diff options
| author | djm <> | 2012-10-13 21:23:50 +0000 |
|---|---|---|
| committer | djm <> | 2012-10-13 21:23:50 +0000 |
| commit | 228cae30b117c2493f69ad3c195341cd6ec8d430 (patch) | |
| tree | 29ff00b10d52c0978077c4fd83c33b065bade73e /src/lib/libcrypto/ec/ec_curve.c | |
| parent | 731838c66b52c0ae5888333005b74115a620aa96 (diff) | |
| download | openbsd-228cae30b117c2493f69ad3c195341cd6ec8d430.tar.gz openbsd-228cae30b117c2493f69ad3c195341cd6ec8d430.tar.bz2 openbsd-228cae30b117c2493f69ad3c195341cd6ec8d430.zip | |
import OpenSSL-1.0.1c
Diffstat (limited to 'src/lib/libcrypto/ec/ec_curve.c')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_curve.c | 197 |
1 files changed, 119 insertions, 78 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c index 23274e4031..c72fb2697c 100644 --- a/src/lib/libcrypto/ec/ec_curve.c +++ b/src/lib/libcrypto/ec/ec_curve.c | |||
| @@ -3,7 +3,7 @@ | |||
| 3 | * Written by Nils Larsch for the OpenSSL project. | 3 | * Written by Nils Larsch for the OpenSSL project. |
| 4 | */ | 4 | */ |
| 5 | /* ==================================================================== | 5 | /* ==================================================================== |
| 6 | * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. | 6 | * Copyright (c) 1998-2010 The OpenSSL Project. All rights reserved. |
| 7 | * | 7 | * |
| 8 | * Redistribution and use in source and binary forms, with or without | 8 | * Redistribution and use in source and binary forms, with or without |
| 9 | * modification, are permitted provided that the following conditions | 9 | * modification, are permitted provided that the following conditions |
| @@ -72,6 +72,7 @@ | |||
| 72 | #include "ec_lcl.h" | 72 | #include "ec_lcl.h" |
| 73 | #include <openssl/err.h> | 73 | #include <openssl/err.h> |
| 74 | #include <openssl/obj_mac.h> | 74 | #include <openssl/obj_mac.h> |
| 75 | #include <openssl/opensslconf.h> | ||
| 75 | 76 | ||
| 76 | typedef struct { | 77 | typedef struct { |
| 77 | int field_type, /* either NID_X9_62_prime_field or | 78 | int field_type, /* either NID_X9_62_prime_field or |
| @@ -703,6 +704,8 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+28*6]; } | |||
| 703 | 0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D } | 704 | 0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D } |
| 704 | }; | 705 | }; |
| 705 | 706 | ||
| 707 | #ifndef OPENSSL_NO_EC2M | ||
| 708 | |||
| 706 | /* characteristic two curves */ | 709 | /* characteristic two curves */ |
| 707 | static const struct { EC_CURVE_DATA h; unsigned char data[20+15*6]; } | 710 | static const struct { EC_CURVE_DATA h; unsigned char data[20+15*6]; } |
| 708 | _EC_SECG_CHAR2_113R1 = { | 711 | _EC_SECG_CHAR2_113R1 = { |
| @@ -1300,7 +1303,7 @@ static const struct { EC_CURVE_DATA h; unsigned char data[20+21*6]; } | |||
| 1300 | { 0x53,0x81,0x4C,0x05,0x0D,0x44,0xD6,0x96,0xE6,0x76, /* seed */ | 1303 | { 0x53,0x81,0x4C,0x05,0x0D,0x44,0xD6,0x96,0xE6,0x76, /* seed */ |
| 1301 | 0x87,0x56,0x15,0x17,0x58,0x0C,0xA4,0xE2,0x9F,0xFD, | 1304 | 0x87,0x56,0x15,0x17,0x58,0x0C,0xA4,0xE2,0x9F,0xFD, |
| 1302 | 1305 | ||
| 1303 | 0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p */ | 1306 | 0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* p */ |
| 1304 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01, | 1307 | 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01, |
| 1305 | 0x07, | 1308 | 0x07, |
| 1306 | 0x01,0x08,0xB3,0x9E,0x77,0xC4,0xB1,0x08,0xBE,0xD9, /* a */ | 1309 | 0x01,0x08,0xB3,0x9E,0x77,0xC4,0xB1,0x08,0xBE,0xD9, /* a */ |
| @@ -1817,103 +1820,128 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; } | |||
| 1817 | 0xBA,0xFC,0xA7,0x5E } | 1820 | 0xBA,0xFC,0xA7,0x5E } |
| 1818 | }; | 1821 | }; |
| 1819 | 1822 | ||
| 1823 | #endif | ||
| 1824 | |||
| 1820 | typedef struct _ec_list_element_st { | 1825 | typedef struct _ec_list_element_st { |
| 1821 | int nid; | 1826 | int nid; |
| 1822 | const EC_CURVE_DATA *data; | 1827 | const EC_CURVE_DATA *data; |
| 1828 | const EC_METHOD *(*meth)(void); | ||
| 1823 | const char *comment; | 1829 | const char *comment; |
| 1824 | } ec_list_element; | 1830 | } ec_list_element; |
| 1825 | 1831 | ||
