p; - if (!i2d_ECDSAParameters(ecdsa, &pp)) + if (!i2d_ECParameters(eckey, &pp)) { - X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB); + X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); OPENSSL_free(p); goto err; } @@ -277,24 +277,25 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) ret->save_parameters=1; } #endif -#ifndef OPENSSL_NO_ECDSA - else if (ret->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + else if (ret->type == EVP_PKEY_EC) { if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) { /* type == V_ASN1_SEQUENCE => we have explicit parameters * (e.g. parameters in the X9_62_EC_PARAMETERS-structure ) */ - if ((ret->pkey.ecdsa= ECDSA_new()) == NULL) + if ((ret->pkey.eckey= EC_KEY_new()) == NULL) { - X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); + X509err(X509_F_X509_PUBKEY_GET, + ERR_R_MALLOC_FAILURE); goto err; } cp = p = a->parameter->value.sequence->data; j = a->parameter->value.sequence->length; - if (!d2i_ECDSAParameters(&ret->pkey.ecdsa, &cp, (long)j)) + if (!d2i_ECParameters(&ret->pkey.eckey, &cp, (long)j)) { - X509err(X509_F_X509_PUBKEY_GET, ERR_R_ECDSA_LIB); + X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB); goto err; } } @@ -303,16 +304,16 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) /* type == V_ASN1_OBJECT => the parameters are given * by an asn1 OID */ - ECDSA *ecdsa; - if (ret->pkey.ecdsa == NULL) - ret->pkey.ecdsa = ECDSA_new(); - ecdsa = ret->pkey.ecdsa; - if (ecdsa->group) - EC_GROUP_free(ecdsa->group); - if ((ecdsa->group = EC_GROUP_new_by_name( + EC_KEY *eckey; + if (ret->pkey.eckey == NULL) + ret->pkey.eckey = EC_KEY_new(); + eckey = ret->pkey.eckey; + if (eckey->group) + EC_GROUP_free(eckey->group); + if ((eckey->group = EC_GROUP_new_by_nid( OBJ_obj2nid(a->parameter->value.object))) == NULL) goto err; - EC_GROUP_set_asn1_flag(ecdsa->group, + EC_GROUP_set_asn1_flag(eckey->group, OPENSSL_EC_NAMED_CURVE); } /* the case implicitlyCA is currently not implemented */ @@ -453,38 +454,38 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) } #endif -#ifndef OPENSSL_NO_ECDSA -ECDSA *d2i_ECDSA_PUBKEY(ECDSA **a, unsigned char **pp, long length) +#ifndef OPENSSL_NO_EC +EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp, long length) { EVP_PKEY *pkey; - ECDSA *key; + EC_KEY *key; unsigned char *q; q = *pp; pkey = d2i_PUBKEY(NULL, &q, length); if (!pkey) return(NULL); - key = EVP_PKEY_get1_ECDSA(pkey); + key = EVP_PKEY_get1_EC_KEY(pkey); EVP_PKEY_free(pkey); if (!key) return(NULL); *pp = q; if (a) { - ECDSA_free(*a); + EC_KEY_free(*a); *a = key; } return(key); } -int i2d_ECDSA_PUBKEY(ECDSA *a, unsigned char **pp) +int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp) { EVP_PKEY *pktmp; int ret; if (!a) return(0); if ((pktmp = EVP_PKEY_new()) == NULL) { - ASN1err(ASN1_F_I2D_ECDSA_PUBKEY, ERR_R_MALLOC_FAILURE); + ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); return(0); } - EVP_PKEY_set1_ECDSA(pktmp, a); + EVP_PKEY_set1_EC_KEY(pktmp, a); ret = i2d_PUBKEY(pktmp, pp); EVP_PKEY_free(pktmp); return(ret); diff --git a/crypto/ec/Makefile.ssl b/crypto/ec/Makefile.ssl index fbc80ff05e..d183f679c4 100644 --- a/crypto/ec/Makefile.ssl +++ b/crypto/ec/Makefile.ssl @@ -23,12 +23,12 @@ TEST=ectest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \ - ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c \ +LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c\ + ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\ ec2_smpl.c ec2_smpt.c ec2_mult.c -LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \ - ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o \ +LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o\ + ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\ ec2_smpl.o ec2_mult.o SRC= $(LIBSRC) @@ -142,6 +142,14 @@ ec_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h ec_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ec_err.o: ec_err.c +ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h +ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h +ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h +ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h +ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index ff9af9f8e4..4a1787f0b7 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -334,21 +334,8 @@ int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *); /* ASN1 stuff */ #define OPENSSL_EC_NAMED_CURVE 0x001 -typedef struct ec_parameters_st ECPARAMETERS; typedef struct ecpk_parameters_st ECPKPARAMETERS; -DECLARE_ASN1_ITEM(ECPARAMETERS) -DECLARE_ASN1_ITEM(ECPKPARAMETERS) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPARAMETERS, ECPARAMETERS) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS) - -EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *); -ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *, ECPKPARAMETERS *); - - -EC_GROUP *d2i_ECParameters(EC_GROUP **, const unsigned char **in, long len); -int i2d_ECParameters(const EC_GROUP *, unsigned char **out); - EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len); int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out); @@ -368,18 +355,65 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off); int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); #endif -/* SEC1 ECPrivateKey */ -typedef struct ec_privatekey_st { - int version; - ASN1_OCTET_STRING *privateKey; - ECPKPARAMETERS *parameters; - ASN1_BIT_STRING *publicKey; - } EC_PRIVATEKEY; +/* the EC_KEY stuff */ +typedef struct ec_key_st EC_KEY; + +typedef struct ec_key_meth_data_st { + int (*init)(EC_KEY *); + void (*finish)(EC_KEY *); + } EC_KEY_METH_DATA; + +struct ec_key_st { + int version; + + EC_GROUP *group; + + EC_POINT *pub_key; + BIGNUM *priv_key; + + unsigned int enc_flag; + point_conversion_form_t conv_form; + + int references; -DECLARE_ASN1_ITEM(EC_PRIVATEKEY) -DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY) + EC_KEY_METH_DATA *meth_data; + }/* EC_KEY */; +/* some values for the encoding_flag */ +#define EC_PKEY_NO_PARAMETERS 0x001 +#define EC_PKEY_NO_PUBKEY 0x002 + +EC_KEY *EC_KEY_new(void); +void EC_KEY_free(EC_KEY *); +EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *); +EC_KEY *EC_KEY_dup(const EC_KEY *); + +/* EC_KEY_generate_key() creates a ec private (public) key */ +int EC_KEY_generate_key(EC_KEY *); +/* EC_KEY_check_key() */ +int EC_KEY_check_key(const EC_KEY *); + +/* de- and encode functions for the SEC1 ECPrivateKey */ +EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len); +int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out); +/* de- and encode functions for the elliptic curve parameters */ +EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len); +int i2d_ECParameters(EC_KEY *a, unsigned char **out); + +EC_KEY *ECPublicKey_set_octet_string(EC_KEY **a, const unsigned char **in, + long len); +int ECPublicKey_get_octet_string(EC_KEY *a, unsigned char **out); + +#ifndef OPENSSL_NO_BIO +int ECParameters_print(BIO *bp, const EC_KEY *x); +int EC_KEY_print(BIO *bp, const EC_KEY *x, int off); +#endif +#ifndef OPENSSL_NO_FP_API +int ECParameters_print_fp(FILE *fp, const EC_KEY *x); +int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off); +#endif +#define ECParameters_dup(x) (EC_KEY *)ASN1_dup((int (*)())i2d_ECParameters,\ + (char *(*)())d2i_ECParameters,(char *)(x)) /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -391,11 +425,15 @@ void ERR_load_EC_strings(void); /* Function codes. */ #define EC_F_COMPUTE_WNAF 143 -#define EC_F_D2I_ECDSAPARAMETERS 154 #define EC_F_D2I_ECPARAMETERS 155 #define EC_F_D2I_ECPKPARAMETERS 161 +#define EC_F_D2I_ECPRIVATEKEY 168 +#define EC_F_ECPARAMETERS_PRINT 173 +#define EC_F_ECPARAMETERS_PRINT_FP 174 #define EC_F_ECPKPARAMETERS_PRINT 166 #define EC_F_ECPKPARAMETERS_PRINT_FP 167 +#define EC_F_ECPUBLICKEY_GET_OCTET 170 +#define EC_F_ECPUBLICKEY_SET_OCTET 171 #define EC_F_EC_ASN1_GROUP2CURVE 159 #define EC_F_EC_ASN1_GROUP2FIELDID 156 #define EC_F_EC_ASN1_GROUP2PARAMETERS 160 @@ -419,9 +457,9 @@ void ERR_load_EC_strings(void); #define EC_F_EC_GFP_SIMPLE_OCT2POINT 103 #define EC_F_EC_GFP_SIMPLE_POINT2OCT 104 #define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137 -#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 105 -#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 128 -#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 129 +#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 105 +#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 128 +#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 129 #define EC_F_EC_GROUP_CHECK 150 #define EC_F_EC_GROUP_CHECK_DISCRIMINANT 153 #define EC_F_EC_GROUP_COPY 106 @@ -443,6 +481,12 @@ void ERR_load_EC_strings(void); #define EC_F_EC_GROUP_SET_CURVE_GFP 109 #define EC_F_EC_GROUP_SET_EXTRA_DATA 110 #define EC_F_EC_GROUP_SET_GENERATOR 111 +#define EC_F_EC_KEY_CHECK_KEY 184 +#define EC_F_EC_KEY_COPY 186 +#define EC_F_EC_KEY_GENERATE_KEY 185 +#define EC_F_EC_KEY_PRINT 175 +#define EC_F_EC_KEY_PRINT_FP 176 +#define EC_F_EC_NEW 172 #define EC_F_EC_POINTS_MAKE_AFFINE 136 #define EC_F_EC_POINTS_MUL 138 #define EC_F_EC_POINT_ADD 112 @@ -471,6 +515,7 @@ void ERR_load_EC_strings(void); #define EC_F_I2D_ECDSAPARAMETERS 158 #define EC_F_I2D_ECPARAMETERS 164 #define EC_F_I2D_ECPKPARAMETERS 165 +#define EC_F_I2D_ECPRIVATEKEY 169 /* Reason codes. */ #define EC_R_ASN1_ERROR 130 @@ -493,7 +538,9 @@ void ERR_load_EC_strings(void); #define EC_R_INVALID_FIELD 103 #define EC_R_INVALID_FORM 104 #define EC_R_INVALID_GROUP_ORDER 119 +#define EC_R_INVALID_PRIVATE_KEY 139 #define EC_R_MISSING_PARAMETERS 127 +#define EC_R_MISSING_PRIVATE_KEY 138 #define EC_R_NOT_IMPLEMENTED 136 #define EC_R_NOT_INITIALIZED 111 #define EC_R_NO_SUCH_EXTRA_DATA 105 @@ -508,6 +555,7 @@ void ERR_load_EC_strings(void); #define EC_R_UNKNOWN_NID 117 #define EC_R_UNKNOWN_ORDER 114 #define EC_R_UNKNOWN_PARAMETERS_TYPE 129 +#define EC_R_WRONG_ORDER 140 #ifdef __cplusplus } diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 90b64b0e04..bb81cfb3c3 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -82,14 +82,14 @@ typedef struct x9_62_curve_st { ASN1_BIT_STRING *seed; } X9_62_CURVE; -struct ec_parameters_st { +typedef struct ec_parameters_st { ASN1_INTEGER *version; X9_62_FIELDID *fieldID; X9_62_CURVE *curve; ASN1_OCTET_STRING *base; ASN1_INTEGER *order; ASN1_INTEGER *cofactor; - }/* ECPARAMETERS */; + } ECPARAMETERS; struct ecpk_parameters_st { int type; @@ -100,6 +100,14 @@ struct ecpk_parameters_st { } value; }/* ECPKPARAMETERS */; +/* SEC1 ECPrivateKey */ +typedef struct ec_privatekey_st { + int version; + ASN1_OCTET_STRING *privateKey; + ECPKPARAMETERS *parameters; + ASN1_BIT_STRING *publicKey; + } EC_PRIVATEKEY; + /* the OpenSSL asn1 definitions */ ASN1_SEQUENCE(X9_62_FIELDID) = { @@ -151,6 +159,7 @@ ASN1_SEQUENCE(ECPARAMETERS) = { } ASN1_SEQUENCE_END(ECPARAMETERS) DECLARE_ASN1_FUNCTIONS_const(ECPARAMETERS) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPARAMETERS, ECPARAMETERS) IMPLEMENT_ASN1_FUNCTIONS_const(ECPARAMETERS) ASN1_CHOICE(ECPKPARAMETERS) = { @@ -160,15 +169,18 @@ ASN1_CHOICE(ECPKPARAMETERS) = { } ASN1_CHOICE_END(ECPKPARAMETERS) DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS) IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS) ASN1_SEQUENCE(EC_PRIVATEKEY) = { ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG), ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING), - ASN1_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS), - ASN1_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING) + ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0), + ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) } ASN1_SEQUENCE_END(EC_PRIVATEKEY) +DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) +DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY) IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) /* some internal functions */ @@ -178,6 +190,8 @@ static X9_62_CURVE *ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *); static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *); static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *, ECPARAMETERS *); +EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *); +ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *, ECPKPARAMETERS *); static X9_62_FIELDID *ec_asn1_group2field(const EC_GROUP *group, X9_62_FIELDID *field) @@ -786,34 +800,7 @@ EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *params) return ret; } -/* EC_GROUP <-> DER encoding of EC[PK]PARAMETERS */ - -EC_GROUP *d2i_ECParameters(EC_GROUP **a, const unsigned char **in, long len) - { - EC_GROUP *group = NULL; - ECPARAMETERS *params = NULL; - - if ((params = d2i_ECPARAMETERS(NULL, in, len)) == NULL) - { - ECerr(EC_F_D2I_ECPARAMETERS, EC_R_D2I_ECPARAMETERS_FAILURE); - ECPARAMETERS_free(params); - return NULL; - } - - if ((group = ec_asn1_parameters2group(params)) == NULL) - { - ECerr(EC_F_D2I_ECPARAMETERS, EC_R_PARAMETERS2GROUP_FAILURE); - return NULL; - } - - if (a && *a) - EC_GROUP_clear_free(*a); - if (a) - *a = group; - - ECPARAMETERS_free(params); - return(group); - } +/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) { @@ -843,40 +830,346 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) return(group); } -int i2d_ECParameters(const EC_GROUP *a, unsigned char **out) +int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out) { int ret=0; - ECPARAMETERS *tmp = ec_asn1_group2parameters(a, NULL); + ECPKPARAMETERS *tmp = EC_ASN1_group2pkparameters(a, NULL); if (tmp == NULL) { - ECerr(EC_F_I2D_ECPARAMETERS, EC_R_GROUP2PARAMETERS_FAILURE); + ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE); return 0; } - if ((ret = i2d_ECPARAMETERS(tmp, out)) == 0) + if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) { - ECerr(EC_F_I2D_ECPARAMETERS, EC_R_I2D_EC_PARAMETERS_FAILURE); - ECPARAMETERS_free(tmp); + ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE); + ECPKPARAMETERS_free(tmp); return 0; } - ECPARAMETERS_free(tmp); + ECPKPARAMETERS_free(tmp); return(ret); } -int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out) +/* some EC_KEY functions */ + +EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) { - int ret=0; - ECPKPARAMETERS *tmp = EC_ASN1_group2pkparameters(a, NULL); - if (tmp == NULL) + int ok=0; + EC_KEY *ret=NULL; + EC_PRIVATEKEY *priv_key=NULL; + + if ((priv_key = EC_PRIVATEKEY_new()) == NULL) { - ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE); + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); + return NULL; + } + + if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + EC_PRIVATEKEY_free(priv_key); + return NULL; + } + + if (a == NULL || *a == NULL) + { + if ((ret = EC_KEY_new()) == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + if (a) + *a = ret; + } + else + ret = *a; + + if (priv_key->parameters) + { + if (ret->group) + EC_GROUP_clear_free(ret->group); + ret->group = EC_ASN1_pkparameters2group(priv_key->parameters); + } + + if (ret->group == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + + ret->version = priv_key->version; + + if (priv_key->privateKey) + { + ret->priv_key = BN_bin2bn( + M_ASN1_STRING_data(priv_key->privateKey), + M_ASN1_STRING_length(priv_key->privateKey), + ret->priv_key); + if (ret->priv_key == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, + ERR_R_BN_LIB); + goto err; + } + } + else + { + ECerr(EC_F_D2I_ECPRIVATEKEY, + EC_R_MISSING_PRIVATE_KEY); + goto err; + } + + if (priv_key->publicKey) + { + if (ret->pub_key) + EC_POINT_clear_free(ret->pub_key); + ret->pub_key = EC_POINT_new(ret->group); + if (ret->pub_key == NULL) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + if (!EC_POINT_oct2point(ret->group, ret->pub_key, + M_ASN1_STRING_data(priv_key->publicKey), + M_ASN1_STRING_length(priv_key->publicKey), NULL)) + { + ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + } + + ok = 1; +err: + if (!ok) + { + if (ret) + EC_KEY_free(ret); + ret = NULL; + } + + if (priv_key) + EC_PRIVATEKEY_free(priv_key); + + return(ret); + } + +int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) + { + int ret=0, ok=0; + unsigned char *buffer=NULL; + size_t buf_len=0, tmp_len; + EC_PRIVATEKEY *priv_key=NULL; + + if (a == NULL || a->group == NULL || a->priv_key == NULL) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, + ERR_R_PASSED_NULL_PARAMETER); + goto err; + } + + if ((priv_key = EC_PRIVATEKEY_new()) == NULL) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + + priv_key->version = a->version; + + buf_len = (size_t)BN_num_bytes(a->priv_key); + buffer = OPENSSL_malloc(buf_len); + if (buffer == NULL) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + + if (!BN_bn2bin(a->priv_key, buffer)) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB); + goto err; + } + + if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB); + goto err; + } + + if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) + { + if ((priv_key->parameters = EC_ASN1_group2pkparameters( + a->group, priv_key->parameters)) == NULL) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + } + + if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) + { + priv_key->publicKey = M_ASN1_BIT_STRING_new(); + if (priv_key->publicKey == NULL) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + + tmp_len = EC_POINT_point2oct(a->group, a->pub_key, + a->conv_form, NULL, 0, NULL); + + if (tmp_len > buf_len) + buffer = OPENSSL_realloc(buffer, tmp_len); + if (buffer == NULL) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, + ERR_R_MALLOC_FAILURE); + goto err; + } + + buf_len = tmp_len; + + if (!EC_POINT_point2oct(a->group, a->pub_key, + a->conv_form, buffer, buf_len, NULL)) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + + if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, + buf_len)) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB); + goto err; + } + } + + if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) + { + ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); + goto err; + } + ok=1; +err: + if (buffer) + OPENSSL_free(buffer); + if (priv_key) + EC_PRIVATEKEY_free(priv_key); + return(ok?ret:0); + } + +int i2d_ECParameters(EC_KEY *a, unsigned char **out) + { + if (a == NULL) + { + ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); return 0; } - if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) + return i2d_ECPKParameters(a->group, out); + } + +EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len) + { + EC_GROUP *group; + EC_KEY *ret; + + if (in == NULL || *in == NULL) { - ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE); - ECPKPARAMETERS_free(tmp); + ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + + group = d2i_ECPKParameters(NULL, in, len); + + if (group == NULL) + { + ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB); + return NULL; + } + + if (a == NULL || *a == NULL) + { + if ((ret = EC_KEY_new()) == NULL) + { + ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE); + return NULL; + } + if (a) + *a = ret; + } + else + ret = *a; + + if (ret->group) + EC_GROUP_clear_free(ret->group); + + ret->group = group; + + return ret; + } + +EC_KEY *ECPublicKey_set_octet_string(EC_KEY **a, const unsigned char **in, + long len) + { + EC_KEY *ret=NULL; + + if (a == NULL || (*a) == NULL || (*a)->group == NULL) + { + /* sorry, but a EC_GROUP-structur is necessary + * to set the public key */ + ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_PASSED_NULL_PARAMETER); return 0; - } - ECPKPARAMETERS_free(tmp); - return(ret); + } + ret = *a; + if (ret->pub_key == NULL && + (ret->pub_key = EC_POINT_new(ret->group)) == NULL) + { + ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_MALLOC_FAILURE); + return 0; + } + if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) + { + ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_EC_LIB); + return 0; + } + /* save the point conversion form */ + ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01); + return ret; + } + +int ECPublicKey_get_octet_string(EC_KEY *a, unsigned char **out) + { + size_t buf_len=0; + + if (a == NULL) + { + ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + buf_len = EC_POINT_point2oct(a->group, a->pub_key, + a->conv_form, NULL, 0, NULL); + + if (out == NULL || buf_len == 0) + /* out == NULL => just return the length of the octet string */ + return buf_len; + + if (*out == NULL) + if ((*out = OPENSSL_malloc(buf_len)) == NULL) + { + ECerr(EC_F_ECPUBLICKEY_GET_OCTET, + ERR_R_MALLOC_FAILURE); + return 0; + } + if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form, + *out, buf_len, NULL)) + { + ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_EC_LIB); + OPENSSL_free(*out); + *out = NULL; + return 0; + } + return buf_len; } diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index c5ff12b366..8626ef0d3a 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -67,17 +67,21 @@ static ERR_STRING_DATA EC_str_functs[]= { {ERR_PACK(0,EC_F_COMPUTE_WNAF,0), "COMPUTE_WNAF"}, -{ERR_PACK(0,EC_F_D2I_ECDSAPARAMETERS,0), "d2i_ECDSAParameters"}, {ERR_PACK(0,EC_F_D2I_ECPARAMETERS,0), "d2i_ECParameters"}, {ERR_PACK(0,EC_F_D2I_ECPKPARAMETERS,0), "d2i_ECPKParameters"}, +{ERR_PACK(0,EC_F_D2I_ECPRIVATEKEY,0), "d2i_ECPrivateKey"}, +{ERR_PACK(0,EC_F_ECPARAMETERS_PRINT,0), "ECParameters_print"}, +{ERR_PACK(0,EC_F_ECPARAMETERS_PRINT_FP,0), "ECParameters_print_fp"}, {ERR_PACK(0,EC_F_ECPKPARAMETERS_PRINT,0), "ECPKParameters_print"}, {ERR_PACK(0,EC_F_ECPKPARAMETERS_PRINT_FP,0), "ECPKParameters_print_fp"}, +{ERR_PACK(0,EC_F_ECPUBLICKEY_GET_OCTET,0), "ECPUBLICKEY_GET_OCTET"}, +{ERR_PACK(0,EC_F_ECPUBLICKEY_SET_OCTET,0), "ECPUBLICKEY_SET_OCTET"}, {ERR_PACK(0,EC_F_EC_ASN1_GROUP2CURVE,0), "EC_ASN1_GROUP2CURVE"}, {ERR_PACK(0,EC_F_EC_ASN1_GROUP2FIELDID,0), "EC_ASN1_GROUP2FIELDID"}, {ERR_PACK(0,EC_F_EC_ASN1_GROUP2PARAMETERS,0), "EC_ASN1_GROUP2PARAMETERS"}, -{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PKPARAMETERS,0), "EC_ASN1_group2pkparameters"}, +{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PKPARAMETERS,0), "EC_ASN1_GROUP2PKPARAMETERS"}, {ERR_PACK(0,EC_F_EC_ASN1_PARAMETERS2GROUP,0), "EC_ASN1_PARAMETERS2GROUP"}, -{ERR_PACK(0,EC_F_EC_ASN1_PKPARAMETERS2GROUP,0), "EC_ASN1_pkparameters2group"}, +{ERR_PACK(0,EC_F_EC_ASN1_PKPARAMETERS2GROUP,0), "EC_ASN1_PKPARAMETERS2GROUP"}, {ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT,0), "ec_GF2m_simple_group_check_discriminant"}, {ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_OCT2POINT,0), "ec_GF2m_simple_oct2point"}, {ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_POINT2OCT,0), "ec_GF2m_simple_point2oct"}, @@ -119,12 +123,19 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0), "EC_GROUP_set_curve_GFp"}, {ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0), "EC_GROUP_set_extra_data"}, {ERR_PACK(0,EC_F_EC_GROUP_SET_GENERATOR,0), "EC_GROUP_set_generator"}, +{ERR_PACK(0,EC_F_EC_KEY_CHECK_KEY,0), "EC_KEY_check_key"}, +{ERR_PACK(0,EC_F_EC_KEY_COPY,0), "EC_KEY_copy"}, +{ERR_PACK(0,EC_F_EC_KEY_GENERATE_KEY,0), "EC_KEY_generate_key"}, +{ERR_PACK(0,EC_F_EC_KEY_PRINT,0), "EC_KEY_print"}, +{ERR_PACK(0,EC_F_EC_KEY_PRINT_FP,0), "EC_KEY_print_fp"}, +{ERR_PACK(0,EC_F_EC_NEW,0), "EC_NEW"}, {ERR_PACK(0,EC_F_EC_POINTS_MAKE_AFFINE,0), "EC_POINTs_make_affine"}, {ERR_PACK(0,EC_F_EC_POINTS_MUL,0), "EC_POINTs_mul"}, {ERR_PACK(0,EC_F_EC_POINT_ADD,0), "EC_POINT_add"}, {ERR_PACK(0,EC_F_EC_POINT_CMP,0), "EC_POINT_cmp"}, {ERR_PACK(0,EC_F_EC_POINT_COPY,0), "EC_POINT_copy"}, {ERR_PACK(0,EC_F_EC_POINT_DBL,0), "EC_POINT_dbl"}, +{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,0), "EC_POINT_get_affine_coordinates_GF2m"}, {ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,0), "EC_POINT_get_affine_coordinates_GFp"}, {ERR_PACK(0,EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,0), "EC_POINT_get_Jprojective_coordinates_GFp"}, {ERR_PACK(0,EC_F_EC_POINT_IS_AT_INFINITY,0), "EC_POINT_is_at_infinity"}, @@ -143,9 +154,10 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_PACK(0,EC_F_EC_WNAF_MUL,0), "ec_wNAF_mul"}, {ERR_PACK(0,EC_F_EC_WNAF_PRECOMPUTE_MULT,0), "ec_wNAF_precompute_mult"}, {ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE,0), "GFP_MONT_GROUP_SET_CURVE"}, -{ERR_PACK(0,EC_F_I2D_ECDSAPARAMETERS,0), "i2d_ECDSAParameters"}, +{ERR_PACK(0,EC_F_I2D_ECDSAPARAMETERS,0), "I2D_ECDSAPARAMETERS"}, {ERR_PACK(0,EC_F_I2D_ECPARAMETERS,0), "i2d_ECParameters"}, {ERR_PACK(0,EC_F_I2D_ECPKPARAMETERS,0), "i2d_ECPKParameters"}, +{ERR_PACK(0,EC_F_I2D_ECPRIVATEKEY,0), "i2d_ECPrivateKey"}, {0,NULL} }; @@ -171,7 +183,9 @@ static ERR_STRING_DATA EC_str_reasons[]= {EC_R_INVALID_FIELD ,"invalid field"}, {EC_R_INVALID_FORM ,"invalid form"}, {EC_R_INVALID_GROUP_ORDER ,"invalid group order"}, +{EC_R_INVALID_PRIVATE_KEY ,"invalid private key"}, {EC_R_MISSING_PARAMETERS ,"missing parameters"}, +{EC_R_MISSING_PRIVATE_KEY ,"missing private key"}, {EC_R_NOT_IMPLEMENTED ,"not implemented"}, {EC_R_NOT_INITIALIZED ,"not initialized"}, {EC_R_NO_SUCH_EXTRA_DATA ,"no such extra data"}, @@ -186,6 +200,7 @@ static ERR_STRING_DATA EC_str_reasons[]= {EC_R_UNKNOWN_NID ,"unknown nid"}, {EC_R_UNKNOWN_ORDER ,"unknown order"}, {EC_R_UNKNOWN_PARAMETERS_TYPE ,"unknown parameters type"}, +{EC_R_WRONG_ORDER ,"wrong order"}, {0,NULL} }; diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c new file mode 100644 index 0000000000..790d930225 --- /dev/null +++ b/crypto/ec/ec_key.c @@ -0,0 +1,354 @@ +/* crypto/ec/ec_key.c */ +/* + * Written by Nils Larsch for the OpenSSL project. + */ +/* ==================================================================== + * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include "ec_lcl.h" +#include <openssl/err.h> + +EC_KEY *EC_KEY_new(void) + { + EC_KEY *ret; + + ret=(EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY)); + if (ret == NULL) + { + ECerr(EC_F_EC_NEW, ERR_R_MALLOC_FAILURE); + return(NULL); + } + + ret->version = 1; + ret->group = NULL; + ret->pub_key = NULL; + ret->priv_key= NULL; + ret->enc_flag= 0; + ret->conv_form = POINT_CONVERSION_UNCOMPRESSED; + ret->references= 1; + ret->meth_data = NULL; + return(ret); + } + + +void EC_KEY_free(EC_KEY *r) + { + int i; + + if (r == NULL) return; + + i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_EC); +#ifdef REF_PRINT + REF_PRINT("EC_KEY",r); +#endif + if (i > 0) return; +#ifdef REF_CHECK + if (i < 0) + { + fprintf(stderr,"EC_KEY_free, bad reference count\n"); + abort(); + } +#endif + + if (r->group != NULL) + EC_GROUP_free(r->group); + if (r->pub_key != NULL) + EC_POINT_free(r->pub_key); + if (r->priv_key != NULL) + BN_clear_free(r->priv_key); + + if (r->meth_data && r->meth_data->finish) + r->meth_data->finish(r); + + memset((void *)r, 0x0, sizeof(EC_KEY)); + + OPENSSL_free(r); + } + +EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) + { + if (dest == NULL || src == NULL) + { + ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER); + return NULL; + } + /* copy the parameters */ + if (src->group) + { + const EC_METHOD *meth = EC_GROUP_method_of(src->group); + /* clear the old group */ + if (dest->group) + EC_GROUP_free(dest->group); + dest->group = EC_GROUP_new(meth); + if (dest->group == NULL) + return NULL; + if (!EC_GROUP_copy(dest->group, src->group)) + return NULL; + } + /* copy the public key */ + if (src->pub_key && src->group) + { + if (dest->pub_key) + EC_POINT_free(dest->pub_key); + dest->pub_key = EC_POINT_new(src->group); + if (dest->pub_key == NULL) + return NULL; + if (!EC_POINT_copy(dest->pub_key, src->pub_key)) + return NULL; + } + /* copy the private key */ + if (src->priv_key) + { + if (dest->priv_key == NULL) + { + dest->priv_key = BN_new(); + if (dest->priv_key == NULL) + return NULL; + } + if (!BN_copy(dest->priv_key, src->priv_key)) + return NULL; + } + /* copy the rest */ + dest->enc_flag = src->enc_flag; + dest->conv_form = src->conv_form; + dest->version = src->version; + + return dest; + } + +EC_KEY *EC_KEY_dup(const EC_KEY *eckey) + { + EC_KEY *ret = NULL; + int ok = 1; + + ret = EC_KEY_new(); + if (ret == NULL) + return NULL; + /* copy the parameters */ + if (eckey->group) + { + ret->group = EC_GROUP_dup(eckey->group); + if (ret->group == NULL) + ok = 0; + } + /* copy the public key */ + if (eckey->pub_key && eckey->group) + { + ret->pub_key = EC_POINT_dup(eckey->pub_key, eckey->group); + if (ret->pub_key == NULL) + ok = 0; + } + /* copy the private key */ + if (eckey->priv_key) + { + ret->priv_key = BN_dup(ret->priv_key); + if (ret->priv_key == NULL) + ok = 