summaryrefslogtreecommitdiffstats
path: root/crypto
diff options
context:
space:
mode:
authorBodo Möller <bodo@openssl.org>2002-08-07 12:49:54 +0200
committerBodo Möller <bodo@openssl.org>2002-08-07 12:49:54 +0200
commit14a7cfb32a0347a4bc620ae1b552b21c4c1e270b (patch)
tree13c4bcc3d58ba7db5e598cd668670873b51e8ce3 /crypto
parentavoid SIGSEGV (diff)
downloadopenssl-14a7cfb32a0347a4bc620ae1b552b21c4c1e270b.tar.xz
openssl-14a7cfb32a0347a4bc620ae1b552b21c4c1e270b.zip
use a generic EC_KEY structure (EC keys are not ECDSA specific)
Submitted by: Nils Larsch
Diffstat (limited to 'crypto')
-rw-r--r--crypto/asn1/Makefile.ssl118
-rw-r--r--crypto/asn1/asn1.h1
-rw-r--r--crypto/asn1/asn1_err.c3
-rw-r--r--crypto/asn1/d2i_pr.c12
-rw-r--r--crypto/asn1/d2i_pu.c13
-rw-r--r--crypto/asn1/i2d_pr.c10
-rw-r--r--crypto/asn1/i2d_pu.c10
-rw-r--r--crypto/asn1/t_pkey.c65
-rw-r--r--crypto/asn1/t_req.c8
-rw-r--r--crypto/asn1/t_spki.c8
-rw-r--r--crypto/asn1/t_x509.c12
-rw-r--r--crypto/asn1/x_pubkey.c65
-rw-r--r--crypto/ec/Makefile.ssl16
-rw-r--r--crypto/ec/ec.h102
-rw-r--r--crypto/ec/ec_asn1.c393
-rw-r--r--crypto/ec/ec_err.c23
-rw-r--r--crypto/ec/ec_key.c354
-rw-r--r--crypto/ecdsa/Makefile.ssl15
-rw-r--r--crypto/ecdsa/ecdsa.h215
-rw-r--r--crypto/ecdsa/ecdsatest.c134
-rw-r--r--crypto/ecdsa/ecs_asn1.c321
-rw-r--r--crypto/ecdsa/ecs_err.c56
-rw-r--r--crypto/ecdsa/ecs_gen.c83
-rw-r--r--crypto/ecdsa/ecs_key.c140
-rw-r--r--crypto/ecdsa/ecs_lib.c182
-rw-r--r--crypto/ecdsa/ecs_ossl.c320
-rw-r--r--crypto/ecdsa/ecs_sign.c21
-rw-r--r--crypto/ecdsa/ecs_vrf.c15
-rw-r--r--crypto/evp/evp.h24
-rw-r--r--crypto/evp/evp_err.c7
-rw-r--r--crypto/evp/evp_pkey.c146
-rw-r--r--crypto/evp/p_lib.c59
-rw-r--r--crypto/pem/pem.h7
-rw-r--r--crypto/pem/pem_all.c37
-rw-r--r--crypto/pem/pem_info.c8
-rw-r--r--crypto/x509/x509.h42
-rw-r--r--crypto/x509/x509_cmp.c7
-rw-r--r--crypto/x509/x_all.c57
38 files changed, 1625 insertions, 1484 deletions
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
index 3c659ab87b..56699e57e6 100644
--- a/crypto/asn1/Makefile.ssl
+++ b/crypto/asn1/Makefile.ssl
@@ -439,19 +439,19 @@ d2i_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
d2i_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
d2i_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
d2i_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-d2i_pr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-d2i_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-d2i_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-d2i_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-d2i_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-d2i_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pr.c
+d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+d2i_pr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+d2i_pr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+d2i_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+d2i_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+d2i_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+d2i_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+d2i_pr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+d2i_pr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+d2i_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+d2i_pr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+d2i_pr.o: ../cryptlib.h d2i_pr.c
d2i_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
d2i_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -459,19 +459,19 @@ d2i_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
d2i_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
d2i_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-d2i_pu.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-d2i_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-d2i_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-d2i_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-d2i_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-d2i_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-d2i_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-d2i_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h d2i_pu.c
+d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+d2i_pu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+d2i_pu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+d2i_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+d2i_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+d2i_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+d2i_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+d2i_pu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+d2i_pu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+d2i_pu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+d2i_pu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+d2i_pu.o: ../cryptlib.h d2i_pu.c
evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
evp_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -512,19 +512,19 @@ i2d_pr.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
i2d_pr.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
i2d_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-i2d_pr.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-i2d_pr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-i2d_pr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-i2d_pr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-i2d_pr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-i2d_pr.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pr.c
+i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+i2d_pr.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+i2d_pr.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+i2d_pr.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+i2d_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+i2d_pr.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+i2d_pr.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+i2d_pr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pr.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+i2d_pr.o: ../cryptlib.h i2d_pr.c
i2d_pu.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
i2d_pu.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -532,19 +532,19 @@ i2d_pu.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
i2d_pu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
i2d_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-i2d_pu.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
-i2d_pu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-i2d_pu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-i2d_pu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-i2d_pu.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-i2d_pu.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-i2d_pu.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-i2d_pu.o: ../../include/openssl/ui_compat.h ../cryptlib.h i2d_pu.c
+i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+i2d_pu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+i2d_pu.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+i2d_pu.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+i2d_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+i2d_pu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+i2d_pu.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rc2.h
+i2d_pu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+i2d_pu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+i2d_pu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+i2d_pu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+i2d_pu.o: ../cryptlib.h i2d_pu.c
n_pkey.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
@@ -708,13 +708,13 @@ t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
-t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
-t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c
+t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+t_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_pkey.o: ../cryptlib.h t_pkey.c
t_req.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
t_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 303fe5da8b..1be3e02298 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -1010,6 +1010,7 @@ void ERR_load_ASN1_strings(void);
#define ASN1_F_I2D_ASN1_TIME 160
#define ASN1_F_I2D_DSA_PUBKEY 161
#define ASN1_F_I2D_ECDSA_PUBKEY 174
+#define ASN1_F_I2D_EC_PUBKEY 176
#define ASN1_F_I2D_NETSCAPE_RSA 162
#define ASN1_F_I2D_PRIVATEKEY 163
#define ASN1_F_I2D_PUBLICKEY 164
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index dbb9753bb9..d64f987ac6 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -128,7 +128,8 @@ static ERR_STRING_DATA ASN1_str_functs[]=
{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"},
{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0), "i2d_ECDSA_PUBKEY"},
+{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0), "I2D_ECDSA_PUBKEY"},
+{ERR_PACK(0,ASN1_F_I2D_EC_PUBKEY,0), "i2d_EC_PUBKEY"},
{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"},
{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"},
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
index d56e5fdc6e..8d0dc27904 100644
--- a/crypto/asn1/d2i_pr.c
+++ b/crypto/asn1/d2i_pr.c
@@ -68,8 +68,8 @@
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
#endif
EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
@@ -111,9 +111,9 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
}
break;
#endif
-#ifndef OPENSSL_NO_ECDSA
- case EVP_PKEY_ECDSA:
- if ((ret->pkey.ecdsa = d2i_ECDSAPrivateKey(NULL,
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ if ((ret->pkey.eckey = d2i_ECPrivateKey(NULL,
(const unsigned char **)pp, length)) == NULL)
{
ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
@@ -154,7 +154,7 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
if(sk_ASN1_TYPE_num(inkey) == 6)
keytype = EVP_PKEY_DSA;
else if (sk_ASN1_TYPE_num(inkey) == 4)
- keytype = EVP_PKEY_ECDSA;
+ keytype = EVP_PKEY_EC;
else keytype = EVP_PKEY_RSA;
sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
return d2i_PrivateKey(keytype, a, pp, length);
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
index f66d72fd7b..cf97b83eac 100644
--- a/crypto/asn1/d2i_pu.c
+++ b/crypto/asn1/d2i_pu.c
@@ -68,8 +68,8 @@
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
#endif
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
@@ -111,10 +111,11 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
}
break;
#endif
-#ifndef OPENSSL_NO_ECDSA
- case EVP_PKEY_ECDSA:
- if ((ret->pkey.ecdsa = ECDSAPublicKey_set_octet_string(&(ret->pkey.ecdsa),
- (const unsigned char **)pp, length)) == NULL)
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ if ((ret->pkey.eckey = ECPublicKey_set_octet_string(
+ &(ret->pkey.eckey), (const unsigned char **)pp,
+ length)) == NULL)
{
ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
goto err;
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
index a40c64d3f4..bbf2a0d2d6 100644
--- a/crypto/asn1/i2d_pr.c
+++ b/crypto/asn1/i2d_pr.c
@@ -67,8 +67,8 @@
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
#endif
int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
@@ -86,10 +86,10 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
}
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (a->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ if (a->type == EVP_PKEY_EC)
{
- return(i2d_ECDSAPrivateKey(a->pkey.ecdsa, pp));