| 1826 | static const ec_list_element curve_list[] = { | 1832 | static const ec_list_element curve_list[] = { |
| 1827 | /* prime field curves */ | 1833 | /* prime field curves */ |
| 1828 | /* secg curves */ | 1834 | /* secg curves */ |
| 1829 | { NID_secp112r1, &_EC_SECG_PRIME_112R1.h, "SECG/WTLS curve over a 112 bit prime field"}, | 1835 | { NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field" }, |
| 1830 | { NID_secp112r2, &_EC_SECG_PRIME_112R2.h, "SECG curve over a 112 bit prime field"}, | 1836 | { NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, "SECG curve over a 112 bit prime field" }, |
| 1831 | { NID_secp128r1, &_EC_SECG_PRIME_128R1.h, "SECG curve over a 128 bit prime field"}, | 1837 | { NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, "SECG curve over a 128 bit prime field" }, |
| 1832 | { NID_secp128r2, &_EC_SECG_PRIME_128R2.h, "SECG curve over a 128 bit prime field"}, | 1838 | { NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, "SECG curve over a 128 bit prime field" }, |
| 1833 | { NID_secp160k1, &_EC_SECG_PRIME_160K1.h, "SECG curve over a 160 bit prime field"}, | 1839 | { NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, "SECG curve over a 160 bit prime field" }, |
| 1834 | { NID_secp160r1, &_EC_SECG_PRIME_160R1.h, "SECG curve over a 160 bit prime field"}, | 1840 | { NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, "SECG curve over a 160 bit prime field" }, |
| 1835 | { NID_secp160r2, &_EC_SECG_PRIME_160R2.h, "SECG/WTLS curve over a 160 bit prime field"}, | 1841 | { NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field" }, |
| 1836 | /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */ | 1842 | /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */ |
| 1837 | { NID_secp192k1, &_EC_SECG_PRIME_192K1.h, "SECG curve over a 192 bit prime field"}, | 1843 | { NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, "SECG curve over a 192 bit prime field" }, |
| 1838 | { NID_secp224k1, &_EC_SECG_PRIME_224K1.h, "SECG curve over a 224 bit prime field"}, | 1844 | { NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, "SECG curve over a 224 bit prime field" }, |
| 1839 | { NID_secp224r1, &_EC_NIST_PRIME_224.h, "NIST/SECG curve over a 224 bit prime field"}, | 1845 | #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 |
| 1840 | { NID_secp256k1, &_EC_SECG_PRIME_256K1.h, "SECG curve over a 256 bit prime field"}, | 1846 | { NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, "NIST/SECG curve over a 224 bit prime field" }, |
| 1847 | #else | ||
| 1848 | { NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, "NIST/SECG curve over a 224 bit prime field" }, | ||
| 1849 | #endif | ||
| 1850 | { NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field" }, | ||
| 1841 | /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ | 1851 | /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ |
| 1842 | { NID_secp384r1, &_EC_NIST_PRIME_384.h, "NIST/SECG curve over a 384 bit prime field"}, | 1852 | { NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" }, |
| 1843 | { NID_secp521r1, &_EC_NIST_PRIME_521.h, "NIST/SECG curve over a 521 bit prime field"}, | 1853 | #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 |
| 1854 | { NID_secp521r1, &_EC_NIST_PRIME_521.h, EC_GFp_nistp521_method, "NIST/SECG curve over a 521 bit prime field" }, | ||
| 1855 | #else | ||
| 1856 | { NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, "NIST/SECG curve over a 521 bit prime field" }, | ||
| 1857 | #endif | ||
| 1844 | /* X9.62 curves */ | 1858 | /* X9.62 curves */ |
| 1845 | { NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, "NIST/X9.62/SECG curve over a 192 bit prime field"}, | 1859 | { NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, "NIST/X9.62/SECG curve over a 192 bit prime field" }, |
| 1846 | { NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, "X9.62 curve over a 192 bit prime field"}, | 1860 | { NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, "X9.62 curve over a 192 bit prime field" }, |
| 1847 | { NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, "X9.62 curve over a 192 bit prime field"}, | 1861 | { NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, "X9.62 curve over a 192 bit prime field" }, |