0; + } + /* copy the rest */ + ret->enc_flag = eckey->enc_flag; + ret->conv_form = eckey->conv_form; + ret->version = eckey->version; + + if (!ok) + { + EC_KEY_free(ret); + ret = NULL; + } + + return ret; + } + +int EC_KEY_generate_key(EC_KEY *eckey) + { + int ok = 0; + BN_CTX *ctx = NULL; + BIGNUM *priv_key = NULL, *order = NULL; + EC_POINT *pub_key = NULL; + + if (!eckey || !eckey->group) + { + ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if ((order = BN_new()) == NULL) goto err; + if ((ctx = BN_CTX_new()) == NULL) goto err; + + if (eckey->priv_key == NULL) + { + priv_key = BN_new(); + if (priv_key == NULL) + goto err; + } + else + priv_key = eckey->priv_key; + + if (!EC_GROUP_get_order(eckey->group, order, ctx)) + goto err; + + do + if (!BN_rand_range(priv_key, order)) + goto err; + while (BN_is_zero(priv_key)); + + if (eckey->pub_key == NULL) + { + pub_key = EC_POINT_new(eckey->group); + if (pub_key == NULL) + goto err; + } + else + pub_key = eckey->pub_key; + + if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx)) + goto err; + + eckey->priv_key = priv_key; + eckey->pub_key = pub_key; + + ok=1; + +err: + if (order) + BN_free(order); + if (pub_key != NULL && eckey->pub_key == NULL) + EC_POINT_free(pub_key); + if (priv_key != NULL && eckey->priv_key == NULL) + BN_free(priv_key); + if (ctx != NULL) + BN_CTX_free(ctx); + return(ok); + } + +int EC_KEY_check_key(const EC_KEY *eckey) + { + int ok = 0; + BN_CTX *ctx = NULL; + BIGNUM *order = NULL; + EC_POINT *point = NULL; + + if (!eckey || !eckey->group || !eckey->pub_key) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if ((ctx = BN_CTX_new()) == NULL) + goto err; + if ((order = BN_new()) == NULL) + goto err; + if ((point = EC_POINT_new(eckey->group)) == NULL) + goto err; + + /* testing whether the pub_key is on the elliptic curve */ + if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE); + goto err; + } + /* testing whether pub_key * order is the point at infinity */ + if (!EC_GROUP_get_order(eckey->group, order, ctx)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER); + goto err; + } + if (!EC_POINT_copy(point, eckey->pub_key)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB); + goto err; + } + if (!EC_POINT_mul(eckey->group, point, order, NULL, NULL, ctx)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB); + goto err; + } + if (!EC_POINT_is_at_infinity(eckey->group, point)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER); + goto err; + } + /* in case the priv_key is present : + * check if generator * priv_key == pub_key + */ + if (eckey->priv_key) + { + if (BN_cmp(eckey->priv_key, order) >= 0) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER); + goto err; + } + if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, + NULL, NULL, ctx)) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB); + goto err; + } + if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, + ctx) != 0) + { + ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY); + goto err; + } + } + ok = 1; +err: + if (ctx != NULL) + BN_CTX_free(ctx); + if (order != NULL) + BN_free(order); + if (point != NULL) + EC_POINT_free(point); + return(ok); + } diff --git a/crypto/ecdsa/Makefile.ssl b/crypto/ecdsa/Makefile.ssl index 5d8eff00c2..a0eb51031d 100644 --- a/crypto/ecdsa/Makefile.ssl +++ b/crypto/ecdsa/Makefile.ssl @@ -23,11 +23,9 @@ TEST=ecdsatest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= ecs_lib.c ecs_gen.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c \ - ecs_key.c ecs_err.c +LIBSRC= ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c -LIBOBJ= ecs_lib.o ecs_gen.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o \ - ecs_key.o ecs_err.o +LIBOBJ= ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o SRC= $(LIBSRC) @@ -98,15 +96,6 @@ ecs_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h ecs_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ecs_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ecs_err.o: ../../include/openssl/symhacks.h ecs_err.c -ecs_gen.o: ecs_gen.c -ecs_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ecs_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -ecs_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -ecs_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -ecs_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ecs_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -ecs_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecs_key.o: ecdsa.h ecs_key.c ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h ecs_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 00cd71d068..d72d0b1363 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -59,9 +59,6 @@ #error ECDSA is disabled. #endif -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif #include <openssl/bn.h> #include <openssl/ec.h> #include <openssl/ossl_typ.h> @@ -70,8 +67,6 @@ extern "C" { #endif -typedef struct ecdsa_st ECDSA; - typedef struct ECDSA_SIG_st { BIGNUM *r; @@ -81,122 +76,70 @@ typedef struct ECDSA_SIG_st typedef struct ecdsa_method { const char *name; - ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa); - int (*ecdsa_sign_setup)(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r); - int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa); - int (*init)(ECDSA *ecdsa); - int (*finish)(ECDSA *ecdsa); + ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, + EC_KEY *eckey); + int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, + BIGNUM **r); + int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, + ECDSA_SIG *sig, EC_KEY *eckey); +#if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +#endif int flags; char *app_data; } ECDSA_METHOD; -struct ecdsa_st -{ - int version; - point_conversion_form_t conversion_form; - - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - BIGNUM *kinv; /* signing pre-calc */ - BIGNUM *r; /* signing pre-calc */ - - unsigned int enc_flag; - - int references; +typedef struct ecdsa_data_st { + /* EC_KEY_METH_DATA part */ + int (*init)(EC_KEY *); + void (*finish)(EC_KEY *); + /* method specific part */ + BIGNUM *kinv; /* signing pre-calc */ + BIGNUM *r; /* signing pre-calc */ + ENGINE *engine; int flags; - CRYPTO_EX_DATA ex_data; const ECDSA_METHOD *meth; - struct engine_st *engine; -}; - -/* some values for the encoding_flag */ -#define ECDSA_PKEY_NO_PARAMETERS 0x001 -#define ECDSA_PKEY_NO_PUBKEY 0x002 + CRYPTO_EX_DATA ex_data; +} ECDSA_DATA; +/* signature functions */ ECDSA_SIG *ECDSA_SIG_new(void); void ECDSA_SIG_free(ECDSA_SIG *a); int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp); ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length); -ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa); -int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA* ecdsa); -int ECDSA_generate_key(ECDSA *ecdsa); -int ECDSA_check_key(ECDSA *ecdsa); +/* ECDSA_DATA functions */ +ECDSA_DATA *ECDSA_DATA_new(void); +ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *); +void ECDSA_DATA_free(ECDSA_DATA *); + +ECDSA_DATA *ecdsa_check(EC_KEY *); + +ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *); +int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG + *sig, EC_KEY* eckey); const ECDSA_METHOD *ECDSA_OpenSSL(void); void ECDSA_set_default_method(const ECDSA_METHOD *); const ECDSA_METHOD *ECDSA_get_default_method(void); -int ECDSA_set_method(ECDSA *, const ECDSA_METHOD *); - -ECDSA *ECDSA_new(void); -ECDSA *ECDSA_new_method(ENGINE *engine); -int ECDSA_size(const ECDSA *); -int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp); -int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, unsigned char *sig, - unsigned int *siglen, ECDSA *ecdsa); -int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sig, - int sig_len, ECDSA *ecdsa); -int ECDSA_up_ref(ECDSA *ecdsa); -void ECDSA_free(ECDSA *a); -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg); -void *ECDSA_get_ex_data(ECDSA *d, int idx); - -#ifndef OPENSSL_NO_BIO -int ECDSAParameters_print(BIO *bp, const ECDSA *x); -int ECDSA_print(BIO *bp, const ECDSA *x, int off); -#endif -#ifndef OPENSSL_NO_FP_API -int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x); -int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off); -#endif - -/* the ECDSA_{set|get}_enc_flag() specify the encoding - * of the elliptic curve private key */ -unsigned int ECDSA_get_enc_flag(const ECDSA *); -void ECDSA_set_enc_flag(ECDSA *, unsigned int); - -/* The ECDSA_{set|get}_conversion_type() functions set/get the - * conversion form for ec-points (see ec.h) in a ECDSA-structure */ -void ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t); -point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *); -/* The ECDSA_{set|get}_default_conversion_form() functions set/get the - * default conversion form */ -void ECDSA_set_default_conversion_form(const point_conversion_form_t); -point_conversion_form_t ECDSA_get_default_conversion_form(void); - -/* the basic de- and encode functions ( see ecs_asn1.c ) */ -ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAParameters(ECDSA *a, unsigned char **out); +int ECDSA_set_method(EC_KEY *, const ECDSA_METHOD *); -ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out); +int ECDSA_size(const EC_KEY *); +int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, + BIGNUM **rp); +int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, + unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); +int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, + const unsigned char *sig, int sig_len, EC_KEY *eckey); -/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure. - * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero - * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */ -ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len); -/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding - * of the public key. If out != NULL then the function returns in *out - * a pointer to the octet string */ -int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out); +int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); +void *ECDSA_get_ex_data(EC_KEY *d, int idx); -#define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \ - (char *(*)())d2i_ECDSAParameters,(char *)(x)) -#define d2i_ECDSAParameters_fp(fp,x) (ECDSA *)ASN1_d2i_fp((char *(*)())ECDSA_new, \ - (char *(*)())d2i_ECDSAParameters,(fp),(unsigned char **)(x)) -#define i2d_ECDSAParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECDSAParameters,(fp), \ - (unsigned char *)(x)) -#define d2i_ECDSAParameters_bio(bp,x) (ECDSA *)ASN1_d2i_bio((char *(*)())ECDSA_new, \ - (char *(*)())d2i_ECDSAParameters,(bp),(unsigned char **)(x)) -#define i2d_ECDSAParameters_bio(bp,x) ASN1_i2d_bio(i2d_ECDSAParameters,(bp), \ - (unsigned char *)(x)) /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -207,72 +150,18 @@ void ERR_load_ECDSA_strings(void); /* Error codes for the ECDSA functions. */ /* Function codes. */ -#define ECDSA_F_D2I_ECDSAPARAMETERS 100 -#define ECDSA_F_D2I_ECDSAPRIVATEKEY 101 -#define ECDSA_F_ECDSAPARAMETERS_PRINT 102 -#define ECDSA_F_ECDSAPARAMETERS_PRINT_FP 103 -#define ECDSA_F_ECDSA_DO_SIGN 104 -#define ECDSA_F_ECDSA_DO_VERIFY 105 -#define ECDSA_F_ECDSA_GENERATE_KEY 106 -#define ECDSA_F_ECDSA_GET 107 -#define ECDSA_F_ECDSA_GET_CURVE_NID 120 -#define ECDSA_F_ECDSA_GET_ECDSA 121 -#define ECDSA_F_ECDSA_GET_EC_PARAMETERS 122 -#define ECDSA_F_ECDSA_GET_X9_62_CURVE 108 -#define ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS 109 -#define ECDSA_F_ECDSA_GET_X9_62_FIELDID 110 -#define ECDSA_F_ECDSA_NEW 111 -#define ECDSA_F_ECDSA_PRINT 112 -#define ECDSA_F_ECDSA_PRINT_FP 113 -#define ECDSA_F_ECDSA_SET_GROUP_P 114 -#define ECDSA_F_ECDSA_SET_PRIME_GROUP 123 -#define ECDSA_F_ECDSA_SIGN_SETUP 115 -#define ECDSA_F_I2D_ECDSAPARAMETERS 116 -#define ECDSA_F_I2D_ECDSAPRIVATEKEY 117 -#define ECDSA_F_I2D_ECDSAPUBLICKEY 118 -#define ECDSA_F_SIG_CB 119 +#define ECDSA_F_ECDSA_DATA_NEW 100 +#define ECDSA_F_ECDSA_DO_SIGN 101 +#define ECDSA_F_ECDSA_DO_VERIFY 102 +#define ECDSA_F_ECDSA_SIGN_SETUP 103 /* Reason codes. */ #define ECDSA_R_BAD_SIGNATURE 100 -#define ECDSA_R_CAN_NOT_GET_GENERATOR 101 -#define ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY 102 -#define ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE 103 -#define ECDSA_R_D2I_EC_PARAMETERS_FAILURE 133 -#define ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 104 -#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 105 -#define ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE 106 -#define ECDSA_R_ECDSA_F_ECDSA_NEW 107 -#define ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE 134 -#define ECDSA_R_ECDSA_GET_FAILURE 108 -#define ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE 109 -#define ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE 110 -#define ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE 111 -#define ECDSA_R_ECDSA_NEW_FAILURE 112 -#define ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE 135 -#define ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 113 -#define ECDSA_R_ECPARAMETERS2ECDSA_FAILURE 138 -#define ECDSA_R_EC_GROUP_NID2CURVE_FAILURE 136 -#define ECDSA_R_ERR_EC_LIB 114 -#define ECDSA_R_I2D_ECDSA_PRIVATEKEY 115 -#define ECDSA_R_I2D_ECDSA_PUBLICKEY 116 -#define ECDSA_R_MISSING_PARAMETERS 117 -#define ECDSA_R_MISSING_PRIVATE_KEY 139 -#define ECDSA_R_NOT_SUPPORTED 118 -#define ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED 119 -#define ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED 120 -#define ECDSA_R_NO_CURVE_SPECIFIED 121 -#define ECDSA_R_NO_FIELD_SPECIFIED 122 -#define ECDSA_R_PRIME_MISSING 123 -#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 124 -#define ECDSA_R_SIGNATURE_MALLOC_FAILED 125 -#define ECDSA_R_UNEXPECTED_ASN1_TYPE 126 -#define ECDSA_R_UNEXPECTED_PARAMETER 127 -#define ECDSA_R_UNEXPECTED_PARAMETER_LENGTH 128 -#define ECDSA_R_UNEXPECTED_VERSION_NUMER 129 -#define ECDSA_R_UNKNOWN_PARAMETERS_TYPE 137 -#define ECDSA_R_WRONG_FIELD_IDENTIFIER 130 -#define ECDSA_R_X9_62_CURVE_NEW_FAILURE 131 -#define ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE 132 +#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101 +#define ECDSA_R_ERR_EC_LIB 102 +#define