+ return(i2d_ECPrivateKey(a->pkey.eckey, pp));
}
#endif
diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
index 2fcc5554a7..85220b44d6 100644
--- a/crypto/asn1/i2d_pu.c
+++ b/crypto/asn1/i2d_pu.c
@@ -67,8 +67,8 @@
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
#endif
int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
@@ -83,9 +83,9 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
case EVP_PKEY_DSA:
return(i2d_DSAPublicKey(a->pkey.dsa,pp));
#endif
-#ifndef OPENSSL_NO_ECDSA
- case EVP_PKEY_ECDSA:
- return(ECDSAPublicKey_get_octet_string(a->pkey.ecdsa, pp));
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ return(ECPublicKey_get_octet_string(a->pkey.eckey, pp));
#endif
default:
ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
index 652b26b7b0..fb01e38d79 100644
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -70,8 +70,8 @@
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
#endif
static int print(BIO *fp,const char *str,BIGNUM *num,
@@ -257,6 +257,22 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
BIO_free(b);
return(ret);
}
+
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
+ return(0);
+ }
+ BIO_set_fp(b, fp, BIO_NOCLOSE);
+ ret = EC_KEY_print(b, x, off);
+ BIO_free(b);
+ return(ret);
+ }
#endif
int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
@@ -436,29 +452,8 @@ err:
OPENSSL_free(buffer);
return(ret);
}
-#endif /* OPENSSL_NO_EC */
-
-
-#ifndef OPENSSL_NO_ECDSA
-#ifndef OPENSSL_NO_FP_API
-int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off)
-{
- BIO *b;
- int ret;
-
- if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- ECDSAerr(ECDSA_F_ECDSA_PRINT_FP, ERR_R_BIO_LIB);
- return(0);
- }
- BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = ECDSA_print(b, x, off);
- BIO_free(b);
- return(ret);
-}
-#endif
-int ECDSA_print(BIO *bp, const ECDSA *x, int off)
+int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
{
char str[128];
unsigned char *buffer=NULL;
@@ -474,7 +469,7 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
}
if ((pub_key = EC_POINT_point2bn(x->group, x->pub_key,
- ECDSA_get_conversion_form(x), NULL, ctx)) == NULL)
+ x->conv_form, NULL, ctx)) == NULL)
{
reason = ERR_R_EC_LIB;
goto err;
@@ -516,7 +511,7 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
ret=1;
err:
if (!ret)
- ECDSAerr(ECDSA_F_ECDSA_PRINT, reason);
+ ECerr(EC_F_EC_KEY_PRINT, reason);
if (pub_key)
BN_free(pub_key);
if (ctx)
@@ -525,7 +520,7 @@ err:
OPENSSL_free(buffer);
return(ret);
}
-#endif
+#endif /* OPENSSL_NO_EC */
static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
int off)
@@ -690,26 +685,26 @@ err:
#endif /* !OPENSSL_NO_DSA */
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
#ifndef OPENSSL_NO_FP_API
-int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x)
+int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
{
BIO *b;
int ret;
if ((b=BIO_new(BIO_s_file())) == NULL)
- {
- ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
+ {
+ ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
return(0);
- }
+ }
BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = ECDSAParameters_print(b, x);
+ ret = ECParameters_print(b, x);
BIO_free(b);
return(ret);
}
#endif
-int ECDSAParameters_print(BIO *bp, const ECDSA *x)
+int ECParameters_print(BIO *bp, const EC_KEY *x)
{
int reason=ERR_R_EC_LIB, ret=0;
BIGNUM *order=NULL;
@@ -741,7 +736,7 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x)
err:
if (order)
BN_free(order);
- ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT, reason);
+ ECerr(EC_F_ECPARAMETERS_PRINT, reason);
return(ret);
}
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
index bfa58cc967..7cf09a4646 100644
--- a/crypto/asn1/t_req.c
+++ b/crypto/asn1/t_req.c
@@ -134,11 +134,11 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
}
else
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey != NULL && pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ if (pkey != NULL && pkey->type == EVP_PKEY_EC)
{
- BIO_printf(bp, "%12sECDSA Public Key: \n","");
- ECDSA_print(bp, pkey->pkey.ecdsa, 16);
+ BIO_printf(bp, "%12sEC Public Key: \n","");
+ EC_KEY_print(bp, pkey->pkey.eckey, 16);
}
else
#endif
diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c
index 86821119d8..499e12834a 100644
--- a/crypto/asn1/t_spki.c
+++ b/crypto/asn1/t_spki.c
@@ -93,11 +93,11 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
}
else
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
{
- BIO_printf(out, " ECDSA Public Key:\n");
- ECDSA_print(out, pkey->pkey.ecdsa,2);
+ BIO_printf(out, " EC Public Key:\n");
+ EC_KEY_print(out, pkey->pkey.eckey,2);
}
else
#endif
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
index ae6d5ce041..5074a74928 100644
--- a/crypto/asn1/t_x509.c
+++ b/crypto/asn1/t_x509.c
@@ -66,8 +66,8 @@
#ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h>
#endif
-#ifndef OPENSSL_NO_ECDSA
-#include <openssl/ecdsa.h>
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
#endif
#include <openssl/objects.h>
#include <openssl/x509.h>
@@ -232,11 +232,11 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
}
else
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
{
- BIO_printf(bp, "%12sECDSA Public Key:\n","");
- ECDSA_print(bp, pkey->pkey.ecdsa, 16);
+ BIO_printf(bp, "%12sEC Public Key:\n","");
+ EC_KEY_print(bp, pkey->pkey.eckey, 16);
}
else
#endif
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index 68ddeb43f2..c32a6eaa49 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -129,14 +129,14 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
OPENSSL_free(p);
}
#endif
-#ifndef OPENSSL_NO_ECDSA
- else if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ else if (pkey->type == EVP_PKEY_EC)
{
int nid=0;
unsigned char *pp;
- ECDSA *ecdsa;
+ EC_KEY *eckey;
- ecdsa = pkey->pkey.ecdsa;
+ eckey = pkey->pkey.eckey;
ASN1_TYPE_free(a->parameter);
if ((a->parameter = ASN1_TYPE_new()) == NULL)
@@ -145,8 +145,8 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
goto err;
}
- if (EC_GROUP_get_asn1_flag(ecdsa->group)
- && (nid = EC_GROUP_get_nid(ecdsa->group)))
+ if (EC_GROUP_get_asn1_flag(eckey->group)
+ && (nid = EC_GROUP_get_nid(eckey->group)))
{
/* just set the OID */
a->parameter->type = V_ASN1_OBJECT;
@@ -154,9 +154,9 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
}
else /* explicit parameters */
{
- if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0)
+ if ((i = i2d_ECParameters(eckey, NULL)) == 0)
{
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB);
+ X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
goto err;
}
if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
@@ -165,9 +165,9 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
goto err;
}
pp = p;
- if (!i2d_ECDSAParameters(ecdsa, &pp))
+ if (!i2d_ECParameters(eckey, &pp))
{
- X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB);
+ X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
OPENSSL_free(p);
goto err;
}
@@ -277,24 +277,25 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
ret->save_parameters=1;
}
#endif
-#ifndef OPENSSL_NO_ECDSA
- else if (ret->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ else if (ret->type == EVP_PKEY_EC)
{
if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
{
/* type == V_ASN1_SEQUENCE => we have explicit parameters
* (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
*/
- if ((ret->pkey.ecdsa= ECDSA_new()) == NULL)
+ if ((ret->pkey.eckey= EC_KEY_new()) == NULL)
{
- X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
+ X509err(X509_F_X509_PUBKEY_GET,
+ ERR_R_MALLOC_FAILURE);
goto err;
}
cp = p = a->parameter->value.sequence->data;
j = a->parameter->value.sequence->length;
- if (!d2i_ECDSAParameters(&ret->pkey.ecdsa, &cp, (long)j))
+ if (!d2i_ECParameters(&ret->pkey.eckey, &cp, (long)j))
{
- X509err(X509_F_X509_PUBKEY_GET, ERR_R_ECDSA_LIB);
+ X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
goto err;
}
}
@@ -303,16 +304,16 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
/* type == V_ASN1_OBJECT => the parameters are given
* by an asn1 OID
*/
- ECDSA *ecdsa;
- if (ret->pkey.ecdsa == NULL)
- ret->pkey.ecdsa = ECDSA_new();
- ecdsa = ret->pkey.ecdsa;
- if (ecdsa->group)
- EC_GROUP_free(ecdsa->group);
- if ((ecdsa->group = EC_GROUP_new_by_name(
+ EC_KEY *eckey;
+ if (ret->pkey.eckey == NULL)
+ ret->pkey.eckey = EC_KEY_new();
+ eckey = ret->pkey.eckey;
+ if (eckey->group)
+ EC_GROUP_free(eckey->group);
+ if ((eckey->group = EC_GROUP_new_by_nid(
OBJ_obj2nid(a->parameter->value.object))) == NULL)
goto err;
- EC_GROUP_set_asn1_flag(ecdsa->group,
+ EC_GROUP_set_asn1_flag(eckey->group,
OPENSSL_EC_NAMED_CURVE);
}
/* the case implicitlyCA is currently not implemented */
@@ -453,38 +454,38 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
}
#endif
-#ifndef OPENSSL_NO_ECDSA
-ECDSA *d2i_ECDSA_PUBKEY(ECDSA **a, unsigned char **pp, long length)
+#ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp, long length)
{
EVP_PKEY *pkey;
- ECDSA *key;
+ EC_KEY *key;
unsigned char *q;
q = *pp;
pkey = d2i_PUBKEY(NULL, &q, length);
if (!pkey) return(NULL);
- key = EVP_PKEY_get1_ECDSA(pkey);
+ key = EVP_PKEY_get1_EC_KEY(pkey);
EVP_PKEY_free(pkey);
if (!key) return(NULL);
*pp = q;
if (a)
{
- ECDSA_free(*a);
+ EC_KEY_free(*a);
*a = key;
}
return(key);
}
-int i2d_ECDSA_PUBKEY(ECDSA *a, unsigned char **pp)
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
int ret;
if (!a) return(0);
if ((pktmp = EVP_PKEY_new()) == NULL)
{
- ASN1err(ASN1_F_I2D_ECDSA_PUBKEY, ERR_R_MALLOC_FAILURE);
+ ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
return(0);
}
- EVP_PKEY_set1_ECDSA(pktmp, a);
+ EVP_PKEY_set1_EC_KEY(pktmp, a);
ret = i2d_PUBKEY(pktmp, pp);
EVP_PKEY_free(pktmp);
return(ret);
diff --git a/crypto/ec/Makefile.ssl b/crypto/ec/Makefile.ssl
index fbc80ff05e..d183f679c4 100644
--- a/crypto/ec/Makefile.ssl
+++ b/crypto/ec/Makefile.ssl
@@ -23,12 +23,12 @@ TEST=ectest.c
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \
- ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c \
+LIBSRC= ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c\
+ ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\
ec2_smpl.c ec2_smpt.c ec2_mult.c
-LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \
- ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o \
+LIBOBJ= ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o\
+ ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\
ec2_smpl.o ec2_mult.o
SRC= $(LIBSRC)
@@ -142,6 +142,14 @@ ec_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ec_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ec_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ec_err.o: ec_err.c
+ec_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ec_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ec_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ec_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ec_key.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ec_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_key.o: ../../include/openssl/symhacks.h ec_key.c ec_lcl.h
ec_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ec_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ec_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h
index ff9af9f8e4..4a1787f0b7 100644
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -334,21 +334,8 @@ int EC_GROUP_precompute_mult(EC_GROUP *, BN_CTX *);
