OLD | NEW |
| (Empty) |
1 /* crypto/ec/ec_asn1.c */ | |
2 /* | |
3 * Written by Nils Larsch for the OpenSSL project. | |
4 */ | |
5 /* ==================================================================== | |
6 * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved. | |
7 * | |
8 * Redistribution and use in source and binary forms, with or without | |
9 * modification, are permitted provided that the following conditions | |
10 * are met: | |
11 * | |
12 * 1. Redistributions of source code must retain the above copyright | |
13 * notice, this list of conditions and the following disclaimer. | |
14 * | |
15 * 2. Redistributions in binary form must reproduce the above copyright | |
16 * notice, this list of conditions and the following disclaimer in | |
17 * the documentation and/or other materials provided with the | |
18 * distribution. | |
19 * | |
20 * 3. All advertising materials mentioning features or use of this | |
21 * software must display the following acknowledgment: | |
22 * "This product includes software developed by the OpenSSL Project | |
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
24 * | |
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
26 * endorse or promote products derived from this software without | |
27 * prior written permission. For written permission, please contact | |
28 * licensing@OpenSSL.org. | |
29 * | |
30 * 5. Products derived from this software may not be called "OpenSSL" | |
31 * nor may "OpenSSL" appear in their names without prior written | |
32 * permission of the OpenSSL Project. | |
33 * | |
34 * 6. Redistributions of any form whatsoever must retain the following | |
35 * acknowledgment: | |
36 * "This product includes software developed by the OpenSSL Project | |
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
38 * | |
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
50 * OF THE POSSIBILITY OF SUCH DAMAGE. | |
51 * ==================================================================== | |
52 * | |
53 * This product includes cryptographic software written by Eric Young | |
54 * (eay@cryptsoft.com). This product includes software written by Tim | |
55 * Hudson (tjh@cryptsoft.com). | |
56 * | |
57 */ | |
58 | |
59 #include <string.h> | |
60 #include "ec_lcl.h" | |
61 #include <openssl/err.h> | |
62 #include <openssl/asn1t.h> | |
63 #include <openssl/objects.h> | |
64 | |
65 | |
66 int EC_GROUP_get_basis_type(const EC_GROUP *group) | |
67 { | |
68 int i=0; | |
69 | |
70 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != | |
71 NID_X9_62_characteristic_two_field) | |
72 /* everything else is currently not supported */ | |
73 return 0; | |
74 | |
75 while (group->poly[i] != 0) | |
76 i++; | |
77 | |
78 if (i == 4) | |
79 return NID_X9_62_ppBasis; | |
80 else if (i == 2) | |
81 return NID_X9_62_tpBasis; | |
82 else | |
83 /* everything else is currently not supported */ | |
84 return 0; | |
85 } | |
86 #ifndef OPENSSL_NO_EC2M | |
87 int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k) | |
88 { | |
89 if (group == NULL) | |
90 return 0; | |
91 | |
92 if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_s
et_curve | |
93 || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[
2] == 0))) | |
94 { | |
95 ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_B
EEN_CALLED); | |
96 return 0; | |
97 } | |
98 | |
99 if (k) | |
100 *k = group->poly[1]; | |
101 | |
102 return 1; | |
103 } | |
104 int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, | |
105 unsigned int *k2, unsigned int *k3) | |
106 { | |
107 if (group == NULL) | |
108 return 0; | |
109 | |
110 if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_s
et_curve | |
111 || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[
2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) | |
112 { | |
113 ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE
_BEEN_CALLED); | |
114 return 0; | |
115 } | |
116 | |
117 if (k1) | |
118 *k1 = group->poly[3]; | |
119 if (k2) | |
120 *k2 = group->poly[2]; | |
121 if (k3) | |
122 *k3 = group->poly[1]; | |
123 | |
124 return 1; | |
125 } | |
126 #endif | |
127 | |
128 | |
129 /* some structures needed for the asn1 encoding */ | |
130 typedef struct x9_62_pentanomial_st { | |
131 long k1; | |
132 long k2; | |
133 long k3; | |
134 } X9_62_PENTANOMIAL; | |
135 | |
136 typedef struct x9_62_characteristic_two_st { | |
137 long m; | |
138 ASN1_OBJECT *type; | |
139 union { | |
140 char *ptr; | |
141 /* NID_X9_62_onBasis */ | |
142 ASN1_NULL *onBasis; | |
143 /* NID_X9_62_tpBasis */ | |
144 ASN1_INTEGER *tpBasis; | |
145 /* NID_X9_62_ppBasis */ | |
146 X9_62_PENTANOMIAL *ppBasis; | |
147 /* anything else */ | |
148 ASN1_TYPE *other; | |
149 } p; | |
150 } X9_62_CHARACTERISTIC_TWO; | |
151 | |
152 typedef struct x9_62_fieldid_st { | |
153 ASN1_OBJECT *fieldType; | |
154 union { | |
155 char *ptr; | |
156 /* NID_X9_62_prime_field */ | |
157 ASN1_INTEGER *prime; | |
158 /* NID_X9_62_characteristic_two_field */ | |
159 X9_62_CHARACTERISTIC_TWO *char_two; | |
160 /* anything else */ | |
161 ASN1_TYPE *other; | |
162 } p; | |
163 } X9_62_FIELDID; | |
164 | |
165 typedef struct x9_62_curve_st { | |
166 ASN1_OCTET_STRING *a; | |
167 ASN1_OCTET_STRING *b; | |
168 ASN1_BIT_STRING *seed; | |
169 } X9_62_CURVE; | |
170 | |
171 typedef struct ec_parameters_st { | |
172 long version; | |
173 X9_62_FIELDID *fieldID; | |
174 X9_62_CURVE *curve; | |
175 ASN1_OCTET_STRING *base; | |