| 1848 | { NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, "X9.62 curve over a 239 bit prime field"}, | 1862 | { NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, "X9.62 curve over a 239 bit prime field" }, |
| 1849 | { NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, "X9.62 curve over a 239 bit prime field"}, | 1863 | { NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, "X9.62 curve over a 239 bit prime field" }, |
| 1850 | { NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, "X9.62 curve over a 239 bit prime field"}, | 1864 | { NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, "X9.62 curve over a 239 bit prime field" }, |
| 1851 | { NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, "X9.62/SECG curve over a 256 bit prime field"}, | 1865 | #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 |
| 1866 | { NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, EC_GFp_nistp256_method, "X9.62/SECG curve over a 256 bit prime field" }, | ||
| 1867 | #else | ||
| 1868 | { NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field" }, | ||
| 1869 | #endif | ||
| 1870 | #ifndef OPENSSL_NO_EC2M | ||
| 1852 | /* characteristic two field curves */ | 1871 | /* characteristic two field curves */ |
| 1853 | /* NIST/SECG curves */ | 1872 | /* NIST/SECG curves */ |
| 1854 | { NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, "SECG curve over a 113 bit binary field"}, | 1873 | { NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field" }, |
| 1855 | { NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, "SECG curve over a 113 bit binary field"}, | 1874 | { NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, "SECG curve over a 113 bit binary field" }, |
| 1856 | { NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, "SECG/WTLS curve over a 131 bit binary field"}, | 1875 | { NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, "SECG/WTLS curve over a 131 bit binary field" }, |
| 1857 | { NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, "SECG curve over a 131 bit binary field"}, | 1876 | { NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, "SECG curve over a 131 bit binary field" }, |
| 1858 | { NID_sect163k1, &_EC_NIST_CHAR2_163K.h, "NIST/SECG/WTLS curve over a 163 bit binary field" }, | 1877 | { NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field" }, |
| 1859 | { NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, "SECG curve over a 163 bit binary field"}, | 1878 | { NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, "SECG curve over a 163 bit binary field" }, |
| 1860 | { NID_sect163r2, &_EC_NIST_CHAR2_163B.h, "NIST/SECG curve over a 163 bit binary field" }, | 1879 | { NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, "NIST/SECG curve over a 163 bit binary field" }, |
| 1861 | { NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, "SECG curve over a 193 bit binary field"}, | 1880 | { NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, "SECG curve over a 193 bit binary field" }, |
| 1862 | { NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, "SECG curve over a 193 bit binary field"}, | 1881 | { NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, "SECG curve over a 193 bit binary field" }, |
| 1863 | { NID_sect233k1, &_EC_NIST_CHAR2_233K.h, "NIST/SECG/WTLS curve over a 233 bit binary field" }, | 1882 | { NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" }, |
| 1864 | { NID_sect233r1, &_EC_NIST_CHAR2_233B.h, "NIST/SECG/WTLS curve over a 233 bit binary field" }, | 1883 | { NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" }, |
| 1865 | { NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, "SECG curve over a 239 bit binary field"}, | 1884 | { NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, "SECG curve over a 239 bit binary field" }, |
| 1866 | { NID_sect283k1, &_EC_NIST_CHAR2_283K.h, "NIST/SECG curve over a 283 bit binary field" }, | 1885 | { NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, "NIST/SECG curve over a 283 bit binary field" }, |
| 1867 | { NID_sect283r1, &_EC_NIST_CHAR2_283B.h, "NIST/SECG curve over a 283 bit binary field" }, | 1886 | { NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, "NIST/SECG curve over a 283 bit binary field" }, |
