OLD | NEW |
(Empty) | |
| 1 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 2 * project 2006. |
| 3 */ |
| 4 /* ==================================================================== |
| 5 * Copyright (c) 2006 The OpenSSL Project. All rights reserved. |
| 6 * |
| 7 * Redistribution and use in source and binary forms, with or without |
| 8 * modification, are permitted provided that the following conditions |
| 9 * are met: |
| 10 * |
| 11 * 1. Redistributions of source code must retain the above copyright |
| 12 * notice, this list of conditions and the following disclaimer. |
| 13 * |
| 14 * 2. Redistributions in binary form must reproduce the above copyright |
| 15 * notice, this list of conditions and the following disclaimer in |
| 16 * the documentation and/or other materials provided with the |
| 17 * distribution. |
| 18 * |
| 19 * 3. All advertising materials mentioning features or use of this |
| 20 * software must display the following acknowledgment: |
| 21 * "This product includes software developed by the OpenSSL Project |
| 22 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
| 23 * |
| 24 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
| 25 * endorse or promote products derived from this software without |
| 26 * prior written permission. For written permission, please contact |
| 27 * licensing@OpenSSL.org. |
| 28 * |
| 29 * 5. Products derived from this software may not be called "OpenSSL" |
| 30 * nor may "OpenSSL" appear in their names without prior written |
| 31 * permission of the OpenSSL Project. |
| 32 * |
| 33 * 6. Redistributions of any form whatsoever must retain the following |
| 34 * acknowledgment: |
| 35 * "This product includes software developed by the OpenSSL Project |
| 36 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
| 37 * |
| 38 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
| 39 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 40 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| 41 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
| 42 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
| 43 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
| 44 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
| 45 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
| 46 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
| 47 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
| 48 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 49 * OF THE POSSIBILITY OF SUCH DAMAGE. |
| 50 * ==================================================================== |
| 51 * |
| 52 * This product includes cryptographic software written by Eric Young |
| 53 * (eay@cryptsoft.com). This product includes software written by Tim |
| 54 * Hudson (tjh@cryptsoft.com). |
| 55 * |
| 56 */ |
| 57 |
| 58 #include <stdio.h> |
| 59 #include "cryptlib.h" |
| 60 #include <openssl/x509.h> |
| 61 #include <openssl/ec.h> |
| 62 #include <openssl/bn.h> |
| 63 #ifndef OPENSSL_NO_CMS |
| 64 #include <openssl/cms.h> |
| 65 #endif |
| 66 #include "asn1_locl.h" |
| 67 |
| 68 static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) |
| 69 { |
| 70 const EC_GROUP *group; |
| 71 int nid; |
| 72 if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) |
| 73 { |
| 74 ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS); |
| 75 return 0; |
| 76 } |
| 77 if (EC_GROUP_get_asn1_flag(group) |
| 78 && (nid = EC_GROUP_get_curve_name(group))) |
| 79 /* we have a 'named curve' => just set the OID */ |
| 80 { |
| 81 *ppval = OBJ_nid2obj(nid); |
| 82 *pptype = V_ASN1_OBJECT; |
| 83 } |
| 84 else /* explicit parameters */ |
| 85 { |
| 86 ASN1_STRING *pstr = NULL; |
| 87 pstr = ASN1_STRING_new(); |
| 88 if (!pstr) |
| 89 return 0; |
| 90 pstr->length = i2d_ECParameters(ec_key, &pstr->data); |
| 91 if (pstr->length < 0) |
| 92 { |
| 93 ASN1_STRING_free(pstr); |
| 94 ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB); |