/* ASN1 stuff */
#define OPENSSL_EC_NAMED_CURVE 0x001
-typedef struct ec_parameters_st ECPARAMETERS;
typedef struct ecpk_parameters_st ECPKPARAMETERS;
-DECLARE_ASN1_ITEM(ECPARAMETERS)
-DECLARE_ASN1_ITEM(ECPKPARAMETERS)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPARAMETERS, ECPARAMETERS)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
-
-EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *);
-ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *, ECPKPARAMETERS *);
-
-
-EC_GROUP *d2i_ECParameters(EC_GROUP **, const unsigned char **in, long len);
-int i2d_ECParameters(const EC_GROUP *, unsigned char **out);
-
EC_GROUP *d2i_ECPKParameters(EC_GROUP **, const unsigned char **in, long len);
int i2d_ECPKParameters(const EC_GROUP *, unsigned char **out);
@@ -368,18 +355,65 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off);
int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off);
#endif
-/* SEC1 ECPrivateKey */
-typedef struct ec_privatekey_st {
- int version;
- ASN1_OCTET_STRING *privateKey;
- ECPKPARAMETERS *parameters;
- ASN1_BIT_STRING *publicKey;
- } EC_PRIVATEKEY;
+/* the EC_KEY stuff */
+typedef struct ec_key_st EC_KEY;
+
+typedef struct ec_key_meth_data_st {
+ int (*init)(EC_KEY *);
+ void (*finish)(EC_KEY *);
+ } EC_KEY_METH_DATA;
+
+struct ec_key_st {
+ int version;
+
+ EC_GROUP *group;
+
+ EC_POINT *pub_key;
+ BIGNUM *priv_key;
+
+ unsigned int enc_flag;
+ point_conversion_form_t conv_form;
+
+ int references;
-DECLARE_ASN1_ITEM(EC_PRIVATEKEY)
-DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
+ EC_KEY_METH_DATA *meth_data;
+ }/* EC_KEY */;
+/* some values for the encoding_flag */
+#define EC_PKEY_NO_PARAMETERS 0x001
+#define EC_PKEY_NO_PUBKEY 0x002
+
+EC_KEY *EC_KEY_new(void);
+void EC_KEY_free(EC_KEY *);
+EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
+EC_KEY *EC_KEY_dup(const EC_KEY *);
+
+/* EC_KEY_generate_key() creates a ec private (public) key */
+int EC_KEY_generate_key(EC_KEY *);
+/* EC_KEY_check_key() */
+int EC_KEY_check_key(const EC_KEY *);
+
+/* de- and encode functions for the SEC1 ECPrivateKey */
+EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len);
+int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out);
+/* de- and encode functions for the elliptic curve parameters */
+EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len);
+int i2d_ECParameters(EC_KEY *a, unsigned char **out);
+
+EC_KEY *ECPublicKey_set_octet_string(EC_KEY **a, const unsigned char **in,
+ long len);
+int ECPublicKey_get_octet_string(EC_KEY *a, unsigned char **out);
+
+#ifndef OPENSSL_NO_BIO
+int ECParameters_print(BIO *bp, const EC_KEY *x);
+int EC_KEY_print(BIO *bp, const EC_KEY *x, int off);
+#endif
+#ifndef OPENSSL_NO_FP_API
+int ECParameters_print_fp(FILE *fp, const EC_KEY *x);
+int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off);
+#endif
+#define ECParameters_dup(x) (EC_KEY *)ASN1_dup((int (*)())i2d_ECParameters,\
+ (char *(*)())d2i_ECParameters,(char *)(x))
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -391,11 +425,15 @@ void ERR_load_EC_strings(void);
/* Function codes. */
#define EC_F_COMPUTE_WNAF 143
-#define EC_F_D2I_ECDSAPARAMETERS 154
#define EC_F_D2I_ECPARAMETERS 155
#define EC_F_D2I_ECPKPARAMETERS 161
+#define EC_F_D2I_ECPRIVATEKEY 168
+#define EC_F_ECPARAMETERS_PRINT 173
+#define EC_F_ECPARAMETERS_PRINT_FP 174
#define EC_F_ECPKPARAMETERS_PRINT 166
#define EC_F_ECPKPARAMETERS_PRINT_FP 167
+#define EC_F_ECPUBLICKEY_GET_OCTET 170
+#define EC_F_ECPUBLICKEY_SET_OCTET 171
#define EC_F_EC_ASN1_GROUP2CURVE 159
#define EC_F_EC_ASN1_GROUP2FIELDID 156
#define EC_F_EC_ASN1_GROUP2PARAMETERS 160
@@ -419,9 +457,9 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
#define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
#define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
-#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 105
-#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 128
-#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 129
+#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 105
+#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 128
+#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 129
#define EC_F_EC_GROUP_CHECK 150
#define EC_F_EC_GROUP_CHECK_DISCRIMINANT 153
#define EC_F_EC_GROUP_COPY 106
@@ -443,6 +481,12 @@ void ERR_load_EC_strings(void);
#define EC_F_EC_GROUP_SET_CURVE_GFP 109
#define EC_F_EC_GROUP_SET_EXTRA_DATA 110
#define EC_F_EC_GROUP_SET_GENERATOR 111
+#define EC_F_EC_KEY_CHECK_KEY 184
+#define EC_F_EC_KEY_COPY 186
+#define EC_F_EC_KEY_GENERATE_KEY 185
+#define EC_F_EC_KEY_PRINT 175
+#define EC_F_EC_KEY_PRINT_FP 176
+#define EC_F_EC_NEW 172
#define EC_F_EC_POINTS_MAKE_AFFINE 136
#define EC_F_EC_POINTS_MUL 138
#define EC_F_EC_POINT_ADD 112
@@ -471,6 +515,7 @@ void ERR_load_EC_strings(void);
#define EC_F_I2D_ECDSAPARAMETERS 158
#define EC_F_I2D_ECPARAMETERS 164
#define EC_F_I2D_ECPKPARAMETERS 165
+#define EC_F_I2D_ECPRIVATEKEY 169
/* Reason codes. */
#define EC_R_ASN1_ERROR 130
@@ -493,7 +538,9 @@ void ERR_load_EC_strings(void);
#define EC_R_INVALID_FIELD 103
#define EC_R_INVALID_FORM 104
#define EC_R_INVALID_GROUP_ORDER 119
+#define EC_R_INVALID_PRIVATE_KEY 139
#define EC_R_MISSING_PARAMETERS 127
+#define EC_R_MISSING_PRIVATE_KEY 138
#define EC_R_NOT_IMPLEMENTED 136
#define EC_R_NOT_INITIALIZED 111
#define EC_R_NO_SUCH_EXTRA_DATA 105
@@ -508,6 +555,7 @@ void ERR_load_EC_strings(void);
#define EC_R_UNKNOWN_NID 117
#define EC_R_UNKNOWN_ORDER 114
#define EC_R_UNKNOWN_PARAMETERS_TYPE 129
+#define EC_R_WRONG_ORDER 140
#ifdef __cplusplus
}
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 90b64b0e04..bb81cfb3c3 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -82,14 +82,14 @@ typedef struct x9_62_curve_st {
ASN1_BIT_STRING *seed;
} X9_62_CURVE;
-struct ec_parameters_st {
+typedef struct ec_parameters_st {
ASN1_INTEGER *version;
X9_62_FIELDID *fieldID;
X9_62_CURVE *curve;
ASN1_OCTET_STRING *base;
ASN1_INTEGER *order;
ASN1_INTEGER *cofactor;
- }/* ECPARAMETERS */;
+ } ECPARAMETERS;
struct ecpk_parameters_st {
int type;
@@ -100,6 +100,14 @@ struct ecpk_parameters_st {
} value;
}/* ECPKPARAMETERS */;
+/* SEC1 ECPrivateKey */
+typedef struct ec_privatekey_st {
+ int version;
+ ASN1_OCTET_STRING *privateKey;
+ ECPKPARAMETERS *parameters;
+ ASN1_BIT_STRING *publicKey;
+ } EC_PRIVATEKEY;
+
/* the OpenSSL asn1 definitions */
ASN1_SEQUENCE(X9_62_FIELDID) = {
@@ -151,6 +159,7 @@ ASN1_SEQUENCE(ECPARAMETERS) = {
} ASN1_SEQUENCE_END(ECPARAMETERS)
DECLARE_ASN1_FUNCTIONS_const(ECPARAMETERS)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPARAMETERS, ECPARAMETERS)
IMPLEMENT_ASN1_FUNCTIONS_const(ECPARAMETERS)
ASN1_CHOICE(ECPKPARAMETERS) = {
@@ -160,15 +169,18 @@ ASN1_CHOICE(ECPKPARAMETERS) = {
} ASN1_CHOICE_END(ECPKPARAMETERS)
DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
ASN1_SEQUENCE(EC_PRIVATEKEY) = {
ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
- ASN1_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS),
- ASN1_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING)
+ ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
+ ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
} ASN1_SEQUENCE_END(EC_PRIVATEKEY)
+DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
/* some internal functions */
@@ -178,6 +190,8 @@ static X9_62_CURVE *ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,
ECPARAMETERS *);
+EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *);
+ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *, ECPKPARAMETERS *);
static X9_62_FIELDID *ec_asn1_group2field(const EC_GROUP *group,
X9_62_FIELDID *field)
@@ -786,34 +800,7 @@ EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *params)
return ret;
}
-/* EC_GROUP <-> DER encoding of EC[PK]PARAMETERS */
-
-EC_GROUP *d2i_ECParameters(EC_GROUP **a, const unsigned char **in, long len)
- {
- EC_GROUP *group = NULL;
- ECPARAMETERS *params = NULL;
-
- if ((params = d2i_ECPARAMETERS(NULL, in, len)) == NULL)
- {
- ECerr(EC_F_D2I_ECPARAMETERS, EC_R_D2I_ECPARAMETERS_FAILURE);
- ECPARAMETERS_free(params);
- return NULL;
- }
-
- if ((group = ec_asn1_parameters2group(params)) == NULL)
- {
- ECerr(EC_F_D2I_ECPARAMETERS, EC_R_PARAMETERS2GROUP_FAILURE);
- return NULL;
- }
-
- if (a && *a)
- EC_GROUP_clear_free(*a);
- if (a)
- *a = group;
-
- ECPARAMETERS_free(params);
- return(group);
- }
+/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
{
@@ -843,40 +830,346 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
return(group);
}
-int i2d_ECParameters(const EC_GROUP *a, unsigned char **out)
+int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
{
int ret=0;
- ECPARAMETERS *tmp = ec_asn1_group2parameters(a, NULL);
+ ECPKPARAMETERS *tmp = EC_ASN1_group2pkparameters(a, NULL);
if (tmp == NULL)
{
- ECerr(EC_F_I2D_ECPARAMETERS, EC_R_GROUP2PARAMETERS_FAILURE);
+ ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
return 0;
}
- if ((ret = i2d_ECPARAMETERS(tmp, out)) == 0)
+ if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0)
{
- ECerr(EC_F_I2D_ECPARAMETERS, EC_R_I2D_EC_PARAMETERS_FAILURE);
- ECPARAMETERS_free(tmp);
+ ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
+ ECPKPARAMETERS_free(tmp);
return 0;
}
- ECPARAMETERS_free(tmp);
+ ECPKPARAMETERS_free(tmp);
return(ret);
}
-int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
+/* some EC_KEY functions */
+
+EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
{
- int ret=0;
- ECPKPARAMETERS *tmp = EC_ASN1_group2pkparameters(a, NULL);
- if (tmp == NULL)
+ int ok=0;
+ EC_KEY *ret=NULL;
+ EC_PRIVATEKEY *priv_key=NULL;
+
+ if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
{
- ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ EC_PRIVATEKEY_free(priv_key);
+ return NULL;
+ }
+
+ if (a == NULL || *a == NULL)
+ {
+ if ((ret = EC_KEY_new()) == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (a)
+ *a = ret;
+ }
+ else
+ ret = *a;
+
+ if (priv_key->parameters)
+ {
+ if (ret->group)
+ EC_GROUP_clear_free(ret->group);
+ ret->group = EC_ASN1_pkparameters2group(priv_key->parameters);
+ }
+
+ if (ret->group == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+
+ ret->version = priv_key->version;
+
+ if (priv_key->privateKey)
+ {
+ ret->priv_key = BN_bin2bn(
+ M_ASN1_STRING_data(priv_key->privateKey),
+ M_ASN1_STRING_length(priv_key->privateKey),
+ ret->priv_key);
+ if (ret->priv_key == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY,
+ ERR_R_BN_LIB);
+ goto err;
+ }
+ }
+ else
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY,
+ EC_R_MISSING_PRIVATE_KEY);
+ goto err;
+ }
+
+ if (priv_key->publicKey)
+ {
+ if (ret->pub_key)
+ EC_POINT_clear_free(ret->pub_key);
+ ret->pub_key = EC_POINT_new(ret->group);
+ if (ret->pub_key == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (!EC_POINT_oct2point(ret->group, ret->pub_key,
+ M_ASN1_STRING_data(priv_key->publicKey),
+ M_ASN1_STRING_length(priv_key->publicKey), NULL))
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+
+ ok = 1;
+err:
+ if (!ok)
+ {
+ if (ret)
+ EC_KEY_free(ret);
+ ret = NULL;
+ }
+
+ if (priv_key)
+ EC_PRIVATEKEY_free(priv_key);
+
+ return(ret);
+ }
+
+int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
+ {
+ int ret=0, ok=0;
+ unsigned char *buffer=NULL;
+ size_t buf_len=0, tmp_len;
+ EC_PRIVATEKEY *priv_key=NULL;
+
+ if (a == NULL || a->group == NULL || a->priv_key == NULL)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY,
