summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ec/ec_asn1.c
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2015-03-08 16:48:49 +0000
committercvs2svn <admin@example.com>2015-03-08 16:48:49 +0000
commitdecf84ba5550c1656a7fdb51b5b81969590c3f03 (patch)
tree44872802e872bdfd60730fa9cf01d9d5751251c1 /src/lib/libcrypto/ec/ec_asn1.c
parent7a8f138352aa4eb7b65ac4b1a5fe7630fbee1427 (diff)
downloadopenbsd-libressl-v2.1.5.tar.gz
openbsd-libressl-v2.1.5.tar.bz2
openbsd-libressl-v2.1.5.zip
This commit was manufactured by cvs2git to create branch 'OPENBSD_5_7'.libressl-v2.1.5
Diffstat (limited to 'src/lib/libcrypto/ec/ec_asn1.c')
-rw-r--r--src/lib/libcrypto/ec/ec_asn1.c1312
1 files changed, 0 insertions, 1312 deletions
diff --git a/src/lib/libcrypto/ec/ec_asn1.c b/src/lib/libcrypto/ec/ec_asn1.c
deleted file mode 100644
index c0ef6f40e4..0000000000
--- a/src/lib/libcrypto/ec/ec_asn1.c
+++ /dev/null
@@ -1,1312 +0,0 @@
1/* $OpenBSD: ec_asn1.c,v 1.12 2015/02/10 05:43:09 jsing Exp $ */
2/*
3 * Written by Nils Larsch for the OpenSSL project.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <string.h>
60
61#include <openssl/opensslconf.h>
62
63#include "ec_lcl.h"
64#include <openssl/err.h>
65#include <openssl/asn1t.h>
66#include <openssl/objects.h>
67
68int
69EC_GROUP_get_basis_type(const EC_GROUP * group)
70{
71 int i = 0;
72
73 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
74 NID_X9_62_characteristic_two_field)
75 /* everything else is currently not supported */
76 return 0;
77
78 while (group->poly[i] != 0)
79 i++;
80
81 if (i == 4)
82 return NID_X9_62_ppBasis;
83 else if (i == 2)
84 return NID_X9_62_tpBasis;
85 else
86 /* everything else is currently not supported */
87 return 0;
88}
89#ifndef OPENSSL_NO_EC2M
90int
91EC_GROUP_get_trinomial_basis(const EC_GROUP * group, unsigned int *k)
92{
93 if (group == NULL)
94 return 0;
95
96 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
97 NID_X9_62_characteristic_two_field
98 || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0))) {
99 ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
100 return 0;
101 }
102 if (k)
103 *k = group->poly[1];
104
105 return 1;
106}
107int
108EC_GROUP_get_pentanomial_basis(const EC_GROUP * group, unsigned int *k1,
109 unsigned int *k2, unsigned int *k3)
110{
111 if (group == NULL)
112 return 0;
113
114 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
115 NID_X9_62_characteristic_two_field
116 || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) {
117 ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
118 return 0;
119 }
120 if (k1)
121 *k1 = group->poly[3];
122 if (k2)
123 *k2 = group->poly[2];
124 if (k3)
125 *k3 = group->poly[1];
126
127 return 1;
128}
129#endif
130
131
132/* some structures needed for the asn1 encoding */
133typedef struct x9_62_pentanomial_st {
134 long k1;
135 long k2;
136 long k3;
137} X9_62_PENTANOMIAL;
138
139typedef struct x9_62_characteristic_two_st {
140 long m;
141 ASN1_OBJECT *type;
142 union {
143 char *ptr;
144 /* NID_X9_62_onBasis */
145 ASN1_NULL *onBasis;
146 /* NID_X9_62_tpBasis */
147 ASN1_INTEGER *tpBasis;
148 /* NID_X9_62_ppBasis */
149 X9_62_PENTANOMIAL *ppBasis;
150 /* anything else */
151 ASN1_TYPE *other;
152 } p;
153} X9_62_CHARACTERISTIC_TWO;
154
155typedef struct x9_62_fieldid_st {
156 ASN1_OBJECT *fieldType;
157 union {
158 char *ptr;
159 /* NID_X9_62_prime_field */
160 ASN1_INTEGER *prime;
161 /* NID_X9_62_characteristic_two_field */
162 X9_62_CHARACTERISTIC_TWO *char_two;
163 /* anything else */
164 ASN1_TYPE *other;
165 } p;
166} X9_62_FIELDID;
167
168typedef struct x9_62_curve_st {
169 ASN1_OCTET_STRING *a;
170 ASN1_OCTET_STRING *b;
171 ASN1_BIT_STRING *seed;
172} X9_62_CURVE;
173
174typedef struct ec_parameters_st {
175 long version;
176 X9_62_FIELDID *fieldID;
177 X9_62_CURVE *curve;
178 ASN1_OCTET_STRING *base;
179 ASN1_INTEGER *order;
180 ASN1_INTEGER *cofactor;
181} ECPARAMETERS;
182
183struct ecpk_parameters_st {
184 int type;
185 union {
186 ASN1_OBJECT *named_curve;
187 ECPARAMETERS *parameters;
188 ASN1_NULL *implicitlyCA;
189 } value;
190} /* ECPKPARAMETERS */ ;
191
192/* SEC1 ECPrivateKey */
193typedef struct ec_privatekey_st {
194 long version;
195 ASN1_OCTET_STRING *privateKey;
196 ECPKPARAMETERS *parameters;
197 ASN1_BIT_STRING *publicKey;
198} EC_PRIVATEKEY;
199
200/* the OpenSSL ASN.1 definitions */
201ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
202 ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG),
203 ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG),
204 ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG)
205} ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
206
207DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
208
209X9_62_PENTANOMIAL *
210X9_62_PENTANOMIAL_new(void)
211{
212 return (X9_62_PENTANOMIAL*)ASN1_item_new(&X9_62_PENTANOMIAL_it);
213}
214
215void
216X9_62_PENTANOMIAL_free(X9_62_PENTANOMIAL *a)
217{
218 ASN1_item_free((ASN1_VALUE *)a, &X9_62_PENTANOMIAL_it);
219}
220
221ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
222
223ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = {
224 ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onBasis, ASN1_NULL)),
225 ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpBasis, ASN1_INTEGER)),
226 ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppBasis, X9_62_PENTANOMIAL))
227} ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL);
228
229ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
230 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG),
231 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT),
232 ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
233} ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
234DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
235
236X9_62_CHARACTERISTIC_TWO *
237X9_62_CHARACTERISTIC_TWO_new(void)
238{
239 return (X9_62_CHARACTERISTIC_TWO*)ASN1_item_new(&X9_62_CHARACTERISTIC_TWO_it);
240}
241
242void
243X9_62_CHARACTERISTIC_TWO_free(X9_62_CHARACTERISTIC_TWO *a)
244{
245 ASN1_item_free((ASN1_VALUE *)a, &X9_62_CHARACTERISTIC_TWO_it);
246}
247ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
248
249ASN1_ADB(X9_62_FIELDID) = {
250 ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),
251 ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID, p.char_two, X9_62_CHARACTERISTIC_TWO))
252} ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);
253
254ASN1_SEQUENCE(X9_62_FIELDID) = {
255 ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
256 ASN1_ADB_OBJECT(X9_62_FIELDID)
257} ASN1_SEQUENCE_END(X9_62_FIELDID)
258
259ASN1_SEQUENCE(X9_62_CURVE) = {
260 ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
261 ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
262 ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
263} ASN1_SEQUENCE_END(X9_62_CURVE)
264
265ASN1_SEQUENCE(ECPARAMETERS) = {
266 ASN1_SIMPLE(ECPARAMETERS, version, LONG),
267 ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
268 ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
269 ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
270 ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
271 ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)
272} ASN1_SEQUENCE_END(ECPARAMETERS)
273DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
274
275ECPARAMETERS *
276ECPARAMETERS_new(void)
277{
278 return (ECPARAMETERS*)ASN1_item_new(&ECPARAMETERS_it);
279}
280
281void
282ECPARAMETERS_free(ECPARAMETERS *a)
283{
284 ASN1_item_free((ASN1_VALUE *)a, &ECPARAMETERS_it);
285}
286
287ASN1_CHOICE(ECPKPARAMETERS) = {
288 ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
289 ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
290 ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
291} ASN1_CHOICE_END(ECPKPARAMETERS)
292DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
293DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
294
295ECPKPARAMETERS *
296d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len)
297{
298 return (ECPKPARAMETERS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
299 &ECPKPARAMETERS_it);
300}
301
302int
303i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out)
304{
305 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ECPKPARAMETERS_it);
306}
307
308ECPKPARAMETERS *
309ECPKPARAMETERS_new(void)
310{
311 return (ECPKPARAMETERS *)ASN1_item_new(&ECPKPARAMETERS_it);
312}
313
314void
315ECPKPARAMETERS_free(ECPKPARAMETERS *a)
316{
317 ASN1_item_free((ASN1_VALUE *)a, &ECPKPARAMETERS_it);
318}
319
320ASN1_SEQUENCE(EC_PRIVATEKEY) = {
321 ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
322 ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
323 ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
324 ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
325} ASN1_SEQUENCE_END(EC_PRIVATEKEY)
326DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
327DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
328
329EC_PRIVATEKEY *
330d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len)
331{
332 return (EC_PRIVATEKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
333 &EC_PRIVATEKEY_it);
334}
335
336int
337i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out)
338{