| 95 return 0; |
| 96 } |
| 97 *ppval = pstr; |
| 98 *pptype = V_ASN1_SEQUENCE; |
| 99 } |
| 100 return 1; |
| 101 } |
| 102 |
| 103 static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) |
| 104 { |
| 105 EC_KEY *ec_key = pkey->pkey.ec; |
| 106 void *pval = NULL; |
| 107 int ptype; |
| 108 unsigned char *penc = NULL, *p; |
| 109 int penclen; |
| 110 |
| 111 if (!eckey_param2type(&ptype, &pval, ec_key)) |
| 112 { |
| 113 ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB); |
| 114 return 0; |
| 115 } |
| 116 penclen = i2o_ECPublicKey(ec_key, NULL); |
| 117 if (penclen <= 0) |
| 118 goto err; |
| 119 penc = OPENSSL_malloc(penclen); |
| 120 if (!penc) |
| 121 goto err; |
| 122 p = penc; |
| 123 penclen = i2o_ECPublicKey(ec_key, &p); |
| 124 if (penclen <= 0) |
| 125 goto err; |
| 126 if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC), |
| 127 ptype, pval, penc, penclen)) |
| 128 return 1; |
| 129 err: |
| 130 if (ptype == V_ASN1_OBJECT) |
| 131 ASN1_OBJECT_free(pval); |
| 132 else |
| 133 ASN1_STRING_free(pval); |
| 134 if (penc) |
| 135 OPENSSL_free(penc); |
| 136 return 0; |
| 137 } |
| 138 |
| 139 static EC_KEY *eckey_type2param(int ptype, void *pval) |
| 140 { |
| 141 EC_KEY *eckey = NULL; |
| 142 if (ptype == V_ASN1_SEQUENCE) |
| 143 { |
| 144 ASN1_STRING *pstr = pval; |
| 145 const unsigned char *pm = NULL; |
| 146 int pmlen; |
| 147 pm = pstr->data; |
| 148 pmlen = pstr->length; |
| 149 if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) |
| 150 { |
| 151 ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR); |
| 152 goto ecerr; |
| 153 } |
| 154 } |
| 155 else if (ptype == V_ASN1_OBJECT) |
| 156 { |
| 157 ASN1_OBJECT *poid = pval; |
| 158 EC_GROUP *group; |
| 159 |
| 160 /* type == V_ASN1_OBJECT => the parameters are given |
| 161 * by an asn1 OID |
| 162 */ |
| 163 if ((eckey = EC_KEY_new()) == NULL) |
| 164 { |
| 165 ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE); |
| 166 goto ecerr; |
| 167 } |
| 168 group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid)); |
| 169 if (group == NULL) |
| 170 goto ecerr; |
| 171 EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); |
| 172 if (EC_KEY_set_group(eckey, group) == 0) |
| 173 goto ecerr; |
| 174 EC_GROUP_free(group); |
| 175 } |
| 176 else |
| 177 { |
| 178 ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR); |
| 179 goto ecerr; |
| 180 } |
| 181 |
| 182 return eckey; |
| 183 |
| 184 ecerr: |
| 185 if (eckey) |
| 186 EC_KEY_free(eckey); |
| 187 return NULL; |
| 188 } |
| 189 |
| 190 static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) |
| 191 { |
| 192 const unsigned char *p = NULL; |
| 193 void *pval; |
| 194 int ptype, pklen; |
| 195 EC_KEY *eckey = NULL; |
| 196 X509_ALGOR *palg; |
| 197 |
| 198 if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) |
| 199 return 0; |
| 200 X509_ALGOR_get0(NULL, &ptype, &pval, palg); |
| 201 |
| 202 eckey = eckey_type2param(ptype, pval); |
| 203 |
| 204 if (!eckey) |
| 205 { |
| 206 ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB); |
| 207 return 0; |
| 208 } |
| 209 |
| 210 /* We have parameters now set public key */ |
| 211 if (!o2i_ECPublicKey(&eckey, &p, pklen)) |
| 212 { |
| 213 ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR); |
| 214 goto ecerr; |
| 215 } |
| 216 |
| 217 EVP_PKEY_assign_EC_KEY(pkey, eckey); |
| 218 return 1; |
| 219 |
| 220 ecerr: |
| 221 if (eckey) |
| 222 EC_KEY_free(eckey); |
| 223 return 0; |
| 224 } |
| 225 |
| 226 static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) |
| 227 { |
| 228 int r; |
| 229 const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); |
| 230 const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), |
| 231 *pb = EC_KEY_get0_public_key(b->pkey.ec); |
| 232 r = EC_POINT_cmp(group, pa, pb, NULL); |
| 233 if (r == 0) |
| 234 return 1; |
| 235 if (r == 1) |
| 236 return 0; |
| 237 return -2; |
| 238 } |
| 239 |