176 ASN1_INTEGER *order; | |
177 ASN1_INTEGER *cofactor; | |
178 } ECPARAMETERS; | |
179 | |
180 struct ecpk_parameters_st { | |
181 int type; | |
182 union { | |
183 ASN1_OBJECT *named_curve; | |
184 ECPARAMETERS *parameters; | |
185 ASN1_NULL *implicitlyCA; | |
186 } value; | |
187 }/* ECPKPARAMETERS */; | |
188 | |
189 /* SEC1 ECPrivateKey */ | |
190 typedef struct ec_privatekey_st { | |
191 long version; | |
192 ASN1_OCTET_STRING *privateKey; | |
193 ECPKPARAMETERS *parameters; | |
194 ASN1_BIT_STRING *publicKey; | |
195 } EC_PRIVATEKEY; | |
196 | |
197 /* the OpenSSL ASN.1 definitions */ | |
198 ASN1_SEQUENCE(X9_62_PENTANOMIAL) = { | |
199 ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG), | |
200 ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG), | |
201 ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG) | |
202 } ASN1_SEQUENCE_END(X9_62_PENTANOMIAL) | |
203 | |
204 DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) | |
205 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) | |
206 | |
207 ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other,
ASN1_ANY); | |
208 | |
209 ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = { | |
210 ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onB
asis, ASN1_NULL)), | |
211 ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpB
asis, ASN1_INTEGER)), | |
212 ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppB
asis, X9_62_PENTANOMIAL)) | |
213 } ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL); | |
214 | |
215 ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = { | |
216 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG), | |
217 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT), | |
218 ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO) | |
219 } ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO) | |
220 | |
221 DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) | |
222 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) | |
223 | |
224 ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY); | |
225 | |
226 ASN1_ADB(X9_62_FIELDID) = { | |
227 ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN
1_INTEGER)), | |
228 ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID,
p.char_two, X9_62_CHARACTERISTIC_TWO)) | |
229 } ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL); | |
230 | |
231 ASN1_SEQUENCE(X9_62_FIELDID) = { | |
232 ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT), | |
233 ASN1_ADB_OBJECT(X9_62_FIELDID) | |
234 } ASN1_SEQUENCE_END(X9_62_FIELDID) | |
235 | |
236 ASN1_SEQUENCE(X9_62_CURVE) = { | |
237 ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING), | |
238 ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING), | |
239 ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING) | |
240 } ASN1_SEQUENCE_END(X9_62_CURVE) | |
241 | |
242 ASN1_SEQUENCE(ECPARAMETERS) = { | |
243 ASN1_SIMPLE(ECPARAMETERS, version, LONG), | |
244 ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID), | |
245 ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE), | |
246 ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING), | |
247 ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER), | |
248 ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER) | |
249 } ASN1_SEQUENCE_END(ECPARAMETERS) | |
250 | |
251 DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS) | |
252 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS) | |
253 | |
254 ASN1_CHOICE(ECPKPARAMETERS) = { | |
255 ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT), | |
256 ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS), | |
257 ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL) | |
258 } ASN1_CHOICE_END(ECPKPARAMETERS) | |
259 | |
260 DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS) | |
261 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS) | |
262 IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS) | |
263 | |
264 ASN1_SEQUENCE(EC_PRIVATEKEY) = { | |
265 ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG), | |
266 ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING), | |
267 ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0), | |
268 ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) | |
269 } ASN1_SEQUENCE_END(EC_PRIVATEKEY) | |
270 | |
271 DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) | |
272 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY) | |
273 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) | |
274 | |
275 /* some declarations of internal function */ | |
276 | |
277 /* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */ | |
278 static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *); | |
279 /* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */ | |
280 static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *); | |
281 /* ec_asn1_parameters2group() creates a EC_GROUP object from a | |
282 * ECPARAMETERS object */ | |
283 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *); | |
284 /* ec_asn1_group2parameters() creates a ECPARAMETERS object from a | |
285 * EC_GROUP object */ | |
286 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,ECPARAMETERS *); | |
287 /* ec_asn1_pkparameters2group() creates a EC_GROUP object from a | |
288 * ECPKPARAMETERS object */ | |
289 static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *); | |
290 /* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a | |