339 return ASN1_item_i2d((ASN1_VALUE *)a, out, &EC_PRIVATEKEY_it);
340}
341
342EC_PRIVATEKEY *
343EC_PRIVATEKEY_new(void)
344{
345 return (EC_PRIVATEKEY *)ASN1_item_new(&EC_PRIVATEKEY_it);
346}
347
348void
349EC_PRIVATEKEY_free(EC_PRIVATEKEY *a)
350{
351 ASN1_item_free((ASN1_VALUE *)a, &EC_PRIVATEKEY_it);
352}
353/* some declarations of internal function */
354
355/* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */
356static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
357/* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
358static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
359/* ec_asn1_parameters2group() creates a EC_GROUP object from a
360 * ECPARAMETERS object */
361static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
362/* ec_asn1_group2parameters() creates a ECPARAMETERS object from a
363 * EC_GROUP object */
364static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *, ECPARAMETERS *);
365/* ec_asn1_pkparameters2group() creates a EC_GROUP object from a
366 * ECPKPARAMETERS object */
367static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
368/* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a
369 * EC_GROUP object */
370static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
371 ECPKPARAMETERS *);
372
373
374/* the function definitions */
375
376static int
377ec_asn1_group2fieldid(const EC_GROUP * group, X9_62_FIELDID * field)
378{
379 int ok = 0, nid;
380 BIGNUM *tmp = NULL;
381
382 if (group == NULL || field == NULL)
383 return 0;
384
385 /* clear the old values (if necessary) */
386 if (field->fieldType != NULL)
387 ASN1_OBJECT_free(field->fieldType);
388 if (field->p.other != NULL)
389 ASN1_TYPE_free(field->p.other);
390
391 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
392 /* set OID for the field */
393 if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) {
394 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
395 goto err;
396 }
397 if (nid == NID_X9_62_prime_field) {
398 if ((tmp = BN_new()) == NULL) {
399 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
400 goto err;
401 }
402 /* the parameters are specified by the prime number p */
403 if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) {
404 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
405 goto err;
406 }
407 /* set the prime number */
408 field->p.prime = BN_to_ASN1_INTEGER(tmp, NULL);
409 if (field->p.prime == NULL) {
410 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
411 goto err;
412 }
413 } else /* nid == NID_X9_62_characteristic_two_field */
414#ifdef OPENSSL_NO_EC2M
415 {
416 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
417 goto err;
418 }
419#else
420 {
421 int field_type;
422 X9_62_CHARACTERISTIC_TWO *char_two;
423
424 field->p.char_two = X9_62_CHARACTERISTIC_TWO_new();
425 char_two = field->p.char_two;
426
427 if (char_two == NULL) {
428 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
429 goto err;
430 }
431 char_two->m = (long) EC_GROUP_get_degree(group);
432
433 field_type = EC_GROUP_get_basis_type(group);
434
435 if (field_type == 0) {
436 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
437 goto err;
438 }
439 /* set base type OID */
440 if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) {
441 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
442 goto err;
443 }
444 if (field_type == NID_X9_62_tpBasis) {
445 unsigned int k;
446
447 if (!EC_GROUP_get_trinomial_basis(group, &k))
448 goto err;
449
450 char_two->p.tpBasis = ASN1_INTEGER_new();
451 if (!char_two->p.tpBasis) {
452 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
453 goto err;
454 }
455 if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long) k)) {
456 ECerr(EC_F_EC_ASN1_GROUP2FIELDID,
457 ERR_R_ASN1_LIB);
458 goto err;
459 }
460 } else if (field_type == NID_X9_62_ppBasis) {
461 unsigned int k1, k2, k3;
462
463 if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))
464 goto err;
465
466 char_two->p.ppBasis = X9_62_PENTANOMIAL_new();
467 if (!char_two->p.ppBasis) {
468 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
469 goto err;
470 }
471 /* set k? values */
472 char_two->p.ppBasis->k1 = (long) k1;
473 char_two->p.ppBasis->k2 = (long) k2;
474 char_two->p.ppBasis->k3 = (long) k3;
475 } else { /* field_type == NID_X9_62_onBasis */
476 /* for ONB the parameters are (asn1) NULL */
477 char_two->p.onBasis = ASN1_NULL_new();
478 if (!char_two->p.onBasis) {
479 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
480 goto err;
481 }
482 }
483 }
484#endif
485
486 ok = 1;
487
488err:
489 BN_free(tmp);
490 return (ok);
491}
492
493static int