| 240 static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) |
| 241 { |
| 242 const unsigned char *p = NULL; |
| 243 void *pval; |
| 244 int ptype, pklen; |
| 245 EC_KEY *eckey = NULL; |
| 246 X509_ALGOR *palg; |
| 247 |
| 248 if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) |
| 249 return 0; |
| 250 X509_ALGOR_get0(NULL, &ptype, &pval, palg); |
| 251 |
| 252 eckey = eckey_type2param(ptype, pval); |
| 253 |
| 254 if (!eckey) |
| 255 goto ecliberr; |
| 256 |
| 257 /* We have parameters now set private key */ |
| 258 if (!d2i_ECPrivateKey(&eckey, &p, pklen)) |
| 259 { |
| 260 ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR); |
| 261 goto ecerr; |
| 262 } |
| 263 |
| 264 /* calculate public key (if necessary) */ |
| 265 if (EC_KEY_get0_public_key(eckey) == NULL) |
| 266 { |
| 267 const BIGNUM *priv_key; |
| 268 const EC_GROUP *group; |
| 269 EC_POINT *pub_key; |
| 270 /* the public key was not included in the SEC1 private |
| 271 * key => calculate the public key */ |
| 272 group = EC_KEY_get0_group(eckey); |
| 273 pub_key = EC_POINT_new(group); |
| 274 if (pub_key == NULL) |
| 275 { |
| 276 ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); |
| 277 goto ecliberr; |
| 278 } |
| 279 if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) |
| 280 { |
| 281 EC_POINT_free(pub_key); |
| 282 ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); |
| 283 goto ecliberr; |
| 284 } |
| 285 priv_key = EC_KEY_get0_private_key(eckey); |
| 286 if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) |
| 287 { |
| 288 EC_POINT_free(pub_key); |
| 289 ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); |
| 290 goto ecliberr; |
| 291 } |
| 292 if (EC_KEY_set_public_key(eckey, pub_key) == 0) |
| 293 { |
| 294 EC_POINT_free(pub_key); |
| 295 ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); |
| 296 goto ecliberr; |
| 297 } |
| 298 EC_POINT_free(pub_key); |
| 299 } |
| 300 |
| 301 EVP_PKEY_assign_EC_KEY(pkey, eckey); |
| 302 return 1; |
| 303 |
| 304 ecliberr: |
| 305 ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); |
| 306 ecerr: |
| 307 if (eckey) |
| 308 EC_KEY_free(eckey); |
| 309 return 0; |
| 310 } |
| 311 |
| 312 static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) |
| 313 { |
| 314 EC_KEY *ec_key; |
| 315 unsigned char *ep, *p; |
| 316 int eplen, ptype; |
| 317 void *pval; |
| 318 unsigned int tmp_flags, old_flags; |
| 319 |
| 320 ec_key = pkey->pkey.ec; |
| 321 |
| 322 if (!eckey_param2type(&ptype, &pval, ec_key)) |
| 323 { |
| 324 ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR); |
| 325 return 0; |
| 326 } |
| 327 |
| 328 /* set the private key */ |
| 329 |
| 330 /* do not include the parameters in the SEC1 private key |
| 331 * see PKCS#11 12.11 */ |
| 332 old_flags = EC_KEY_get_enc_flags(ec_key); |
| 333 tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; |
| 334 EC_KEY_set_enc_flags(ec_key, tmp_flags); |
| 335 eplen = i2d_ECPrivateKey(ec_key, NULL); |
| 336 if (!eplen) |
| 337 { |
| 338 EC_KEY_set_enc_flags(ec_key, old_flags); |
| 339 ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB); |
| 340 return 0; |
| 341 } |
| 342 ep = (unsigned char *) OPENSSL_malloc(eplen); |
| 343 if (!ep) |
| 344 { |
| 345 EC_KEY_set_enc_flags(ec_key, old_flags); |
| 346 ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); |
| 347 return 0; |
| 348 } |
| 349 p = ep; |
| 350 if (!i2d_ECPrivateKey(ec_key, &p)) |
| 351 { |
| 352 EC_KEY_set_enc_flags(ec_key, old_flags); |
| 353 OPENSSL_free(ep); |
| 354 ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB); |
| 355 } |
| 356 /* restore old encoding flags */ |
| 357 EC_KEY_set_enc_flags(ec_key, old_flags); |
| 358 |
| 359 if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0, |
| 360 ptype, pval, ep, eplen)) |
| 361 return 0; |
| 362 |
| 363 return 1; |
| 364 } |
| 365 |
| 366 static int int_ec_size(const EVP_PKEY *pkey) |
| 367 { |
| 368 return ECDSA_size(pkey->pkey.ec); |
| 369 } |
| 370 |