ECDSA_R_MISSING_PARAMETERS 103 +#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 +#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 #ifdef __cplusplus } diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index cffc194928..daf6427718 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -89,7 +89,7 @@ static const char rnd_seed[] = "string to make the random number generator think ECDSA_SIG* signatures[ECDSA_NIST_TESTS]; unsigned char digest[ECDSA_NIST_TESTS][20]; -void clear_ecdsa(ECDSA *ecdsa) +void clear_ecdsa(EC_KEY *ecdsa) { if (!ecdsa) return; @@ -110,7 +110,7 @@ void clear_ecdsa(ECDSA *ecdsa) } } -int set_p192_param(ECDSA *ecdsa) +int set_p192_param(EC_KEY *ecdsa) { BN_CTX *ctx=NULL; int ret=0; @@ -143,7 +143,7 @@ err : if (ctx) BN_CTX_free(ctx); return ret; } -int set_p239_param(ECDSA *ecdsa) +int set_p239_param(EC_KEY *ecdsa) { BN_CTX *ctx=NULL; int ret=0; @@ -176,7 +176,7 @@ err : if (ctx) BN_CTX_free(ctx); return ret; } -int test_sig_vrf(ECDSA *ecdsa, const unsigned char* dgst) +int test_sig_vrf(EC_KEY *ecdsa, const unsigned char* dgst) { int ret=0,type=0; unsigned char *buffer=NULL; @@ -216,7 +216,7 @@ err: OPENSSL_free(buffer); return(ret == 1); } -int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst, +int test_x962_sig_vrf(EC_KEY *eckey, const unsigned char *dgst, const char *k_in, const char *r_in, const char *s_in) { int ret=0; @@ -225,23 +225,28 @@ int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst, BIGNUM *r=NULL,*s=NULL,*k=NULL,*x=NULL,*y=NULL,*m=NULL,*ord=NULL; BN_CTX *ctx=NULL; char *tmp_char=NULL; - - if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key) + ECDSA_DATA *ecdsa = ecdsa_check(eckey);; + + if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key + || !ecdsa) return 0; - if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err; - if ((r = BN_new()) == NULL || (s = BN_new()) == NULL || (k = BN_new()) == NULL || - (x = BN_new()) == NULL || (y = BN_new()) == NULL || (m = BN_new()) == NULL || - (ord = BN_new()) == NULL) goto err; + if ((point = EC_POINT_new(eckey->group)) == NULL) goto err; + if ((r = BN_new()) == NULL || (s = BN_new()) == NULL + || (k = BN_new()) == NULL || (x = BN_new()) == NULL || + (y = BN_new()) == NULL || (m = BN_new()) == NULL || + (ord = BN_new()) == NULL) goto err; if ((ctx = BN_CTX_new()) == NULL) goto err; if (!BN_bin2bn(dgst, 20, m)) goto err; if (!BN_dec2bn(&k, k_in)) goto err; - if (!EC_POINT_mul(ecdsa->group, point, k, NULL, NULL, ctx)) goto err; - if (!EC_POINT_get_affine_coordinates_GFp(ecdsa->group, point, x, y, ctx)) goto err; - if (!EC_GROUP_get_order(ecdsa->group, ord, ctx)) goto err; + if (!EC_POINT_mul(eckey->group, point, k, NULL, NULL, ctx)) goto err; + if (!EC_POINT_get_affine_coordinates_GFp(eckey->group, point, x, y, + ctx)) goto err; + if (!EC_GROUP_get_order(eckey->group, ord, ctx)) goto err; if ((ecdsa->r = BN_dup(x)) == NULL) goto err; - if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL) goto err; + if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL) + goto err; - if ((sig = ECDSA_do_sign(dgst, 20, ecdsa)) == NULL) + if ((sig = ECDSA_do_sign(dgst, 20, eckey)) == NULL) { BIO_printf(bio_err,"ECDSA_do_sign() failed \n"); goto err; @@ -260,7 +265,7 @@ int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst, BIO_printf(bio_err,"sig->s = %s\n",tmp_char); goto err; } - ret = ECDSA_do_verify(dgst, 20, sig, ecdsa); + ret = ECDSA_do_verify(dgst, 20, sig, eckey); if (ret != 1) { BIO_printf(bio_err,"ECDSA_do_verify : signature verification failed \n"); @@ -282,7 +287,7 @@ err : if (r) BN_free(r); return(ret == 1); } -int ecdsa_cmp(const ECDSA *a, const ECDSA *b) +int ecdsa_cmp(const EC_KEY *a, const EC_KEY *b) { int ret=1; BN_CTX *ctx=NULL; @@ -316,7 +321,7 @@ err: if (tmp_a1) BN_free(tmp_a1); int main(void) { - ECDSA *ecdsa=NULL, *ret_ecdsa=NULL; + EC_KEY *ecdsa=NULL, *ret_ecdsa=NULL; BIGNUM *d=NULL; X509_PUBKEY *x509_pubkey=NULL; PKCS8_PRIV_KEY_INFO *pkcs8=NULL; @@ -351,41 +356,41 @@ int main(void) RAND_seed(rnd_seed, sizeof(rnd_seed)); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + if ((ecdsa = EC_KEY_new()) == NULL) goto err; set_p192_param(ecdsa); - ECDSA_print(bio_err, ecdsa, 0); + EC_KEY_print(bio_err, ecdsa, 0); /* en- decode tests */ - /* i2d_ - d2i_ECDSAParameters() */ + /* i2d_ - d2i_ECParameters() */ BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAParameters \n"); - buf_len = i2d_ECDSAParameters(ecdsa, NULL); + buf_len = i2d_ECParameters(ecdsa, NULL); if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err; pp = buffer; - if (!i2d_ECDSAParameters(ecdsa, &pp)) goto err; + if (!i2d_ECParameters(ecdsa, &pp)) goto err; pp = buffer; - if ((ret_ecdsa = d2i_ECDSAParameters(&ret_ecdsa, (const unsigned char **)&pp, + if ((ret_ecdsa = d2i_ECParameters(&ret_ecdsa, (const unsigned char **)&pp, buf_len)) == NULL) goto err; - ECDSAParameters_print(bio_err, ret_ecdsa); + ECParameters_print(bio_err, ret_ecdsa); if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err; OPENSSL_free(buffer); buffer = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; - /* i2d_ - d2i_ECDSAPrivateKey() */ + /* i2d_ - d2i_ECPrivateKey() */ BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPrivateKey \n"); - buf_len = i2d_ECDSAPrivateKey(ecdsa, NULL); + buf_len = i2d_ECPrivateKey(ecdsa, NULL); if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err; pp = buffer; - if (!i2d_ECDSAPrivateKey(ecdsa, &pp)) goto err; + if (!i2d_ECPrivateKey(ecdsa, &pp)) goto err; pp = buffer; - if ((ret_ecdsa = d2i_ECDSAPrivateKey(&ret_ecdsa, (const unsigned char**)&pp, + if ((ret_ecdsa = d2i_ECPrivateKey(&ret_ecdsa, (const unsigned char**)&pp, buf_len)) == NULL) goto err; - ECDSA_print(bio_err, ret_ecdsa, 0); + EC_KEY_print(bio_err, ret_ecdsa, 0); if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; OPENSSL_free(buffer); buffer = NULL; @@ -394,12 +399,12 @@ int main(void) BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set} : "); if ((pkey = EVP_PKEY_new()) == NULL) goto err; - EVP_PKEY_assign_ECDSA(pkey, ecdsa); + EVP_PKEY_assign_EC_KEY(pkey, ecdsa); if ((x509_pubkey = X509_PUBKEY_new()) == NULL) goto err; if (!X509_PUBKEY_set(&x509_pubkey, pkey)) goto err; if ((ret_pkey = X509_PUBKEY_get(x509_pubkey)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; @@ -411,7 +416,7 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); X509_PUBKEY_free(x509_pubkey); x509_pubkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; /* Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY */ @@ -419,7 +424,7 @@ int main(void) BIO_printf(bio_err, "PKCS8_OK : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -428,13 +433,13 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; PKCS8_PRIV_KEY_INFO_free(pkcs8); BIO_printf(bio_err, "PKCS8_NO_OCTET : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NO_OCTET)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -443,13 +448,13 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; PKCS8_PRIV_KEY_INFO_free(pkcs8); BIO_printf(bio_err, "PKCS8_EMBEDDED_PARAM : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_EMBEDDED_PARAM)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -458,13 +463,13 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; PKCS8_PRIV_KEY_INFO_free(pkcs8); BIO_printf(bio_err, "PKCS8_NS_DB : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NS_DB)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -473,7 +478,7 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; EVP_PKEY_free(pkey); pkey = NULL; @@ -492,7 +497,7 @@ int main(void) BIO_printf(bio_err, "Performing tests based on examples H.3.1 and H.3.2 of X9.62 \n"); BIO_printf(bio_err, "PRIME_192_V1 : "); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if (!set_p192_param(ecdsa)) goto err; if (!test_x962_sig_vrf(ecdsa, dgst, "6140507067065001063065065565667405560006161556565665656654", "3342403536405981729393488334694600415596881826869351677613", @@ -510,7 +515,7 @@ int main(void) else BIO_printf(bio_err, "OK\n"); - ECDSA_free(ecdsa); + EC_KEY_free(ecdsa); ecdsa = NULL; OPENSSL_free(dgst); dgst = NULL; @@ -522,10 +527,11 @@ int main(void) if (!RAND_bytes(digest[i], 20)) goto err; BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; - if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; + if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) + == NULL) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -548,10 +554,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_224 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -574,10 +580,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_256 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -600,10 +606,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_384 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -626,10 +632,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_521 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -644,7 +650,7 @@ int main(void) tim_d = (double)tim / CLOCKS_PER_SEC; BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n" , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS); - ECDSA_free(ecdsa); + EC_KEY_free(ecdsa); ecdsa = NULL; for (i=0; i<ECDSA_NIST_TESTS; i++) { @@ -665,7 +671,7 @@ err: if (!ret) BIO_printf(bio_err, "TEST PASSED \n"); if (!ret) ERR_print_errors(bio_err); - if (ecdsa) ECDSA_free(ecdsa); + if (ecdsa) EC_KEY_free(ecdsa); if (d) BN_free(d); if (dgst) OPENSSL_free(dgst); if (md_ctx) EVP_MD_CTX_destroy(md_ctx); diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c index 048fa88de9..e9e1c2b51e 100644 --- a/crypto/ecdsa/ecs_asn1.c +++ b/crypto/ecdsa/ecs_asn1.c @@ -65,324 +65,3 @@ ASN1_SEQUENCE(ECDSA_SIG) = { DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG) - -int i2d_ECDSAParameters(ECDSA *a, unsigned char **out) - { - if (a == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - return i2d_ECPKParameters(a->group, out); - } - -ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len) - { - EC_GROUP *group; - ECDSA *ret; - - if (in == NULL || *in == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, - ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - - group = d2i_ECPKParameters(NULL, in, len); - - if (group == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, - ERR_R_EC_LIB); - return NULL; - } - - if (a == NULL || *a == NULL) - { - if ((ret = ECDSA_new()) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, - ERR_R_MALLOC_FAILURE); - return NULL; - } - if (a) - *a = ret; - } - else - ret = *a; - - if (ret->group) - EC_GROUP_clear_free(ret->group); - - ret->group = group; - - return ret; - } - -ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len) - { - int ok=0; - ECDSA *ret=NULL; - EC_PRIVATEKEY *priv_key=NULL; - - if ((priv_key = EC_PRIVATEKEY_new()) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE); - return NULL; - } - - if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - EC_PRIVATEKEY_free(priv_key); - return NULL; - } - - if (a == NULL || *a == NULL) - { - if ((ret = ECDSA_new()) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - if (a) - *a = ret; - } - else - ret = *a; - - if (priv_key->parameters) - { - if (ret->group) - EC_GROUP_clear_free(ret->group); - ret->group = EC_ASN1_pkparameters2group(priv_key->parameters); - } - - if (ret->group == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - - ret->version = priv_key->version; - - if (priv_key->privateKey) - { - ret->priv_key = BN_bin2bn( - M_ASN1_STRING_data(priv_key->privateKey), - M_ASN1_STRING_length(priv_key->privateKey), - ret->priv_key); - if (ret->priv_key == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, - ERR_R_BN_LIB); - goto err; - } - } - else - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, - ECDSA_R_MISSING_PRIVATE_KEY); - goto err; - } - - if (priv_key->publicKey) - { - if (ret->pub_key) - EC_POINT_clear_free(ret->pub_key); - ret->pub_key = EC_POINT_new(ret->group); - if (ret->pub_key == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_oct2point(ret->group, ret->pub_key, - M_ASN1_STRING_data(priv_key->publicKey), - M_ASN1_STRING_length(priv_key->publicKey), NULL)) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - } - - ok = 1; -err: - if (!ok) - { - if (ret) - ECDSA_free(ret); - ret = NULL; - } - - if (priv_key) - EC_PRIVATEKEY_free(priv_key); - - return(ret); - } - -int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out) - { - int ret=0, ok=0; - unsigned char *buffer=NULL; - size_t buf_len=0, tmp_len; - EC_PRIVATEKEY *priv_key=NULL; - - if (a == NULL || a->group == NULL || a->priv_key == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((priv_key = EC_PRIVATEKEY_new()) == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - priv_key->version = a->version; - - buf_len = (size_t)BN_num_bytes(a->priv_key); - buffer = OPENSSL_malloc(buf_len); - if (buffer == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_bn2bin(a->priv_key, buffer)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_BN_LIB); - goto err; - } - - if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB); - goto err; - } - - if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PARAMETERS)) - { - if ((priv_key->parameters = EC_ASN1_group2pkparameters( - a->group, priv_key->parameters)) == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - } - - if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PUBKEY)) - { - priv_key->publicKey = M_ASN1_BIT_STRING_new(); - if (priv_key->publicKey == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - tmp_len = EC_POINT_point2oct(a->group, a->pub_key, - ECDSA_get_conversion_form(a), NULL, 0, NULL); - - if (tmp_len > buf_len) - buffer = OPENSSL_realloc(buffer, tmp_len); - if (buffer == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - buf_len = tmp_len; - - if (!EC_POINT_point2oct(a->group, a->pub_key, - ECDSA_get_conversion_form(a), buffer, buf_len, NULL)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - - if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, - buf_len)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB); - goto err; - } - } - - if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - ok=1; -err: - if (buffer) - OPENSSL_free(buffer); - if (priv_key) - EC_PRIVATEKEY_free(priv_key); - return(ok?ret:0); - } - - -ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len) -{ - ECDSA *ret=NULL; - - if (a == NULL || (*a) == NULL || (*a)->group == NULL) - { - /* sorry, but a EC_GROUP-structur is necessary - * to set the public key */ - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ECDSA_R_MISSING_PARAMETERS); - return 0; - } - ret = *a; - if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - return 0; - } - ECDSA_set_conversion_form(ret, (point_conversion_form_t)(*in[0] & ~0x01)); - return ret; -} - -int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out) -{ - size_t buf_len=0; - - if (a == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ECDSA_R_MISSING_PARAMETERS); - return 0; - } - buf_len = EC_POINT_point2oct(a->group, a->pub_key, - ECDSA_get_conversion_form(a), NULL, 0, NULL); - if (out == NULL || buf_len == 0) - /* out == NULL => just return the length of the octet string */ - return buf_len; - if (*out == NULL) - if ((*out = OPENSSL_malloc(buf_len)) == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_MALLOC_FAILURE); - return 0; - } - if (!EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a), - *out, buf_len, NULL)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_EC_LIB); - OPENSSL_free(*out); - *out = NULL; - return 0; - } - return buf_len; -} diff --git a/crypto/ecdsa/ecs_err.c b/crypto/ecdsa/ecs_err.c index b8a9edd759..75c789448c 100644 --- a/crypto/ecdsa/ecs_err.c +++ b/crypto/ecdsa/ecs_err.c @@ -66,75 +66,21 @@ #ifndef OPENSSL_NO_ERR static ERR_STRING_DATA ECDSA_str_functs[]= { -{ERR_PACK(0,ECDSA_F_D2I_ECDSAPARAMETERS,0), "d2i_ECDSAParameters"}, -{ERR_PACK(0,ECDSA_F_D2I_ECDSAPRIVATEKEY,0), "d2i_ECDSAPrivateKey"}, -{ERR_PACK(0,ECDSA_F_ECDSAPARAMETERS_PRINT,0), "ECDSAParameters_print"}, -{ERR_PACK(0,ECDSA_F_ECDSAPARAMETERS_PRINT_FP,0), "ECDSAParameters_print_fp"}, +{ERR_PACK(0,ECDSA_F_ECDSA_DATA_NEW,0), "ECDSA_DATA_new"}, {ERR_PACK(0,ECDSA_F_ECDSA_DO_SIGN,0), "ECDSA_do_sign"}, {ERR_PACK(0,ECDSA_F_ECDSA_DO_VERIFY,0), "ECDSA_do_verify"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GENERATE_KEY,0), "ECDSA_generate_key"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET,0), "ECDSA_GET"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET_CURVE_NID,0), "ECDSA_GET_CURVE_NID"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET_ECDSA,0), "ECDSA_GET_ECDSA"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET_EC_PARAMETERS,0), "ECDSA_GET_EC_PARAMETERS"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_CURVE,0), "ECDSA_GET_X9_62_CURVE"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS,0), "ECDSA_GET_X9_62_EC_PARAMETERS"}, -{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_FIELDID,0), "ECDSA_GET_X9_62_FIELDID"}, -{ERR_PACK(0,ECDSA_F_ECDSA_NEW,0), "ECDSA_new"}, -{ERR_PACK(0,ECDSA_F_ECDSA_PRINT,0), "ECDSA_print"}, -{ERR_PACK(0,ECDSA_F_ECDSA_PRINT_FP,0), "ECDSA_print_fp"}, -{ERR_PACK(0,ECDSA_F_ECDSA_SET_GROUP_P,0), "ECDSA_SET_GROUP_P"}, -{ERR_PACK(0,ECDSA_F_ECDSA_SET_PRIME_GROUP,0), "ECDSA_SET_PRIME_GROUP"}, {ERR_PACK(0,ECDSA_F_ECDSA_SIGN_SETUP,0), "ECDSA_sign_setup"}, -{ERR_PACK(0,ECDSA_F_I2D_ECDSAPARAMETERS,0), "i2d_ECDSAParameters"}, -{ERR_PACK(0,ECDSA_F_I2D_ECDSAPRIVATEKEY,0), "i2d_ECDSAPrivateKey"}, -{ERR_PACK(0,ECDSA_F_I2D_ECDSAPUBLICKEY,0), "I2D_ECDSAPUBLICKEY"}, -{ERR_PACK(0,ECDSA_F_SIG_CB,0), "SIG_CB"}, {0,NULL} }; static ERR_STRING_DATA ECDSA_str_reasons[]= { {ECDSA_R_BAD_SIGNATURE ,"bad signature"}, -{ECDSA_R_CAN_NOT_GET_GENERATOR ,"can not get generator"}, -{ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY,"d2i ecdsaprivatekey missing private key"}, -{ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE ,"d2i ecdsa privatekey failure"}, -{ECDSA_R_D2I_EC_PARAMETERS_FAILURE ,"d2i ec parameters failure"}, -{ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE ,"d2i x9 62 ec parameters failure"}, {ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"}, -{ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE ,"ecdsaprivatekey new failure"}, -{ECDSA_R_ECDSA_F_ECDSA_NEW ,"ecdsa f ecdsa new"}, -{ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE ,"ecdsa get ec parameters failure"}, -{ECDSA_R_ECDSA_GET_FAILURE ,"ecdsa get failure"}, -{ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE ,"ecdsa get x9 62 curve failure"}, -{ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE,"ecdsa get x9 62 ec parameters failure"}, -{ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE ,"ecdsa get x9 62 fieldid failure"}, -{ECDSA_R_ECDSA_NEW_FAILURE ,"ecdsa new failure"}, -{ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE,"ecdsa r d2i ec parameters failure"}, -{ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE,"ecdsa r d2i x9 62 ec parameters failure"}, -{ECDSA_R_ECPARAMETERS2ECDSA_FAILURE ,"ecparameters2ecdsa failure"}, -{ECDSA_R_EC_GROUP_NID2CURVE_FAILURE ,"ec group nid2curve failure"}, {ECDSA_R_ERR_EC_LIB ,"err ec lib"}, -{ECDSA_R_I2D_ECDSA_PRIVATEKEY ,"i2d ecdsa privatekey"}, -{ECDSA_R_I2D_ECDSA_PUBLICKEY ,"i2d ecdsa publickey"}, {ECDSA_R_MISSING_PARAMETERS ,"missing parameters"}, -{ECDSA_R_MISSING_PRIVATE_KEY ,"missing private key"}, -{ECDSA_R_NOT_SUPPORTED ,"not supported"}, -{ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED ,"no curve parameter a specified"}, -{ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED ,"no curve parameter b specified"}, -{ECDSA_R_NO_CURVE_SPECIFIED ,"no curve specified"}, -{ECDSA_R_NO_FIELD_SPECIFIED ,"no field specified"}, -{ECDSA_R_PRIME_MISSING ,"prime missing"}, {ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED ,"random number generation failed"}, {ECDSA_R_SIGNATURE_MALLOC_FAILED ,"signature malloc failed"}, -{ECDSA_R_UNEXPECTED_ASN1_TYPE ,"unexpected asn1 type"}, -{ECDSA_R_UNEXPECTED_PARAMETER ,"unexpected parameter"}, -{ECDSA_R_UNEXPECTED_PARAMETER_LENGTH ,"unexpected parameter length"}, -{ECDSA_R_UNEXPECTED_VERSION_NUMER ,"unexpected version numer"}, -{ECDSA_R_UNKNOWN_PARAMETERS_TYPE ,"unknown parameters type"}, -{ECDSA_R_WRONG_FIELD_IDENTIFIER ,"wrong field identifier"}, -{ECDSA_R_X9_62_CURVE_NEW_FAILURE ,"x9 62 curve new failure"}, -{ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE ,"x9 62 ec parameters new failure"}, {0,NULL} }; diff --git a/crypto/ecdsa/ecs_gen.c b/crypto/ecdsa/ecs_gen.c deleted file mode 100644 index e82b9b6e2f..0000000000 --- a/crypto/ecdsa/ecs_gen.c +++ /dev/null @@ -1,83 +0,0 @@ -/* crypto/ecdsa/ecs_gen.c */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* TODO: implementation of ecdsa parameter generation - */ -#if 0 -#include <stdio.h> -#include <time.h> -#include "cryptlib.h" -#include <openssl/evp.h> -#include <openssl/bn.h> -#include <openssl/ecdsa.h> -#include <openssl/rand.h> -#include <openssl/sha.h> - -#ifdef __cplusplus -extern "C" { -#endif -ECDSA *ECDSA_generate_parameters(int bits, - unsigned char *seed_in, int seed_len, - int *counter_ret, unsigned long *h_ret, - void (*callback)(int, int, void *), - void *cb_arg) - { - return NULL; - } -#ifdef __cplusplus -} -#endif -#else -static void *dummy=&dummy; -#endif diff --git a/crypto/ecdsa/ecs_key.c b/crypto/ecdsa/ecs_key.c deleted file mode 100644 index a186f3aa88..0000000000 --- a/crypto/ecdsa/ecs_key.c +++ /dev/null @@ -1,140 +0,0 @@ -/* crypto/ecdsa/ecs_key.c */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include "ecdsa.h" -#include <openssl/err.h> - -int ECDSA_generate_key(ECDSA *ecdsa) -{ - int ok=0; - BN_CTX *ctx=NULL; - BIGNUM *priv_key=NULL,*order=NULL; - EC_POINT *pub_key=NULL; - - if (!ecdsa || !ecdsa->group) - { - ECDSAerr(ECDSA_F_ECDSA_GENERATE_KEY,ECDSA_R_MISSING_PARAMETERS); - return 0; - } - - if ((order = BN_new()) == NULL) goto err; - if ((ctx = BN_CTX_new()) == NULL) goto err; - - if (ecdsa->priv_key == NULL) - { - if ((priv_key = BN_new()) == NULL) goto err; - } - else - priv_key = ecdsa->priv_key; - - if (!EC_GROUP_get_order(ecdsa->group, order, ctx)) goto err; - do - if (!BN_rand_range(priv_key, order)) goto err; - while (BN_is_zero(priv_key)); - - if (ecdsa->pub_key == NULL) - { - if ((pub_key = EC_POINT_new(ecdsa->group)) == NULL) goto err; - } - else - pub_key = ecdsa->pub_key; - - if (!EC_POINT_mul(ecdsa->group, pub_key, priv_key, NULL, NULL, ctx)) goto err; - - ecdsa->priv_key = priv_key; - ecdsa->pub_key = pub_key; - ok=1; -err: if (order) BN_free(order); - if ((pub_key != NULL) && (ecdsa->pub_key == NULL)) EC_POINT_free(pub_key); - if ((priv_key != NULL) && (ecdsa->priv_key == NULL)) BN_free(priv_key); - if (ctx != NULL) BN_CTX_free(ctx); - return(ok); -} - -int ECDSA_check_key(ECDSA *ecdsa) -{ - int ok=0; - BN_CTX *ctx=NULL; - BIGNUM *order=NULL; - EC_POINT *point=NULL; - - if (!ecdsa || !ecdsa->group || !ecdsa->pub_key) - return 0; - - if ((ctx = BN_CTX_new()) == NULL) goto err; - if ((order = BN_new()) == NULL) goto err; - if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err; - - /* testing whether pub_key is a valid point on the elliptic curve */ - if (!EC_POINT_is_on_curve(ecdsa->group,ecdsa->pub_key,ctx)) goto err; - /* testing whether pub_key * order is the point at infinity */ - if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) goto err; - if (!EC_POINT_copy(point,ecdsa->pub_key)) goto err; - if (!EC_POINT_mul(ecdsa->group,point,order,NULL,NULL,ctx)) goto err; - if (!EC_POINT_is_at_infinity(ecdsa->group,point)) goto err; - /* in case the priv_key is present : check if generator * priv_key == pub_key */ - if (ecdsa->priv_key) - { - if (BN_cmp(ecdsa->priv_key,order) >= 0) goto err; - if (!EC_POINT_mul(ecdsa->group,point,ecdsa->priv_key,NULL,NULL,ctx)) goto err; - if (EC_POINT_cmp(ecdsa->group,point,ecdsa->pub_key,ctx) != 0) goto err; - } - ok = 1; -err: - if (ctx != NULL) BN_CTX_free(ctx); - if (order != NULL) BN_free(order); - if (point != NULL) EC_POINT_free(point); - return(ok); -} diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 88cd18386c..bd0e34cbb4 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -58,6 +58,8 @@ const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT; +static void ecdsa_finish(EC_KEY *); + static const ECDSA_METHOD *default_ECDSA_method = NULL; void ECDSA_set_default_method(const ECDSA_METHOD *meth) @@ -72,37 +74,56 @@ const ECDSA_METHOD *ECDSA_get_default_method(void) return default_ECDSA_method; } -ECDSA *ECDSA_new(void) -{ - return ECDSA_new_method(NULL); -} - -int ECDSA_set_method(ECDSA *ecdsa, const ECDSA_METHOD *meth) +int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth) { const ECDSA_METHOD *mtmp; + ECDSA_DATA *ecdsa; + + ecdsa = ecdsa_check(eckey); + + if (ecdsa == NULL) + return 0; + mtmp = ecdsa->meth; - if (mtmp->finish) mtmp->finish(ecdsa); +#if 0 + if (mtmp->finish) + mtmp->finish(eckey); +#endif if (ecdsa->engine) { ENGINE_finish(ecdsa->engine); ecdsa->engine = NULL; } ecdsa->meth = meth; - if (meth->init) meth->init(ecdsa); +#if 0 + if (meth->init) + meth->init(eckey); +#endif return 1; } -ECDSA *ECDSA_new_method(ENGINE *engine) +ECDSA_DATA *ECDSA_DATA_new(void) +{ + return ECDSA_DATA_new_method(NULL); +} + +ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) { - ECDSA *ret; + ECDSA_DATA *ret; - ret=(ECDSA *)OPENSSL_malloc(sizeof(ECDSA)); + ret=(ECDSA_DATA *)OPENSSL_malloc(sizeof(ECDSA_DATA)); if (ret == NULL) { - ECDSAerr(ECDSA_F_ECDSA_NEW,ERR_R_MALLOC_FAILURE); + ECDSAerr(ECDSA_F_ECDSA_DATA_NEW, ERR_R_MALLOC_FAILURE); return(NULL); } + ret->init = NULL; + ret->finish = ecdsa_finish; + + ret->kinv = NULL; + ret->r = NULL; + ret->meth = ECDSA_get_default_method(); ret->engine = engine; if (!ret->engine) @@ -112,73 +133,69 @@ ECDSA *ECDSA_new_method(ENGINE *engine) ret->meth = ENGINE_get_ECDSA(ret->engine); if (!ret->meth) { - ECDSAerr(ECDSA_R_ECDSA_F_ECDSA_NEW, ERR_R_ENGINE_LIB); + ECDSAerr(ECDSA_F_ECDSA_DATA_NEW, ERR_R_ENGINE_LIB); ENGINE_finish(ret->engine); OPENSSL_free(ret); return NULL; } } - ret->version = 1; - ret->conversion_form = ECDSA_get_default_conversion_form(); - ret->group = NULL; - - ret->pub_key = NULL; - ret->priv_key = NULL; - - ret->kinv = NULL; - ret->r = NULL; - - ret->enc_flag = 0; - - ret->references = 1; ret->flags = ret->meth->flags; CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data); +#if 0 if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data); OPENSSL_free(ret); ret=NULL; } - +#endif return(ret); } -void ECDSA_free(ECDSA *r) +void ECDSA_DATA_free(ECDSA_DATA *r) { - int i; - - if (r == NULL) return; - - i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_ECDSA); -#ifdef REF_PRINT - REF_PRINT("ECDSA",r); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"ECDSA_free, bad reference count\n"); - abort(); - } -#endif + if (r->kinv) + BN_clear_free(r->kinv); + if (r->r) + BN_clear_free(r->r); +#if 0 if (r->meth->finish) r->meth->finish(r); +#endif if (r->engine) ENGINE_finish(r->engine); CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data); - if (r->group != NULL) EC_GROUP_free(r->group); - if (r->pub_key != NULL) EC_POINT_free(r->pub_key); - if (r->priv_key != NULL) BN_clear_free(r->priv_key); - if (r->kinv != NULL) BN_clear_free(r->kinv); - if (r->r != NULL) BN_clear_free(r->r); + memset((void *)r, 0x0, sizeof(ECDSA_DATA)); + OPENSSL_free(r); } -int ECDSA_size(const ECDSA *r) +ECDSA_DATA *ecdsa_check(EC_KEY *key) +{ + if (key->meth_data) + { + if (key->meth_data->finish != ecdsa_finish) + { + key->meth_data->finish(key); + key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new(); + } + } + else + key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new(); + return (ECDSA_DATA *)key->meth_data; +} + +static void ecdsa_finish(EC_KEY *key) +{ + if (key->meth_data && key->meth_data->finish == ecdsa_finish) + ECDSA_DATA_free((ECDSA_DATA *)key->meth_data); +} + +int ECDSA_size(const EC_KEY *r) { int ret,i; ASN1_INTEGER bs; @@ -207,6 +224,7 @@ int ECDSA_size(const ECDSA *r) return(ret); } + int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) { @@ -214,60 +232,20 @@ int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, new_func, dup_func, free_func); } -int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg) +int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg) { - return(CRYPTO_set_ex_data(&d->ex_data,idx,arg)); -} - -void *ECDSA_get_ex_data(ECDSA *d, int idx) -{ - return(CRYPTO_get_ex_data(&d->ex_data,idx)); -} - -int ECDSA_up_ref(ECDSA *ecdsa) -{ - int i = CRYPTO_add(&ecdsa->references, 1, CRYPTO_LOCK_ECDSA); -#ifdef REF_PRINT - REF_PRINT("ECDSA",r); -#endif -#ifdef REF_CHECK - if (i < 2) - { - fprintf(stderr, "ECDSA_up_ref, bad reference count\n"); - abort(); - } -#endif - return ((i > 1) ? 