[331] | 1 | /*
|
---|
| 2 | * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
|
---|
| 3 | *
|
---|
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use
|
---|
| 5 | * this file except in compliance with the License. You can obtain a copy
|
---|
| 6 | * in the file LICENSE in the source distribution or at
|
---|
| 7 | * https://www.openssl.org/source/license.html
|
---|
| 8 | */
|
---|
| 9 |
|
---|
| 10 | #include <string.h>
|
---|
| 11 | #include "ec_lcl.h"
|
---|
| 12 | #include <openssl/err.h>
|
---|
| 13 | #include <openssl/asn1t.h>
|
---|
| 14 | #include <openssl/objects.h>
|
---|
| 15 |
|
---|
| 16 | int EC_GROUP_get_basis_type(const EC_GROUP *group)
|
---|
| 17 | {
|
---|
| 18 | int i = 0;
|
---|
| 19 |
|
---|
| 20 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
---|
| 21 | NID_X9_62_characteristic_two_field)
|
---|
| 22 | /* everything else is currently not supported */
|
---|
| 23 | return 0;
|
---|
| 24 |
|
---|
| 25 | while (group->poly[i] != 0)
|
---|
| 26 | i++;
|
---|
| 27 |
|
---|
| 28 | if (i == 4)
|
---|
| 29 | return NID_X9_62_ppBasis;
|
---|
| 30 | else if (i == 2)
|
---|
| 31 | return NID_X9_62_tpBasis;
|
---|
| 32 | else
|
---|
| 33 | /* everything else is currently not supported */
|
---|
| 34 | return 0;
|
---|
| 35 | }
|
---|
| 36 |
|
---|
| 37 | #ifndef OPENSSL_NO_EC2M
|
---|
| 38 | int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
|
---|
| 39 | {
|
---|
| 40 | if (group == NULL)
|
---|
| 41 | return 0;
|
---|
| 42 |
|
---|
| 43 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
---|
| 44 | NID_X9_62_characteristic_two_field
|
---|
| 45 | || !((group->poly[0] != 0) && (group->poly[1] != 0)
|
---|
| 46 | && (group->poly[2] == 0))) {
|
---|
| 47 | ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS,
|
---|
| 48 | ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
---|
| 49 | return 0;
|
---|
| 50 | }
|
---|
| 51 |
|
---|
| 52 | if (k)
|
---|
| 53 | *k = group->poly[1];
|
---|
| 54 |
|
---|
| 55 | return 1;
|
---|
| 56 | }
|
---|
| 57 |
|
---|
| 58 | int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
|
---|
| 59 | unsigned int *k2, unsigned int *k3)
|
---|
| 60 | {
|
---|
| 61 | if (group == NULL)
|
---|
| 62 | return 0;
|
---|
| 63 |
|
---|
| 64 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
|
---|
| 65 | NID_X9_62_characteristic_two_field
|
---|
| 66 | || !((group->poly[0] != 0) && (group->poly[1] != 0)
|
---|
| 67 | && (group->poly[2] != 0) && (group->poly[3] != 0)
|
---|
| 68 | && (group->poly[4] == 0))) {
|
---|
| 69 | ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS,
|
---|
| 70 | ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
|
---|
| 71 | return 0;
|
---|
| 72 | }
|
---|
| 73 |
|
---|
| 74 | if (k1)
|
---|
| 75 | *k1 = group->poly[3];
|
---|
| 76 | if (k2)
|
---|
| 77 | *k2 = group->poly[2];
|
---|
| 78 | if (k3)
|
---|
| 79 | *k3 = group->poly[1];
|
---|
| 80 |
|
---|
| 81 | return 1;
|
---|
| 82 | }
|
---|
| 83 | #endif
|
---|
| 84 |
|
---|
| 85 | /* some structures needed for the asn1 encoding */
|
---|
| 86 | typedef struct x9_62_pentanomial_st {
|
---|
| 87 | long k1;
|
---|
| 88 | long k2;
|
---|
| 89 | long k3;
|
---|
| 90 | } X9_62_PENTANOMIAL;
|
---|
| 91 |
|
---|
| 92 | typedef struct x9_62_characteristic_two_st {
|
---|
| 93 | long m;
|
---|
| 94 | ASN1_OBJECT *type;
|
---|
| 95 | union {
|
---|
| 96 | char *ptr;
|
---|
| 97 | /* NID_X9_62_onBasis */
|
---|
| 98 | ASN1_NULL *onBasis;
|
---|
| 99 | /* NID_X9_62_tpBasis */
|
---|
| 100 | ASN1_INTEGER *tpBasis;
|
---|
| 101 | /* NID_X9_62_ppBasis */
|
---|
| 102 | X9_62_PENTANOMIAL *ppBasis;
|
---|
| 103 | /* anything else */
|
---|
| 104 | ASN1_TYPE *other;
|
---|
| 105 | } p;
|
---|
| 106 | } X9_62_CHARACTERISTIC_TWO;
|
---|
| 107 |
|
---|
| 108 | typedef struct x9_62_fieldid_st {
|
---|
| 109 | ASN1_OBJECT *fieldType;
|
---|
| 110 | union {
|
---|
| 111 | char *ptr;
|
---|
| 112 | /* NID_X9_62_prime_field */
|
---|
| 113 | ASN1_INTEGER *prime;
|
---|
| 114 | /* NID_X9_62_characteristic_two_field */
|
---|
| 115 | X9_62_CHARACTERISTIC_TWO *char_two;
|
---|
| 116 | /* anything else */
|
---|
| 117 | ASN1_TYPE *other;
|
---|
| 118 | } p;
|
---|
| 119 | } X9_62_FIELDID;
|
---|
| 120 |
|
---|
| 121 | typedef struct x9_62_curve_st {
|
---|
| 122 | ASN1_OCTET_STRING *a;
|
---|
| 123 | ASN1_OCTET_STRING *b;
|
---|
| 124 | ASN1_BIT_STRING *seed;
|
---|
| 125 | } X9_62_CURVE;
|
---|
| 126 |
|
---|
| 127 | struct ec_parameters_st {
|
---|
| 128 | long version;
|
---|
| 129 | X9_62_FIELDID *fieldID;
|
---|
| 130 | X9_62_CURVE *curve;
|
---|
| 131 | ASN1_OCTET_STRING *base;
|
---|
| 132 | ASN1_INTEGER *order;
|
---|
| 133 | ASN1_INTEGER *cofactor;
|
---|
| 134 | } /* ECPARAMETERS */ ;
|
---|
| 135 |
|
---|
| 136 | struct ecpk_parameters_st {
|
---|
| 137 | int type;
|
---|
| 138 | union {
|
---|
| 139 | ASN1_OBJECT *named_curve;
|
---|
| 140 | ECPARAMETERS *parameters;
|
---|
| 141 | ASN1_NULL *implicitlyCA;
|
---|
| 142 | } value;
|
---|
| 143 | } /* ECPKPARAMETERS */ ;
|
---|
| 144 |
|
---|
| 145 | /* SEC1 ECPrivateKey */
|
---|
| 146 | typedef struct ec_privatekey_st {
|
---|
| 147 | long version;
|
---|
| 148 | ASN1_OCTET_STRING *privateKey;
|
---|
| 149 | ECPKPARAMETERS *parameters;
|
---|
| 150 | ASN1_BIT_STRING *publicKey;
|
---|
| 151 | } EC_PRIVATEKEY;
|
---|
| 152 |
|
---|
| 153 | /* the OpenSSL ASN.1 definitions */
|
---|
| 154 | ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
|
---|
| 155 | ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG),
|
---|
| 156 | ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG),
|
---|
| 157 | ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG)
|
---|
| 158 | } static_ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
|
---|
| 159 |
|
---|
| 160 | DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
|
---|
| 161 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
|
---|
| 162 |
|
---|
| 163 | ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
|
---|
| 164 |