494ec_asn1_group2curve(const EC_GROUP * group, X9_62_CURVE * curve)
495{
496 int ok = 0, nid;
497 BIGNUM *tmp_1 = NULL, *tmp_2 = NULL;
498 unsigned char *buffer_1 = NULL, *buffer_2 = NULL, *a_buf = NULL,
499 *b_buf = NULL;
500 size_t len_1, len_2;
501 unsigned char char_zero = 0;
502
503 if (!group || !curve || !curve->a || !curve->b)
504 return 0;
505
506 if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) {
507 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
508 goto err;
509 }
510 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
511
512 /* get a and b */
513 if (nid == NID_X9_62_prime_field) {
514 if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) {
515 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
516 goto err;
517 }
518 }
519#ifndef OPENSSL_NO_EC2M
520 else { /* nid == NID_X9_62_characteristic_two_field */
521 if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) {
522 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
523 goto err;
524 }
525 }
526#endif
527 len_1 = (size_t) BN_num_bytes(tmp_1);
528 len_2 = (size_t) BN_num_bytes(tmp_2);
529
530 if (len_1 == 0) {
531 /* len_1 == 0 => a == 0 */
532 a_buf = &char_zero;
533 len_1 = 1;
534 } else {
535 if ((buffer_1 = malloc(len_1)) == NULL) {
536 ECerr(EC_F_EC_ASN1_GROUP2CURVE,
537 ERR_R_MALLOC_FAILURE);
538 goto err;
539 }
540 if ((len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) {
541 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
542 goto err;
543 }
544 a_buf = buffer_1;
545 }
546
547 if (len_2 == 0) {
548 /* len_2 == 0 => b == 0 */
549 b_buf = &char_zero;
550 len_2 = 1;
551 } else {
552 if ((buffer_2 = malloc(len_2)) == NULL) {
553 ECerr(EC_F_EC_ASN1_GROUP2CURVE,
554 ERR_R_MALLOC_FAILURE);
555 goto err;
556 }
557 if ((len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) {
558 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
559 goto err;
560 }
561 b_buf = buffer_2;
562 }
563
564 /* set a and b */
565 if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
566 !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) {
567 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
568 goto err;
569 }
570 /* set the seed (optional) */
571 if (group->seed) {
572 if (!curve->seed)
573 if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) {
574 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
575 goto err;
576 }
577 curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
578 curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
579 if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
580 (int) group->seed_len)) {
581 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
582 goto err;
583 }
584 } else {
585 if (curve->seed) {
586 ASN1_BIT_STRING_free(curve->seed);
587 curve->seed = NULL;
588 }
589 }
590
591 ok = 1;
592
593err:
594 free(buffer_1);
595 free(buffer_2);
596 BN_free(tmp_1);
597 BN_free(tmp_2);
598 return (ok);
599}
600
601static ECPARAMETERS *
602ec_asn1_group2parameters(const EC_GROUP * group, ECPARAMETERS * param)
603{
604 int ok = 0;
605 size_t len = 0;
606 ECPARAMETERS *ret = NULL;
607 BIGNUM *tmp = NULL;
608 unsigned char *buffer = NULL;
609 const EC_POINT *point = NULL;
610 point_conversion_form_t form;
611
612 if ((tmp = BN_new()) == NULL) {
613 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
614 goto err;
615 }
616 if (param == NULL) {
617 if ((ret = ECPARAMETERS_new()) == NULL) {
618 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
619 ERR_R_MALLOC_FAILURE);
620 goto err;
621 }
622 } else
623 ret = param;
624
625 /* set the version (always one) */
626 ret->version = (long) 0x1;
627
628 /* set the fieldID */
629 if (!ec_asn1_group2fieldid(group, ret->fieldID)) {
630 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
631 goto err;
632 }
633 /* set the curve */
634 if (!ec_asn1_group2curve(group, ret->curve)) {
635 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
636 goto err;
637 }
638 /* set the base point */
639 if ((point = EC_GROUP_get0_generator(group)) == NULL) {
640 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
641 goto err;
642 }
643 form = EC_GROUP_get_point_conversion_form(group);
644
645 len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
646 if (len == 0) {
647 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
648 goto err;
649 }
650 if ((buffer = malloc(len)) == NULL) {
651 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
652 goto err;
653 }
654 if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) {
655 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
656 goto err;
657 }
658 if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) {