+ ERR_R_PASSED_NULL_PARAMETER);
+ goto err;
+ }
+
+ if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ priv_key->version = a->version;
+
+ buf_len = (size_t)BN_num_bytes(a->priv_key);
+ buffer = OPENSSL_malloc(buf_len);
+ if (buffer == NULL)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!BN_bn2bin(a->priv_key, buffer))
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
+ goto err;
+ }
+
+ if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len))
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
+ goto err;
+ }
+
+ if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS))
+ {
+ if ((priv_key->parameters = EC_ASN1_group2pkparameters(
+ a->group, priv_key->parameters)) == NULL)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+
+ if (!(a->enc_flag & EC_PKEY_NO_PUBKEY))
+ {
+ priv_key->publicKey = M_ASN1_BIT_STRING_new();
+ if (priv_key->publicKey == NULL)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
+ a->conv_form, NULL, 0, NULL);
+
+ if (tmp_len > buf_len)
+ buffer = OPENSSL_realloc(buffer, tmp_len);
+ if (buffer == NULL)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ buf_len = tmp_len;
+
+ if (!EC_POINT_point2oct(a->group, a->pub_key,
+ a->conv_form, buffer, buf_len, NULL))
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+
+ if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
+ buf_len))
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+
+ if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0)
+ {
+ ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ ok=1;
+err:
+ if (buffer)
+ OPENSSL_free(buffer);
+ if (priv_key)
+ EC_PRIVATEKEY_free(priv_key);
+ return(ok?ret:0);
+ }
+
+int i2d_ECParameters(EC_KEY *a, unsigned char **out)
+ {
+ if (a == NULL)
+ {
+ ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0)
+ return i2d_ECPKParameters(a->group, out);
+ }
+
+EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
+ {
+ EC_GROUP *group;
+ EC_KEY *ret;
+
+ if (in == NULL || *in == NULL)
{
- ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
- ECPKPARAMETERS_free(tmp);
+ ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+
+ group = d2i_ECPKParameters(NULL, in, len);
+
+ if (group == NULL)
+ {
+ ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
+ return NULL;
+ }
+
+ if (a == NULL || *a == NULL)
+ {
+ if ((ret = EC_KEY_new()) == NULL)
+ {
+ ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+ if (a)
+ *a = ret;
+ }
+ else
+ ret = *a;
+
+ if (ret->group)
+ EC_GROUP_clear_free(ret->group);
+
+ ret->group = group;
+
+ return ret;
+ }
+
+EC_KEY *ECPublicKey_set_octet_string(EC_KEY **a, const unsigned char **in,
+ long len)
+ {
+ EC_KEY *ret=NULL;
+
+ if (a == NULL || (*a) == NULL || (*a)->group == NULL)
+ {
+ /* sorry, but a EC_GROUP-structur is necessary
+ * to set the public key */
+ ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_PASSED_NULL_PARAMETER);
return 0;
- }
- ECPKPARAMETERS_free(tmp);
- return(ret);
+ }
+ ret = *a;
+ if (ret->pub_key == NULL &&
+ (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
+ {
+ ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
+ {
+ ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_EC_LIB);
+ return 0;
+ }
+ /* save the point conversion form */
+ ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01);
+ return ret;
+ }
+
+int ECPublicKey_get_octet_string(EC_KEY *a, unsigned char **out)
+ {
+ size_t buf_len=0;
+
+ if (a == NULL)
+ {
+ ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+
+ buf_len = EC_POINT_point2oct(a->group, a->pub_key,
+ a->conv_form, NULL, 0, NULL);
+
+ if (out == NULL || buf_len == 0)
+ /* out == NULL => just return the length of the octet string */
+ return buf_len;
+
+ if (*out == NULL)
+ if ((*out = OPENSSL_malloc(buf_len)) == NULL)
+ {
+ ECerr(EC_F_ECPUBLICKEY_GET_OCTET,
+ ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
+ *out, buf_len, NULL))
+ {
+ ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_EC_LIB);
+ OPENSSL_free(*out);
+ *out = NULL;
+ return 0;
+ }
+ return buf_len;
}
diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index c5ff12b366..8626ef0d3a 100644
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -67,17 +67,21 @@
static ERR_STRING_DATA EC_str_functs[]=
{
{ERR_PACK(0,EC_F_COMPUTE_WNAF,0), "COMPUTE_WNAF"},
-{ERR_PACK(0,EC_F_D2I_ECDSAPARAMETERS,0), "d2i_ECDSAParameters"},
{ERR_PACK(0,EC_F_D2I_ECPARAMETERS,0), "d2i_ECParameters"},
{ERR_PACK(0,EC_F_D2I_ECPKPARAMETERS,0), "d2i_ECPKParameters"},
+{ERR_PACK(0,EC_F_D2I_ECPRIVATEKEY,0), "d2i_ECPrivateKey"},
+{ERR_PACK(0,EC_F_ECPARAMETERS_PRINT,0), "ECParameters_print"},
+{ERR_PACK(0,EC_F_ECPARAMETERS_PRINT_FP,0), "ECParameters_print_fp"},
{ERR_PACK(0,EC_F_ECPKPARAMETERS_PRINT,0), "ECPKParameters_print"},
{ERR_PACK(0,EC_F_ECPKPARAMETERS_PRINT_FP,0), "ECPKParameters_print_fp"},
+{ERR_PACK(0,EC_F_ECPUBLICKEY_GET_OCTET,0), "ECPUBLICKEY_GET_OCTET"},
+{ERR_PACK(0,EC_F_ECPUBLICKEY_SET_OCTET,0), "ECPUBLICKEY_SET_OCTET"},
{ERR_PACK(0,EC_F_EC_ASN1_GROUP2CURVE,0), "EC_ASN1_GROUP2CURVE"},
{ERR_PACK(0,EC_F_EC_ASN1_GROUP2FIELDID,0), "EC_ASN1_GROUP2FIELDID"},
{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PARAMETERS,0), "EC_ASN1_GROUP2PARAMETERS"},
-{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PKPARAMETERS,0), "EC_ASN1_group2pkparameters"},
+{ERR_PACK(0,EC_F_EC_ASN1_GROUP2PKPARAMETERS,0), "EC_ASN1_GROUP2PKPARAMETERS"},
{ERR_PACK(0,EC_F_EC_ASN1_PARAMETERS2GROUP,0), "EC_ASN1_PARAMETERS2GROUP"},
-{ERR_PACK(0,EC_F_EC_ASN1_PKPARAMETERS2GROUP,0), "EC_ASN1_pkparameters2group"},
+{ERR_PACK(0,EC_F_EC_ASN1_PKPARAMETERS2GROUP,0), "EC_ASN1_PKPARAMETERS2GROUP"},
{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT,0), "ec_GF2m_simple_group_check_discriminant"},
{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_OCT2POINT,0), "ec_GF2m_simple_oct2point"},
{ERR_PACK(0,EC_F_EC_GF2M_SIMPLE_POINT2OCT,0), "ec_GF2m_simple_point2oct"},
@@ -119,12 +123,19 @@ static ERR_STRING_DATA EC_str_functs[]=
{ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0), "EC_GROUP_set_curve_GFp"},
{ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0), "EC_GROUP_set_extra_data"},
{ERR_PACK(0,EC_F_EC_GROUP_SET_GENERATOR,0), "EC_GROUP_set_generator"},
+{ERR_PACK(0,EC_F_EC_KEY_CHECK_KEY,0), "EC_KEY_check_key"},
+{ERR_PACK(0,EC_F_EC_KEY_COPY,0), "EC_KEY_copy"},
+{ERR_PACK(0,EC_F_EC_KEY_GENERATE_KEY,0), "EC_KEY_generate_key"},
+{ERR_PACK(0,EC_F_EC_KEY_PRINT,0), "EC_KEY_print"},
+{ERR_PACK(0,EC_F_EC_KEY_PRINT_FP,0), "EC_KEY_print_fp"},
+{ERR_PACK(0,EC_F_EC_NEW,0), "EC_NEW"},
{ERR_PACK(0,EC_F_EC_POINTS_MAKE_AFFINE,0), "EC_POINTs_make_affine"},
{ERR_PACK(0,EC_F_EC_POINTS_MUL,0), "EC_POINTs_mul"},
{ERR_PACK(0,EC_F_EC_POINT_ADD,0), "EC_POINT_add"},
{ERR_PACK(0,EC_F_EC_POINT_CMP,0), "EC_POINT_cmp"},
{ERR_PACK(0,EC_F_EC_POINT_COPY,0), "EC_POINT_copy"},
{ERR_PACK(0,EC_F_EC_POINT_DBL,0), "EC_POINT_dbl"},
+{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M,0), "EC_POINT_get_affine_coordinates_GF2m"},
{ERR_PACK(0,EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP,0), "EC_POINT_get_affine_coordinates_GFp"},
{ERR_PACK(0,EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP,0), "EC_POINT_get_Jprojective_coordinates_GFp"},
{ERR_PACK(0,EC_F_EC_POINT_IS_AT_INFINITY,0), "EC_POINT_is_at_infinity"},
@@ -143,9 +154,10 @@ static ERR_STRING_DATA EC_str_functs[]=
{ERR_PACK(0,EC_F_EC_WNAF_MUL,0), "ec_wNAF_mul"},
{ERR_PACK(0,EC_F_EC_WNAF_PRECOMPUTE_MULT,0), "ec_wNAF_precompute_mult"},
{ERR_PACK(0,EC_F_GFP_MONT_GROUP_SET_CURVE,0), "GFP_MONT_GROUP_SET_CURVE"},
-{ERR_PACK(0,EC_F_I2D_ECDSAPARAMETERS,0), "i2d_ECDSAParameters"},
+{ERR_PACK(0,EC_F_I2D_ECDSAPARAMETERS,0), "I2D_ECDSAPARAMETERS"},
{ERR_PACK(0,EC_F_I2D_ECPARAMETERS,0), "i2d_ECParameters"},
{ERR_PACK(0,EC_F_I2D_ECPKPARAMETERS,0), "i2d_ECPKParameters"},
+{ERR_PACK(0,EC_F_I2D_ECPRIVATEKEY,0), "i2d_ECPrivateKey"},
{0,NULL}
};
@@ -171,7 +183,9 @@ static ERR_STRING_DATA EC_str_reasons[]=
{EC_R_INVALID_FIELD ,"invalid field"},
{EC_R_INVALID_FORM ,"invalid form"},
{EC_R_INVALID_GROUP_ORDER ,"invalid group order"},
+{EC_R_INVALID_PRIVATE_KEY ,"invalid private key"},
{EC_R_MISSING_PARAMETERS ,"missing parameters"},
+{EC_R_MISSING_PRIVATE_KEY ,"missing private key"},
{EC_R_NOT_IMPLEMENTED ,"not implemented"},
{EC_R_NOT_INITIALIZED ,"not initialized"},
{EC_R_NO_SUCH_EXTRA_DATA ,"no such extra data"},
@@ -186,6 +200,7 @@ static ERR_STRING_DATA EC_str_reasons[]=
{EC_R_UNKNOWN_NID ,"unknown nid"},
{EC_R_UNKNOWN_ORDER ,"unknown order"},
{EC_R_UNKNOWN_PARAMETERS_TYPE ,"unknown parameters type"},
+{EC_R_WRONG_ORDER ,"wrong order"},
{0,NULL}
};
diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
new file mode 100644
index 0000000000..790d930225
--- /dev/null
+++ b/crypto/ec/ec_key.c
@@ -0,0 +1,354 @@
+/* crypto/ec/ec_key.c */
+/*
+ * Written by Nils Larsch for the OpenSSL project.
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ec_lcl.h"
+#include <openssl/err.h>
+
+EC_KEY *EC_KEY_new(void)
+ {
+ EC_KEY *ret;
+
+ ret=(EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY));
+ if (ret == NULL)
+ {
+ ECerr(EC_F_EC_NEW, ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ ret->version = 1;
+ ret->group = NULL;
+ ret->pub_key = NULL;
+ ret->priv_key= NULL;
+ ret->enc_flag= 0;
+ ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
+ ret->references= 1;
+ ret->meth_data = NULL;
+ return(ret);
+ }
+
+
+void EC_KEY_free(EC_KEY *r)
+ {
+ int i;
+
+ if (r == NULL) return;
+
+ i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_EC);
+#ifdef REF_PRINT
+ REF_PRINT("EC_KEY",r);
+#endif
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"EC_KEY_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (r->group != NULL)
+ EC_GROUP_free(r->group);
+ if (r->pub_key != NULL)
+ EC_POINT_free(r->pub_key);
+ if (r->priv_key != NULL)
+ BN_clear_free(r->priv_key);
+
+ if (r->meth_data && r->meth_data->finish)
+ r->meth_data->finish(r);
+
+ memset((void *)r, 0x0, sizeof(EC_KEY));
+
+ OPENSSL_free(r);
+ }
+
+EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
+ {
+ if (dest == NULL || src == NULL)
+ {
+ ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
+ return NULL;
+ }
+ /* copy the parameters */
+ if (src->group)
+ {
+ const EC_METHOD *meth = EC_GROUP_method_of(src->group);
+ /* clear the old group */
+ if (dest->group)
+ EC_GROUP_free(dest->group);
+ dest->group = EC_GROUP_new(meth);
+ if (dest->group == NULL)
+ return NULL;
+ if (!EC_GROUP_copy(dest->group, src->group))
+ return NULL;
+ }
+ /* copy the public key */
+ if (src->pub_key && src->group)
+ {
+ if (dest->pub_key)
+ EC_POINT_free(dest->pub_key);
+ dest->pub_key = EC_POINT_new(src->group);
+ if (dest->pub_key == NULL)
+ return NULL;
+ if (!EC_POINT_copy(dest->pub_key, src->pub_key))
+ return NULL;
+ }
+ /* copy the private key */
+ if (src->priv_key)
+ {
+ if (dest->priv_key == NULL)
+ {
+ dest->priv_key = BN_new();
+ if (dest->priv_key == NULL)
+ return NULL;
+ }
+ if (!BN_copy(dest->priv_key, src->priv_key))
+ return NULL;
+ }
+ /* copy the rest */
+ dest->enc_flag = src->enc_flag;
+ dest->conv_form = src->conv_form;
+ dest->version = src->version;
+
+ return dest;
+ }
+
+EC_KEY *EC_KEY_dup(const EC_KEY *eckey)
+ {
+ EC_KEY *ret = NULL;
+ int ok = 1;
+
+ ret = EC_KEY_new();
+ if (ret == NULL)
+ return NULL;
+ /* copy the parameters */
+ if (eckey->group)
+ {
+ ret->group = EC_GROUP_dup(eckey->group);
+ if (ret->group == NULL)