|
---|
| 165 | ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = {
|
---|
| 166 | ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onBasis, ASN1_NULL)),
|
---|
| 167 | ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpBasis, ASN1_INTEGER)),
|
---|
| 168 | ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppBasis, X9_62_PENTANOMIAL))
|
---|
| 169 | } ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL);
|
---|
| 170 |
|
---|
| 171 | ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
|
---|
| 172 | ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG),
|
---|
| 173 | ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT),
|
---|
| 174 | ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
|
---|
| 175 | } static_ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
|
---|
| 176 |
|
---|
| 177 | DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
|
---|
| 178 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
|
---|
| 179 |
|
---|
| 180 | ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
|
---|
| 181 |
|
---|
| 182 | ASN1_ADB(X9_62_FIELDID) = {
|
---|
| 183 | ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),
|
---|
| 184 | ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID, p.char_two, X9_62_CHARACTERISTIC_TWO))
|
---|
| 185 | } ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);
|
---|
| 186 |
|
---|
| 187 | ASN1_SEQUENCE(X9_62_FIELDID) = {
|
---|
| 188 | ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
|
---|
| 189 | ASN1_ADB_OBJECT(X9_62_FIELDID)
|
---|
| 190 | } static_ASN1_SEQUENCE_END(X9_62_FIELDID)
|
---|
| 191 |
|
---|
| 192 | ASN1_SEQUENCE(X9_62_CURVE) = {
|
---|
| 193 | ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
|
---|
| 194 | ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
|
---|
| 195 | ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
|
---|
| 196 | } static_ASN1_SEQUENCE_END(X9_62_CURVE)
|
---|
| 197 |
|
---|
| 198 | ASN1_SEQUENCE(ECPARAMETERS) = {
|
---|
| 199 | ASN1_SIMPLE(ECPARAMETERS, version, LONG),
|
---|
| 200 | ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
|
---|
| 201 | ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
|
---|
| 202 | ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
|
---|
| 203 | ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
|
---|
| 204 | ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)
|
---|
| 205 | } ASN1_SEQUENCE_END(ECPARAMETERS)
|
---|
| 206 |
|
---|
| 207 | DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
|
---|
| 208 | IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
|
---|
| 209 |
|
---|
| 210 | ASN1_CHOICE(ECPKPARAMETERS) = {
|
---|
| 211 | ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
|
---|
| 212 | ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
|
---|
| 213 | ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
|
---|
| 214 | } ASN1_CHOICE_END(ECPKPARAMETERS)
|
---|
| 215 |
|
---|
| 216 | DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
|
---|
| 217 | DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
|
---|
| 218 | IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
|
---|
| 219 |
|
---|
| 220 | ASN1_SEQUENCE(EC_PRIVATEKEY) = {
|
---|
| 221 | ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
|
---|
| 222 | ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
|
---|
| 223 | ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
|
---|
| 224 | ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
|
---|
| 225 | } static_ASN1_SEQUENCE_END(EC_PRIVATEKEY)
|
---|
| 226 |
|
---|
| 227 | DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
|
---|
| 228 | DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
|
---|
| 229 | IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
|
---|
| 230 |
|
---|
| 231 | /* some declarations of internal function */
|
---|
| 232 |
|
---|
| 233 | /* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */
|
---|
| 234 | static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
|
---|
| 235 | /* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
|
---|
| 236 | static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
|
---|
| 237 |
|
---|
| 238 | /* the function definitions */
|
---|
| 239 |
|
---|
| 240 | static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
|
---|
| 241 | {
|
---|
| 242 | int ok = 0, nid;
|
---|
| 243 | BIGNUM *tmp = NULL;
|
---|
| 244 |
|
---|
| 245 | if (group == NULL || field == NULL)
|
---|
| 246 | return 0;
|
---|
| 247 |
|
---|
| 248 | /* clear the old values (if necessary) */
|
---|
| 249 | ASN1_OBJECT_free(field->fieldType);
|
---|
| 250 | ASN1_TYPE_free(field->p.other);
|
---|
| 251 |
|
---|
| 252 | nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
|
---|
| 253 | /* set OID for the field */
|
---|
| 254 | if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) {
|
---|
| 255 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
|
---|
| 256 | goto err;
|
---|
| 257 | }
|
---|
| 258 |
|
---|
| 259 | if (nid == NID_X9_62_prime_field) {
|
---|
| 260 | if ((tmp = BN_new()) == NULL) {
|
---|
| 261 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
|
---|
| 262 | goto err;
|
---|
| 263 | }
|
---|
| 264 | /* the parameters are specified by the prime number p */
|
---|
| 265 | if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) {
|
---|
| 266 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
|
---|
| 267 | goto err;
|
---|
| 268 | }
|
---|
| 269 | /* set the prime number */
|
---|
| 270 | field->p.prime = BN_to_ASN1_INTEGER(tmp, NULL);
|
---|
| 271 | if (field->p.prime == NULL) {
|
---|
| 272 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
|
---|
| 273 | goto err;
|
---|
| 274 | }
|
---|
| 275 | } else if (nid == NID_X9_62_characteristic_two_field)
|
---|
| 276 | #ifdef OPENSSL_NO_EC2M
|
---|
| 277 | {
|
---|
| 278 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
|
---|
| 279 | goto err;
|
---|
| 280 | }
|
---|
| 281 | #else
|
---|
| 282 | {
|
---|
| 283 | int field_type;
|