291 * EC_GROUP object */ | |
292 static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *, | |
293 ECPKPARAMETERS *); | |
294 | |
295 | |
296 /* the function definitions */ | |
297 | |
298 static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) | |
299 { | |
300 int ok=0, nid; | |
301 BIGNUM *tmp = NULL; | |
302 | |
303 if (group == NULL || field == NULL) | |
304 return 0; | |
305 | |
306 /* clear the old values (if necessary) */ | |
307 if (field->fieldType != NULL) | |
308 ASN1_OBJECT_free(field->fieldType); | |
309 if (field->p.other != NULL) | |
310 ASN1_TYPE_free(field->p.other); | |
311 | |
312 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); | |
313 /* set OID for the field */ | |
314 if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) | |
315 { | |
316 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB); | |
317 goto err; | |
318 } | |
319 | |
320 if (nid == NID_X9_62_prime_field) | |
321 { | |
322 if ((tmp = BN_new()) == NULL) | |
323 { | |
324 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); | |
325 goto err; | |
326 } | |
327 /* the parameters are specified by the prime number p */ | |
328 if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) | |
329 { | |
330 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB); | |
331 goto err; | |
332 } | |
333 /* set the prime number */ | |
334 field->p.prime = BN_to_ASN1_INTEGER(tmp,NULL); | |
335 if (field->p.prime == NULL) | |
336 { | |
337 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB); | |
338 goto err; | |
339 } | |
340 } | |
341 else /* nid == NID_X9_62_characteristic_two_field */ | |
342 #ifdef OPENSSL_NO_EC2M | |
343 { | |
344 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED); | |
345 goto err; | |
346 } | |
347 #else | |
348 { | |
349 int field_type; | |
350 X9_62_CHARACTERISTIC_TWO *char_two; | |
351 | |
352 field->p.char_two = X9_62_CHARACTERISTIC_TWO_new(); | |
353 char_two = field->p.char_two; | |
354 | |
355 if (char_two == NULL) | |
356 { | |
357 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); | |
358 goto err; | |
359 } | |
360 | |
361 char_two->m = (long)EC_GROUP_get_degree(group); | |
362 | |
363 field_type = EC_GROUP_get_basis_type(group); | |
364 | |
365 if (field_type == 0) | |
366 { | |
367 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB); | |
368 goto err; | |
369 } | |
370 /* set base type OID */ | |
371 if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) | |
372 { | |
373 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB); | |
374 goto err; | |
375 } | |
376 | |
377 if (field_type == NID_X9_62_tpBasis) | |
378 { | |
379 unsigned int k; | |
380 | |
381 if (!EC_GROUP_get_trinomial_basis(group, &k)) | |
382 goto err; | |
383 | |
384 char_two->p.tpBasis = ASN1_INTEGER_new(); | |
385 if (!char_two->p.tpBasis) | |
386 { | |
387 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_F
AILURE); | |
388 goto err; | |
389 } | |
390 if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) | |
391 { | |
392 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, | |
393 ERR_R_ASN1_LIB); | |
394 goto err; | |
395 } | |
396 } | |
397 else if (field_type == NID_X9_62_ppBasis) | |
398 { | |
399 unsigned int k1, k2, k3; | |
400 | |
401 if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3
)) | |
402 goto err; | |
403 | |
404 char_two->p.ppBasis = X9_62_PENTANOMIAL_new(); | |
405 if (!char_two->p.ppBasis) | |
406 { | |
407 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_F
AILURE); | |
408 goto err; | |
409 } | |
410 | |
411 /* set k? values */ | |
412 char_two->p.ppBasis->k1 = (long)k1; | |
413 char_two->p.ppBasis->k2 = (long)k2; | |
414 char_two->p.ppBasis->k3 = (long)k3; | |
415 } | |
416 else /* field_type == NID_X9_62_onBasis */ | |
417 { | |
418 /* for ONB the parameters are (asn1) NULL */ | |
419 char_two->p.onBasis = ASN1_NULL_new(); | |
420 if (!char_two->p.onBasis) | |
421 { | |
422 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_F
AILURE); | |
423 goto err; | |
424 } | |
425 } | |
426 } | |
427 #endif | |
428 | |
429 ok = 1; | |
430 | |
431 err : if (tmp) | |
432 BN_free(tmp); | |
433 return(ok); | |
434 } | |
435 | |
436 static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) | |
437 { | |
438 int ok=0, nid; | |
439 BIGNUM *tmp_1=NULL, *tmp_2=NULL; | |
440 unsigned char *buffer_1=NULL, *buffer_2=NULL, | |
441 *a_buf=NULL, *b_buf=NULL; | |
442 size_t len_1, len_2; | |
443 unsigned char char_zero = 0; | |
444 | |
445 if (!group || !curve || !curve->a || !curve->b) | |
446 return 0; | |
447 | |
448 if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) | |
449 { | |
450 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE); | |
451 goto err; | |
452 } | |
453 | |
454 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); | |
455 | |
456 /* get a and b */ | |
457 if (nid == NID_X9_62_prime_field) | |
458 { | |
459 if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) | |
460 { | |
461 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB); | |
462 goto err; | |
463 } | |
464 } | |
465 #ifndef OPENSSL_NO_EC2M | |
466 else /* nid == NID_X9_62_characteristic_two_field */ | |
467 { | |
468 if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) | |
469 { | |
470 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB); | |
471 goto err; | |
472 } | |
473 } | |
474 #endif | |
475 len_1 = (size_t)BN_num_bytes(tmp_1); | |
476 len_2 = (size_t)BN_num_bytes(tmp_2); | |