659 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
660 goto err;
661 }
662 if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) {
663 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
664 goto err;
665 }
666 /* set the order */
667 if (!EC_GROUP_get_order(group, tmp, NULL)) {
668 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
669 goto err;
670 }
671 ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
672 if (ret->order == NULL) {
673 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
674 goto err;
675 }
676 /* set the cofactor (optional) */
677 if (EC_GROUP_get_cofactor(group, tmp, NULL)) {
678 ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
679 if (ret->cofactor == NULL) {
680 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
681 goto err;
682 }
683 }
684 ok = 1;
685
686err: if (!ok) {
687 if (ret && !param)
688 ECPARAMETERS_free(ret);
689 ret = NULL;
690 }
691 BN_free(tmp);
692 free(buffer);
693 return (ret);
694}
695
696ECPKPARAMETERS *
697ec_asn1_group2pkparameters(const EC_GROUP * group, ECPKPARAMETERS * params)
698{
699 int ok = 1, tmp;
700 ECPKPARAMETERS *ret = params;
701
702 if (ret == NULL) {
703 if ((ret = ECPKPARAMETERS_new()) == NULL) {
704 ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS,
705 ERR_R_MALLOC_FAILURE);
706 return NULL;
707 }
708 } else {
709 if (ret->type == 0 && ret->value.named_curve)
710 ASN1_OBJECT_free(ret->value.named_curve);
711 else if (ret->type == 1 && ret->value.parameters)
712 ECPARAMETERS_free(ret->value.parameters);
713 }
714
715 if (EC_GROUP_get_asn1_flag(group)) {
716 /*
717 * use the asn1 OID to describe the the elliptic curve
718 * parameters
719 */
720 tmp = EC_GROUP_get_curve_name(group);
721 if (tmp) {
722 ret->type = 0;
723 if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
724 ok = 0;
725 } else
726 /* we don't kmow the nid => ERROR */
727 ok = 0;
728 } else {
729 /* use the ECPARAMETERS structure */
730 ret->type = 1;
731 if ((ret->value.parameters = ec_asn1_group2parameters(
732 group, NULL)) == NULL)
733 ok = 0;
734 }
735
736 if (!ok) {
737 ECPKPARAMETERS_free(ret);
738 return NULL;
739 }
740 return ret;
741}
742
743static EC_GROUP *
744ec_asn1_parameters2group(const ECPARAMETERS * params)
745{
746 int ok = 0, tmp;
747 EC_GROUP *ret = NULL;
748 BIGNUM *p = NULL, *a = NULL, *b = NULL;
749 EC_POINT *point = NULL;
750 long field_bits;
751
752 if (!params->fieldID || !params->fieldID->fieldType ||
753 !params->fieldID->p.ptr) {
754 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
755 goto err;
756 }
757 /* now extract the curve parameters a and b */
758 if (!params->curve || !params->curve->a ||
759 !params->curve->a->data || !params->curve->b ||
760 !params->curve->b->data) {
761 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
762 goto err;
763 }
764 a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL);
765 if (a == NULL) {
766 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
767 goto err;
768 }
769 b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
770 if (b == NULL) {
771 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
772 goto err;
773 }
774 /* get the field parameters */
775 tmp = OBJ_obj2nid(params->fieldID->fieldType);
776 if (tmp == NID_X9_62_characteristic_two_field)
777#ifdef OPENSSL_NO_EC2M
778 {
779 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
780 goto err;
781 }
782#else
783 {
784 X9_62_CHARACTERISTIC_TWO *char_two;
785
786 char_two = params->fieldID->p.char_two;
787
788 field_bits = char_two->m;
789 if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
790 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
791 goto err;
792 }
793 if ((p = BN_new()) == NULL) {
794 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
795 goto err;
796 }
797 /* get the base type */
798 tmp = OBJ_obj2nid(char_two->type);
799
800 if (tmp == NID_X9_62_tpBasis) {
801 long tmp_long;
802
803 if (!char_two->p.tpBasis) {
804 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
805 goto err;
806 }
807 tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
808
809 if (!(char_two->m > tmp_long && tmp_long > 0)) {
810 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
811 goto err;
812 }
813 /* create the polynomial */
814 if (!BN_set_bit(p, (int) char_two->m))
815 goto err;
816 if (!BN_set_bit(p, (int) tmp_long))
817 goto err;
818 if (!BN_set_bit(p, 0))
819 goto err;
820 } else if (tmp == NID_X9_62_ppBasis) {
821 X9_62_PENTANOMIAL *penta;
822
823 penta = char_two->p.ppBasis;
824 if (!penta) {
825 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
826 goto err;
827 }