| 1868 | { NID_sect409k1, &_EC_NIST_CHAR2_409K.h, "NIST/SECG curve over a 409 bit binary field" }, | 1887 | { NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, "NIST/SECG curve over a 409 bit binary field" }, |
| 1869 | { NID_sect409r1, &_EC_NIST_CHAR2_409B.h, "NIST/SECG curve over a 409 bit binary field" }, | 1888 | { NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, "NIST/SECG curve over a 409 bit binary field" }, |
| 1870 | { NID_sect571k1, &_EC_NIST_CHAR2_571K.h, "NIST/SECG curve over a 571 bit binary field" }, | 1889 | { NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, "NIST/SECG curve over a 571 bit binary field" }, |
| 1871 | { NID_sect571r1, &_EC_NIST_CHAR2_571B.h, "NIST/SECG curve over a 571 bit binary field" }, | 1890 | { NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, "NIST/SECG curve over a 571 bit binary field" }, |
| 1872 | /* X9.62 curves */ | 1891 | /* X9.62 curves */ |
| 1873 | { NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"}, | 1892 | { NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field" }, |
| 1874 | { NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, "X9.62 curve over a 163 bit binary field"}, | 1893 | { NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, "X9.62 curve over a 163 bit binary field" }, |
| 1875 | { NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, "X9.62 curve over a 163 bit binary field"}, | 1894 | { NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, "X9.62 curve over a 163 bit binary field" }, |
| 1876 | { NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, "X9.62 curve over a 176 bit binary field"}, | 1895 | { NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, "X9.62 curve over a 176 bit binary field" }, |
| 1877 | { NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, "X9.62 curve over a 191 bit binary field"}, | 1896 | { NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, "X9.62 curve over a 191 bit binary field" }, |
| 1878 | { NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, "X9.62 curve over a 191 bit binary field"}, | 1897 | { NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, "X9.62 curve over a 191 bit binary field" }, |
| 1879 | { NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, "X9.62 curve over a 191 bit binary field"}, | 1898 | { NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, "X9.62 curve over a 191 bit binary field" }, |
| 1880 | { NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, "X9.62 curve over a 208 bit binary field"}, | 1899 | { NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, "X9.62 curve over a 208 bit binary field" }, |
| 1881 | { NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, "X9.62 curve over a 239 bit binary field"}, | 1900 | { NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, "X9.62 curve over a 239 bit binary field" }, |
| 1882 | { NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, "X9.62 curve over a 239 bit binary field"}, | 1901 | { NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, "X9.62 curve over a 239 bit binary field" }, |
| 1883 | { NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, "X9.62 curve over a 239 bit binary field"}, | 1902 | { NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, "X9.62 curve over a 239 bit binary field" }, |
| 1884 | { NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, "X9.62 curve over a 272 bit binary field"}, | 1903 | { NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, "X9.62 curve over a 272 bit binary field" }, |
| 1885 | { NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, "X9.62 curve over a 304 bit binary field"}, | 1904 | { NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, "X9.62 curve over a 304 bit binary field" }, |
| 1886 | { NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, "X9.62 curve over a 359 bit binary field"}, | 1905 | { NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, "X9.62 curve over a 359 bit binary field" }, |
| 1887 | { NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, "X9.62 curve over a 368 bit binary field"}, | 1906 | { NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, "X9.62 curve over a 368 bit binary field" }, |