477 | |
478 if (len_1 == 0) | |
479 { | |
480 /* len_1 == 0 => a == 0 */ | |
481 a_buf = &char_zero; | |
482 len_1 = 1; | |
483 } | |
484 else | |
485 { | |
486 if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL) | |
487 { | |
488 ECerr(EC_F_EC_ASN1_GROUP2CURVE, | |
489 ERR_R_MALLOC_FAILURE); | |
490 goto err; | |
491 } | |
492 if ( (len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) | |
493 { | |
494 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB); | |
495 goto err; | |
496 } | |
497 a_buf = buffer_1; | |
498 } | |
499 | |
500 if (len_2 == 0) | |
501 { | |
502 /* len_2 == 0 => b == 0 */ | |
503 b_buf = &char_zero; | |
504 len_2 = 1; | |
505 } | |
506 else | |
507 { | |
508 if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL) | |
509 { | |
510 ECerr(EC_F_EC_ASN1_GROUP2CURVE, | |
511 ERR_R_MALLOC_FAILURE); | |
512 goto err; | |
513 } | |
514 if ( (len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) | |
515 { | |
516 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB); | |
517 goto err; | |
518 } | |
519 b_buf = buffer_2; | |
520 } | |
521 | |
522 /* set a and b */ | |
523 if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) || | |
524 !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) | |
525 { | |
526 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB); | |
527 goto err; | |
528 } | |
529 | |
530 /* set the seed (optional) */ | |
531 if (group->seed) | |
532 { | |
533 if (!curve->seed) | |
534 if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) | |
535 { | |
536 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAI
LURE); | |
537 goto err; | |
538 } | |
539 curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); | |
540 curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT; | |
541 if (!ASN1_BIT_STRING_set(curve->seed, group->seed, | |
542 (int)group->seed_len)) | |
543 { | |
544 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB); | |
545 goto err; | |
546 } | |
547 } | |
548 else | |
549 { | |
550 if (curve->seed) | |
551 { | |
552 ASN1_BIT_STRING_free(curve->seed); | |
553 curve->seed = NULL; | |
554 } | |
555 } | |
556 | |
557 ok = 1; | |
558 | |
559 err: if (buffer_1) | |
560 OPENSSL_free(buffer_1); | |
561 if (buffer_2) | |
562 OPENSSL_free(buffer_2); | |
563 if (tmp_1) | |
564 BN_free(tmp_1); | |
565 if (tmp_2) | |
566 BN_free(tmp_2); | |
567 return(ok); | |
568 } | |
569 | |
570 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group, | |
571 ECPARAMETERS *param) | |
572 { | |
573 int ok=0; | |
574 size_t len=0; | |
575 ECPARAMETERS *ret=NULL; | |
576 BIGNUM *tmp=NULL; | |
577 unsigned char *buffer=NULL; | |
578 const EC_POINT *point=NULL; | |
579 point_conversion_form_t form; | |
580 | |
581 if ((tmp = BN_new()) == NULL) | |
582 { | |
583 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); | |
584 goto err; | |
585 } | |
586 | |
587 if (param == NULL) | |
588 { | |
589 if ((ret = ECPARAMETERS_new()) == NULL) | |
590 { | |
591 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, | |
592 ERR_R_MALLOC_FAILURE); | |
593 goto err; | |
594 } | |
595 } | |
596 else | |
597 ret = param; | |
598 | |
599 /* set the version (always one) */ | |
600 ret->version = (long)0x1; | |
601 | |
602 /* set the fieldID */ | |
603 if (!ec_asn1_group2fieldid(group, ret->fieldID)) | |
604 { | |
605 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); | |
606 goto err; | |
607 } | |
608 | |
609 /* set the curve */ | |
610 if (!ec_asn1_group2curve(group, ret->curve)) | |
611 { | |
612 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); | |
613 goto err; | |
614 } | |
615 | |
616 /* set the base point */ | |
617 if ((point = EC_GROUP_get0_generator(group)) == NULL) | |
618 { | |
619 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR); | |
620 goto err; | |
621 } | |
622 | |
623 form = EC_GROUP_get_point_conversion_form(group); | |
624 | |
625 len = EC_POINT_point2oct(group, point, form, NULL, len, NULL); | |
626 if (len == 0) | |
627 { | |
628 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); | |
629 goto err; | |
630 } | |
631 if ((buffer = OPENSSL_malloc(len)) == NULL) | |
632 { | |
633 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); | |
634 goto err; | |
635 } | |
636 if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) | |
637 { | |
638 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); | |
639 goto err; | |
640 } | |
641 if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) | |
642 { | |
643 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); | |
644 goto err; | |
645 } | |
646 if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) | |
647 { | |
648 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB); | |
649 goto err; | |
650 } | |
651 | |
652 /* set the order */ | |
653 if (!EC_GROUP_get_order(group, tmp, NULL)) | |
654 { | |
655 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); | |
656 goto err; | |
657 } | |
658 ret->order = BN_to_ASN1_INTEGER(tmp, ret->order); | |
659 if (ret->order == NULL) | |
660 { | |
661 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB); | |
662 goto err; | |
663 } | |
664 | |
665 /* set the cofactor (optional) */ | |
666 if (EC_GROUP_get_cofactor(group, tmp, NULL)) | |
667 { | |
668 ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor); | |
669 if (ret->cofactor == NULL) | |
670 { | |
671 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB); | |