828 if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0)) {
829 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
830 goto err;
831 }
832 /* create the polynomial */
833 if (!BN_set_bit(p, (int) char_two->m))
834 goto err;
835 if (!BN_set_bit(p, (int) penta->k1))
836 goto err;
837 if (!BN_set_bit(p, (int) penta->k2))
838 goto err;
839 if (!BN_set_bit(p, (int) penta->k3))
840 goto err;
841 if (!BN_set_bit(p, 0))
842 goto err;
843 } else if (tmp == NID_X9_62_onBasis) {
844 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
845 goto err;
846 } else { /* error */
847 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
848 goto err;
849 }
850
851 /* create the EC_GROUP structure */
852 ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
853 }
854#endif
855 else if (tmp == NID_X9_62_prime_field) {
856 /* we have a curve over a prime field */
857 /* extract the prime number */
858 if (!params->fieldID->p.prime) {
859 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
860 goto err;
861 }
862 p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL);
863 if (p == NULL) {
864 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
865 goto err;
866 }
867 if (BN_is_negative(p) || BN_is_zero(p)) {
868 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
869 goto err;
870 }
871 field_bits = BN_num_bits(p);
872 if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) {
873 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
874 goto err;
875 }
876 /* create the EC_GROUP structure */
877 ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
878 } else {
879 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
880 goto err;
881 }
882
883 if (ret == NULL) {
884 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
885 goto err;
886 }
887 /* extract seed (optional) */
888 if (params->curve->seed != NULL) {
889 free(ret->seed);
890 if (!(ret->seed = malloc(params->curve->seed->length))) {
891 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
892 ERR_R_MALLOC_FAILURE);
893 goto err;
894 }
895 memcpy(ret->seed, params->curve->seed->data,
896 params->curve->seed->length);
897 ret->seed_len = params->curve->seed->length;
898 }
899 if (!params->order || !params->base || !params->base->data) {
900 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
901 goto err;
902 }
903 if ((point = EC_POINT_new(ret)) == NULL)
904 goto err;
905
906 /* set the point conversion form */
907 EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
908 (params->base->data[0] & ~0x01));
909
910 /* extract the ec point */
911 if (!EC_POINT_oct2point(ret, point, params->base->data,
912 params->base->length, NULL)) {
913 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
914 goto err;
915 }
916 /* extract the order */
917 if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) {
918 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
919 goto err;
920 }
921 if (BN_is_negative(a) || BN_is_zero(a)) {
922 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
923 goto err;
924 }
925 if (BN_num_bits(a) > (int) field_bits + 1) { /* Hasse bound */
926 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
927 goto err;
928 }
929 /* extract the cofactor (optional) */
930 if (params->cofactor == NULL) {
931 BN_free(b);
932 b = NULL;
933 } else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) {
934 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
935 goto err;
936 }
937 /* set the generator, order and cofactor (if present) */
938 if (!EC_GROUP_set_generator(ret, point, a, b)) {
939 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
940 goto err;
941 }
942 ok = 1;
943
944err: if (!ok) {
945 EC_GROUP_clear_free(ret);
946 ret = NULL;
947 }
948 BN_free(p);
949 BN_free(a);
950 BN_free(b);
951 EC_POINT_free(point);
952 return (ret);
953}
954
955EC_GROUP *
956ec_asn1_pkparameters2group(const ECPKPARAMETERS * params)
957{
958 EC_GROUP *ret = NULL;
959 int tmp = 0;
960
961 if (params == NULL) {
962 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
963 EC_R_MISSING_PARAMETERS);
964 return NULL;
965 }
966 if (params->type == 0) {/* the curve is given by an OID */
967 tmp = OBJ_obj2nid(params->value.named_curve);
968 if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) {
969 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
970 EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
971 return NULL;
972 }
973 EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
974 } else if (params->type == 1) { /* the parameters are given by a
975 * ECPARAMETERS structure */
976 ret = ec_asn1_parameters2group(params->value.parameters);