| 371 static int ec_bits(const EVP_PKEY *pkey) |
| 372 { |
| 373 BIGNUM *order = BN_new(); |
| 374 const EC_GROUP *group; |
| 375 int ret; |
| 376 |
| 377 if (!order) |
| 378 { |
| 379 ERR_clear_error(); |
| 380 return 0; |
| 381 } |
| 382 group = EC_KEY_get0_group(pkey->pkey.ec); |
| 383 if (!EC_GROUP_get_order(group, order, NULL)) |
| 384 { |
| 385 ERR_clear_error(); |
| 386 return 0; |
| 387 } |
| 388 |
| 389 ret = BN_num_bits(order); |
| 390 BN_free(order); |
| 391 return ret; |
| 392 } |
| 393 |
| 394 static int ec_missing_parameters(const EVP_PKEY *pkey) |
| 395 { |
| 396 if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) |
| 397 return 1; |
| 398 return 0; |
| 399 } |
| 400 |
| 401 static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) |
| 402 { |
| 403 EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec)); |
| 404 if (group == NULL) |
| 405 return 0; |
| 406 if (EC_KEY_set_group(to->pkey.ec, group) == 0) |
| 407 return 0; |
| 408 EC_GROUP_free(group); |
| 409 return 1; |
| 410 } |
| 411 |
| 412 static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) |
| 413 { |
| 414 const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), |
| 415 *group_b = EC_KEY_get0_group(b->pkey.ec); |
| 416 if (EC_GROUP_cmp(group_a, group_b, NULL)) |
| 417 return 0; |
| 418 else |
| 419 return 1; |
| 420 } |
| 421 |
| 422 static void int_ec_free(EVP_PKEY *pkey) |
| 423 { |
| 424 EC_KEY_free(pkey->pkey.ec); |
| 425 } |
| 426 |
| 427 static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype) |
| 428 { |
| 429 unsigned char *buffer=NULL; |
| 430 const char *ecstr; |
| 431 size_t buf_len=0, i; |
| 432 int ret=0, reason=ERR_R_BIO_LIB; |
| 433 BIGNUM *pub_key=NULL, *order=NULL; |
| 434 BN_CTX *ctx=NULL; |
| 435 const EC_GROUP *group; |
| 436 const EC_POINT *public_key; |
| 437 const BIGNUM *priv_key; |
| 438 |
| 439 if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) |
| 440 { |
| 441 reason = ERR_R_PASSED_NULL_PARAMETER; |
| 442 goto err; |
| 443 } |
| 444 |
| 445 ctx = BN_CTX_new(); |
| 446 if (ctx == NULL) |
| 447 { |
| 448 reason = ERR_R_MALLOC_FAILURE; |
| 449 goto err; |
| 450 } |
| 451 |
| 452 if (ktype > 0) |
| 453 { |
| 454 public_key = EC_KEY_get0_public_key(x); |
| 455 if ((pub_key = EC_POINT_point2bn(group, public_key, |
| 456 EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) |
| 457 { |
| 458 reason = ERR_R_EC_LIB; |
| 459 goto err; |
| 460 } |
| 461 if (pub_key) |
| 462 buf_len = (size_t)BN_num_bytes(pub_key); |
| 463 } |
| 464 |
| 465 if (ktype == 2) |
| 466 { |
| 467 priv_key = EC_KEY_get0_private_key(x); |
| 468 if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len) |
| 469 buf_len = i; |
| 470 } |
| 471 else |
| 472 priv_key = NULL; |
| 473 |
| 474 if (ktype > 0) |
| 475 { |
| 476 buf_len += 10; |
| 477 if ((buffer = OPENSSL_malloc(buf_len)) == NULL) |
| 478 { |
| 479 reason = ERR_R_MALLOC_FAILURE; |
| 480 goto err; |
| 481 } |
| 482 } |
| 483 if (ktype == 2) |
| 484 ecstr = "Private-Key"; |
| 485 else if (ktype == 1) |
| 486 ecstr = "Public-Key"; |
| 487 else |
| 488 ecstr = "ECDSA-Parameters"; |
| 489 |
| 490 if (!BIO_indent(bp, off, 128)) |
| 491 goto err; |
| 492 if ((order = BN_new()) == NULL) |
| 493 goto err; |
| 494 if (!EC_GROUP_get_order(group, order, NULL)) |
| 495 goto err; |
| 496 if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, |
| 497 BN_num_bits(order)) <= 0) goto err; |
| 498 |
| 499 if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key, |
| 500 buffer, off)) |
| 501 goto err; |
| 502 if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key, |
| 503 buffer, off)) |
| 504 goto err; |
| 505 if (!ECPKParameters_print(bp, group, off)) |
| 506 goto err; |
| 507 ret=1; |
| 508 err: |
| 509 if (!ret) |
| 510 ECerr(EC_F_DO_EC_KEY_PRINT, reason); |
| 511 if (pub_key) |
| 512 BN_free(pub_key); |
| 513 if (order) |
| 514 BN_free(order); |
| 515 if (ctx) |
| 516 BN_CTX_free(ctx); |