672 goto err; | |
673 } | |
674 } | |
675 | |
676 ok = 1; | |
677 | |
678 err : if(!ok) | |
679 { | |
680 if (ret && !param) | |
681 ECPARAMETERS_free(ret); | |
682 ret = NULL; | |
683 } | |
684 if (tmp) | |
685 BN_free(tmp); | |
686 if (buffer) | |
687 OPENSSL_free(buffer); | |
688 return(ret); | |
689 } | |
690 | |
691 ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, | |
692 ECPKPARAMETERS *params) | |
693 { | |
694 int ok = 1, tmp; | |
695 ECPKPARAMETERS *ret = params; | |
696 | |
697 if (ret == NULL) | |
698 { | |
699 if ((ret = ECPKPARAMETERS_new()) == NULL) | |
700 { | |
701 ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS, | |
702 ERR_R_MALLOC_FAILURE); | |
703 return NULL; | |
704 } | |
705 } | |
706 else | |
707 { | |
708 if (ret->type == 0 && ret->value.named_curve) | |
709 ASN1_OBJECT_free(ret->value.named_curve); | |
710 else if (ret->type == 1 && ret->value.parameters) | |
711 ECPARAMETERS_free(ret->value.parameters); | |
712 } | |
713 | |
714 if (EC_GROUP_get_asn1_flag(group)) | |
715 { | |
716 /* use the asn1 OID to describe the | |
717 * the elliptic curve parameters | |
718 */ | |
719 tmp = EC_GROUP_get_curve_name(group); | |
720 if (tmp) | |
721 { | |
722 ret->type = 0; | |
723 if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL) | |
724 ok = 0; | |
725 } | |
726 else | |
727 /* we don't kmow the nid => ERROR */ | |
728 ok = 0; | |
729 } | |
730 else | |
731 { | |
732 /* use the ECPARAMETERS structure */ | |
733 ret->type = 1; | |
734 if ((ret->value.parameters = ec_asn1_group2parameters( | |
735 group, NULL)) == NULL) | |
736 ok = 0; | |
737 } | |
738 | |
739 if (!ok) | |
740 { | |
741 ECPKPARAMETERS_free(ret); | |
742 return NULL; | |
743 } | |
744 return ret; | |
745 } | |
746 | |
747 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) | |
748 { | |
749 int ok = 0, tmp; | |
750 EC_GROUP *ret = NULL; | |
751 BIGNUM *p = NULL, *a = NULL, *b = NULL; | |
752 EC_POINT *point=NULL; | |
753 long field_bits; | |
754 | |
755 if (!params->fieldID || !params->fieldID->fieldType || | |
756 !params->fieldID->p.ptr) | |
757 { | |
758 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); | |
759 goto err; | |
760 } | |
761 | |
762 /* now extract the curve parameters a and b */ | |
763 if (!params->curve || !params->curve->a || | |
764 !params->curve->a->data || !params->curve->b || | |
765 !params->curve->b->data) | |
766 { | |
767 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); | |
768 goto err; | |
769 } | |
770 a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL); | |
771 if (a == NULL) | |
772 { | |
773 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB); | |
774 goto err; | |
775 } | |
776 b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL); | |
777 if (b == NULL) | |
778 { | |
779 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB); | |
780 goto err; | |
781 } | |
782 | |
783 /* get the field parameters */ | |
784 tmp = OBJ_obj2nid(params->fieldID->fieldType); | |
785 if (tmp == NID_X9_62_characteristic_two_field) | |
786 #ifdef OPENSSL_NO_EC2M | |
787 { | |
788 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED); | |
789 goto err; | |
790 } | |
791 #else | |
792 { | |
793 X9_62_CHARACTERISTIC_TWO *char_two; | |
794 | |
795 char_two = params->fieldID->p.char_two; | |
796 | |
797 field_bits = char_two->m; | |
798 if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) | |
799 { | |
800 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARG
E); | |
801 goto err; | |
802 } | |
803 | |
804 if ((p = BN_new()) == NULL) | |
805 { | |
806 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILUR
E); | |
807 goto err; | |
808 } | |
809 | |
810 /* get the base type */ | |
811 tmp = OBJ_obj2nid(char_two->type); | |
812 | |
813 if (tmp == NID_X9_62_tpBasis) | |
814 { | |
815 long tmp_long; | |
816 | |
817 if (!char_two->p.tpBasis) | |
818 { | |
819 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_E
RROR); | |
820 goto err; | |
821 } | |
822 | |
823 tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis); | |
824 | |
825 if (!(char_two->m > tmp_long && tmp_long > 0)) | |
826 { | |
827 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALI
D_TRINOMIAL_BASIS); | |
828 goto err; | |
829 } | |
830 | |
831 /* create the polynomial */ | |
832 if (!BN_set_bit(p, (int)char_two->m)) | |
833 goto err; | |
834 if (!BN_set_bit(p, (int)tmp_long)) | |
835 goto err; | |
836 if (!BN_set_bit(p, 0)) | |
837 goto err; | |
838 } | |
839 else if (tmp == NID_X9_62_ppBasis) | |
840 { | |
841 X9_62_PENTANOMIAL *penta; | |
842 | |
843 penta = char_two->p.ppBasis; | |
844 if (!penta) | |
845 { | |
846 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_E
RROR); | |
847 goto err; | |
848 } | |
849 | |
850 if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 &
& penta->k2 > penta->k1 && penta->k1 > 0)) | |
851 { | |
852 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALI
D_PENTANOMIAL_BASIS); | |
853 goto err; | |
854 } | |
855 | |
856 /* create the polynomial */ | |
857 if (!BN_set_bit(p, (int)char_two->m)) goto err; | |
858 if (!BN_set_bit(p, (int)penta->k1)) goto err; | |
859 if (!BN_set_bit(p, (int)penta->k2)) goto err; | |
860 if (!BN_set_bit(p, (int)penta->k3)) goto err; | |
861 if (!BN_set_bit(p, 0)) goto err; | |
862 } | |
863 else if (tmp == NID_X9_62_onBasis) | |
864 { | |
865 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTE
D); | |
866 goto err; | |
867 } | |