---|
| 284 | X9_62_CHARACTERISTIC_TWO *char_two;
|
---|
| 285 |
|
---|
| 286 | field->p.char_two = X9_62_CHARACTERISTIC_TWO_new();
|
---|
| 287 | char_two = field->p.char_two;
|
---|
| 288 |
|
---|
| 289 | if (char_two == NULL) {
|
---|
| 290 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
|
---|
| 291 | goto err;
|
---|
| 292 | }
|
---|
| 293 |
|
---|
| 294 | char_two->m = (long)EC_GROUP_get_degree(group);
|
---|
| 295 |
|
---|
| 296 | field_type = EC_GROUP_get_basis_type(group);
|
---|
| 297 |
|
---|
| 298 | if (field_type == 0) {
|
---|
| 299 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
|
---|
| 300 | goto err;
|
---|
| 301 | }
|
---|
| 302 | /* set base type OID */
|
---|
| 303 | if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) {
|
---|
| 304 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
|
---|
| 305 | goto err;
|
---|
| 306 | }
|
---|
| 307 |
|
---|
| 308 | if (field_type == NID_X9_62_tpBasis) {
|
---|
| 309 | unsigned int k;
|
---|
| 310 |
|
---|
| 311 | if (!EC_GROUP_get_trinomial_basis(group, &k))
|
---|
| 312 | goto err;
|
---|
| 313 |
|
---|
| 314 | char_two->p.tpBasis = ASN1_INTEGER_new();
|
---|
| 315 | if (char_two->p.tpBasis == NULL) {
|
---|
| 316 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
|
---|
| 317 | goto err;
|
---|
| 318 | }
|
---|
| 319 | if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) {
|
---|
| 320 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
|
---|
| 321 | goto err;
|
---|
| 322 | }
|
---|
| 323 | } else if (field_type == NID_X9_62_ppBasis) {
|
---|
| 324 | unsigned int k1, k2, k3;
|
---|
| 325 |
|
---|
| 326 | if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))
|
---|
| 327 | goto err;
|
---|
| 328 |
|
---|
| 329 | char_two->p.ppBasis = X9_62_PENTANOMIAL_new();
|
---|
| 330 | if (char_two->p.ppBasis == NULL) {
|
---|
| 331 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
|
---|
| 332 | goto err;
|
---|
| 333 | }
|
---|
| 334 |
|
---|
| 335 | /* set k? values */
|
---|
| 336 | char_two->p.ppBasis->k1 = (long)k1;
|
---|
| 337 | char_two->p.ppBasis->k2 = (long)k2;
|
---|
| 338 | char_two->p.ppBasis->k3 = (long)k3;
|
---|
| 339 | } else { /* field_type == NID_X9_62_onBasis */
|
---|
| 340 |
|
---|
| 341 | /* for ONB the parameters are (asn1) NULL */
|
---|
| 342 | char_two->p.onBasis = ASN1_NULL_new();
|
---|
| 343 | if (char_two->p.onBasis == NULL) {
|
---|
| 344 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
|
---|
| 345 | goto err;
|
---|
| 346 | }
|
---|
| 347 | }
|
---|
| 348 | }
|
---|
| 349 | #endif
|
---|
| 350 | else {
|
---|
| 351 | ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_UNSUPPORTED_FIELD);
|
---|
| 352 | goto err;
|
---|
| 353 | }
|
---|
| 354 |
|
---|
| 355 | ok = 1;
|
---|
| 356 |
|
---|
| 357 | err:
|
---|
| 358 | BN_free(tmp);
|
---|
| 359 | return (ok);
|
---|
| 360 | }
|
---|
| 361 |
|
---|
| 362 | static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
|
---|
| 363 | {
|
---|
| 364 | int ok = 0, nid;
|
---|
| 365 | BIGNUM *tmp_1 = NULL, *tmp_2 = NULL;
|
---|
| 366 | unsigned char *buffer_1 = NULL, *buffer_2 = NULL,
|
---|
| 367 | *a_buf = NULL, *b_buf = NULL;
|
---|
| 368 | size_t len_1, len_2;
|
---|
| 369 | unsigned char char_zero = 0;
|
---|
| 370 |
|
---|
| 371 | if (!group || !curve || !curve->a || !curve->b)
|
---|
| 372 | return 0;
|
---|
| 373 |
|
---|
| 374 | if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) {
|
---|
| 375 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
|
---|
| 376 | goto err;
|
---|
| 377 | }
|
---|
| 378 |
|
---|
| 379 | nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
|
---|
| 380 |
|
---|
| 381 | /* get a and b */
|
---|
| 382 | if (nid == NID_X9_62_prime_field) {
|
---|
| 383 | if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) {
|
---|
| 384 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
|
---|
| 385 | goto err;
|
---|
| 386 | }
|
---|
| 387 | }
|
---|
| 388 | #ifndef OPENSSL_NO_EC2M
|
---|
| 389 | else { /* nid == NID_X9_62_characteristic_two_field */
|
---|
| 390 |
|
---|
| 391 | if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) {
|
---|
| 392 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
|
---|
| 393 | goto err;
|
---|
| 394 | }
|
---|
| 395 | }
|
---|
| 396 | #endif
|
---|
| 397 | len_1 = (size_t)BN_num_bytes(tmp_1);
|
---|
| 398 | len_2 = (size_t)BN_num_bytes(tmp_2);
|
---|
| 399 |
|
---|
| 400 | if (len_1 == 0) {
|
---|
| 401 | /* len_1 == 0 => a == 0 */
|
---|
| 402 | a_buf = &char_zero;
|
---|
| 403 | len_1 = 1;
|
---|
| 404 | } else {
|
---|
| 405 | if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL) {
|
---|
| 406 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
|
---|
| 407 | goto err;
|
---|
| 408 | }
|
---|
| 409 | if ((len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) {
|
---|
| 410 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
|
---|
| 411 | goto err;
|
---|
| 412 | }
|
---|
| 413 | a_buf = buffer_1;
|
---|
| 414 | }
|
---|
| 415 |
|
---|
| 416 | if (len_2 == 0) {
|
---|
| 417 | /* len_2 == 0 => b == 0 */
|
---|
| 418 | b_buf = &char_zero;
|
---|
| 419 | len_2 = 1;
|
---|
| 420 | } else {
|
---|
| 421 | if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL) {
|
---|
| 422 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
|
---|
| 423 | goto err;
|
---|
| 424 | }
|
---|
| 425 | if ((len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) {
|
---|
| 426 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
|
---|
| 427 | goto err;
|
---|
| 428 | }
|
---|
| 429 | b_buf = buffer_2;
|
---|
| 430 | }
|
---|
| 431 |
|
---|
| 432 | /* set a and b */
|
---|
| 433 | if (!ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
|
---|
| 434 | !ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
|
---|
| 435 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
|
---|
| 436 | goto err;
|
---|
| 437 | }
|
---|
| 438 |
|
---|
| 439 | /* set the seed (optional) */
|
---|
| 440 | if (group->seed) {
|
---|