| 517 if (buffer != NULL) |
| 518 OPENSSL_free(buffer); |
| 519 return(ret); |
| 520 } |
| 521 |
| 522 static int eckey_param_decode(EVP_PKEY *pkey, |
| 523 const unsigned char **pder, int derlen) |
| 524 { |
| 525 EC_KEY *eckey; |
| 526 if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) |
| 527 { |
| 528 ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB); |
| 529 return 0; |
| 530 } |
| 531 EVP_PKEY_assign_EC_KEY(pkey, eckey); |
| 532 return 1; |
| 533 } |
| 534 |
| 535 static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder) |
| 536 { |
| 537 return i2d_ECParameters(pkey->pkey.ec, pder); |
| 538 } |
| 539 |
| 540 static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, |
| 541 ASN1_PCTX *ctx) |
| 542 { |
| 543 return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0); |
| 544 } |
| 545 |
| 546 static int eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent, |
| 547 ASN1_PCTX *ctx) |
| 548 { |
| 549 return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1); |
| 550 } |
| 551 |
| 552 |
| 553 static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent, |
| 554 ASN1_PCTX *ctx) |
| 555 { |
| 556 return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2); |
| 557 } |
| 558 |
| 559 static int old_ec_priv_decode(EVP_PKEY *pkey, |
| 560 const unsigned char **pder, int derlen) |
| 561 { |
| 562 EC_KEY *ec; |
| 563 if (!(ec = d2i_ECPrivateKey (NULL, pder, derlen))) |
| 564 { |
| 565 ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR); |
| 566 return 0; |
| 567 } |
| 568 EVP_PKEY_assign_EC_KEY(pkey, ec); |
| 569 return 1; |
| 570 } |
| 571 |
| 572 static int old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **pder) |
| 573 { |
| 574 return i2d_ECPrivateKey(pkey->pkey.ec, pder); |
| 575 } |
| 576 |
| 577 static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) |
| 578 { |
| 579 switch (op) |
| 580 { |
| 581 case ASN1_PKEY_CTRL_PKCS7_SIGN: |
| 582 if (arg1 == 0) |
| 583 { |
| 584 int snid, hnid; |
| 585 X509_ALGOR *alg1, *alg2; |
| 586 PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2); |
| 587 if (alg1 == NULL || alg1->algorithm == NULL) |
| 588 return -1; |
| 589 hnid = OBJ_obj2nid(alg1->algorithm); |
| 590 if (hnid == NID_undef) |
| 591 return -1; |
| 592 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pke
y))) |
| 593 return -1; |
| 594 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0
); |
| 595 } |
| 596 return 1; |
| 597 #ifndef OPENSSL_NO_CMS |
| 598 case ASN1_PKEY_CTRL_CMS_SIGN: |
| 599 if (arg1 == 0) |
| 600 { |
| 601 int snid, hnid; |
| 602 X509_ALGOR *alg1, *alg2; |
| 603 CMS_SignerInfo_get0_algs(arg2, NULL, NULL, |
| 604 &alg1, &alg2); |
| 605 if (alg1 == NULL || alg1->algorithm == NULL) |
| 606 return -1; |
| 607 hnid = OBJ_obj2nid(alg1->algorithm); |
| 608 if (hnid == NID_undef) |
| 609 return -1; |
| 610 if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pke
y))) |
| 611 return -1; |
| 612 X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0
); |
| 613 } |
| 614 return 1; |
| 615 #endif |
| 616 |
| 617 case ASN1_PKEY_CTRL_DEFAULT_MD_NID: |
| 618 *(int *)arg2 = NID_sha1; |
| 619 return 2; |
| 620 |
| 621 default: |
| 622 return -2; |
| 623 |
| 624 } |
| 625 |
| 626 } |
| 627 |
| 628 const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = |
| 629 { |
| 630 EVP_PKEY_EC, |
| 631 EVP_PKEY_EC, |
| 632 0, |
| 633 "EC", |
| 634 "OpenSSL EC algorithm", |
| 635 |
| 636 eckey_pub_decode, |
| 637 eckey_pub_encode, |
| 638 eckey_pub_cmp, |
| 639 eckey_pub_print, |
| 640 |
| 641 eckey_priv_decode, |
| 642 eckey_priv_encode, |
| 643 eckey_priv_print, |
| 644 |
| 645 int_ec_size, |
| 646 ec_bits, |
| 647 |
| 648 eckey_param_decode, |
| 649 eckey_param_encode, |
| 650 ec_missing_parameters, |
| 651 ec_copy_parameters, |
| 652 ec_cmp_parameters, |
| 653 eckey_param_print, |
| 654 |
| 655 int_ec_free, |
| 656 ec_pkey_ctrl, |
| 657 old_ec_priv_decode, |
| 658 old_ec_priv_encode |
| 659 }; |
OLD | NEW |