868 else /* error */ | |
869 { | |
870 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); | |
871 goto err; | |
872 } | |
873 | |
874 /* create the EC_GROUP structure */ | |
875 ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL); | |
876 } | |
877 #endif | |
878 else if (tmp == NID_X9_62_prime_field) | |
879 { | |
880 /* we have a curve over a prime field */ | |
881 /* extract the prime number */ | |
882 if (!params->fieldID->p.prime) | |
883 { | |
884 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); | |
885 goto err; | |
886 } | |
887 p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL); | |
888 if (p == NULL) | |
889 { | |
890 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); | |
891 goto err; | |
892 } | |
893 | |
894 if (BN_is_negative(p) || BN_is_zero(p)) | |
895 { | |
896 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD)
; | |
897 goto err; | |
898 } | |
899 | |
900 field_bits = BN_num_bits(p); | |
901 if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) | |
902 { | |
903 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARG
E); | |
904 goto err; | |
905 } | |
906 | |
907 /* create the EC_GROUP structure */ | |
908 ret = EC_GROUP_new_curve_GFp(p, a, b, NULL); | |
909 } | |
910 else | |
911 { | |
912 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD); | |
913 goto err; | |
914 } | |
915 | |
916 if (ret == NULL) | |
917 { | |
918 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB); | |
919 goto err; | |
920 } | |
921 | |
922 /* extract seed (optional) */ | |
923 if (params->curve->seed != NULL) | |
924 { | |
925 if (ret->seed != NULL) | |
926 OPENSSL_free(ret->seed); | |
927 if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) | |
928 { | |
929 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, | |
930 ERR_R_MALLOC_FAILURE); | |
931 goto err; | |
932 } | |
933 memcpy(ret->seed, params->curve->seed->data, | |
934 params->curve->seed->length); | |
935 ret->seed_len = params->curve->seed->length; | |
936 } | |
937 | |
938 if (!params->order || !params->base || !params->base->data) | |
939 { | |
940 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); | |
941 goto err; | |
942 } | |
943 | |
944 if ((point = EC_POINT_new(ret)) == NULL) goto err; | |
945 | |
946 /* set the point conversion form */ | |
947 EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t) | |
948 (params->base->data[0] & ~0x01)); | |
949 | |
950 /* extract the ec point */ | |
951 if (!EC_POINT_oct2point(ret, point, params->base->data, | |
952 params->base->length, NULL)) | |
953 { | |
954 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB); | |
955 goto err; | |
956 } | |
957 | |
958 /* extract the order */ | |
959 if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) | |
960 { | |
961 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); | |
962 goto err; | |
963 } | |
964 if (BN_is_negative(a) || BN_is_zero(a)) | |
965 { | |
966 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER); | |
967 goto err; | |
968 } | |
969 if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */ | |
970 { | |
971 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER); | |
972 goto err; | |
973 } | |
974 | |
975 /* extract the cofactor (optional) */ | |
976 if (params->cofactor == NULL) | |
977 { | |
978 if (b) | |
979 { | |
980 BN_free(b); | |
981 b = NULL; | |
982 } | |
983 } | |
984 else | |
985 if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) | |
986 { | |
987 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); | |
988 goto err; | |
989 } | |
990 /* set the generator, order and cofactor (if present) */ | |
991 if (!EC_GROUP_set_generator(ret, point, a, b)) | |
992 { | |
993 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB); | |
994 goto err; | |
995 } | |
996 | |
997 ok = 1; | |
998 | |
999 err: if (!ok) | |
1000 { | |
1001 if (ret) | |
1002 EC_GROUP_clear_free(ret); | |
1003 ret = NULL; | |
1004 } | |
1005 | |
1006 if (p) | |
1007 BN_free(p); | |
1008 if (a) | |
1009 BN_free(a); | |
1010 if (b) | |
1011 BN_free(b); | |
1012 if (point) | |
1013 EC_POINT_free(point); | |
1014 return(ret); | |
1015 } | |
1016 | |
1017 EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) | |
1018 { | |
1019 EC_GROUP *ret=NULL; | |
1020 int tmp=0; | |
1021 | |
1022 if (params == NULL) | |
1023 { | |
1024 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, | |
1025 EC_R_MISSING_PARAMETERS); | |
1026 return NULL; | |
1027 } | |
1028 | |
1029 if (params->type == 0) | |
1030 { /* the curve is given by an OID */ | |
1031 tmp = OBJ_obj2nid(params->value.named_curve); | |
1032 if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) | |
1033 { | |
1034 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, | |
1035 EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); | |
1036 return NULL; | |
1037 } | |
1038 EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE); | |
1039 } | |
1040 else if (params->type == 1) | |
1041 { /* the parameters are given by a ECPARAMETERS | |
1042 * structure */ | |
1043 ret = ec_asn1_parameters2group(params->value.parameters); | |
1044 if (!ret) | |
1045 { | |
1046 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB); | |
1047 return NULL; | |
1048 } | |
1049 EC_GROUP_set_asn1_flag(ret, 0x0); | |
1050 } | |
1051 else if (params->type == 2) | |
1052 { /* implicitlyCA */ | |
1053 return NULL; | |
1054 } | |
1055 else | |
1056 { | |