+ ok = 0;
+ }
+ /* copy the public key */
+ if (eckey->pub_key && eckey->group)
+ {
+ ret->pub_key = EC_POINT_dup(eckey->pub_key, eckey->group);
+ if (ret->pub_key == NULL)
+ ok = 0;
+ }
+ /* copy the private key */
+ if (eckey->priv_key)
+ {
+ ret->priv_key = BN_dup(ret->priv_key);
+ if (ret->priv_key == NULL)
+ ok = 0;
+ }
+ /* copy the rest */
+ ret->enc_flag = eckey->enc_flag;
+ ret->conv_form = eckey->conv_form;
+ ret->version = eckey->version;
+
+ if (!ok)
+ {
+ EC_KEY_free(ret);
+ ret = NULL;
+ }
+
+ return ret;
+ }
+
+int EC_KEY_generate_key(EC_KEY *eckey)
+ {
+ int ok = 0;
+ BN_CTX *ctx = NULL;
+ BIGNUM *priv_key = NULL, *order = NULL;
+ EC_POINT *pub_key = NULL;
+
+ if (!eckey || !eckey->group)
+ {
+ ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+
+ if ((order = BN_new()) == NULL) goto err;
+ if ((ctx = BN_CTX_new()) == NULL) goto err;
+
+ if (eckey->priv_key == NULL)
+ {
+ priv_key = BN_new();
+ if (priv_key == NULL)
+ goto err;
+ }
+ else
+ priv_key = eckey->priv_key;
+
+ if (!EC_GROUP_get_order(eckey->group, order, ctx))
+ goto err;
+
+ do
+ if (!BN_rand_range(priv_key, order))
+ goto err;
+ while (BN_is_zero(priv_key));
+
+ if (eckey->pub_key == NULL)
+ {
+ pub_key = EC_POINT_new(eckey->group);
+ if (pub_key == NULL)
+ goto err;
+ }
+ else
+ pub_key = eckey->pub_key;
+
+ if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx))
+ goto err;
+
+ eckey->priv_key = priv_key;
+ eckey->pub_key = pub_key;
+
+ ok=1;
+
+err:
+ if (order)
+ BN_free(order);
+ if (pub_key != NULL && eckey->pub_key == NULL)
+ EC_POINT_free(pub_key);
+ if (priv_key != NULL && eckey->priv_key == NULL)
+ BN_free(priv_key);
+ if (ctx != NULL)
+ BN_CTX_free(ctx);
+ return(ok);
+ }
+
+int EC_KEY_check_key(const EC_KEY *eckey)
+ {
+ int ok = 0;
+ BN_CTX *ctx = NULL;
+ BIGNUM *order = NULL;
+ EC_POINT *point = NULL;
+
+ if (!eckey || !eckey->group || !eckey->pub_key)
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
+ return 0;
+ }
+
+ if ((ctx = BN_CTX_new()) == NULL)
+ goto err;
+ if ((order = BN_new()) == NULL)
+ goto err;
+ if ((point = EC_POINT_new(eckey->group)) == NULL)
+ goto err;
+
+ /* testing whether the pub_key is on the elliptic curve */
+ if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx))
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
+ goto err;
+ }
+ /* testing whether pub_key * order is the point at infinity */
+ if (!EC_GROUP_get_order(eckey->group, order, ctx))
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
+ goto err;
+ }
+ if (!EC_POINT_copy(point, eckey->pub_key))
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (!EC_POINT_mul(eckey->group, point, order, NULL, NULL, ctx))
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (!EC_POINT_is_at_infinity(eckey->group, point))
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
+ goto err;
+ }
+ /* in case the priv_key is present :
+ * check if generator * priv_key == pub_key
+ */
+ if (eckey->priv_key)
+ {
+ if (BN_cmp(eckey->priv_key, order) >= 0)
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_WRONG_ORDER);
+ goto err;
+ }
+ if (!EC_POINT_mul(eckey->group, point, eckey->priv_key,
+ NULL, NULL, ctx))
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (EC_POINT_cmp(eckey->group, point, eckey->pub_key,
+ ctx) != 0)
+ {
+ ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY);
+ goto err;
+ }
+ }
+ ok = 1;
+err:
+ if (ctx != NULL)
+ BN_CTX_free(ctx);
+ if (order != NULL)
+ BN_free(order);
+ if (point != NULL)
+ EC_POINT_free(point);
+ return(ok);
+ }
diff --git a/crypto/ecdsa/Makefile.ssl b/crypto/ecdsa/Makefile.ssl
index 5d8eff00c2..a0eb51031d 100644
--- a/crypto/ecdsa/Makefile.ssl
+++ b/crypto/ecdsa/Makefile.ssl
@@ -23,11 +23,9 @@ TEST=ecdsatest.c
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= ecs_lib.c ecs_gen.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c \
- ecs_key.c ecs_err.c
+LIBSRC= ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c
-LIBOBJ= ecs_lib.o ecs_gen.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o \
- ecs_key.o ecs_err.o
+LIBOBJ= ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o
SRC= $(LIBSRC)
@@ -98,15 +96,6 @@ ecs_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
ecs_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ecs_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
ecs_err.o: ../../include/openssl/symhacks.h ecs_err.c
-ecs_gen.o: ecs_gen.c
-ecs_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-ecs_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-ecs_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
-ecs_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-ecs_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-ecs_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
-ecs_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-ecs_key.o: ecdsa.h ecs_key.c
ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
ecs_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index 00cd71d068..d72d0b1363 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -59,9 +59,6 @@
#error ECDSA is disabled.
#endif
-#ifndef OPENSSL_NO_BIO
-#include <openssl/bio.h>
-#endif
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/ossl_typ.h>
@@ -70,8 +67,6 @@
extern "C" {
#endif
-typedef struct ecdsa_st ECDSA;
-
typedef struct ECDSA_SIG_st
{
BIGNUM *r;
@@ -81,122 +76,70 @@ typedef struct ECDSA_SIG_st
typedef struct ecdsa_method
{
const char *name;
- ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa);
- int (*ecdsa_sign_setup)(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r);
- int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa);
- int (*init)(ECDSA *ecdsa);
- int (*finish)(ECDSA *ecdsa);
+ ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
+ EC_KEY *eckey);
+ int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+ BIGNUM **r);
+ int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
+ ECDSA_SIG *sig, EC_KEY *eckey);
+#if 0
+ int (*init)(EC_KEY *eckey);
+ int (*finish)(EC_KEY *eckey);
+#endif
int flags;
char *app_data;
} ECDSA_METHOD;
-struct ecdsa_st
-{
- int version;
- point_conversion_form_t conversion_form;
-
- EC_GROUP *group;
-
- EC_POINT *pub_key;
- BIGNUM *priv_key;
-
- BIGNUM *kinv; /* signing pre-calc */
- BIGNUM *r; /* signing pre-calc */
-
- unsigned int enc_flag;
-
- int references;
+typedef struct ecdsa_data_st {
+ /* EC_KEY_METH_DATA part */
+ int (*init)(EC_KEY *);
+ void (*finish)(EC_KEY *);
+ /* method specific part */
+ BIGNUM *kinv; /* signing pre-calc */
+ BIGNUM *r; /* signing pre-calc */
+ ENGINE *engine;
int flags;
- CRYPTO_EX_DATA ex_data;
const ECDSA_METHOD *meth;
- struct engine_st *engine;
-};
-
-/* some values for the encoding_flag */
-#define ECDSA_PKEY_NO_PARAMETERS 0x001
-#define ECDSA_PKEY_NO_PUBKEY 0x002
+ CRYPTO_EX_DATA ex_data;
+} ECDSA_DATA;
+/* signature functions */
ECDSA_SIG *ECDSA_SIG_new(void);
void ECDSA_SIG_free(ECDSA_SIG *a);
int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length);
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa);
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA* ecdsa);
-int ECDSA_generate_key(ECDSA *ecdsa);
-int ECDSA_check_key(ECDSA *ecdsa);
+/* ECDSA_DATA functions */
+ECDSA_DATA *ECDSA_DATA_new(void);
+ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *);
+void ECDSA_DATA_free(ECDSA_DATA *);
+
+ECDSA_DATA *ecdsa_check(EC_KEY *);
+
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *);
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG
+ *sig, EC_KEY* eckey);
const ECDSA_METHOD *ECDSA_OpenSSL(void);
void ECDSA_set_default_method(const ECDSA_METHOD *);
const ECDSA_METHOD *ECDSA_get_default_method(void);
-int ECDSA_set_method(ECDSA *, const ECDSA_METHOD *);
-
-ECDSA *ECDSA_new(void);
-ECDSA *ECDSA_new_method(ENGINE *engine);
-int ECDSA_size(const ECDSA *);
-int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
-int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, unsigned char *sig,
- unsigned int *siglen, ECDSA *ecdsa);
-int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sig,
- int sig_len, ECDSA *ecdsa);
-int ECDSA_up_ref(ECDSA *ecdsa);
-void ECDSA_free(ECDSA *a);
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
- CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg);
-void *ECDSA_get_ex_data(ECDSA *d, int idx);
-
-#ifndef OPENSSL_NO_BIO
-int ECDSAParameters_print(BIO *bp, const ECDSA *x);
-int ECDSA_print(BIO *bp, const ECDSA *x, int off);
-#endif
-#ifndef OPENSSL_NO_FP_API
-int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x);
-int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off);
-#endif
-
-/* the ECDSA_{set|get}_enc_flag() specify the encoding
- * of the elliptic curve private key */
-unsigned int ECDSA_get_enc_flag(const ECDSA *);
-void ECDSA_set_enc_flag(ECDSA *, unsigned int);
-
-/* The ECDSA_{set|get}_conversion_type() functions set/get the
- * conversion form for ec-points (see ec.h) in a ECDSA-structure */
-void ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t);
-point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *);
-/* The ECDSA_{set|get}_default_conversion_form() functions set/get the
- * default conversion form */
-void ECDSA_set_default_conversion_form(const point_conversion_form_t);
-point_conversion_form_t ECDSA_get_default_conversion_form(void);
-
-/* the basic de- and encode functions ( see ecs_asn1.c ) */
-ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len);
-int i2d_ECDSAParameters(ECDSA *a, unsigned char **out);
+int ECDSA_set_method(EC_KEY *, const ECDSA_METHOD *);
-ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len);
-int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out);
+int ECDSA_size(const EC_KEY *);
+int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+ BIGNUM **rp);
+int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len,
+ unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
+int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sig, int sig_len, EC_KEY *eckey);
-/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure.
- * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero
- * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */
-ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len);
-/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding
- * of the public key. If out != NULL then the function returns in *out
- * a pointer to the octet string */
-int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out);
+int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
+ *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
+void *ECDSA_get_ex_data(EC_KEY *d, int idx);
-#define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \
- (char *(*)())d2i_ECDSAParameters,(char *)(x))
-#define d2i_ECDSAParameters_fp(fp,x) (ECDSA *)ASN1_d2i_fp((char *(*)())ECDSA_new, \
- (char *(*)())d2i_ECDSAParameters,(fp),(unsigned char **)(x))
-#define i2d_ECDSAParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECDSAParameters,(fp), \
- (unsigned char *)(x))
-#define d2i_ECDSAParameters_bio(bp,x) (ECDSA *)ASN1_d2i_bio((char *(*)())ECDSA_new, \
- (char *(*)())d2i_ECDSAParameters,(bp),(unsigned char **)(x))
-#define i2d_ECDSAParameters_bio(bp,x) ASN1_i2d_bio(i2d_ECDSAParameters,(bp), \
- (unsigned char *)(x))
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
@@ -207,72 +150,18 @@ void ERR_load_ECDSA_strings(void);
/* Error codes for the ECDSA functions. */