| 441 | if (!curve->seed)
|
---|
| 442 | if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) {
|
---|
| 443 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
|
---|
| 444 | goto err;
|
---|
| 445 | }
|
---|
| 446 | curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
|
---|
| 447 | curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
|
---|
| 448 | if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
|
---|
| 449 | (int)group->seed_len)) {
|
---|
| 450 | ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
|
---|
| 451 | goto err;
|
---|
| 452 | }
|
---|
| 453 | } else {
|
---|
| 454 | ASN1_BIT_STRING_free(curve->seed);
|
---|
| 455 | curve->seed = NULL;
|
---|
| 456 | }
|
---|
| 457 |
|
---|
| 458 | ok = 1;
|
---|
| 459 |
|
---|
| 460 | err:
|
---|
| 461 | OPENSSL_free(buffer_1);
|
---|
| 462 | OPENSSL_free(buffer_2);
|
---|
| 463 | BN_free(tmp_1);
|
---|
| 464 | BN_free(tmp_2);
|
---|
| 465 | return (ok);
|
---|
| 466 | }
|
---|
| 467 |
|
---|
| 468 | ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
|
---|
| 469 | ECPARAMETERS *params)
|
---|
| 470 | {
|
---|
| 471 | size_t len = 0;
|
---|
| 472 | ECPARAMETERS *ret = NULL;
|
---|
| 473 | const BIGNUM *tmp;
|
---|
| 474 | unsigned char *buffer = NULL;
|
---|
| 475 | const EC_POINT *point = NULL;
|
---|
| 476 | point_conversion_form_t form;
|
---|
| 477 |
|
---|
| 478 | if (params == NULL) {
|
---|
| 479 | if ((ret = ECPARAMETERS_new()) == NULL) {
|
---|
| 480 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
|
---|
| 481 | goto err;
|
---|
| 482 | }
|
---|
| 483 | } else
|
---|
| 484 | ret = params;
|
---|
| 485 |
|
---|
| 486 | /* set the version (always one) */
|
---|
| 487 | ret->version = (long)0x1;
|
---|
| 488 |
|
---|
| 489 | /* set the fieldID */
|
---|
| 490 | if (!ec_asn1_group2fieldid(group, ret->fieldID)) {
|
---|
| 491 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 492 | goto err;
|
---|
| 493 | }
|
---|
| 494 |
|
---|
| 495 | /* set the curve */
|
---|
| 496 | if (!ec_asn1_group2curve(group, ret->curve)) {
|
---|
| 497 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 498 | goto err;
|
---|
| 499 | }
|
---|
| 500 |
|
---|
| 501 | /* set the base point */
|
---|
| 502 | if ((point = EC_GROUP_get0_generator(group)) == NULL) {
|
---|
| 503 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, EC_R_UNDEFINED_GENERATOR);
|
---|
| 504 | goto err;
|
---|
| 505 | }
|
---|
| 506 |
|
---|
| 507 | form = EC_GROUP_get_point_conversion_form(group);
|
---|
| 508 |
|
---|
| 509 | len = EC_POINT_point2buf(group, point, form, &buffer, NULL);
|
---|
| 510 | if (len == 0) {
|
---|
| 511 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 512 | goto err;
|
---|
| 513 | }
|
---|
| 514 | if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
|
---|
| 515 | OPENSSL_free(buffer);
|
---|
| 516 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
|
---|
| 517 | goto err;
|
---|
| 518 | }
|
---|
| 519 | ASN1_STRING_set0(ret->base, buffer, len);
|
---|
| 520 |
|
---|
| 521 | /* set the order */
|
---|
| 522 | tmp = EC_GROUP_get0_order(group);
|
---|
| 523 | if (tmp == NULL) {
|
---|
| 524 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 525 | goto err;
|
---|
| 526 | }
|
---|
| 527 | ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
|
---|
| 528 | if (ret->order == NULL) {
|
---|
| 529 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
|
---|
| 530 | goto err;
|
---|
| 531 | }
|
---|
| 532 |
|
---|
| 533 | /* set the cofactor (optional) */
|
---|
| 534 | tmp = EC_GROUP_get0_cofactor(group);
|
---|
| 535 | if (tmp != NULL) {
|
---|
| 536 | ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
|
---|
| 537 | if (ret->cofactor == NULL) {
|
---|
| 538 | ECerr(EC_F_EC_GROUP_GET_ECPARAMETERS, ERR_R_ASN1_LIB);
|
---|
| 539 | goto err;
|
---|
| 540 | }
|
---|
| 541 | }
|
---|
| 542 |
|
---|
| 543 | return ret;
|
---|
| 544 |
|
---|
| 545 | err:
|
---|
| 546 | if (params == NULL)
|
---|
| 547 | ECPARAMETERS_free(ret);
|
---|
| 548 | return NULL;
|
---|
| 549 | }
|
---|
| 550 |
|
---|
| 551 | ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group,
|
---|
| 552 | ECPKPARAMETERS *params)
|
---|
| 553 | {
|
---|
| 554 | int ok = 1, tmp;
|
---|
| 555 | ECPKPARAMETERS *ret = params;
|
---|
| 556 |
|
---|
| 557 | if (ret == NULL) {
|
---|
| 558 | if ((ret = ECPKPARAMETERS_new()) == NULL) {
|
---|
| 559 | ECerr(EC_F_EC_GROUP_GET_ECPKPARAMETERS, ERR_R_MALLOC_FAILURE);
|
---|
| 560 | return NULL;
|
---|
| 561 | }
|
---|
| 562 | } else {
|
---|
| 563 | if (ret->type == 0)
|
---|
| 564 | ASN1_OBJECT_free(ret->value.named_curve);
|
---|
| 565 | else if (ret->type == 1 && ret->value.parameters)
|
---|
| 566 | ECPARAMETERS_free(ret->value.parameters);
|
---|
| 567 | }
|
---|
| 568 |
|
---|
| 569 | if (EC_GROUP_get_asn1_flag(group)) {
|
---|
| 570 | /*
|
---|
| 571 | * use the asn1 OID to describe the the elliptic curve parameters
|
---|
| 572 | */
|
---|
| 573 | tmp = EC_GROUP_get_curve_name(group);
|
---|
| 574 | if (tmp) {
|
---|
| 575 | ret->type = 0;
|
---|
| 576 | if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
|
---|
| 577 | ok = 0;
|
---|
| 578 | } else
|
---|
| 579 | /* we don't know the nid => ERROR */
|
---|
| 580 | ok = 0;
|
---|
| 581 | } else {
|
---|
| 582 | /* use the ECPARAMETERS structure */
|
---|
| 583 | ret->type = 1;
|
---|
| 584 | if ((ret->value.parameters =
|
---|
| 585 | EC_GROUP_get_ecparameters(group, NULL)) == NULL)
|
---|
| 586 | ok = 0;
|
---|
| 587 | }
|
---|
| 588 |
|
---|
| 589 | if (!ok) {
|
---|
| 590 | ECPKPARAMETERS_free(ret);
|
---|
| 591 | return NULL;
|
---|
| 592 | }
|
---|
| 593 | return ret;
|
---|
| 594 | }
|
---|
| 595 |
|
---|
| 596 | EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
|
---|
| 597 | {
|
---|
| 598 | int ok = 0, tmp;
|
---|
| 599 | EC_GROUP *ret = NULL;
|
---|
| 600 | BIGNUM *p = NULL, *a = NULL, *b = NULL;
|
---|
| 601 | EC_POINT *point = NULL;
|
---|
| 602 | long field_bits;
|
---|
| 603 |
|
---|