1057 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR); | |
1058 return NULL; | |
1059 } | |
1060 | |
1061 return ret; | |
1062 } | |
1063 | |
1064 /* EC_GROUP <-> DER encoding of ECPKPARAMETERS */ | |
1065 | |
1066 EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) | |
1067 { | |
1068 EC_GROUP *group = NULL; | |
1069 ECPKPARAMETERS *params = NULL; | |
1070 | |
1071 if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) | |
1072 { | |
1073 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE); | |
1074 ECPKPARAMETERS_free(params); | |
1075 return NULL; | |
1076 } | |
1077 | |
1078 if ((group = ec_asn1_pkparameters2group(params)) == NULL) | |
1079 { | |
1080 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE); | |
1081 ECPKPARAMETERS_free(params); | |
1082 return NULL; | |
1083 } | |
1084 | |
1085 | |
1086 if (a && *a) | |
1087 EC_GROUP_clear_free(*a); | |
1088 if (a) | |
1089 *a = group; | |
1090 | |
1091 ECPKPARAMETERS_free(params); | |
1092 return(group); | |
1093 } | |
1094 | |
1095 int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out) | |
1096 { | |
1097 int ret=0; | |
1098 ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL); | |
1099 if (tmp == NULL) | |
1100 { | |
1101 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE); | |
1102 return 0; | |
1103 } | |
1104 if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) | |
1105 { | |
1106 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE); | |
1107 ECPKPARAMETERS_free(tmp); | |
1108 return 0; | |
1109 } | |
1110 ECPKPARAMETERS_free(tmp); | |
1111 return(ret); | |
1112 } | |
1113 | |
1114 /* some EC_KEY functions */ | |
1115 | |
1116 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) | |
1117 { | |
1118 int ok=0; | |
1119 EC_KEY *ret=NULL; | |
1120 EC_PRIVATEKEY *priv_key=NULL; | |
1121 | |
1122 if ((priv_key = EC_PRIVATEKEY_new()) == NULL) | |
1123 { | |
1124 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); | |
1125 return NULL; | |
1126 } | |
1127 | |
1128 if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) | |
1129 { | |
1130 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1131 EC_PRIVATEKEY_free(priv_key); | |
1132 return NULL; | |
1133 } | |
1134 | |
1135 if (a == NULL || *a == NULL) | |
1136 { | |
1137 if ((ret = EC_KEY_new()) == NULL) | |
1138 { | |
1139 ECerr(EC_F_D2I_ECPRIVATEKEY, | |
1140 ERR_R_MALLOC_FAILURE); | |
1141 goto err; | |
1142 } | |
1143 if (a) | |
1144 *a = ret; | |
1145 } | |
1146 else | |
1147 ret = *a; | |
1148 | |
1149 if (priv_key->parameters) | |
1150 { | |
1151 if (ret->group) | |
1152 EC_GROUP_clear_free(ret->group); | |
1153 ret->group = ec_asn1_pkparameters2group(priv_key->parameters); | |
1154 } | |
1155 | |
1156 if (ret->group == NULL) | |
1157 { | |
1158 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1159 goto err; | |
1160 } | |
1161 | |
1162 ret->version = priv_key->version; | |
1163 | |
1164 if (priv_key->privateKey) | |
1165 { | |
1166 ret->priv_key = BN_bin2bn( | |
1167 M_ASN1_STRING_data(priv_key->privateKey), | |
1168 M_ASN1_STRING_length(priv_key->privateKey), | |
1169 ret->priv_key); | |
1170 if (ret->priv_key == NULL) | |
1171 { | |
1172 ECerr(EC_F_D2I_ECPRIVATEKEY, | |
1173 ERR_R_BN_LIB); | |
1174 goto err; | |
1175 } | |
1176 } | |
1177 else | |
1178 { | |
1179 ECerr(EC_F_D2I_ECPRIVATEKEY, | |
1180 EC_R_MISSING_PRIVATE_KEY); | |
1181 goto err; | |
1182 } | |
1183 | |
1184 if (priv_key->publicKey) | |
1185 { | |
1186 const unsigned char *pub_oct; | |
1187 size_t pub_oct_len; | |
1188 | |
1189 if (ret->pub_key) | |
1190 EC_POINT_clear_free(ret->pub_key); | |
1191 ret->pub_key = EC_POINT_new(ret->group); | |
1192 if (ret->pub_key == NULL) | |
1193 { | |
1194 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1195 goto err; | |
1196 } | |
1197 pub_oct = M_ASN1_STRING_data(priv_key->publicKey); | |
1198 pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); | |
1199 /* save the point conversion form */ | |
1200 ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); | |
1201 if (!EC_POINT_oct2point(ret->group, ret->pub_key, | |
1202 pub_oct, pub_oct_len, NULL)) | |
1203 { | |
1204 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1205 goto err; | |
1206 } | |
1207 } | |
1208 | |
1209 ok = 1; | |
1210 err: | |
1211 if (!ok) | |
1212 { | |
1213 if (ret) | |
1214 EC_KEY_free(ret); | |
1215 ret = NULL; | |
1216 } | |
1217 | |
1218 if (priv_key) | |
1219 EC_PRIVATEKEY_free(priv_key); | |
1220 | |
1221 return(ret); | |
1222 } | |
1223 | |
1224 int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) | |
1225 { | |
1226 int ret=0, ok=0; | |
1227 unsigned char *buffer=NULL; | |
1228 size_t buf_len=0, tmp_len; | |
1229 EC_PRIVATEKEY *priv_key=NULL; | |
1230 | |
1231 if (a == NULL || a->group == NULL || a->priv_key == NULL) | |
1232 { | |
1233 ECerr(EC_F_I2D_ECPRIVATEKEY, | |
1234 ERR_R_PASSED_NULL_PARAMETER); | |
1235 goto err; | |
1236 } | |
1237 | |
1238 if ((priv_key = EC_PRIVATEKEY_new()) == NULL) | |
1239 { | |
1240 ECerr(EC_F_I2D_ECPRIVATEKEY, | |
1241 ERR_R_MALLOC_FAILURE); | |
1242 goto err; | |
1243 } | |
1244 | |
1245 priv_key->version = a->version; | |
1246 | |
1247 buf_len = (size_t)BN_num_bytes(a->priv_key); | |
1248 buffer = OPENSSL_malloc(buf_len); | |
1249 if (buffer == NULL) | |
1250 { | |
1251 ECerr(EC_F_I2D_ECPRIVATEKEY, | |
1252 ERR_R_MALLOC_FAILURE); | |
1253 goto err; | |
1254 } | |
1255 | |
1256 if (!BN_bn2bin(a->priv_key, buffer)) | |
1257 { | |