977 if (!ret) {
978 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
979 return NULL;
980 }
981 EC_GROUP_set_asn1_flag(ret, 0x0);
982 } else if (params->type == 2) { /* implicitlyCA */
983 return NULL;
984 } else {
985 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
986 return NULL;
987 }
988
989 return ret;
990}
991
992/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
993
994EC_GROUP *
995d2i_ECPKParameters(EC_GROUP ** a, const unsigned char **in, long len)
996{
997 EC_GROUP *group = NULL;
998 ECPKPARAMETERS *params = NULL;
999
1000 if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) {
1001 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
1002 ECPKPARAMETERS_free(params);
1003 return NULL;
1004 }
1005 if ((group = ec_asn1_pkparameters2group(params)) == NULL) {
1006 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
1007 ECPKPARAMETERS_free(params);
1008 return NULL;
1009 }
1010 if (a && *a)
1011 EC_GROUP_clear_free(*a);
1012 if (a)
1013 *a = group;
1014
1015 ECPKPARAMETERS_free(params);
1016 return (group);
1017}
1018
1019int
1020i2d_ECPKParameters(const EC_GROUP * a, unsigned char **out)
1021{
1022 int ret = 0;
1023 ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL);
1024 if (tmp == NULL) {
1025 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
1026 return 0;
1027 }
1028 if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) {
1029 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
1030 ECPKPARAMETERS_free(tmp);
1031 return 0;
1032 }
1033 ECPKPARAMETERS_free(tmp);
1034 return (ret);
1035}
1036
1037/* some EC_KEY functions */
1038
1039EC_KEY *
1040d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len)
1041{
1042 int ok = 0;
1043 EC_KEY *ret = NULL;
1044 EC_PRIVATEKEY *priv_key = NULL;
1045
1046 if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
1047 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
1048 return NULL;
1049 }
1050 if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) {
1051 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1052 EC_PRIVATEKEY_free(priv_key);
1053 return NULL;
1054 }
1055 if (a == NULL || *a == NULL) {
1056 if ((ret = EC_KEY_new()) == NULL) {
1057 ECerr(EC_F_D2I_ECPRIVATEKEY,
1058 ERR_R_MALLOC_FAILURE);
1059 goto err;
1060 }
1061 if (a)
1062 *a = ret;
1063 } else
1064 ret = *a;
1065
1066 if (priv_key->parameters) {
1067 EC_GROUP_clear_free(ret->group);
1068 ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
1069 }
1070 if (ret->group == NULL) {
1071 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1072 goto err;
1073 }
1074 ret->version = priv_key->version;
1075
1076 if (priv_key->privateKey) {
1077 ret->priv_key = BN_bin2bn(
1078 M_ASN1_STRING_data(priv_key->privateKey),
1079 M_ASN1_STRING_length(priv_key->privateKey),
1080 ret->priv_key);
1081 if (ret->priv_key == NULL) {
1082 ECerr(EC_F_D2I_ECPRIVATEKEY,
1083 ERR_R_BN_LIB);
1084 goto err;
1085 }
1086 } else {
1087 ECerr(EC_F_D2I_ECPRIVATEKEY,
1088 EC_R_MISSING_PRIVATE_KEY);
1089 goto err;
1090 }
1091
1092 if (priv_key->publicKey) {
1093 const unsigned char *pub_oct;
1094 size_t pub_oct_len;
1095
1096 EC_POINT_clear_free(ret->pub_key);
1097 ret->pub_key = EC_POINT_new(ret->group);
1098 if (ret->pub_key == NULL) {
1099 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1100 goto err;
1101 }
1102 pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
1103 pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
1104 /* save the point conversion form */
1105 ret->conv_form = (point_conversion_form_t) (pub_oct[0] & ~0x01);
1106 if (!EC_POINT_oct2point(ret->group, ret->pub_key,
1107 pub_oct, pub_oct_len, NULL)) {
1108 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1109 goto err;
1110 }
1111 }
1112 ok = 1;
1113err:
1114 if (!ok) {
1115 if (ret)
1116 EC_KEY_free(ret);
1117 ret = NULL;
1118 }
1119 if (priv_key)
1120 EC_PRIVATEKEY_free(priv_key);
1121
1122 return (ret);
1123}
1124
1125int
1126i2d_ECPrivateKey(EC_KEY * a, unsigned char **out)
1127{
1128 int ret = 0, ok = 0;
1129 unsigned char *buffer = NULL;
1130 size_t buf_len = 0, tmp_len;
1131 EC_PRIVATEKEY *priv_key = NULL;
1132
1133 if (a == NULL || a->group == NULL || a->priv_key == NULL) {
1134 ECerr(EC_F_I2D_ECPRIVATEKEY,
1135 ERR_R_PASSED_NULL_PARAMETER);
1136 goto err;
1137 }
1138 if ((priv_key = EC_PRIVATEKEY_new()) == NULL) {
1139 ECerr(EC_F_I2D_ECPRIVATEKEY,
1140 ERR_R_MALLOC_FAILURE);
1141 goto err;
1142 }
1143 priv_key->version = a->version;
1144
1145 buf_len = (size_t) BN_num_bytes(a->priv_key);
1146 buffer = malloc(buf_len);
1147 if (buffer == NULL) {
1148 ECerr(EC_F_I2D_ECPRIVATEKEY,
1149 ERR_R_MALLOC_FAILURE);