| 604 | if (!params->fieldID || !params->fieldID->fieldType ||
|
---|
| 605 | !params->fieldID->p.ptr) {
|
---|
| 606 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 607 | goto err;
|
---|
| 608 | }
|
---|
| 609 |
|
---|
| 610 | /* now extract the curve parameters a and b */
|
---|
| 611 | if (!params->curve || !params->curve->a ||
|
---|
| 612 | !params->curve->a->data || !params->curve->b ||
|
---|
| 613 | !params->curve->b->data) {
|
---|
| 614 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 615 | goto err;
|
---|
| 616 | }
|
---|
| 617 | a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL);
|
---|
| 618 | if (a == NULL) {
|
---|
| 619 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_BN_LIB);
|
---|
| 620 | goto err;
|
---|
| 621 | }
|
---|
| 622 | b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
|
---|
| 623 | if (b == NULL) {
|
---|
| 624 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_BN_LIB);
|
---|
| 625 | goto err;
|
---|
| 626 | }
|
---|
| 627 |
|
---|
| 628 | /* get the field parameters */
|
---|
| 629 | tmp = OBJ_obj2nid(params->fieldID->fieldType);
|
---|
| 630 | if (tmp == NID_X9_62_characteristic_two_field)
|
---|
| 631 | #ifdef OPENSSL_NO_EC2M
|
---|
| 632 | {
|
---|
| 633 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_GF2M_NOT_SUPPORTED);
|
---|
| 634 | goto err;
|
---|
| 635 | }
|
---|
| 636 | #else
|
---|
| 637 | {
|
---|
| 638 | X9_62_CHARACTERISTIC_TWO *char_two;
|
---|
| 639 |
|
---|
| 640 | char_two = params->fieldID->p.char_two;
|
---|
| 641 |
|
---|
| 642 | field_bits = char_two->m;
|
---|
| 643 | if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
|
---|
| 644 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_FIELD_TOO_LARGE);
|
---|
| 645 | goto err;
|
---|
| 646 | }
|
---|
| 647 |
|
---|
| 648 | if ((p = BN_new()) == NULL) {
|
---|
| 649 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
|
---|
| 650 | goto err;
|
---|
| 651 | }
|
---|
| 652 |
|
---|
| 653 | /* get the base type */
|
---|
| 654 | tmp = OBJ_obj2nid(char_two->type);
|
---|
| 655 |
|
---|
| 656 | if (tmp == NID_X9_62_tpBasis) {
|
---|
| 657 | long tmp_long;
|
---|
| 658 |
|
---|
| 659 | if (!char_two->p.tpBasis) {
|
---|
| 660 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 661 | goto err;
|
---|
| 662 | }
|
---|
| 663 |
|
---|
| 664 | tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
|
---|
| 665 |
|
---|
| 666 | if (!(char_two->m > tmp_long && tmp_long > 0)) {
|
---|
| 667 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS,
|
---|
| 668 | EC_R_INVALID_TRINOMIAL_BASIS);
|
---|
| 669 | goto err;
|
---|
| 670 | }
|
---|
| 671 |
|
---|
| 672 | /* create the polynomial */
|
---|
| 673 | if (!BN_set_bit(p, (int)char_two->m))
|
---|
| 674 | goto err;
|
---|
| 675 | if (!BN_set_bit(p, (int)tmp_long))
|
---|
| 676 | goto err;
|
---|
| 677 | if (!BN_set_bit(p, 0))
|
---|
| 678 | goto err;
|
---|
| 679 | } else if (tmp == NID_X9_62_ppBasis) {
|
---|
| 680 | X9_62_PENTANOMIAL *penta;
|
---|
| 681 |
|
---|
| 682 | penta = char_two->p.ppBasis;
|
---|
| 683 | if (!penta) {
|
---|
| 684 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 685 | goto err;
|
---|
| 686 | }
|
---|
| 687 |
|
---|
| 688 | if (!
|
---|
| 689 | (char_two->m > penta->k3 && penta->k3 > penta->k2
|
---|
| 690 | && penta->k2 > penta->k1 && penta->k1 > 0)) {
|
---|
| 691 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS,
|
---|
| 692 | EC_R_INVALID_PENTANOMIAL_BASIS);
|
---|
| 693 | goto err;
|
---|
| 694 | }
|
---|
| 695 |
|
---|
| 696 | /* create the polynomial */
|
---|
| 697 | if (!BN_set_bit(p, (int)char_two->m))
|
---|
| 698 | goto err;
|
---|
| 699 | if (!BN_set_bit(p, (int)penta->k1))
|
---|
| 700 | goto err;
|
---|
| 701 | if (!BN_set_bit(p, (int)penta->k2))
|
---|
| 702 | goto err;
|
---|
| 703 | if (!BN_set_bit(p, (int)penta->k3))
|
---|
| 704 | goto err;
|
---|
| 705 | if (!BN_set_bit(p, 0))
|
---|
| 706 | goto err;
|
---|
| 707 | } else if (tmp == NID_X9_62_onBasis) {
|
---|
| 708 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_NOT_IMPLEMENTED);
|
---|
| 709 | goto err;
|
---|
| 710 | } else { /* error */
|
---|
| 711 |
|
---|
| 712 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 713 | goto err;
|
---|
| 714 | }
|
---|
| 715 |
|
---|
| 716 | /* create the EC_GROUP structure */
|
---|
| 717 | ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
|
---|
| 718 | }
|
---|
| 719 | #endif
|
---|
| 720 | else if (tmp == NID_X9_62_prime_field) {
|
---|
| 721 | /* we have a curve over a prime field */
|
---|
| 722 | /* extract the prime number */
|
---|
| 723 | if (!params->fieldID->p.prime) {
|
---|
| 724 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 725 | goto err;
|
---|
| 726 | }
|
---|
| 727 | p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL);
|
---|
| 728 | if (p == NULL) {
|
---|
| 729 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_ASN1_LIB);
|
---|
| 730 | goto err;
|
---|
| 731 | }
|
---|
| 732 |
|
---|
| 733 | if (BN_is_negative(p) || BN_is_zero(p)) {
|
---|
| 734 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_INVALID_FIELD);
|
---|
| 735 | goto err;
|
---|
| 736 | }
|
---|
| 737 |
|
---|
| 738 | field_bits = BN_num_bits(p);
|
---|
| 739 | if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
|
---|
| 740 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_FIELD_TOO_LARGE);
|
---|
| 741 | goto err;
|
---|
| 742 | }
|
---|
| 743 |
|
---|
| 744 | /* create the EC_GROUP structure */
|
---|
| 745 | ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
|
---|
| 746 | } else {
|
---|
| 747 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_INVALID_FIELD);
|
---|
| 748 | goto err;
|
---|
| 749 | }
|
---|
| 750 |
|
---|
| 751 | if (ret == NULL) {
|
---|
| 752 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 753 | goto err;
|
---|
| 754 | }
|
---|
| 755 |
|
---|
| 756 | /* extract seed (optional) */
|
---|
| 757 | if (params->curve->seed != NULL) {
|
---|
| 758 | OPENSSL_free(ret->seed);
|
---|