/* Function codes. */
-#define ECDSA_F_D2I_ECDSAPARAMETERS 100
-#define ECDSA_F_D2I_ECDSAPRIVATEKEY 101
-#define ECDSA_F_ECDSAPARAMETERS_PRINT 102
-#define ECDSA_F_ECDSAPARAMETERS_PRINT_FP 103
-#define ECDSA_F_ECDSA_DO_SIGN 104
-#define ECDSA_F_ECDSA_DO_VERIFY 105
-#define ECDSA_F_ECDSA_GENERATE_KEY 106
-#define ECDSA_F_ECDSA_GET 107
-#define ECDSA_F_ECDSA_GET_CURVE_NID 120
-#define ECDSA_F_ECDSA_GET_ECDSA 121
-#define ECDSA_F_ECDSA_GET_EC_PARAMETERS 122
-#define ECDSA_F_ECDSA_GET_X9_62_CURVE 108
-#define ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS 109
-#define ECDSA_F_ECDSA_GET_X9_62_FIELDID 110
-#define ECDSA_F_ECDSA_NEW 111
-#define ECDSA_F_ECDSA_PRINT 112
-#define ECDSA_F_ECDSA_PRINT_FP 113
-#define ECDSA_F_ECDSA_SET_GROUP_P 114
-#define ECDSA_F_ECDSA_SET_PRIME_GROUP 123
-#define ECDSA_F_ECDSA_SIGN_SETUP 115
-#define ECDSA_F_I2D_ECDSAPARAMETERS 116
-#define ECDSA_F_I2D_ECDSAPRIVATEKEY 117
-#define ECDSA_F_I2D_ECDSAPUBLICKEY 118
-#define ECDSA_F_SIG_CB 119
+#define ECDSA_F_ECDSA_DATA_NEW 100
+#define ECDSA_F_ECDSA_DO_SIGN 101
+#define ECDSA_F_ECDSA_DO_VERIFY 102
+#define ECDSA_F_ECDSA_SIGN_SETUP 103
/* Reason codes. */
#define ECDSA_R_BAD_SIGNATURE 100
-#define ECDSA_R_CAN_NOT_GET_GENERATOR 101
-#define ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY 102
-#define ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE 103
-#define ECDSA_R_D2I_EC_PARAMETERS_FAILURE 133
-#define ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 104
-#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 105
-#define ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE 106
-#define ECDSA_R_ECDSA_F_ECDSA_NEW 107
-#define ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE 134
-#define ECDSA_R_ECDSA_GET_FAILURE 108
-#define ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE 109
-#define ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE 110
-#define ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE 111
-#define ECDSA_R_ECDSA_NEW_FAILURE 112
-#define ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE 135
-#define ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 113
-#define ECDSA_R_ECPARAMETERS2ECDSA_FAILURE 138
-#define ECDSA_R_EC_GROUP_NID2CURVE_FAILURE 136
-#define ECDSA_R_ERR_EC_LIB 114
-#define ECDSA_R_I2D_ECDSA_PRIVATEKEY 115
-#define ECDSA_R_I2D_ECDSA_PUBLICKEY 116
-#define ECDSA_R_MISSING_PARAMETERS 117
-#define ECDSA_R_MISSING_PRIVATE_KEY 139
-#define ECDSA_R_NOT_SUPPORTED 118
-#define ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED 119
-#define ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED 120
-#define ECDSA_R_NO_CURVE_SPECIFIED 121
-#define ECDSA_R_NO_FIELD_SPECIFIED 122
-#define ECDSA_R_PRIME_MISSING 123
-#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 124
-#define ECDSA_R_SIGNATURE_MALLOC_FAILED 125
-#define ECDSA_R_UNEXPECTED_ASN1_TYPE 126
-#define ECDSA_R_UNEXPECTED_PARAMETER 127
-#define ECDSA_R_UNEXPECTED_PARAMETER_LENGTH 128
-#define ECDSA_R_UNEXPECTED_VERSION_NUMER 129
-#define ECDSA_R_UNKNOWN_PARAMETERS_TYPE 137
-#define ECDSA_R_WRONG_FIELD_IDENTIFIER 130
-#define ECDSA_R_X9_62_CURVE_NEW_FAILURE 131
-#define ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE 132
+#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101
+#define ECDSA_R_ERR_EC_LIB 102
+#define ECDSA_R_MISSING_PARAMETERS 103
+#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104
+#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105
#ifdef __cplusplus
}
diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
index cffc194928..daf6427718 100644
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -89,7 +89,7 @@ static const char rnd_seed[] = "string to make the random number generator think
ECDSA_SIG* signatures[ECDSA_NIST_TESTS];
unsigned char digest[ECDSA_NIST_TESTS][20];
-void clear_ecdsa(ECDSA *ecdsa)
+void clear_ecdsa(EC_KEY *ecdsa)
{
if (!ecdsa)
return;
@@ -110,7 +110,7 @@ void clear_ecdsa(ECDSA *ecdsa)
}
}
-int set_p192_param(ECDSA *ecdsa)
+int set_p192_param(EC_KEY *ecdsa)
{
BN_CTX *ctx=NULL;
int ret=0;
@@ -143,7 +143,7 @@ err : if (ctx) BN_CTX_free(ctx);
return ret;
}
-int set_p239_param(ECDSA *ecdsa)
+int set_p239_param(EC_KEY *ecdsa)
{
BN_CTX *ctx=NULL;
int ret=0;
@@ -176,7 +176,7 @@ err : if (ctx) BN_CTX_free(ctx);
return ret;
}
-int test_sig_vrf(ECDSA *ecdsa, const unsigned char* dgst)
+int test_sig_vrf(EC_KEY *ecdsa, const unsigned char* dgst)
{
int ret=0,type=0;
unsigned char *buffer=NULL;
@@ -216,7 +216,7 @@ err: OPENSSL_free(buffer);
return(ret == 1);
}
-int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst,
+int test_x962_sig_vrf(EC_KEY *eckey, const unsigned char *dgst,
const char *k_in, const char *r_in, const char *s_in)
{
int ret=0;
@@ -225,23 +225,28 @@ int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst,
BIGNUM *r=NULL,*s=NULL,*k=NULL,*x=NULL,*y=NULL,*m=NULL,*ord=NULL;
BN_CTX *ctx=NULL;
char *tmp_char=NULL;
-
- if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+ ECDSA_DATA *ecdsa = ecdsa_check(eckey);;
+
+ if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key
+ || !ecdsa)
return 0;
- if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err;
- if ((r = BN_new()) == NULL || (s = BN_new()) == NULL || (k = BN_new()) == NULL ||
- (x = BN_new()) == NULL || (y = BN_new()) == NULL || (m = BN_new()) == NULL ||
- (ord = BN_new()) == NULL) goto err;
+ if ((point = EC_POINT_new(eckey->group)) == NULL) goto err;
+ if ((r = BN_new()) == NULL || (s = BN_new()) == NULL
+ || (k = BN_new()) == NULL || (x = BN_new()) == NULL ||
+ (y = BN_new()) == NULL || (m = BN_new()) == NULL ||
+ (ord = BN_new()) == NULL) goto err;
if ((ctx = BN_CTX_new()) == NULL) goto err;
if (!BN_bin2bn(dgst, 20, m)) goto err;
if (!BN_dec2bn(&k, k_in)) goto err;
- if (!EC_POINT_mul(ecdsa->group, point, k, NULL, NULL, ctx)) goto err;
- if (!EC_POINT_get_affine_coordinates_GFp(ecdsa->group, point, x, y, ctx)) goto err;
- if (!EC_GROUP_get_order(ecdsa->group, ord, ctx)) goto err;
+ if (!EC_POINT_mul(eckey->group, point, k, NULL, NULL, ctx)) goto err;
+ if (!EC_POINT_get_affine_coordinates_GFp(eckey->group, point, x, y,
+ ctx)) goto err;
+ if (!EC_GROUP_get_order(eckey->group, ord, ctx)) goto err;
if ((ecdsa->r = BN_dup(x)) == NULL) goto err;
- if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL) goto err;
+ if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL)
+ goto err;
- if ((sig = ECDSA_do_sign(dgst, 20, ecdsa)) == NULL)
+ if ((sig = ECDSA_do_sign(dgst, 20, eckey)) == NULL)
{
BIO_printf(bio_err,"ECDSA_do_sign() failed \n");
goto err;
@@ -260,7 +265,7 @@ int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst,
BIO_printf(bio_err,"sig->s = %s\n",tmp_char);
goto err;
}
- ret = ECDSA_do_verify(dgst, 20, sig, ecdsa);
+ ret = ECDSA_do_verify(dgst, 20, sig, eckey);
if (ret != 1)
{
BIO_printf(bio_err,"ECDSA_do_verify : signature verification failed \n");
@@ -282,7 +287,7 @@ err : if (r) BN_free(r);
return(ret == 1);
}
-int ecdsa_cmp(const ECDSA *a, const ECDSA *b)
+int ecdsa_cmp(const EC_KEY *a, const EC_KEY *b)
{
int ret=1;
BN_CTX *ctx=NULL;
@@ -316,7 +321,7 @@ err: if (tmp_a1) BN_free(tmp_a1);
int main(void)
{
- ECDSA *ecdsa=NULL, *ret_ecdsa=NULL;
+ EC_KEY *ecdsa=NULL, *ret_ecdsa=NULL;
BIGNUM *d=NULL;
X509_PUBKEY *x509_pubkey=NULL;
PKCS8_PRIV_KEY_INFO *pkcs8=NULL;
@@ -351,41 +356,41 @@ int main(void)
RAND_seed(rnd_seed, sizeof(rnd_seed));
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
set_p192_param(ecdsa);
- ECDSA_print(bio_err, ecdsa, 0);
+ EC_KEY_print(bio_err, ecdsa, 0);
/* en- decode tests */
- /* i2d_ - d2i_ECDSAParameters() */
+ /* i2d_ - d2i_ECParameters() */
BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAParameters \n");
- buf_len = i2d_ECDSAParameters(ecdsa, NULL);
+ buf_len = i2d_ECParameters(ecdsa, NULL);
if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
pp = buffer;
- if (!i2d_ECDSAParameters(ecdsa, &pp)) goto err;
+ if (!i2d_ECParameters(ecdsa, &pp)) goto err;
pp = buffer;
- if ((ret_ecdsa = d2i_ECDSAParameters(&ret_ecdsa, (const unsigned char **)&pp,
+ if ((ret_ecdsa = d2i_ECParameters(&ret_ecdsa, (const unsigned char **)&pp,
buf_len)) == NULL) goto err;
- ECDSAParameters_print(bio_err, ret_ecdsa);
+ ECParameters_print(bio_err, ret_ecdsa);
if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
OPENSSL_free(buffer);
buffer = NULL;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
- /* i2d_ - d2i_ECDSAPrivateKey() */
+ /* i2d_ - d2i_ECPrivateKey() */
BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPrivateKey \n");
- buf_len = i2d_ECDSAPrivateKey(ecdsa, NULL);
+ buf_len = i2d_ECPrivateKey(ecdsa, NULL);
if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
pp = buffer;
- if (!i2d_ECDSAPrivateKey(ecdsa, &pp)) goto err;
+ if (!i2d_ECPrivateKey(ecdsa, &pp)) goto err;
pp = buffer;
- if ((ret_ecdsa = d2i_ECDSAPrivateKey(&ret_ecdsa, (const unsigned char**)&pp,
+ if ((ret_ecdsa = d2i_ECPrivateKey(&ret_ecdsa, (const unsigned char**)&pp,
buf_len)) == NULL) goto err;
- ECDSA_print(bio_err, ret_ecdsa, 0);
+ EC_KEY_print(bio_err, ret_ecdsa, 0);
if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
OPENSSL_free(buffer);
buffer = NULL;
@@ -394,12 +399,12 @@ int main(void)
BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set} : ");
if ((pkey = EVP_PKEY_new()) == NULL) goto err;
- EVP_PKEY_assign_ECDSA(pkey, ecdsa);
+ EVP_PKEY_assign_EC_KEY(pkey, ecdsa);
if ((x509_pubkey = X509_PUBKEY_new()) == NULL) goto err;
if (!X509_PUBKEY_set(&x509_pubkey, pkey)) goto err;
if ((ret_pkey = X509_PUBKEY_get(x509_pubkey)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+ ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
EVP_PKEY_free(ret_pkey);
ret_pkey = NULL;
@@ -411,7 +416,7 @@ int main(void)
else BIO_printf(bio_err, "TEST OK \n");
X509_PUBKEY_free(x509_pubkey);
x509_pubkey = NULL;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
/* Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY */
@@ -419,7 +424,7 @@ int main(void)
BIO_printf(bio_err, "PKCS8_OK : ");
if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK)) == NULL) goto err;
if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+ ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
if (ecdsa_cmp(ecdsa, ret_ecdsa))
{
BIO_printf(bio_err, "TEST FAILED \n");
@@ -428,13 +433,13 @@ int main(void)
else BIO_printf(bio_err, "TEST OK \n");
EVP_PKEY_free(ret_pkey);
ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
PKCS8_PRIV_KEY_INFO_free(pkcs8);
BIO_printf(bio_err, "PKCS8_NO_OCTET : ");
if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NO_OCTET)) == NULL) goto err;
if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+ ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
if (ecdsa_cmp(ecdsa, ret_ecdsa))
{
BIO_printf(bio_err, "TEST FAILED \n");
@@ -443,13 +448,13 @@ int main(void)
else BIO_printf(bio_err, "TEST OK \n");
EVP_PKEY_free(ret_pkey);
ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
PKCS8_PRIV_KEY_INFO_free(pkcs8);
BIO_printf(bio_err, "PKCS8_EMBEDDED_PARAM : ");
if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_EMBEDDED_PARAM)) == NULL) goto err;
if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+ ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
if (ecdsa_cmp(ecdsa, ret_ecdsa))
{
BIO_printf(bio_err, "TEST FAILED \n");
@@ -458,13 +463,13 @@ int main(void)
else BIO_printf(bio_err, "TEST OK \n");
EVP_PKEY_free(ret_pkey);
ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