1150 goto err;
1151 }
1152 if (!BN_bn2bin(a->priv_key, buffer)) {
1153 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
1154 goto err;
1155 }
1156 if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
1157 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1158 goto err;
1159 }
1160 if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) {
1161 if ((priv_key->parameters = ec_asn1_group2pkparameters(
1162 a->group, priv_key->parameters)) == NULL) {
1163 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1164 goto err;
1165 }
1166 }
1167 if (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key != NULL) {
1168 priv_key->publicKey = M_ASN1_BIT_STRING_new();
1169 if (priv_key->publicKey == NULL) {
1170 ECerr(EC_F_I2D_ECPRIVATEKEY,
1171 ERR_R_MALLOC_FAILURE);
1172 goto err;
1173 }
1174 tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
1175 a->conv_form, NULL, 0, NULL);
1176
1177 if (tmp_len > buf_len) {
1178 unsigned char *tmp_buffer = realloc(buffer, tmp_len);
1179 if (!tmp_buffer) {
1180 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
1181 goto err;
1182 }
1183 buffer = tmp_buffer;
1184 buf_len = tmp_len;
1185 }
1186 if (!EC_POINT_point2oct(a->group, a->pub_key,
1187 a->conv_form, buffer, buf_len, NULL)) {
1188 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1189 goto err;
1190 }
1191 priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
1192 priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
1193 if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
1194 buf_len)) {
1195 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1196 goto err;
1197 }
1198 }
1199 if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) {
1200 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1201 goto err;
1202 }
1203 ok = 1;
1204err:
1205 free(buffer);
1206 if (priv_key)
1207 EC_PRIVATEKEY_free(priv_key);
1208 return (ok ? ret : 0);
1209}
1210
1211int
1212i2d_ECParameters(EC_KEY * a, unsigned char **out)
1213{
1214 if (a == NULL) {
1215 ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1216 return 0;
1217 }
1218 return i2d_ECPKParameters(a->group, out);
1219}
1220
1221EC_KEY *
1222d2i_ECParameters(EC_KEY ** a, const unsigned char **in, long len)
1223{
1224 EC_KEY *ret;
1225
1226 if (in == NULL || *in == NULL) {
1227 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1228 return NULL;
1229 }
1230 if (a == NULL || *a == NULL) {
1231 if ((ret = EC_KEY_new()) == NULL) {
1232 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
1233 return NULL;
1234 }
1235 if (a)
1236 *a = ret;
1237 } else
1238 ret = *a;
1239
1240 if (!d2i_ECPKParameters(&ret->group, in, len)) {
1241 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
1242 return NULL;
1243 }
1244 return ret;
1245}
1246
1247EC_KEY *
1248o2i_ECPublicKey(EC_KEY ** a, const unsigned char **in, long len)
1249{
1250 EC_KEY *ret = NULL;
1251
1252 if (a == NULL || (*a) == NULL || (*a)->group == NULL) {
1253 /*
1254 * sorry, but a EC_GROUP-structur is necessary to set the
1255 * public key
1256 */
1257 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
1258 return 0;
1259 }
1260 ret = *a;
1261 if (ret->pub_key == NULL &&
1262 (ret->pub_key = EC_POINT_new(ret->group)) == NULL) {
1263 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
1264 return 0;
1265 }
1266 if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) {
1267 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB);
1268 return 0;
1269 }
1270 /* save the point conversion form */
1271 ret->conv_form = (point_conversion_form_t) (*in[0] & ~0x01);
1272 *in += len;
1273 return ret;
1274}
1275
1276int
1277i2o_ECPublicKey(EC_KEY * a, unsigned char **out)
1278{
1279 size_t buf_len = 0;
1280 int new_buffer = 0;
1281
1282 if (a == NULL) {
1283 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
1284 return 0;
1285 }
1286 buf_len = EC_POINT_point2oct(a->group, a->pub_key,
1287 a->conv_form, NULL, 0, NULL);
1288
1289 if (out == NULL || buf_len == 0)
1290 /* out == NULL => just return the length of the octet string */
1291 return buf_len;
1292
1293 if (*out == NULL) {
1294 if ((*out = malloc(buf_len)) == NULL) {
1295 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
1296 return 0;
1297 }
1298 new_buffer = 1;
1299 }
1300 if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
1301 *out, buf_len, NULL)) {
1302 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
1303 if (new_buffer) {
1304 free(*out);
1305 *out = NULL;
1306 }
1307 return 0;
1308 }
1309 if (!new_buffer)
1310 *out += buf_len;
1311 return buf_len;
1312}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 00:59:43 +0000