| 759 | if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL) {
|
---|
| 760 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
|
---|
| 761 | goto err;
|
---|
| 762 | }
|
---|
| 763 | memcpy(ret->seed, params->curve->seed->data,
|
---|
| 764 | params->curve->seed->length);
|
---|
| 765 | ret->seed_len = params->curve->seed->length;
|
---|
| 766 | }
|
---|
| 767 |
|
---|
| 768 | if (!params->order || !params->base || !params->base->data) {
|
---|
| 769 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 770 | goto err;
|
---|
| 771 | }
|
---|
| 772 |
|
---|
| 773 | if ((point = EC_POINT_new(ret)) == NULL)
|
---|
| 774 | goto err;
|
---|
| 775 |
|
---|
| 776 | /* set the point conversion form */
|
---|
| 777 | EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
|
---|
| 778 | (params->base->data[0] & ~0x01));
|
---|
| 779 |
|
---|
| 780 | /* extract the ec point */
|
---|
| 781 | if (!EC_POINT_oct2point(ret, point, params->base->data,
|
---|
| 782 | params->base->length, NULL)) {
|
---|
| 783 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 784 | goto err;
|
---|
| 785 | }
|
---|
| 786 |
|
---|
| 787 | /* extract the order */
|
---|
| 788 | if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
|
---|
| 789 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_ASN1_LIB);
|
---|
| 790 | goto err;
|
---|
| 791 | }
|
---|
| 792 | if (BN_is_negative(a) || BN_is_zero(a)) {
|
---|
| 793 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_INVALID_GROUP_ORDER);
|
---|
| 794 | goto err;
|
---|
| 795 | }
|
---|
| 796 | if (BN_num_bits(a) > (int)field_bits + 1) { /* Hasse bound */
|
---|
| 797 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, EC_R_INVALID_GROUP_ORDER);
|
---|
| 798 | goto err;
|
---|
| 799 | }
|
---|
| 800 |
|
---|
| 801 | /* extract the cofactor (optional) */
|
---|
| 802 | if (params->cofactor == NULL) {
|
---|
| 803 | BN_free(b);
|
---|
| 804 | b = NULL;
|
---|
| 805 | } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
|
---|
| 806 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_ASN1_LIB);
|
---|
| 807 | goto err;
|
---|
| 808 | }
|
---|
| 809 | /* set the generator, order and cofactor (if present) */
|
---|
| 810 | if (!EC_GROUP_set_generator(ret, point, a, b)) {
|
---|
| 811 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 812 | goto err;
|
---|
| 813 | }
|
---|
| 814 |
|
---|
| 815 | ok = 1;
|
---|
| 816 |
|
---|
| 817 | err:
|
---|
| 818 | if (!ok) {
|
---|
| 819 | EC_GROUP_clear_free(ret);
|
---|
| 820 | ret = NULL;
|
---|
| 821 | }
|
---|
| 822 |
|
---|
| 823 | BN_free(p);
|
---|
| 824 | BN_free(a);
|
---|
| 825 | BN_free(b);
|
---|
| 826 | EC_POINT_free(point);
|
---|
| 827 | return (ret);
|
---|
| 828 | }
|
---|
| 829 |
|
---|
| 830 | EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
|
---|
| 831 | {
|
---|
| 832 | EC_GROUP *ret = NULL;
|
---|
| 833 | int tmp = 0;
|
---|
| 834 |
|
---|
| 835 | if (params == NULL) {
|
---|
| 836 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, EC_R_MISSING_PARAMETERS);
|
---|
| 837 | return NULL;
|
---|
| 838 | }
|
---|
| 839 |
|
---|
| 840 | if (params->type == 0) { /* the curve is given by an OID */
|
---|
| 841 | tmp = OBJ_obj2nid(params->value.named_curve);
|
---|
| 842 | if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) {
|
---|
| 843 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS,
|
---|
| 844 | EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
|
---|
| 845 | return NULL;
|
---|
| 846 | }
|
---|
| 847 | EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
|
---|
| 848 | } else if (params->type == 1) { /* the parameters are given by a
|
---|
| 849 | * ECPARAMETERS structure */
|
---|
| 850 | ret = EC_GROUP_new_from_ecparameters(params->value.parameters);
|
---|
| 851 | if (!ret) {
|
---|
| 852 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, ERR_R_EC_LIB);
|
---|
| 853 | return NULL;
|
---|
| 854 | }
|
---|
| 855 | EC_GROUP_set_asn1_flag(ret, 0x0);
|
---|
| 856 | } else if (params->type == 2) { /* implicitlyCA */
|
---|
| 857 | return NULL;
|
---|
| 858 | } else {
|
---|
| 859 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, EC_R_ASN1_ERROR);
|
---|
| 860 | return NULL;
|
---|
| 861 | }
|
---|
| 862 |
|
---|
| 863 | return ret;
|
---|
| 864 | }
|
---|
| 865 |
|
---|
| 866 | /* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
|
---|
| 867 |
|
---|
| 868 | EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
|
---|
| 869 | {
|
---|
| 870 | EC_GROUP *group = NULL;
|
---|
| 871 | ECPKPARAMETERS *params = NULL;
|
---|
| 872 | const unsigned char *p = *in;
|
---|
| 873 |
|
---|
| 874 | if ((params = d2i_ECPKPARAMETERS(NULL, &p, len)) == NULL) {
|
---|
| 875 | ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
|
---|
| 876 | ECPKPARAMETERS_free(params);
|
---|
| 877 | return NULL;
|
---|
| 878 | }
|
---|
| 879 |
|
---|
| 880 | if ((group = EC_GROUP_new_from_ecpkparameters(params)) == NULL) {
|
---|
| 881 | ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
|
---|
| 882 | ECPKPARAMETERS_free(params);
|
---|
| 883 | return NULL;
|
---|
| 884 | }
|
---|
| 885 |
|
---|
| 886 | if (a) {
|
---|
| 887 | EC_GROUP_clear_free(*a);
|
---|
| 888 | *a = group;
|
---|
| 889 | }
|
---|
| 890 |
|
---|
| 891 | ECPKPARAMETERS_free(params);
|
---|
| 892 | *in = p;
|
---|
| 893 | return (group);
|
---|
| 894 | }
|
---|
| 895 |
|
---|
| 896 | int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
|
---|
| 897 | {
|
---|
| 898 | int ret = 0;
|
---|
| 899 | ECPKPARAMETERS *tmp = EC_GROUP_get_ecpkparameters(a, NULL);
|
---|
| 900 | if (tmp == NULL) {
|
---|
| 901 | ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
|
---|
| 902 | return 0;
|
---|
| 903 | }
|
---|
| 904 | if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) {
|
---|
| 905 | ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
|
---|
| 906 | ECPKPARAMETERS_free(tmp);
|
---|
| 907 | return 0;
|
---|
| 908 | }
|
---|
| 909 | ECPKPARAMETERS_free(tmp);
|
---|
| 910 | return (ret);
|