PKCS8_PRIV_KEY_INFO_free(pkcs8);
BIO_printf(bio_err, "PKCS8_NS_DB : ");
if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NS_DB)) == NULL) goto err;
if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
- ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+ ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey);
if (ecdsa_cmp(ecdsa, ret_ecdsa))
{
BIO_printf(bio_err, "TEST FAILED \n");
@@ -473,7 +478,7 @@ int main(void)
else BIO_printf(bio_err, "TEST OK \n");
EVP_PKEY_free(ret_pkey);
ret_pkey = NULL;
- ECDSA_free(ret_ecdsa);
+ EC_KEY_free(ret_ecdsa);
ret_ecdsa = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
@@ -492,7 +497,7 @@ int main(void)
BIO_printf(bio_err, "Performing tests based on examples H.3.1 and H.3.2 of X9.62 \n");
BIO_printf(bio_err, "PRIME_192_V1 : ");
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
if (!set_p192_param(ecdsa)) goto err;
if (!test_x962_sig_vrf(ecdsa, dgst, "6140507067065001063065065565667405560006161556565665656654",
"3342403536405981729393488334694600415596881826869351677613",
@@ -510,7 +515,7 @@ int main(void)
else
BIO_printf(bio_err, "OK\n");
- ECDSA_free(ecdsa);
+ EC_KEY_free(ecdsa);
ecdsa = NULL;
OPENSSL_free(dgst);
dgst = NULL;
@@ -522,10 +527,11 @@ int main(void)
if (!RAND_bytes(digest[i], 20)) goto err;
BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
- if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
+ EC_KEY_free(ecdsa);
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
+ if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192))
+ == NULL) goto err;
+ if (!EC_KEY_generate_key(ecdsa)) goto err;
tim = clock();
for (i=0; i<ECDSA_NIST_TESTS; i++)
if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
@@ -548,10 +554,10 @@ int main(void)
/* EC_GROUP_NIST_PRIME_224 */
BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
+ EC_KEY_free(ecdsa);
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
+ if (!EC_KEY_generate_key(ecdsa)) goto err;
tim = clock();
for (i=0; i<ECDSA_NIST_TESTS; i++)
if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
@@ -574,10 +580,10 @@ int main(void)
/* EC_GROUP_NIST_PRIME_256 */
BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
+ EC_KEY_free(ecdsa);
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
+ if (!EC_KEY_generate_key(ecdsa)) goto err;
tim = clock();
for (i=0; i<ECDSA_NIST_TESTS; i++)
if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
@@ -600,10 +606,10 @@ int main(void)
/* EC_GROUP_NIST_PRIME_384 */
BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
+ EC_KEY_free(ecdsa);
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
+ if (!EC_KEY_generate_key(ecdsa)) goto err;
tim = clock();
for (i=0; i<ECDSA_NIST_TESTS; i++)
if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
@@ -626,10 +632,10 @@ int main(void)
/* EC_GROUP_NIST_PRIME_521 */
BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n");
- ECDSA_free(ecdsa);
- if ((ecdsa = ECDSA_new()) == NULL) goto err;
+ EC_KEY_free(ecdsa);
+ if ((ecdsa = EC_KEY_new()) == NULL) goto err;
if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err;
- if (!ECDSA_generate_key(ecdsa)) goto err;
+ if (!EC_KEY_generate_key(ecdsa)) goto err;
tim = clock();
for (i=0; i<ECDSA_NIST_TESTS; i++)
if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
@@ -644,7 +650,7 @@ int main(void)
tim_d = (double)tim / CLOCKS_PER_SEC;
BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
, ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
- ECDSA_free(ecdsa);
+ EC_KEY_free(ecdsa);
ecdsa = NULL;
for (i=0; i<ECDSA_NIST_TESTS; i++)
{
@@ -665,7 +671,7 @@ err: if (!ret)
BIO_printf(bio_err, "TEST PASSED \n");
if (!ret)
ERR_print_errors(bio_err);
- if (ecdsa) ECDSA_free(ecdsa);
+ if (ecdsa) EC_KEY_free(ecdsa);
if (d) BN_free(d);
if (dgst) OPENSSL_free(dgst);
if (md_ctx) EVP_MD_CTX_destroy(md_ctx);
diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c
index 048fa88de9..e9e1c2b51e 100644
--- a/crypto/ecdsa/ecs_asn1.c
+++ b/crypto/ecdsa/ecs_asn1.c
@@ -65,324 +65,3 @@ ASN1_SEQUENCE(ECDSA_SIG) = {
DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG)
DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG)
IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
-
-int i2d_ECDSAParameters(ECDSA *a, unsigned char **out)
- {
- if (a == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS,
- ERR_R_PASSED_NULL_PARAMETER);
- return 0;
- }
- return i2d_ECPKParameters(a->group, out);
- }
-
-ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len)
- {
- EC_GROUP *group;
- ECDSA *ret;
-
- if (in == NULL || *in == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS,
- ERR_R_PASSED_NULL_PARAMETER);
- return NULL;
- }
-
- group = d2i_ECPKParameters(NULL, in, len);
-
- if (group == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS,
- ERR_R_EC_LIB);
- return NULL;
- }
-
- if (a == NULL || *a == NULL)
- {
- if ((ret = ECDSA_new()) == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS,
- ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (a)
- *a = ret;
- }
- else
- ret = *a;
-
- if (ret->group)
- EC_GROUP_clear_free(ret->group);
-
- ret->group = group;
-
- return ret;
- }
-
-ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
- {
- int ok=0;
- ECDSA *ret=NULL;
- EC_PRIVATEKEY *priv_key=NULL;
-
- if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
- return NULL;
- }
-
- if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- EC_PRIVATEKEY_free(priv_key);
- return NULL;
- }
-
- if (a == NULL || *a == NULL)
- {
- if ((ret = ECDSA_new()) == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
- if (a)
- *a = ret;
- }
- else
- ret = *a;
-
- if (priv_key->parameters)
- {
- if (ret->group)
- EC_GROUP_clear_free(ret->group);
- ret->group = EC_ASN1_pkparameters2group(priv_key->parameters);
- }
-
- if (ret->group == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
-
- ret->version = priv_key->version;
-
- if (priv_key->privateKey)
- {
- ret->priv_key = BN_bin2bn(
- M_ASN1_STRING_data(priv_key->privateKey),
- M_ASN1_STRING_length(priv_key->privateKey),
- ret->priv_key);
- if (ret->priv_key == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY,
- ERR_R_BN_LIB);
- goto err;
- }
- }
- else
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY,
- ECDSA_R_MISSING_PRIVATE_KEY);
- goto err;
- }
-
- if (priv_key->publicKey)
- {
- if (ret->pub_key)
- EC_POINT_clear_free(ret->pub_key);
- ret->pub_key = EC_POINT_new(ret->group);
- if (ret->pub_key == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
- if (!EC_POINT_oct2point(ret->group, ret->pub_key,
- M_ASN1_STRING_data(priv_key->publicKey),
- M_ASN1_STRING_length(priv_key->publicKey), NULL))
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
- }
-
- ok = 1;
-err:
- if (!ok)
- {
- if (ret)
- ECDSA_free(ret);
- ret = NULL;
- }
-
- if (priv_key)
- EC_PRIVATEKEY_free(priv_key);
-
- return(ret);
- }
-
-int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out)
- {
- int ret=0, ok=0;
- unsigned char *buffer=NULL;
- size_t buf_len=0, tmp_len;
- EC_PRIVATEKEY *priv_key=NULL;
-
- if (a == NULL || a->group == NULL || a->priv_key == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
- ERR_R_PASSED_NULL_PARAMETER);
- goto err;
- }
-
- if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- priv_key->version = a->version;
-
- buf_len = (size_t)BN_num_bytes(a->priv_key);
- buffer = OPENSSL_malloc(buf_len);
- if (buffer == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- if (!BN_bn2bin(a->priv_key, buffer))
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_BN_LIB);
- goto err;
- }
-
- if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len))
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB);
- goto err;
- }
-
- if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PARAMETERS))
- {
- if ((priv_key->parameters = EC_ASN1_group2pkparameters(
- a->group, priv_key->parameters)) == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
- }
-
- if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PUBKEY))
- {
- priv_key->publicKey = M_ASN1_BIT_STRING_new();
- if (priv_key->publicKey == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
- ECDSA_get_conversion_form(a), NULL, 0, NULL);
-
- if (tmp_len > buf_len)
- buffer = OPENSSL_realloc(buffer, tmp_len);
- if (buffer == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY,
- ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- buf_len = tmp_len;
-
- if (!EC_POINT_point2oct(a->group, a->pub_key,
- ECDSA_get_conversion_form(a), buffer, buf_len, NULL))
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
-
- if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
- buf_len))
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB);
- goto err;
- }
- }
-
- if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
- ok=1;
-err:
- if (buffer)
- OPENSSL_free(buffer);
- if (priv_key)
- EC_PRIVATEKEY_free(priv_key);
- return(ok?ret:0);
- }
-
-
-ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len)
-{
- ECDSA *ret=NULL;
-
- if (a == NULL || (*a) == NULL || (*a)->group == NULL)
- {
- /* sorry, but a EC_GROUP-structur is necessary
- * to set the public key */
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ECDSA_R_MISSING_PARAMETERS);
- return 0;
- }
- ret = *a;
- if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
- {
- ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
- return 0;
- }
- ECDSA_set_conversion_form(ret, (point_conversion_form_t)(*in[0] & ~0x01));
- return ret;
-}
-
-int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out)
-{
- size_t buf_len=0;
-
- if (a == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ECDSA_R_MISSING_PARAMETERS);
- return 0;
- }
- buf_len = EC_POINT_point2oct(a->group, a->pub_key,
- ECDSA_get_conversion_form(a), NULL, 0, NULL);
- if (out == NULL || buf_len == 0)
- /* out == NULL => just return the length of the octet string */
- return buf_len;
- if (*out == NULL)
- if ((*out = OPENSSL_malloc(buf_len)) == NULL)
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_MALLOC_FAILURE);
- return 0;
- }
- if (!EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a),
- *out, buf_len, NULL))
- {
- ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_EC_LIB);
- OPENSSL_free(*out);
- *out = NULL;
- return 0;
- }
- return buf_len;
-}
diff --git a/crypto/ecdsa/ecs_err.c b/crypto/ecdsa/ecs_err.c
index b8a9edd759..75c789448c 100644
--- a/crypto/ecdsa/ecs_err.c
+++ b/crypto/ecdsa/ecs_err.c
@@ -66,75 +66,21 @@
#ifndef OPENSSL_NO_ERR
static ERR_STRING_DATA ECDSA_str_functs[]=
{
-{ERR_PACK(0,ECDSA_F_D2I_ECDSAPARAMETERS,0), "d2i_ECDSAParameters"},
-{ERR_PACK(0,ECDSA_F_D2I_ECDSAPRIVATEKEY,0), "d2i_ECDSAPrivateKey"},
-{ERR_PACK(0,ECDSA_F_ECDSAPARAMETERS_PRINT,0), "ECDSAParameters_print"},
-{ERR_PACK(0,ECDSA_F_ECDSAPARAMETERS_PRINT_FP,0), "ECDSAParameters_print_fp"},
+{ERR_PACK(0,ECDSA_F_ECDSA_DATA_NEW,0), "ECDSA_DATA_new"},
{ERR_PACK(0,ECDSA_F_ECDSA_DO_SIGN,0), "ECDSA_do_sign"},
{ERR_PACK(0,ECDSA_F_ECDSA_DO_VERIFY,0), "ECDSA_do_verify"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GENERATE_KEY,0), "ECDSA_generate_key"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET,0), "ECDSA_GET"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET_CURVE_NID,0), "ECDSA_GET_CURVE_NID"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET_ECDSA,0), "ECDSA_GET_ECDSA"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET_EC_PARAMETERS,0), "ECDSA_GET_EC_PARAMETERS"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_CURVE,0), "ECDSA_GET_X9_62_CURVE"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS,0), "ECDSA_GET_X9_62_EC_PARAMETERS"},