1258 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB); | |
1259 goto err; | |
1260 } | |
1261 | |
1262 if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) | |
1263 { | |
1264 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB); | |
1265 goto err; | |
1266 } | |
1267 | |
1268 if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) | |
1269 { | |
1270 if ((priv_key->parameters = ec_asn1_group2pkparameters( | |
1271 a->group, priv_key->parameters)) == NULL) | |
1272 { | |
1273 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1274 goto err; | |
1275 } | |
1276 } | |
1277 | |
1278 if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) | |
1279 { | |
1280 priv_key->publicKey = M_ASN1_BIT_STRING_new(); | |
1281 if (priv_key->publicKey == NULL) | |
1282 { | |
1283 ECerr(EC_F_I2D_ECPRIVATEKEY, | |
1284 ERR_R_MALLOC_FAILURE); | |
1285 goto err; | |
1286 } | |
1287 | |
1288 tmp_len = EC_POINT_point2oct(a->group, a->pub_key, | |
1289 a->conv_form, NULL, 0, NULL); | |
1290 | |
1291 if (tmp_len > buf_len) | |
1292 { | |
1293 unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_
len); | |
1294 if (!tmp_buffer) | |
1295 { | |
1296 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILUR
E); | |
1297 goto err; | |
1298 } | |
1299 buffer = tmp_buffer; | |
1300 buf_len = tmp_len; | |
1301 } | |
1302 | |
1303 if (!EC_POINT_point2oct(a->group, a->pub_key, | |
1304 a->conv_form, buffer, buf_len, NULL)) | |
1305 { | |
1306 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1307 goto err; | |
1308 } | |
1309 | |
1310 priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07)
; | |
1311 priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; | |
1312 if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, | |
1313 buf_len)) | |
1314 { | |
1315 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB); | |
1316 goto err; | |
1317 } | |
1318 } | |
1319 | |
1320 if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) | |
1321 { | |
1322 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); | |
1323 goto err; | |
1324 } | |
1325 ok=1; | |
1326 err: | |
1327 if (buffer) | |
1328 OPENSSL_free(buffer); | |
1329 if (priv_key) | |
1330 EC_PRIVATEKEY_free(priv_key); | |
1331 return(ok?ret:0); | |
1332 } | |
1333 | |
1334 int i2d_ECParameters(EC_KEY *a, unsigned char **out) | |
1335 { | |
1336 if (a == NULL) | |
1337 { | |
1338 ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); | |
1339 return 0; | |
1340 } | |
1341 return i2d_ECPKParameters(a->group, out); | |
1342 } | |
1343 | |
1344 EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len) | |
1345 { | |
1346 EC_KEY *ret; | |
1347 | |
1348 if (in == NULL || *in == NULL) | |
1349 { | |
1350 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); | |
1351 return NULL; | |
1352 } | |
1353 | |
1354 if (a == NULL || *a == NULL) | |
1355 { | |
1356 if ((ret = EC_KEY_new()) == NULL) | |
1357 { | |
1358 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE); | |
1359 return NULL; | |
1360 } | |
1361 if (a) | |
1362 *a = ret; | |
1363 } | |
1364 else | |
1365 ret = *a; | |
1366 | |
1367 if (!d2i_ECPKParameters(&ret->group, in, len)) | |
1368 { | |
1369 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB); | |
1370 return NULL; | |
1371 } | |
1372 | |
1373 return ret; | |
1374 } | |
1375 | |
1376 EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len) | |
1377 { | |
1378 EC_KEY *ret=NULL; | |
1379 | |
1380 if (a == NULL || (*a) == NULL || (*a)->group == NULL) | |
1381 { | |
1382 /* sorry, but a EC_GROUP-structur is necessary | |
1383 * to set the public key */ | |
1384 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER); | |
1385 return 0; | |
1386 } | |
1387 ret = *a; | |
1388 if (ret->pub_key == NULL && | |
1389 (ret->pub_key = EC_POINT_new(ret->group)) == NULL) | |
1390 { | |
1391 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE); | |
1392 return 0; | |
1393 } | |
1394 if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) | |
1395 { | |
1396 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB); | |
1397 return 0; | |
1398 } | |
1399 /* save the point conversion form */ | |
1400 ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01); | |
1401 *in += len; | |
1402 return ret; | |
1403 } | |
1404 | |
1405 int i2o_ECPublicKey(EC_KEY *a, unsigned char **out) | |
1406 { | |
1407 size_t buf_len=0; | |
1408 int new_buffer = 0; | |
1409 | |
1410 if (a == NULL) | |
1411 { | |
1412 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER); | |
1413 return 0; | |
1414 } | |
1415 | |
1416 buf_len = EC_POINT_point2oct(a->group, a->pub_key, | |
1417 a->conv_form, NULL, 0, NULL); | |
1418 | |
1419 if (out == NULL || buf_len == 0) | |
1420 /* out == NULL => just return the length of the octet string */ | |
1421 return buf_len; | |
1422 | |
1423 if (*out == NULL) | |
1424 { | |
1425 if ((*out = OPENSSL_malloc(buf_len)) == NULL) | |
1426 { | |
1427 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE); | |
1428 return 0; | |
1429 } | |
1430 new_buffer = 1; | |
1431 } | |
1432 if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form, | |
1433 *out, buf_len, NULL)) | |
1434 { | |
1435 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB); | |
1436 if (new_buffer) | |
1437 { | |
1438 OPENSSL_free(*out); | |
1439 *out = NULL; | |
1440 } | |
1441 return 0; | |
1442 } | |
1443 if (!new_buffer) | |
1444 *out += buf_len; | |
1445 return buf_len; | |
1446 } | |
OLD | NEW |