---|
| 911 | }
|
---|
| 912 |
|
---|
| 913 | /* some EC_KEY functions */
|
---|
| 914 |
|
---|
| 915 | EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
|
---|
| 916 | {
|
---|
| 917 | EC_KEY *ret = NULL;
|
---|
| 918 | EC_PRIVATEKEY *priv_key = NULL;
|
---|
| 919 | const unsigned char *p = *in;
|
---|
| 920 |
|
---|
| 921 | if ((priv_key = d2i_EC_PRIVATEKEY(NULL, &p, len)) == NULL) {
|
---|
| 922 | ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 923 | return NULL;
|
---|
| 924 | }
|
---|
| 925 |
|
---|
| 926 | if (a == NULL || *a == NULL) {
|
---|
| 927 | if ((ret = EC_KEY_new()) == NULL) {
|
---|
| 928 | ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
|
---|
| 929 | goto err;
|
---|
| 930 | }
|
---|
| 931 | } else
|
---|
| 932 | ret = *a;
|
---|
| 933 |
|
---|
| 934 | if (priv_key->parameters) {
|
---|
| 935 | EC_GROUP_clear_free(ret->group);
|
---|
| 936 | ret->group = EC_GROUP_new_from_ecpkparameters(priv_key->parameters);
|
---|
| 937 | }
|
---|
| 938 |
|
---|
| 939 | if (ret->group == NULL) {
|
---|
| 940 | ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 941 | goto err;
|
---|
| 942 | }
|
---|
| 943 |
|
---|
| 944 | ret->version = priv_key->version;
|
---|
| 945 |
|
---|
| 946 | if (priv_key->privateKey) {
|
---|
| 947 | ASN1_OCTET_STRING *pkey = priv_key->privateKey;
|
---|
| 948 | if (EC_KEY_oct2priv(ret, ASN1_STRING_get0_data(pkey),
|
---|
| 949 | ASN1_STRING_length(pkey)) == 0)
|
---|
| 950 | goto err;
|
---|
| 951 | } else {
|
---|
| 952 | ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_MISSING_PRIVATE_KEY);
|
---|
| 953 | goto err;
|
---|
| 954 | }
|
---|
| 955 |
|
---|
| 956 | EC_POINT_clear_free(ret->pub_key);
|
---|
| 957 | ret->pub_key = EC_POINT_new(ret->group);
|
---|
| 958 | if (ret->pub_key == NULL) {
|
---|
| 959 | ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 960 | goto err;
|
---|
| 961 | }
|
---|
| 962 |
|
---|
| 963 | if (priv_key->publicKey) {
|
---|
| 964 | const unsigned char *pub_oct;
|
---|
| 965 | int pub_oct_len;
|
---|
| 966 |
|
---|
| 967 | pub_oct = ASN1_STRING_get0_data(priv_key->publicKey);
|
---|
| 968 | pub_oct_len = ASN1_STRING_length(priv_key->publicKey);
|
---|
| 969 | if (!EC_KEY_oct2key(ret, pub_oct, pub_oct_len, NULL)) {
|
---|
| 970 | ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 971 | goto err;
|
---|
| 972 | }
|
---|
| 973 | } else {
|
---|
| 974 | if (ret->group->meth->keygenpub == NULL
|
---|
| 975 | || ret->group->meth->keygenpub(ret) == 0)
|
---|
| 976 | goto err;
|
---|
| 977 | /* Remember the original private-key-only encoding. */
|
---|
| 978 | ret->enc_flag |= EC_PKEY_NO_PUBKEY;
|
---|
| 979 | }
|
---|
| 980 |
|
---|
| 981 | if (a)
|
---|
| 982 | *a = ret;
|
---|
| 983 | EC_PRIVATEKEY_free(priv_key);
|
---|
| 984 | *in = p;
|
---|
| 985 | return (ret);
|
---|
| 986 |
|
---|
| 987 | err:
|
---|
| 988 | if (a == NULL || *a != ret)
|
---|
| 989 | EC_KEY_free(ret);
|
---|
| 990 | EC_PRIVATEKEY_free(priv_key);
|
---|
| 991 | return NULL;
|
---|
| 992 | }
|
---|
| 993 |
|
---|
| 994 | int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
|
---|
| 995 | {
|
---|
| 996 | int ret = 0, ok = 0;
|
---|
| 997 | unsigned char *priv= NULL, *pub= NULL;
|
---|
| 998 | size_t privlen = 0, publen = 0;
|
---|
| 999 |
|
---|
| 1000 | EC_PRIVATEKEY *priv_key = NULL;
|
---|
| 1001 |
|
---|
| 1002 | if (a == NULL || a->group == NULL ||
|
---|
| 1003 | (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL)) {
|
---|
| 1004 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_PASSED_NULL_PARAMETER);
|
---|
| 1005 | goto err;
|
---|
| 1006 | }
|
---|
| 1007 |
|
---|
| 1008 | if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
|
---|
| 1009 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
|
---|
| 1010 | goto err;
|
---|
| 1011 | }
|
---|
| 1012 |
|
---|
| 1013 | priv_key->version = a->version;
|
---|
| 1014 |
|
---|
| 1015 | privlen = EC_KEY_priv2buf(a, &priv);
|
---|
| 1016 |
|
---|
| 1017 | if (privlen == 0) {
|
---|
| 1018 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 1019 | goto err;
|
---|
| 1020 | }
|
---|
| 1021 |
|
---|
| 1022 | ASN1_STRING_set0(priv_key->privateKey, priv, privlen);
|
---|
| 1023 | priv = NULL;
|
---|
| 1024 |
|
---|
| 1025 | if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) {
|
---|
| 1026 | if ((priv_key->parameters =
|
---|
| 1027 | EC_GROUP_get_ecpkparameters(a->group,
|
---|
| 1028 | priv_key->parameters)) == NULL) {
|
---|
| 1029 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 1030 | goto err;
|
---|
| 1031 | }
|
---|
| 1032 | }
|
---|
| 1033 |
|
---|
| 1034 | if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) {
|
---|
| 1035 | priv_key->publicKey = ASN1_BIT_STRING_new();
|
---|
| 1036 | if (priv_key->publicKey == NULL) {
|
---|
| 1037 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
|
---|
| 1038 | goto err;
|
---|
| 1039 | }
|
---|
| 1040 |
|
---|
| 1041 | publen = EC_KEY_key2buf(a, a->conv_form, &pub, NULL);
|
---|
| 1042 |
|
---|
| 1043 | if (publen == 0) {
|
---|
| 1044 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 1045 | goto err;
|
---|
| 1046 | }
|
---|
| 1047 |
|
---|
| 1048 | priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
|
---|
| 1049 | priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
|
---|
| 1050 | ASN1_STRING_set0(priv_key->publicKey, pub, publen);
|
---|
| 1051 | pub = NULL;
|
---|
| 1052 | }
|
---|
| 1053 |
|
---|
| 1054 | if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) {
|
---|
| 1055 | ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
|
---|
| 1056 | goto err;
|
---|
| 1057 | }
|
---|
| 1058 | ok = 1;
|
---|
| 1059 | err:
|
---|
| 1060 | OPENSSL_clear_free(priv, privlen);
|
---|
| 1061 | OPENSSL_free(pub);
|
---|
| 1062 | EC_PRIVATEKEY_free(priv_key);
|
---|
| 1063 | return (ok ? ret : 0);
|
---|
| 1064 | }
|
---|
| 1065 |
|
---|
| 1066 | int i2d_ECParameters(EC_KEY *a, unsigned char **out)
|
---|
| 1067 | {
|
---|
| 1068 | if (a == NULL) {
|
---|