1 : 0); -} - -void ECDSA_set_conversion_form(ECDSA *ecdsa, const point_conversion_form_t form) -{ - if (ecdsa) ecdsa->conversion_form = form; -} - -point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *ecdsa) -{ - return ecdsa ? ecdsa->conversion_form : 0; -} - -static point_conversion_form_t default_conversion_form = POINT_CONVERSION_UNCOMPRESSED; - -void ECDSA_set_default_conversion_form(const point_conversion_form_t form) -{ - default_conversion_form = form; -} - -point_conversion_form_t ECDSA_get_default_conversion_form(void) -{ - return default_conversion_form; -} - -unsigned int ECDSA_get_enc_flag(const ECDSA *ecdsa) -{ - return ecdsa->enc_flag; + ECDSA_DATA *ecdsa; + ecdsa = ecdsa_check(d); + if (ecdsa == NULL) + return 0; + return(CRYPTO_set_ex_data(&ecdsa->ex_data,idx,arg)); } -void ECDSA_set_enc_flag(ECDSA *ecdsa, unsigned int flag) +void *ECDSA_get_ex_data(EC_KEY *d, int idx) { - ecdsa->enc_flag = flag; + ECDSA_DATA *ecdsa; + ecdsa = ecdsa_check(d); + if (ecdsa == NULL) + return NULL; + return(CRYPTO_get_ex_data(&ecdsa->ex_data,idx)); } diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index 915ece7bf4..a9814afe0b 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -55,22 +55,26 @@ #include "ecdsa.h" #include <openssl/err.h> +#include <openssl/obj_mac.h> -/* TODO : general case */ -#define EC_POINT_get_affine_coordinates EC_POINT_get_affine_coordinates_GFp - -static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa); -static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); -static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, - ECDSA *ecdsa); +static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, + EC_KEY *eckey); +static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, + BIGNUM **rp); +static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, + ECDSA_SIG *sig, EC_KEY *eckey); static ECDSA_METHOD openssl_ecdsa_meth = { -"OpenSSL ECDSA method", -ecdsa_do_sign, -ecdsa_sign_setup, -ecdsa_do_verify, -0, -NULL + "OpenSSL ECDSA method", + ecdsa_do_sign, + ecdsa_sign_setup, + ecdsa_do_verify, +#if 0 + NULL, /* init */ + NULL, /* finish */ +#endif + 0, /* flags */ + NULL /* app_data */ }; const ECDSA_METHOD *ECDSA_OpenSSL(void) @@ -78,35 +82,52 @@ const ECDSA_METHOD *ECDSA_OpenSSL(void) return &openssl_ecdsa_meth; } -static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) +static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, + BIGNUM **rp) { BN_CTX *ctx = NULL; BIGNUM k,*kinv=NULL,*r=NULL,*order=NULL,*X=NULL; EC_POINT *tmp_point=NULL; - int ret = 0,reason = ERR_R_BN_LIB; - if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key) + int ret = 0; + if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key) { - reason = ECDSA_R_MISSING_PARAMETERS; + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (ctx_in == NULL) { - if ((ctx=BN_CTX_new()) == NULL) goto err; + if ((ctx=BN_CTX_new()) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE); + goto err; + } } else ctx=ctx_in; - if ((r = BN_new()) == NULL) goto err; - if ((order = BN_new()) == NULL) goto err; - if ((X = BN_new()) == NULL) goto err; - if ((tmp_point = EC_POINT_new(ecdsa->group)) == NULL) + if ((r = BN_new()) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); + goto err; + } + if ((order = BN_new()) == NULL) { - reason = ERR_R_EC_LIB; + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); + goto err; + } + if ((X = BN_new()) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); + goto err; + } + if ((tmp_point = EC_POINT_new(eckey->group)) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } - if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) + if (!EC_GROUP_get_order(eckey->group,order,ctx)) { - reason = ERR_R_EC_LIB; + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); goto err; } @@ -117,24 +138,53 @@ static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM do if (!BN_rand_range(&k,order)) { - reason = ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED; + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, + ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED); goto err; } while (BN_is_zero(&k)); /* compute r the x-coordinate of generator * k */ - if (!EC_POINT_mul(ecdsa->group,tmp_point,&k,NULL,NULL,ctx) - || !EC_POINT_get_affine_coordinates(ecdsa->group,tmp_point,X,NULL,ctx)) + if (!EC_POINT_mul(eckey->group, tmp_point, &k, NULL, NULL, ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); + goto err; + } + if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group)) + == NID_X9_62_prime_field) + { + if (!EC_POINT_get_affine_coordinates_GFp(eckey->group, + tmp_point, X, NULL, ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, + ERR_R_EC_LIB); + goto err; + } + } + else /* NID_X9_62_characteristic_two_field */ + { + if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group, + tmp_point, X, NULL, ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, + ERR_R_EC_LIB); + goto err; + } + } + if (!BN_nnmod(r,X,order,ctx)) { - reason = ERR_R_EC_LIB; + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); goto err; } - if (!BN_nnmod(r,X,order,ctx)) goto err; } while (BN_is_zero(r)); /* compute the inverse of k */ - if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL) goto err; + if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); + goto err; + } if (*rp == NULL) BN_clear_free(*rp); @@ -147,7 +197,6 @@ static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM err: if (!ret) { - ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,reason); if (kinv != NULL) BN_clear_free(kinv); if (r != NULL) BN_clear_free(r); } @@ -165,44 +214,60 @@ err: } -static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa) +static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, + EC_KEY *eckey) { BIGNUM *kinv=NULL,*r=NULL,*s=NULL,*m=NULL,*tmp=NULL,*order=NULL; BIGNUM xr; BN_CTX *ctx=NULL; - int reason=ERR_R_BN_LIB; ECDSA_SIG *ret=NULL; + ECDSA_DATA *ecdsa; + + ecdsa = ecdsa_check(eckey); - if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key) + if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key + || !ecdsa) { - reason = ECDSA_R_MISSING_PARAMETERS; + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); goto err; } BN_init(&xr); - if ((ctx = BN_CTX_new()) == NULL) goto err; - if ((order = BN_new()) == NULL) goto err; - if ((tmp = BN_new()) == NULL) goto err; - if ((m = BN_new()) == NULL) goto err; - if ((s = BN_new()) == NULL) goto err; + if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL || + (tmp = BN_new()) == NULL || (m = BN_new()) == NULL || + (s = BN_new()) == NULL ) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } - if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) + if (!EC_GROUP_get_order(eckey->group,order,ctx)) { - reason = ECDSA_R_ERR_EC_LIB; + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB); goto err; } if (dgst_len > BN_num_bytes(order)) { - reason = ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, + ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); goto err; } - if (BN_bin2bn(dgst,dgst_len,m) == NULL) goto err; + if (BN_bin2bn(dgst,dgst_len,m) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } do { - if ((ecdsa->kinv == NULL) || (ecdsa->r == NULL)) + if (ecdsa->kinv == NULL || ecdsa->r == NULL) { - if (!ECDSA_sign_setup(ecdsa,ctx,&kinv,&r)) goto err; + if (!ECDSA_sign_setup(eckey,ctx,&kinv,&r)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, + ERR_R_ECDSA_LIB); + goto err; + } } else { @@ -212,109 +277,174 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA * ecdsa->r = NULL; } - if (!BN_mod_mul(tmp,ecdsa->priv_key,r,order,ctx)) goto err; - if (!BN_add(s,tmp,m)) goto err; + if (!BN_mod_mul(tmp,eckey->priv_key,r,order,ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } + if (!BN_add(s,tmp,m)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } if (BN_cmp(s,order) > 0) BN_sub(s,s,order); - if (!BN_mod_mul(s,s,kinv,order,ctx)) goto err; + if (!BN_mod_mul(s,s,kinv,order,ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); + goto err; + } } while (BN_is_zero(s)); if ((ret = ECDSA_SIG_new()) == NULL) { - reason = ECDSA_R_SIGNATURE_MALLOC_FAILED; + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); goto err; } if (BN_copy(ret->r, r) == NULL || BN_copy(ret->s, s) == NULL) { ECDSA_SIG_free(ret); ret = NULL; - reason = ERR_R_BN_LIB; + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); } err: - if (!ret) - { - ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,reason); - } - if (r != NULL) BN_clear_free(r); - if (s != NULL) BN_clear_free(s); - if (ctx != NULL) BN_CTX_free(ctx); - if (m != NULL) BN_clear_free(m); - if (tmp != NULL) BN_clear_free(tmp); - if (order != NULL) BN_clear_free(order); - if (kinv != NULL) BN_clear_free(kinv); + if (r) + BN_clear_free(r); + if (s) + BN_clear_free(s); + if (ctx) + BN_CTX_free(ctx); + if (m) + BN_clear_free(m); + if (tmp) + BN_clear_free(tmp); + if (order) + BN_clear_free(order); + if (kinv) + BN_clear_free(kinv); return(ret); } -static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, - ECDSA *ecdsa) +static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, + ECDSA_SIG *sig, EC_KEY *eckey) { BN_CTX *ctx; BIGNUM *order=NULL,*u1=NULL,*u2=NULL,*m=NULL,*X=NULL; EC_POINT *point=NULL; - int ret = -1,reason = ERR_R_BN_LIB; - if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !sig) + int ret = -1; + if (!eckey || !eckey->group || !eckey->pub_key || !sig) { - reason = ECDSA_R_MISSING_PARAMETERS; + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); return -1; } - if ((ctx = BN_CTX_new()) == NULL) goto err; - if ((order = BN_new()) == NULL) goto err; - if ((u1 = BN_new()) == NULL) goto err; - if ((u2 = BN_new()) == NULL) goto err; - if ((m = BN_new()) == NULL) goto err; - if ((X = BN_new()) == NULL) goto err; - if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) goto err; + if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL || + (u1 = BN_new()) == NULL || (u2 = BN_new()) == NULL || + (m = BN_new()) == NULL || (X = BN_new()) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; + } + if (!EC_GROUP_get_order(eckey->group, order, ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); + goto err; + } if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, order) >= 0) { - reason = ECDSA_R_BAD_SIGNATURE; + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE); ret = 0; goto err; } if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, order) >= 0) { - reason = ECDSA_R_BAD_SIGNATURE; + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE); ret = 0; goto err; } /* calculate tmp1 = inv(S) mod order */ - if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL) goto err; + if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); + goto err; + } /* digest -> m */ - if (BN_bin2bn(dgst,dgst_len,m) == NULL) goto err; + if (BN_bin2bn(dgst,dgst_len,m) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); + goto err; + } /* u1 = m * tmp mod order */ - if (!BN_mod_mul(u1,m,u2,order,ctx)) goto err; + if (!BN_mod_mul(u1,m,u2,order,ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); + goto err; + } /* u2 = r * w mod q */ - if (!BN_mod_mul(u2,sig->r,u2,order,ctx)) goto err; + if (!BN_mod_mul(u2,sig->r,u2,order,ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); + goto err; + } - if ((point = EC_POINT_new(ecdsa->group)) == NULL) + if ((point = EC_POINT_new(eckey->group)) == NULL) { - reason = ERR_R_EC_LIB; + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); goto err; } - if (!EC_POINT_mul(ecdsa->group,point,u1,ecdsa->pub_key,u2,ctx) - || !EC_POINT_get_affine_coordinates(ecdsa->group,point,X,NULL,ctx)) + if (!EC_POINT_mul(eckey->group, point, u1, eckey->pub_key, u2, ctx)) { - reason = ERR_R_EC_LIB; + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); + goto err; + } + if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group)) + == NID_X9_62_prime_field) + { + if (!EC_POINT_get_affine_coordinates_GFp(eckey->group, + point, X, NULL, ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); + goto err; + } + } + else /* NID_X9_62_characteristic_two_field */ + { + if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group, + point, X, NULL, ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB); + goto err; + } + } + + if (!BN_nnmod(u1,X,order,ctx)) + { + ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); goto err; } - if (!BN_nnmod(u1,X,order,ctx)) goto err; /* is now in u1. If the signature is correct, it will be * equal to R. */ ret = (BN_ucmp(u1,sig->r) == 0); err: - if (ret != 1) ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY,reason); - if (ctx != NULL) BN_CTX_free(ctx); - if (u1 != NULL) BN_clear_free(u1); - if (u2 != NULL) BN_clear_free(u2); - if (m != NULL) BN_clear_free(m); - if (X != NULL) BN_clear_free(X); - if (order != NULL) BN_clear_free(order); - if (point != NULL) EC_POINT_free(point); + if (ctx) + BN_CTX_free(ctx); + if (u1) + BN_clear_free(u1); + if (u2) + BN_clear_free(u2); + if (m) + BN_clear_free(m); + if (X) + BN_clear_free(X); + if (order) + BN_clear_free(order); + if (point) + EC_POINT_free(point); return(ret); } diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c index c1d3e3bf3c..215da1211a 100644 --- a/crypto/ecdsa/ecs_sign.c +++ b/crypto/ecdsa/ecs_sign.c @@ -56,16 +56,19 @@ #include "ecdsa.h" #include <openssl/engine.h> -ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa) +ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) { - return ecdsa->meth->ecdsa_do_sign(dgst, dlen, ecdsa); + ECDSA_DATA *ecdsa = ecdsa_check(eckey); + if (ecdsa == NULL) + return NULL; + return ecdsa->meth->ecdsa_do_sign(dgst, dlen, eckey); } -int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, - unsigned int *siglen, ECDSA *ecdsa) +int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char + *sig, unsigned int *siglen, EC_KEY *eckey) { ECDSA_SIG *s; - s=ECDSA_do_sign(dgst,dlen,ecdsa); + s=ECDSA_do_sign(dgst,dlen,eckey); if (s == NULL) { *siglen=0; @@ -76,7 +79,11 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig return(1); } -int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) +int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, + BIGNUM **rp) { - return ecdsa->meth->ecdsa_sign_setup(ecdsa, ctx_in, kinvp, rp); + ECDSA_DATA *ecdsa = ecdsa_check(eckey); + if (ecdsa == NULL) + return 0; + return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp); } diff --git a/crypto/ecdsa/ecs_vrf.c b/crypto/ecdsa/ecs_vrf.c index 58c98b5593..269671bec8 100644 --- a/crypto/ecdsa/ecs_vrf.c +++ b/crypto/ecdsa/ecs_vrf.c @@ -61,9 +61,13 @@ * 0: incorrect signature * -1: error */ -int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa) +int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, + ECDSA_SIG *sig, EC_KEY *eckey) { - return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, ecdsa); + ECDSA_DATA *ecdsa = ecdsa_check(eckey); + if (ecdsa == NULL) + return 0; + return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey); } /* returns @@ -71,15 +75,16 @@ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECD * 0: incorrect signature * -1: error */ -int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sigbuf, int sig_len, ECDSA *ecdsa) +int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, + const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) { ECDSA_SIG *s; int ret=-1; s = ECDSA_SIG_new(); if (s == NULL) return(ret); - if (d2i_ECDSA_SIG(&s,&sigbuf,sig_len) == NULL) goto err; - ret=ECDSA_do_verify(dgst,dgst_len,s,ecdsa); + if (d2i_ECDSA_SIG(&s, &sigbuf, sig_len) == NULL) goto err; + ret=ECDSA_do_verify(dgst, dgst_len, s, eckey); err: ECDSA_SIG_free(s); return(ret); diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 1a679d5e20..e4d60eeb4d 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -168,7 +168,8 @@ #define EVP_PKEY_DSA3 NID_dsaWithSHA1 #define EVP_PKEY_DSA4 NID_dsaWithSHA1_2 #define EVP_PKEY_DH NID_dhKeyAgreement -#define EVP_PKEY_ECDSA NID_X9_62_id_ecPublicKey +#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey +#define EVP_PKEY_ECDSA EVP_PKEY_EC #ifdef __cplusplus extern "C" { @@ -193,8 +194,8 @@ struct evp_pkey_st #ifndef OPENSSL_NO_DH struct dh_st *dh; /* DH */ #endif -#ifndef OPENSSL_NO_ECDSA - struct ecdsa_st *ecdsa; /* ECDSA */ +#ifndef OPENSSL_NO_EC + struct ec_key_st *eckey;/* ECC */ #endif } pkey; int save_parameters; @@ -454,9 +455,9 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen, (char *)(dh)) #endif -#ifndef OPENSSL_NO_ECDSA -#define EVP_PKEY_assign_ECDSA(pkey,ecdsa) EVP_PKEY_assign((pkey),EVP_PKEY_ECDSA,\ - (char *)(ecdsa)) +#ifndef OPENSSL_NO_EC +#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\ + (char *)(eckey)) #endif /* Add some extra combinations */ @@ -785,10 +786,10 @@ struct dh_st; int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key); struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey); #endif -#ifndef OPENSSL_NO_ECDSA -struct ecdsa_st; -int EVP_PKEY_set1_ECDSA(EVP_PKEY *pkey,struct ecdsa_st *key); -struct ecdsa_st *EVP_PKEY_get1_ECDSA(EVP_PKEY *pkey); +#ifndef OPENSSL_NO_EC +struct ec_key_st; +int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,struct ec_key_st *key); +struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey); #endif EVP_PKEY * EVP_PKEY_new(void); @@ -848,6 +849,7 @@ void ERR_load_EVP_strings(void); /* Function codes. */ #define EVP_F_D2I_PKEY 100 #define EVP_F_ECDSA_PKEY2PKCS8 129 +#define EVP_F_EC_KEY_PKEY2PKCS8 132 #define EVP_F_EVP_CIPHERINIT 123 #define EVP_F_EVP_CIPHER_CTX_CTRL 124 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122 @@ -867,6 +869,7 @@ void ERR_load_EVP_strings(void); #define EVP_F_EVP_PKEY_GET1_DH 119 #define EVP_F_EVP_PKEY_GET1_DSA 120 #define EVP_F_EVP_PKEY_GET1_ECDSA 130 +#define EVP_F_EVP_PKEY_GET1_EC_KEY 131 #define EVP_F_EVP_PKEY_GET1_RSA 121 #define EVP_F_EVP_PKEY_NEW 106 #define EVP_F_EVP_RIJNDAEL 126 @@ -896,6 +899,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DSA_KEY 129 #define EVP_R_EXPECTING_A_ECDSA_KEY 141 +#define EVP_R_EXPECTING_A_EC_KEY 142 #define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INPUT_NOT_INITIALIZED 111 #define EVP_R_INVALID_KEY_LENGTH 130 diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c index e6c71d4e01..815ce63b3b 100644 --- a/crypto/evp/evp_err.c +++ b/crypto/evp/evp_err.c @@ -1,6 +1,6 @@ /* crypto/evp/evp_err.c */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -68,6 +68,7 @@ static ERR_STRING_DATA EVP_str_functs[]= { {ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"}, {ERR_PACK(0,EVP_F_ECDSA_PKEY2PKCS8,0), "ECDSA_PKEY2PKCS8"}, +{ERR_PACK(0,EVP_F_EC_KEY_PKEY2PKCS8,0), "EC_KEY_PKEY2PKCS8"}, {ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"}, {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"}, {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"}, @@ -86,7 +87,8 @@ static ERR_STRING_DATA EVP_str_functs[]= {ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"}, {ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"}, {ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"}, -{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_ECDSA,0), "EVP_PKEY_get1_ECDSA"}, +{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_ECDSA,0), "EVP_PKEY_GET1_ECDSA"}, +{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_EC_KEY,0), "EVP_PKEY_get1_EC_KEY"}, {ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"}, {ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"}, {ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0), "EVP_RIJNDAEL"}, @@ -119,6 +121,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"}, {EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"}, {EVP_R_EXPECTING_A_ECDSA_KEY ,"expecting a ecdsa key"}, +{EVP_R_EXPECTING_A_EC_KEY ,"expecting a ec key"}, {EVP_R_INITIALIZATION_ERROR ,"initialization error"}, {EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"}, {EVP_R_INVALID_KEY_LENGTH ,"invalid key length"}, diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 1772647b16..25f920201f 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -65,8 +65,8 @@ #ifndef OPENSSL_NO_DSA static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); #endif -#ifndef OPENSSL_NO_ECDSA -static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); +#ifndef OPENSSL_NO_EC +static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey); #endif /* Extract a private key from a PKCS8 structure */ @@ -80,8 +80,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) #ifndef OPENSSL_NO_DSA DSA *dsa = NULL; #endif -#ifndef OPENSSL_NO_ECDSA - ECDSA *ecdsa = NULL; +#ifndef OPENSSL_NO_EC + EC_KEY *eckey = NULL; #endif #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA) ASN1_INTEGER *privkey; @@ -236,34 +236,37 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8) else /* nid == NID_ecdsa_with_SHA1 */ { #ifndef OPENSSL_NO_ECDSA - if ((ecdsa = d2i_ECDSAParameters(NULL, &cp, plen)) == NULL) + if ((eckey = d2i_ECParameters(NULL, &cp, + plen)) == NULL) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto err; } - if ((ecdsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)) == NULL) + if ((eckey->priv_key = ASN1_INTEGER_to_BN(privkey, + NULL)) == NULL) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto err; } - if ((ecdsa->pub_key = EC_POINT_new(ecdsa->group)) == NULL) + if ((eckey->pub_key = EC_POINT_new(eckey->group)) == NULL) { EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto err; } - if (!EC_POINT_copy(ecdsa->pub_key, EC_GROUP_get0_generator(ecdsa->group))) + if (!EC_POINT_copy(eckey->pub_key, + EC_GROUP_get0_generator(eckey->group))) { EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto err; } - if (!EC_POINT_mul(ecdsa->group, ecdsa->pub_key, ecdsa->priv_key, - NULL, NULL, ctx)) + if (!EC_POINT_mul(eckey->group, eckey->pub_key, + eckey->priv_key, NULL, NULL, ctx)) { EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto err; } - EVP_PKEY_assign_ECDSA(pkey, ecdsa); + EVP_PKEY_assign_EC_KEY(pkey, eckey); BN_CTX_free(ctx); if (n_stack) sk_ASN1_TYPE_pop_free(n_stack, ASN1_TYPE_free); else @@ -280,8 +283,9 @@ err: #ifndef OPENSSL_NO_DSA if (dsa) DSA_free(dsa); #endif -#ifndef OPENSSL_NO_ECDSA - if (ecdsa) ECDSA_free(ecdsa); +#ifndef OPENSSL_NO_EC + if (eckey) + EC_KEY_free(eckey); #endif if (pkey) EVP_PKEY_free(pkey); return NULL; @@ -348,7 +352,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) #endif #ifndef OPENSSL_NO_ECDSA case EVP_PKEY_ECDSA: - if (!ecdsa_pkey2pkcs8(p8, pkey)) + if (!eckey_pkey2pkcs8(p8, pkey)) { PKCS8_PRIV_KEY_INFO_free(p8); return(NULL); @@ -499,53 +503,54 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) } #endif -#ifndef OPENSSL_NO_ECDSA -static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) +#ifndef OPENSSL_NO_EC +static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) { ASN1_STRING *params=NULL; ASN1_INTEGER *prkey=NULL; ASN1_TYPE *ttmp=NULL; - STACK_OF(ASN1_TYPE) *necdsa=NULL; + STACK_OF(ASN1_TYPE) *neckey=NULL; unsigned char *p=NULL, *q=NULL; int len=0; EC_POINT *point=NULL; - if (pkey->pkey.ecdsa == NULL || pkey->pkey.ecdsa->group == NULL) + if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); return 0; } p8->pkeyalg->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA1); - len = i2d_ECDSAParameters(pkey->pkey.ecdsa, NULL); + len = i2d_ECParameters(pkey->pkey.eckey, NULL); if ((p = OPENSSL_malloc(len)) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); return 0; } q = p; - if (!i2d_ECDSAParameters(pkey->pkey.ecdsa, &q)) + if (!i2d_ECParameters(pkey->pkey.eckey, &q)) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_ECDSA_LIB); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ECDSA_LIB); OPENSSL_free(p); return 0; } if ((params = ASN1_STRING_new()) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); OPENSSL_free(p); return 0; } if (!ASN1_STRING_set(params, p, len)) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_ASN1_LIB); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB); OPENSSL_free(p); return 0; } OPENSSL_free(p); - if ((prkey = BN_to_ASN1_INTEGER(pkey->pkey.ecdsa->priv_key, NULL)) == NULL) + if ((prkey = BN_to_ASN1_INTEGER(pkey->pkey.eckey->priv_key, NULL)) + == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_ASN1_LIB); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB); return 0; } @@ -557,7 +562,7 @@ static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER, &p8->pkey->value.octet_string)) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); M_ASN1_INTEGER_free(prkey); return 0; } @@ -572,134 +577,137 @@ static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) p8->pkeyalg->parameter->value.sequence = params; p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE; - necdsa = sk_ASN1_TYPE_new_null(); - if (necdsa == NULL || (ttmp = ASN1_TYPE_new()) == NULL) + neckey = sk_ASN1_TYPE_new_null(); + if (neckey == NULL || (ttmp = ASN1_TYPE_new()) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); return 0; } - if ((point = EC_GROUP_get0_generator(pkey->pkey.ecdsa->group)) == NULL) + if ((point = EC_GROUP_get0_generator(pkey->pkey.eckey->group)) + == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB); return 0; } - len = EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, ECDSA_get_conversion_form(pkey->pkey.ecdsa), - NULL, 0, NULL); + len = EC_POINT_point2oct(pkey->pkey.eckey->group, point, + pkey->pkey.eckey->conv_form, NULL, 0, NULL); p = OPENSSL_malloc(len); - if (!len || !p || !EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, - ECDSA_get_conversion_form(pkey->pkey.ecdsa), p, len, NULL)) + if (!len || !p || !EC_POINT_point2oct(pkey->pkey.eckey->group, + point, pkey->pkey.eckey->conv_form, p, len, NULL)) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB); OPENSSL_free(p); return 0; } - if ((ttmp->value.octet_string = ASN1_OCTET_STRING_new()) == NULL) + if ((ttmp->value.octet_string =ASN1_OCTET_STRING_new()) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); return 0; } if (!ASN1_OCTET_STRING_set(ttmp->value.octet_string, p, len)) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, EVP_R_ASN1_LIB); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_ASN1_LIB); return 0; } OPENSSL_free(p); ttmp->type = V_ASN1_OCTET_STRING; - if (!sk_ASN1_TYPE_push(necdsa, ttmp)) + if (!sk_ASN1_TYPE_push(neckey, ttmp)) { - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); ASN1_INTEGER_free(prkey); return 0; } if ((ttmp = ASN1_TYPE_new()) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); return 0; } ttmp->value.integer = prkey; ttmp->type = V_ASN1_INTEGER; - if (!sk_ASN1_TYPE_push(necdsa, ttmp)) + if (!sk_ASN1_TYPE_push(neckey, ttmp)) { - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); ASN1_INTEGER_free(prkey); return 0; } - if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) == NULL) + if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) + == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); return 0; } - if (!ASN1_seq_pack_ASN1_TYPE(necdsa, i2d_ASN1_TYPE, + if (!ASN1_seq_pack_ASN1_TYPE(neckey, i2d_ASN1_TYPE, &p8->pkey->value.octet_string->data, &p8->pkey->value.octet_string->length)) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); return 0; } - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); break; case PKCS8_EMBEDDED_PARAM: p8->pkeyalg->parameter->type = V_ASN1_NULL; - necdsa = sk_ASN1_TYPE_new_null(); + neckey = sk_ASN1_TYPE_new_null(); if ((ttmp = ASN1_TYPE_new()) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); ASN1_INTEGER_free(prkey); return 0; } ttmp->value.sequence = params; ttmp->type = V_ASN1_SEQUENCE; - if (!sk_ASN1_TYPE_push(necdsa, ttmp)) + if (!sk_ASN1_TYPE_push(neckey, ttmp)) { - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); ASN1_INTEGER_free(prkey); return 0; } if ((ttmp = ASN1_TYPE_new()) == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); ASN1_INTEGER_free(prkey); return 0; } ttmp->value.integer = prkey; ttmp->type = V_ASN1_INTEGER; - if (!sk_ASN1_TYPE_push(necdsa, ttmp)) + if (!sk_ASN1_TYPE_push(neckey, ttmp)) { - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); ASN1_INTEGER_free(prkey); return 