| 1888 | { NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, "X9.62 curve over a 431 bit binary field"}, | 1907 | { NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, "X9.62 curve over a 431 bit binary field" }, |
| 1889 | /* the WAP/WTLS curves | 1908 | /* the WAP/WTLS curves |
| 1890 | * [unlike SECG, spec has its own OIDs for curves from X9.62] */ | 1909 | * [unlike SECG, spec has its own OIDs for curves from X9.62] */ |
| 1891 | { NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, "WTLS curve over a 113 bit binary field"}, | 1910 | { NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, "WTLS curve over a 113 bit binary field" }, |
| 1892 | { NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, "NIST/SECG/WTLS curve over a 163 bit binary field"}, | 1911 | { NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field" }, |
| 1893 | { NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, "SECG curve over a 113 bit binary field"}, | 1912 | { NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field" }, |
| 1894 | { NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"}, | 1913 | { NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field" }, |
| 1895 | { NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, "SECG/WTLS curve over a 112 bit prime field"}, | 1914 | #endif |
| 1896 | { NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, "SECG/WTLS curve over a 160 bit prime field"}, | 1915 | { NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field" }, |
| 1897 | { NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, "WTLS curve over a 112 bit prime field"}, | 1916 | { NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field" }, |
| 1898 | { NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, "WTLS curve over a 160 bit prime field" }, | 1917 | { NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, "WTLS curve over a 112 bit prime field" }, |
| 1899 | { NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, "NIST/SECG/WTLS curve over a 233 bit binary field"}, | 1918 | { NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, "WTLS curve over a 160 bit prime field" }, |
| 1900 | { NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, "NIST/SECG/WTLS curve over a 233 bit binary field"}, | 1919 | #ifndef OPENSSL_NO_EC2M |
| 1901 | { NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, "WTLS curvs over a 224 bit prime field"}, | 1920 | { NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" }, |
| 1921 | { NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" }, | ||
| 1922 | #endif | ||
| 1923 | { NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, "WTLS curvs over a 224 bit prime field" }, | ||
| 1924 | #ifndef OPENSSL_NO_EC2M | ||
| 1902 | /* IPSec curves */ | 1925 | /* IPSec curves */ |
| 1903 | { NID_ipsec3, &_EC_IPSEC_155_ID3.h, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, | 1926 | { NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n" |
| 1904 | { NID_ipsec4, &_EC_IPSEC_185_ID4.h, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, | 1927 | "\tNot suitable for ECDSA.\n\tQuestionable extension field!" }, |
| 1928 | { NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n" | ||
| 1929 | "\tNot suitable for ECDSA.\n\tQuestionable extension field!" }, | ||
| 1930 | #endif | ||
| 1905 | }; | 1931 | }; |
| 1906 | 1932 | ||
| 1907 | #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) | 1933 | #define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element)) |
| 1908 | 1934 | ||
| 1909 | static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) | 1935 | static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) |
| 1910 | { | 1936 | { |
| 1911 | EC_GROUP *group=NULL; | 1937 | EC_GROUP *group=NULL; |
| 1912 | EC_POINT *P=NULL; | 1938 | EC_POINT *P=NULL; |
| 1913 | BN_CTX *ctx=NULL; | 1939 | BN_CTX *ctx=NULL; |
| 1914 | BIGNUM *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL; | 1940 | BIGNUM *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL; |
| 1915 | int ok=0; | 1941 | int ok=0; |
| 1916 | int seed_len,param_len; | 1942 | int seed_len,param_len; |
| 1943 | const EC_METHOD *meth; | ||
| 1944 | const EC_CURVE_DATA *data; | ||