| 1069 | ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
|
---|
| 1070 | return 0;
|
---|
| 1071 | }
|
---|
| 1072 | return i2d_ECPKParameters(a->group, out);
|
---|
| 1073 | }
|
---|
| 1074 |
|
---|
| 1075 | EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
|
---|
| 1076 | {
|
---|
| 1077 | EC_KEY *ret;
|
---|
| 1078 |
|
---|
| 1079 | if (in == NULL || *in == NULL) {
|
---|
| 1080 | ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
|
---|
| 1081 | return NULL;
|
---|
| 1082 | }
|
---|
| 1083 |
|
---|
| 1084 | if (a == NULL || *a == NULL) {
|
---|
| 1085 | if ((ret = EC_KEY_new()) == NULL) {
|
---|
| 1086 | ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
|
---|
| 1087 | return NULL;
|
---|
| 1088 | }
|
---|
| 1089 | } else
|
---|
| 1090 | ret = *a;
|
---|
| 1091 |
|
---|
| 1092 | if (!d2i_ECPKParameters(&ret->group, in, len)) {
|
---|
| 1093 | ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
|
---|
| 1094 | if (a == NULL || *a != ret)
|
---|
| 1095 | EC_KEY_free(ret);
|
---|
| 1096 | return NULL;
|
---|
| 1097 | }
|
---|
| 1098 |
|
---|
| 1099 | if (a)
|
---|
| 1100 | *a = ret;
|
---|
| 1101 |
|
---|
| 1102 | return ret;
|
---|
| 1103 | }
|
---|
| 1104 |
|
---|
| 1105 | EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len)
|
---|
| 1106 | {
|
---|
| 1107 | EC_KEY *ret = NULL;
|
---|
| 1108 |
|
---|
| 1109 | if (a == NULL || (*a) == NULL || (*a)->group == NULL) {
|
---|
| 1110 | /*
|
---|
| 1111 | * sorry, but a EC_GROUP-structure is necessary to set the public key
|
---|
| 1112 | */
|
---|
| 1113 | ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
|
---|
| 1114 | return 0;
|
---|
| 1115 | }
|
---|
| 1116 | ret = *a;
|
---|
| 1117 | if (!EC_KEY_oct2key(ret, *in, len, NULL)) {
|
---|
| 1118 | ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB);
|
---|
| 1119 | return 0;
|
---|
| 1120 | }
|
---|
| 1121 | *in += len;
|
---|
| 1122 | return ret;
|
---|
| 1123 | }
|
---|
| 1124 |
|
---|
| 1125 | int i2o_ECPublicKey(const EC_KEY *a, unsigned char **out)
|
---|
| 1126 | {
|
---|
| 1127 | size_t buf_len = 0;
|
---|
| 1128 | int new_buffer = 0;
|
---|
| 1129 |
|
---|
| 1130 | if (a == NULL) {
|
---|
| 1131 | ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
|
---|
| 1132 | return 0;
|
---|
| 1133 | }
|
---|
| 1134 |
|
---|
| 1135 | buf_len = EC_POINT_point2oct(a->group, a->pub_key,
|
---|
| 1136 | a->conv_form, NULL, 0, NULL);
|
---|
| 1137 |
|
---|
| 1138 | if (out == NULL || buf_len == 0)
|
---|
| 1139 | /* out == NULL => just return the length of the octet string */
|
---|
| 1140 | return buf_len;
|
---|
| 1141 |
|
---|
| 1142 | if (*out == NULL) {
|
---|
| 1143 | if ((*out = OPENSSL_malloc(buf_len)) == NULL) {
|
---|
| 1144 | ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
|
---|
| 1145 | return 0;
|
---|
| 1146 | }
|
---|
| 1147 | new_buffer = 1;
|
---|
| 1148 | }
|
---|
| 1149 | if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
|
---|
| 1150 | *out, buf_len, NULL)) {
|
---|
| 1151 | ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
|
---|
| 1152 | if (new_buffer) {
|
---|
| 1153 | OPENSSL_free(*out);
|
---|
| 1154 | *out = NULL;
|
---|
| 1155 | }
|
---|
| 1156 | return 0;
|
---|
| 1157 | }
|
---|
| 1158 | if (!new_buffer)
|
---|
| 1159 | *out += buf_len;
|
---|
| 1160 | return buf_len;
|
---|
| 1161 | }
|
---|
| 1162 |
|
---|
| 1163 | ASN1_SEQUENCE(ECDSA_SIG) = {
|
---|
| 1164 | ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
|
---|
| 1165 | ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
|
---|
| 1166 | } static_ASN1_SEQUENCE_END(ECDSA_SIG)
|
---|
| 1167 |
|
---|
| 1168 | DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG)
|
---|
| 1169 | DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG)
|
---|
| 1170 | IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSA_SIG, ECDSA_SIG, ECDSA_SIG)
|
---|
| 1171 |
|
---|
| 1172 | ECDSA_SIG *ECDSA_SIG_new(void)
|
---|
| 1173 | {
|
---|
| 1174 | ECDSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig));
|
---|
| 1175 | if (sig == NULL)
|
---|
| 1176 | ECerr(EC_F_ECDSA_SIG_NEW, ERR_R_MALLOC_FAILURE);
|
---|
| 1177 | return sig;
|
---|
| 1178 | }
|
---|
| 1179 |
|
---|
| 1180 | void ECDSA_SIG_free(ECDSA_SIG *sig)
|
---|
| 1181 | {
|
---|
| 1182 | if (sig == NULL)
|
---|
| 1183 | return;
|
---|
| 1184 | BN_clear_free(sig->r);
|
---|
| 1185 | BN_clear_free(sig->s);
|
---|
| 1186 | OPENSSL_free(sig);
|
---|
| 1187 | }
|
---|
| 1188 |
|
---|
| 1189 | void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
|
---|
| 1190 | {
|
---|
| 1191 | if (pr != NULL)
|
---|
| 1192 | *pr = sig->r;
|
---|
| 1193 | if (ps != NULL)
|
---|
| 1194 | *ps = sig->s;
|
---|
| 1195 | }
|
---|
| 1196 |
|
---|
| 1197 | int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
|
---|
| 1198 | {
|
---|
| 1199 | if (r == NULL || s == NULL)
|
---|
| 1200 | return 0;
|
---|
| 1201 | BN_clear_free(sig->r);
|
---|
| 1202 | BN_clear_free(sig->s);
|
---|
| 1203 | sig->r = r;
|
---|
| 1204 | sig->s = s;
|
---|
| 1205 | return 1;
|
---|
| 1206 | }
|
---|
| 1207 |
|
---|
| 1208 | int ECDSA_size(const EC_KEY *r)
|
---|
| 1209 | {
|
---|
| 1210 | int ret, i;
|
---|
| 1211 | ASN1_INTEGER bs;
|
---|
| 1212 | unsigned char buf[4];
|
---|
| 1213 | const EC_GROUP *group;
|
---|
| 1214 |
|
---|
| 1215 | if (r == NULL)
|
---|
| 1216 | return 0;
|
---|
| 1217 | group = EC_KEY_get0_group(r);
|
---|
| 1218 | if (group == NULL)
|
---|
| 1219 | return 0;
|
---|
| 1220 |
|
---|
| 1221 | i = EC_GROUP_order_bits(group);
|
---|
| 1222 | if (i == 0)
|
---|
| 1223 | return 0;
|
---|
| 1224 | bs.length = (i + 7) / 8;
|
---|
| 1225 | bs.data = buf;
|
---|
| 1226 | bs.type = V_ASN1_INTEGER;
|
---|
| 1227 | /* If the top bit is set the asn1 encoding is 1 larger. */
|
---|
| 1228 | buf[0] = 0xff;
|
---|
| 1229 |
|
---|
| 1230 | i = i2d_ASN1_INTEGER(&bs, NULL);
|
---|
| 1231 | i += i; /* r and s */
|
---|
| 1232 | ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
|
---|
| 1233 | return (ret);
|
---|
| 1234 | }
|
---|