0; } - if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) == NULL) + if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) + == NULL) { - EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); return 0; } - if (!ASN1_seq_pack_ASN1_TYPE(necdsa, i2d_ASN1_TYPE, + if (!ASN1_seq_pack_ASN1_TYPE(neckey, i2d_ASN1_TYPE, &p8->pkey->value.octet_string->data, &p8->pkey->value.octet_string->length)) { EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); return 0; } - sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free); + sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free); break; } return 1; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index fcb5711753..ac0556b488 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -79,8 +79,8 @@ int EVP_PKEY_bits(EVP_PKEY *pkey) else if (pkey->type == EVP_PKEY_DSA) return(BN_num_bits(pkey->pkey.dsa->p)); #endif -#ifndef OPENSSL_NO_ECDSA - else if (pkey->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + else if (pkey->type == EVP_PKEY_EC) { BIGNUM *order = BN_new(); int ret; @@ -90,7 +90,7 @@ int EVP_PKEY_bits(EVP_PKEY *pkey) ERR_clear_error(); return 0; } - if (!EC_GROUP_get_order(pkey->pkey.ecdsa->group, order, NULL)) + if (!EC_GROUP_get_order(pkey->pkey.eckey->group, order, NULL)) { ERR_clear_error(); return 0; @@ -117,9 +117,9 @@ int EVP_PKEY_size(EVP_PKEY *pkey) if (pkey->type == EVP_PKEY_DSA) return(DSA_size(pkey->pkey.dsa)); #endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) - return(ECDSA_size(pkey->pkey.ecdsa)); +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) + return(ECDSA_size(pkey->pkey.eckey)); #endif return(0); @@ -181,13 +181,16 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from) to->pkey.dsa->g=a; } #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC if (to->type == EVP_PKEY_ECDSA) { - if (to->pkey.ecdsa->group != NULL) - EC_GROUP_free(to->pkey.ecdsa->group); - if ((to->pkey.ecdsa->group = EC_GROUP_new(EC_GROUP_method_of(from->pkey.ecdsa->group))) == NULL) goto err; - if (!EC_GROUP_copy(to->pkey.ecdsa->group,from->pkey.ecdsa->group)) goto err; + if (to->pkey.eckey->group != NULL) + EC_GROUP_free(to->pkey.eckey->group); + if ((to->pkey.eckey->group = EC_GROUP_new( + EC_GROUP_method_of(from->pkey.eckey->group))) == NULL) + goto err; + if (!EC_GROUP_copy(to->pkey.eckey->group, + from->pkey.eckey->group)) goto err; } #endif return(1); @@ -207,10 +210,10 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey) return(1); } #endif -#ifndef OPENSSL_NO_ECDSA - if (pkey->type == EVP_PKEY_ECDSA) +#ifndef OPENSSL_NO_EC + if (pkey->type == EVP_PKEY_EC) { - if (pkey->pkey.ecdsa->group == NULL) + if (pkey->pkey.eckey->group == NULL) return(1); } #endif @@ -303,24 +306,24 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) } #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC -int EVP_PKEY_set1_ECDSA(EVP_PKEY *pkey, ECDSA *key) +int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { - int ret = EVP_PKEY_assign_ECDSA(pkey,key); - if (ret) CRYPTO_add(&key->references, 1,CRYPTO_LOCK_ECDSA); + int ret = EVP_PKEY_assign_EC_KEY(pkey,key); + if (ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EC); return ret; } -ECDSA *EVP_PKEY_get1_ECDSA(EVP_PKEY *pkey) +EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) { - if (pkey->type != EVP_PKEY_ECDSA) + if (pkey->type != EVP_PKEY_EC) { - EVPerr(EVP_F_EVP_PKEY_GET1_ECDSA, EVP_R_EXPECTING_A_ECDSA_KEY); + EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); return NULL; } - CRYPTO_add(&pkey->pkey.ecdsa->references, 1, CRYPTO_LOCK_ECDSA); - return pkey->pkey.ecdsa; + CRYPTO_add(&pkey->pkey.eckey->references, 1, CRYPTO_LOCK_EC); + return pkey->pkey.eckey; } #endif @@ -361,8 +364,8 @@ int EVP_PKEY_type(int type) return(EVP_PKEY_DSA); case EVP_PKEY_DH: return(EVP_PKEY_DH); - case EVP_PKEY_ECDSA: - return(EVP_PKEY_ECDSA); + case EVP_PKEY_EC: + return(EVP_PKEY_EC); default: return(NID_undef); } @@ -408,9 +411,9 @@ static void EVP_PKEY_free_it(EVP_PKEY *x) DSA_free(x->pkey.dsa); break; #endif -#ifndef OPENSSL_NO_ECDSA - case EVP_PKEY_ECDSA: - ECDSA_free(x->pkey.ecdsa); +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: + EC_KEY_free(x->pkey.eckey); break; #endif #ifndef OPENSSL_NO_DH diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index d5805ab85a..fb196562fa 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -578,13 +578,10 @@ DECLARE_PEM_rw(DSAparams, DSA) #endif -#ifndef OPENSSL_NO_ECDSA -DECLARE_PEM_rw_cb(ECDSAPrivateKey, ECDSA) -DECLARE_PEM_rw(ECDSA_PUBKEY, ECDSA) -#endif - #ifndef OPENSSL_NO_EC DECLARE_PEM_rw(ECPKParameters, EC_GROUP) +DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY) +DECLARE_PEM_rw(EC_PUBKEY, EC_KEY) #endif #ifndef OPENSSL_NO_DH diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c index 0b818d2e87..60f5188f30 100644 --- a/crypto/pem/pem_all.c +++ b/crypto/pem/pem_all.c @@ -125,8 +125,8 @@ static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa); static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa); #endif -#ifndef OPENSSL_NO_ECDSA -static ECDSA *pkey_get_ecdsa(EVP_PKEY *key, ECDSA **ecdsa); +#ifndef OPENSSL_NO_EC +static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey); #endif IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) @@ -234,52 +234,51 @@ IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams) #endif -#ifndef OPENSSL_NO_ECDSA -static ECDSA *pkey_get_ecdsa(EVP_PKEY *key, ECDSA **ecdsa) +#ifndef OPENSSL_NO_EC +static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey) { - ECDSA *dtmp; + EC_KEY *dtmp; if(!key) return NULL; - dtmp = EVP_PKEY_get1_ECDSA(key); + dtmp = EVP_PKEY_get1_EC_KEY(key); EVP_PKEY_free(key); if(!dtmp) return NULL; - if(ecdsa) + if(eckey) { - ECDSA_free(*ecdsa); - *ecdsa = dtmp; + EC_KEY_free(*eckey); + *eckey = dtmp; } return dtmp; } -ECDSA *PEM_read_bio_ECDSAPrivateKey(BIO *bp, ECDSA **ecdsa, pem_password_cb *cb, +EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u); - return pkey_get_ecdsa(pktmp, ecdsa); + return pkey_get_eckey(pktmp, key); } -IMPLEMENT_PEM_write_cb(ECDSAPrivateKey, ECDSA, PEM_STRING_ECPRIVATEKEY, ECDSAPrivateKey) -IMPLEMENT_PEM_rw(ECDSA_PUBKEY, ECDSA, PEM_STRING_PUBLIC, ECDSA_PUBKEY) +IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) + +IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey) + +IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY) #ifndef OPENSSL_NO_FP_API -ECDSA *PEM_read_ECDSAPrivateKey(FILE *fp, ECDSA **ecdsa, pem_password_cb *cb, +EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb, void *u) { EVP_PKEY *pktmp; pktmp = PEM_read_PrivateKey(fp, NULL, cb, u); - return pkey_get_ecdsa(pktmp, ecdsa); + return pkey_get_eckey(pktmp, eckey); } #endif #endif -#ifndef OPENSSL_NO_EC -IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters) -#endif - #ifndef OPENSSL_NO_DH IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams) diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index a577d38687..328afd2e95 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -203,10 +203,10 @@ start: } else #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0) { - d2i=(char *(*)())d2i_ECDSAPrivateKey; + d2i=(char *(*)())d2i_ECPrivateKey; if (xi->x_pkey != NULL) { if (!sk_X509_INFO_push(ret,xi)) goto err; @@ -220,8 +220,8 @@ start: xi->x_pkey=X509_PKEY_new(); if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) goto err; - xi->x_pkey->dec_pkey->type=EVP_PKEY_ECDSA; - pp=(char **)&(xi->x_pkey->dec_pkey->pkey.ecdsa); + xi->x_pkey->dec_pkey->type=EVP_PKEY_EC; + pp=(char **)&(xi->x_pkey->dec_pkey->pkey.eckey); if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 7687e3bf2e..46a6e5a872 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -81,6 +81,10 @@ #include <openssl/dsa.h> #endif +#ifndef OPENSSL_NO_EC +#include <openssl/ec.h> +#endif + #ifndef OPENSSL_NO_ECDSA #include <openssl/ecdsa.h> #endif @@ -656,15 +660,15 @@ extern "C" { #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ (unsigned char *)dsa) -#define d2i_ECDSAPrivateKey_fp(fp,ecdsa) (ECDSA *)ASN1_d2i_fp((char *(*)())\ - ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (fp), \ +#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\ + EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \ (unsigned char **)(ecdsa)) -#define i2d_ECDSAPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECDSAPrivateKey,fp, \ +#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \ (unsigned char *)ecdsa) -#define d2i_ECDSAPrivateKey_bio(bp,ecdsa) (ECDSA *)ASN1_d2i_bio((char *(*)())\ - ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (bp), \ +#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\ + EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \ (unsigned char **)(ecdsa)) -#define i2d_ECDSAPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECDSAPrivateKey,bp, \ +#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \ (unsigned char *)ecdsa) #define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ @@ -770,11 +774,11 @@ int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa); DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); #endif -#ifndef OPENSSL_NO_ECDSA -ECDSA *d2i_ECDSA_PUBKEY_fp(FILE *fp, ECDSA **ecdsa); -int i2d_ECDSA_PUBKEY_fp(FILE *fp, ECDSA *ecdsa); -ECDSA *d2i_ECDSAPrivateKey_fp(FILE *fp, ECDSA **ecdsa); -int i2d_ECDSAPrivateKey_fp(FILE *fp, ECDSA *ecdsa); +#ifndef OPENSSL_NO_EC +EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey); +int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey); +EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey); +int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey); #endif X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); @@ -809,11 +813,11 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa); DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); #endif -#ifndef OPENSSL_NO_ECDSA -ECDSA *d2i_ECDSA_PUBKEY_bio(BIO *bp, ECDSA **ecdsa); -int i2d_ECDSA_PUBKEY_bio(BIO *bp, ECDSA *ecdsa); -ECDSA *d2i_ECDSAPrivateKey_bio(BIO *bp, ECDSA **ecdsa); -int i2d_ECDSAPrivateKey_bio(BIO *bp, ECDSA *ecdsa); +#ifndef OPENSSL_NO_EC +EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey); +int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey); +EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey); +int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey); #endif X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); @@ -879,9 +883,9 @@ int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, long length); #endif -#ifndef OPENSSL_NO_ECDSA -int i2d_ECDSA_PUBKEY(ECDSA *a, unsigned char **pp); -ECDSA *d2i_ECDSA_PUBKEY(ECDSA **a, unsigned char **pp, +#ifndef OPENSSL_NO_EC +int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp); +EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp, long length); #endif diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index dbbe0a9236..415e5f3863 100644 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -295,10 +295,11 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k) } break; #endif -#ifndef OPENSSL_NO_ECDSA - case EVP_PKEY_ECDSA: +#ifndef OPENSSL_NO_EC + case EVP_PKEY_EC: { - int r = EC_POINT_cmp(xk->pkey.ecdsa->group,xk->pkey.ecdsa->pub_key,k->pkey.ecdsa->pub_key,NULL); + int r = EC_POINT_cmp(xk->pkey.eckey->group, + xk->pkey.eckey->pub_key,k->pkey.eckey->pub_key,NULL); if (r != 0) { if (r == 1) diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index cc1ff90e9a..801df78f08 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -325,59 +325,58 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) #endif -#ifndef OPENSSL_NO_ECDSA +#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_FP_API -ECDSA *d2i_ECDSAPrivateKey_fp(FILE *fp, ECDSA **ecdsa) +EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey) { - return((ECDSA *)ASN1_d2i_fp((char *(*)()) - ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (fp), - (unsigned char **)(ecdsa))); + return((EC_KEY *)ASN1_d2i_fp((char *(*)()) + EC_KEY_new,(char *(*)())d2i_EC_PUBKEY, (fp), + (unsigned char **)(eckey))); } -int i2d_ECDSAPrivateKey_fp(FILE *fp, ECDSA *ecdsa) +int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey) { - return(ASN1_i2d_fp(i2d_ECDSAPrivateKey,fp,(unsigned char *)ecdsa)); + return(ASN1_i2d_fp(i2d_EC_PUBKEY,fp,(unsigned char *)eckey)); } - -ECDSA *d2i_ECDSA_PUBKEY_fp(FILE *fp, ECDSA **ecdsa) + +EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey) { - return((ECDSA *)ASN1_d2i_fp((char *(*)()) - ECDSA_new,(char *(*)())d2i_ECDSA_PUBKEY, (fp), - (unsigned char **)(ecdsa))); + return((EC_KEY *)ASN1_d2i_fp((char *(*)()) + EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), + (unsigned char **)(eckey))); } -int i2d_ECDSA_PUBKEY_fp(FILE *fp, ECDSA *ecdsa) +int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey) { - return(ASN1_i2d_fp(i2d_ECDSA_PUBKEY,fp,(unsigned char *)ecdsa)); + return(ASN1_i2d_fp(i2d_ECPrivateKey,fp,(unsigned char *)eckey)); } #endif - -ECDSA *d2i_ECDSAPrivateKey_bio(BIO *bp, ECDSA **ecdsa) +EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey) { - return((ECDSA *)ASN1_d2i_bio((char *(*)()) - ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (bp), - (unsigned char **)(ecdsa))); + return((EC_KEY *)ASN1_d2i_bio((char *(*)()) + EC_KEY_new,(char *(*)())d2i_EC_PUBKEY, (bp), + (unsigned char **)(eckey))); } -int i2d_ECDSAPrivateKey_bio(BIO *bp, ECDSA *ecdsa) +int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa) { - return(ASN1_i2d_bio(i2d_ECDSAPrivateKey,bp,(unsigned char *)ecdsa)); + return(ASN1_i2d_bio(i2d_EC_PUBKEY,bp,(unsigned char *)ecdsa)); } - -ECDSA *d2i_ECDSA_PUBKEY_bio(BIO *bp, ECDSA **ecdsa) + +EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey) { - return((ECDSA *)ASN1_d2i_bio((char *(*)()) - ECDSA_new,(char *(*)())d2i_ECDSA_PUBKEY, (bp), - (unsigned char **)(ecdsa))); + return((EC_KEY *)ASN1_d2i_bio((char *(*)()) + EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), + (unsigned char **)(eckey))); } -int i2d_ECDSA_PUBKEY_bio(BIO *bp, ECDSA *ecdsa) +int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey) { - return(ASN1_i2d_bio(i2d_ECDSA_PUBKEY,bp,(unsigned char *)ecdsa)); + return(ASN1_i2d_bio(i2d_ECPrivateKey,bp,(unsigned char *)eckey)); } - #endif + int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, unsigned int *len) { |