| 1917 | const unsigned char *params; | 1945 | const unsigned char *params; |
| 1918 | 1946 | ||
| 1919 | if ((ctx = BN_CTX_new()) == NULL) | 1947 | if ((ctx = BN_CTX_new()) == NULL) |
| @@ -1922,10 +1950,11 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) | |||
| 1922 | goto err; | 1950 | goto err; |
| 1923 | } | 1951 | } |
| 1924 | 1952 | ||
| 1953 | data = curve.data; | ||
| 1925 | seed_len = data->seed_len; | 1954 | seed_len = data->seed_len; |
| 1926 | param_len = data->param_len; | 1955 | param_len = data->param_len; |
| 1927 | params = (const unsigned char *)(data+1); /* skip header */ | 1956 | params = (const unsigned char *)(data+1); /* skip header */ |
| 1928 | params += seed_len; /* skip seed */ | 1957 | params += seed_len; /* skip seed */ |
| 1929 | 1958 | ||
| 1930 | if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL)) | 1959 | if (!(p = BN_bin2bn(params+0*param_len, param_len, NULL)) |
| 1931 | || !(a = BN_bin2bn(params+1*param_len, param_len, NULL)) | 1960 | || !(a = BN_bin2bn(params+1*param_len, param_len, NULL)) |
| @@ -1935,7 +1964,17 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) | |||
| 1935 | goto err; | 1964 | goto err; |
| 1936 | } | 1965 | } |
| 1937 | 1966 | ||
| 1938 | if (data->field_type == NID_X9_62_prime_field) | 1967 | if (curve.meth != 0) |
| 1968 | { | ||
| 1969 | meth = curve.meth(); | ||
| 1970 | if (((group = EC_GROUP_new(meth)) == NULL) || | ||
| 1971 | (!(group->meth->group_set_curve(group, p, a, b, ctx)))) | ||
| 1972 | { | ||
| 1973 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | ||
| 1974 | goto err; | ||
| 1975 | } | ||
| 1976 | } | ||
| 1977 | else if (data->field_type == NID_X9_62_prime_field) | ||
| 1939 | { | 1978 | { |
| 1940 | if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) | 1979 | if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) |
| 1941 | { | 1980 | { |
| @@ -1943,6 +1982,7 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) | |||
| 1943 | goto err; | 1982 | goto err; |
| 1944 | } | 1983 | } |
| 1945 | } | 1984 | } |
| 1985 | #ifndef OPENSSL_NO_EC2M | ||
| 1946 | else /* field_type == NID_X9_62_characteristic_two_field */ | 1986 | else /* field_type == NID_X9_62_characteristic_two_field */ |
| 1947 | { | 1987 | { |
| 1948 | if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) | 1988 | if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) |
| @@ -1951,20 +1991,21 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) | |||
| 1951 | goto err; | 1991 | goto err; |
| 1952 | } | 1992 | } |
| 1953 | } | 1993 | } |
| 1994 | #endif | ||
| 1954 | 1995 | ||
| 1955 | if ((P = EC_POINT_new(group)) == NULL) | 1996 | if ((P = EC_POINT_new(group)) == NULL) |
| 1956 | { | 1997 | { |
| 1957 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | 1998 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); |
| 1958 | goto err; | 1999 | goto err; |
| 1959 | } | 2000 | } |
| 1960 | 2001 | ||
| 1961 | if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL)) | 2002 | if (!(x = BN_bin2bn(params+3*param_len, param_len, NULL)) |
| 1962 | || !(y = BN_bin2bn(params+4*param_len, param_len, NULL))) | 2003 | || !(y = BN_bin2bn(params+4*param_len, param_len, NULL))) |
| 1963 | { | 2004 | { |
| 1964 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); | 2005 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_BN_LIB); |
| 1965 | goto err; | 2006 | goto err; |
| 1966 | } | 2007 | } |
| 1967 | if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) | 2008 | if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) |
| 1968 | { | 2009 | { |
| 1969 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); | 2010 | ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); |
| 1970 | goto err; | 2011 | goto err; |
| @@ -2025,7 +2066,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid) | |||
| 2025 | for (i=0; i<curve_list_length; i++) | 2066 | for (i=0; i<curve_list_length; i++) |
| 2026 | if (curve_list[i].nid == nid) | 2067 | if (curve_list[i].nid == nid) |
| 2027 | { | 2068 | { |
| 2028 | ret = ec_group_new_from_data(curve_list[i].data); | 2069 | ret = ec_group_new_from_data(curve_list[i]); |
| 2029 | break; | 2070 | break; |
| 2030 | } | 2071 | } |
| 2031 | 2072 | ||