-{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_FIELDID,0), "ECDSA_GET_X9_62_FIELDID"},
-{ERR_PACK(0,ECDSA_F_ECDSA_NEW,0), "ECDSA_new"},
-{ERR_PACK(0,ECDSA_F_ECDSA_PRINT,0), "ECDSA_print"},
-{ERR_PACK(0,ECDSA_F_ECDSA_PRINT_FP,0), "ECDSA_print_fp"},
-{ERR_PACK(0,ECDSA_F_ECDSA_SET_GROUP_P,0), "ECDSA_SET_GROUP_P"},
-{ERR_PACK(0,ECDSA_F_ECDSA_SET_PRIME_GROUP,0), "ECDSA_SET_PRIME_GROUP"},
{ERR_PACK(0,ECDSA_F_ECDSA_SIGN_SETUP,0), "ECDSA_sign_setup"},
-{ERR_PACK(0,ECDSA_F_I2D_ECDSAPARAMETERS,0), "i2d_ECDSAParameters"},
-{ERR_PACK(0,ECDSA_F_I2D_ECDSAPRIVATEKEY,0), "i2d_ECDSAPrivateKey"},
-{ERR_PACK(0,ECDSA_F_I2D_ECDSAPUBLICKEY,0), "I2D_ECDSAPUBLICKEY"},
-{ERR_PACK(0,ECDSA_F_SIG_CB,0), "SIG_CB"},
{0,NULL}
};
static ERR_STRING_DATA ECDSA_str_reasons[]=
{
{ECDSA_R_BAD_SIGNATURE ,"bad signature"},
-{ECDSA_R_CAN_NOT_GET_GENERATOR ,"can not get generator"},
-{ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY,"d2i ecdsaprivatekey missing private key"},
-{ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE ,"d2i ecdsa privatekey failure"},
-{ECDSA_R_D2I_EC_PARAMETERS_FAILURE ,"d2i ec parameters failure"},
-{ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE ,"d2i x9 62 ec parameters failure"},
{ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
-{ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE ,"ecdsaprivatekey new failure"},
-{ECDSA_R_ECDSA_F_ECDSA_NEW ,"ecdsa f ecdsa new"},
-{ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE ,"ecdsa get ec parameters failure"},
-{ECDSA_R_ECDSA_GET_FAILURE ,"ecdsa get failure"},
-{ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE ,"ecdsa get x9 62 curve failure"},
-{ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE,"ecdsa get x9 62 ec parameters failure"},
-{ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE ,"ecdsa get x9 62 fieldid failure"},
-{ECDSA_R_ECDSA_NEW_FAILURE ,"ecdsa new failure"},
-{ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE,"ecdsa r d2i ec parameters failure"},
-{ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE,"ecdsa r d2i x9 62 ec parameters failure"},
-{ECDSA_R_ECPARAMETERS2ECDSA_FAILURE ,"ecparameters2ecdsa failure"},
-{ECDSA_R_EC_GROUP_NID2CURVE_FAILURE ,"ec group nid2curve failure"},
{ECDSA_R_ERR_EC_LIB ,"err ec lib"},
-{ECDSA_R_I2D_ECDSA_PRIVATEKEY ,"i2d ecdsa privatekey"},
-{ECDSA_R_I2D_ECDSA_PUBLICKEY ,"i2d ecdsa publickey"},
{ECDSA_R_MISSING_PARAMETERS ,"missing parameters"},
-{ECDSA_R_MISSING_PRIVATE_KEY ,"missing private key"},
-{ECDSA_R_NOT_SUPPORTED ,"not supported"},
-{ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED ,"no curve parameter a specified"},
-{ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED ,"no curve parameter b specified"},
-{ECDSA_R_NO_CURVE_SPECIFIED ,"no curve specified"},
-{ECDSA_R_NO_FIELD_SPECIFIED ,"no field specified"},
-{ECDSA_R_PRIME_MISSING ,"prime missing"},
{ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED ,"random number generation failed"},
{ECDSA_R_SIGNATURE_MALLOC_FAILED ,"signature malloc failed"},
-{ECDSA_R_UNEXPECTED_ASN1_TYPE ,"unexpected asn1 type"},
-{ECDSA_R_UNEXPECTED_PARAMETER ,"unexpected parameter"},
-{ECDSA_R_UNEXPECTED_PARAMETER_LENGTH ,"unexpected parameter length"},
-{ECDSA_R_UNEXPECTED_VERSION_NUMER ,"unexpected version numer"},
-{ECDSA_R_UNKNOWN_PARAMETERS_TYPE ,"unknown parameters type"},
-{ECDSA_R_WRONG_FIELD_IDENTIFIER ,"wrong field identifier"},
-{ECDSA_R_X9_62_CURVE_NEW_FAILURE ,"x9 62 curve new failure"},
-{ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE ,"x9 62 ec parameters new failure"},
{0,NULL}
};
diff --git a/crypto/ecdsa/ecs_gen.c b/crypto/ecdsa/ecs_gen.c
deleted file mode 100644
index e82b9b6e2f..0000000000
--- a/crypto/ecdsa/ecs_gen.c
+++ /dev/null
@@ -1,83 +0,0 @@
-/* crypto/ecdsa/ecs_gen.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-/* TODO: implementation of ecdsa parameter generation
- */
-#if 0
-#include <stdio.h>
-#include <time.h>
-#include "cryptlib.h"
-#include <openssl/evp.h>
-#include <openssl/bn.h>
-#include <openssl/ecdsa.h>
-#include <openssl/rand.h>
-#include <openssl/sha.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-ECDSA *ECDSA_generate_parameters(int bits,
- unsigned char *seed_in, int seed_len,
- int *counter_ret, unsigned long *h_ret,
- void (*callback)(int, int, void *),
- void *cb_arg)
- {
- return NULL;
- }
-#ifdef __cplusplus
-}
-#endif
-#else
-static void *dummy=&dummy;
-#endif
diff --git a/crypto/ecdsa/ecs_key.c b/crypto/ecdsa/ecs_key.c
deleted file mode 100644
index a186f3aa88..0000000000
--- a/crypto/ecdsa/ecs_key.c
+++ /dev/null
@@ -1,140 +0,0 @@
-/* crypto/ecdsa/ecs_key.c */
-/* ====================================================================
- * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- * software must display the following acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- * endorse or promote products derived from this software without
- * prior written permission. For written permission, please contact
- * openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- * nor may "OpenSSL" appear in their names without prior written
- * permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- * acknowledgment:
- * "This product includes software developed by the OpenSSL Project
- * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com). This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include "ecdsa.h"
-#include <openssl/err.h>
-
-int ECDSA_generate_key(ECDSA *ecdsa)
-{
- int ok=0;
- BN_CTX *ctx=NULL;
- BIGNUM *priv_key=NULL,*order=NULL;
- EC_POINT *pub_key=NULL;
-
- if (!ecdsa || !ecdsa->group)
- {
- ECDSAerr(ECDSA_F_ECDSA_GENERATE_KEY,ECDSA_R_MISSING_PARAMETERS);
- return 0;
- }
-
- if ((order = BN_new()) == NULL) goto err;
- if ((ctx = BN_CTX_new()) == NULL) goto err;
-
- if (ecdsa->priv_key == NULL)
- {
- if ((priv_key = BN_new()) == NULL) goto err;
- }
- else
- priv_key = ecdsa->priv_key;
-
- if (!EC_GROUP_get_order(ecdsa->group, order, ctx)) goto err;
- do
- if (!BN_rand_range(priv_key, order)) goto err;
- while (BN_is_zero(priv_key));
-
- if (ecdsa->pub_key == NULL)
- {
- if ((pub_key = EC_POINT_new(ecdsa->group)) == NULL) goto err;
- }
- else
- pub_key = ecdsa->pub_key;
-
- if (!EC_POINT_mul(ecdsa->group, pub_key, priv_key, NULL, NULL, ctx)) goto err;
-
- ecdsa->priv_key = priv_key;
- ecdsa->pub_key = pub_key;
- ok=1;
-err: if (order) BN_free(order);
- if ((pub_key != NULL) && (ecdsa->pub_key == NULL)) EC_POINT_free(pub_key);
- if ((priv_key != NULL) && (ecdsa->priv_key == NULL)) BN_free(priv_key);
- if (ctx != NULL) BN_CTX_free(ctx);
- return(ok);
-}
-
-int ECDSA_check_key(ECDSA *ecdsa)
-{
- int ok=0;
- BN_CTX *ctx=NULL;
- BIGNUM *order=NULL;
- EC_POINT *point=NULL;
-
- if (!ecdsa || !ecdsa->group || !ecdsa->pub_key)
- return 0;
-
- if ((ctx = BN_CTX_new()) == NULL) goto err;
- if ((order = BN_new()) == NULL) goto err;
- if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err;
-
- /* testing whether pub_key is a valid point on the elliptic curve */
- if (!EC_POINT_is_on_curve(ecdsa->group,ecdsa->pub_key,ctx)) goto err;
- /* testing whether pub_key * order is the point at infinity */
- if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) goto err;
- if (!EC_POINT_copy(point,ecdsa->pub_key)) goto err;
- if (!EC_POINT_mul(ecdsa->group,point,order,NULL,NULL,ctx)) goto err;
- if (!EC_POINT_is_at_infinity(ecdsa->group,point)) goto err;
- /* in case the priv_key is present : check if generator * priv_key == pub_key */
- if (ecdsa->priv_key)
- {
- if (BN_cmp(ecdsa->priv_key,order) >= 0) goto err;
- if (!EC_POINT_mul(ecdsa->group,point,ecdsa->priv_key,NULL,NULL,ctx)) goto err;
- if (EC_POINT_cmp(ecdsa->group,point,ecdsa->pub_key,ctx) != 0) goto err;
- }
- ok = 1;
-err:
- if (ctx != NULL) BN_CTX_free(ctx);
- if (order != NULL) BN_free(order);
- if (point != NULL) EC_POINT_free(point);
- return(ok);
-}
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 88cd18386c..bd0e34cbb4 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -58,6 +58,8 @@
const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
+static void ecdsa_finish(EC_KEY *);
+
static const ECDSA_METHOD *default_ECDSA_method = NULL;
void ECDSA_set_default_method(const ECDSA_METHOD *meth)
@@ -72,37 +74,56 @@ const ECDSA_METHOD *ECDSA_get_default_method(void)
return default_ECDSA_method;
}
-ECDSA *ECDSA_new(void)
-{
- return ECDSA_new_method(NULL);
-}
-
-int ECDSA_set_method(ECDSA *ecdsa, const ECDSA_METHOD *meth)
+int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
{
const ECDSA_METHOD *mtmp;
+ ECDSA_DATA *ecdsa;
+
+ ecdsa = ecdsa_check(eckey);
+
+ if (ecdsa == NULL)
+ return 0;
+
mtmp = ecdsa->meth;
- if (mtmp->finish) mtmp->finish(ecdsa);
+#if 0
+ if (mtmp->finish)
+ mtmp->finish(eckey);
+#endif
if (ecdsa->engine)
{
ENGINE_finish(ecdsa->engine);
ecdsa->engine = NULL;
}
ecdsa->meth = meth;
- if (meth->init) meth->init(ecdsa);
+#if 0
+ if (meth->init)
+ meth->init(eckey);
+#endif
return 1;
}
-ECDSA *ECDSA_new_method(ENGINE *engine)
+ECDSA_DATA *ECDSA_DATA_new(void)
+{
+ return ECDSA_DATA_new_method(NULL);
+}
+
+ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine)
{
- ECDSA *ret;
+ ECDSA_DATA *ret;
- ret=(ECDSA *)OPENSSL_malloc(sizeof(ECDSA));
+ ret=(ECDSA_DATA *)OPENSSL_malloc(sizeof(ECDSA_DATA));
if (ret == NULL)
{
- ECDSAerr(ECDSA_F_ECDSA_NEW,ERR_R_MALLOC_FAILURE);
+ ECDSAerr(ECDSA_F_ECDSA_DATA_NEW, ERR_R_MALLOC_FAILURE);
return(NULL);
}
+ ret->init = NULL;
+ ret->finish = ecdsa_finish;
+
+ ret->kinv = NULL;
+ ret->r = NULL;
+
ret->meth = ECDSA_get_default_method();
ret->engine = engine;
if (!ret->engine)
@@ -112,73 +133,69 @@ ECDSA *ECDSA_new_method(ENGINE *engine)
ret->meth = ENGINE_get_ECDSA(ret->engine);
if (!ret->meth)
{
- ECDSAerr(ECDSA_R_ECDSA_F_ECDSA_NEW, ERR_R_ENGINE_LIB);
+ ECDSAerr(ECDSA_F_ECDSA_DATA_NEW, ERR_R_ENGINE_LIB);
ENGINE_finish(ret->engine);
OPENSSL_free(ret);
return NULL;
}
}
- ret->version = 1;
- ret->conversion_form = ECDSA_get_default_conversion_form();
- ret->group = NULL;
-
- ret->pub_key = NULL;
- ret->priv_key = NULL;
-
- ret->kinv = NULL;
- ret->r = NULL;
-
- ret->enc_flag = 0;
-
- ret->references = 1;
ret->flags = ret->meth->flags;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
+#if 0
if ((ret->meth->init != NULL) && !ret->meth->init(ret))
{
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
OPENSSL_free(ret);
ret=NULL;
}
-
+#endif
return(ret);
}
-void ECDSA_free(ECDSA *r)
+void ECDSA_DATA_free(ECDSA_DATA *r)
{
- int i;
-
- if (r == NULL) return;
-
- i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_ECDSA);
-#ifdef REF_PRINT
- REF_PRINT("ECDSA",r);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"ECDSA_free, bad reference count\n");
- abort();
- }
-#endif
+ if (r->kinv)
+ BN_clear_free(r->kinv);
+ if (r->r)
+ BN_clear_free(r->r);
+#if 0
if (r->meth->finish)
r->meth->finish(r);
+#endif
if (r->engine)
ENGINE_finish(r->engine);
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
- if (r->group != NULL) EC_GROUP_free(r->group);
- if (r->pub_key != NULL) EC_POINT_free(r->pub_key);
- if (r->priv_key != NULL) BN_clear_free(r->priv_key);
- if (r->kinv != NULL) BN_clear_free(r->kinv);
- if (r->r != NULL) BN_clear_free(r->r);
+ memset((void *)r, 0x0, sizeof(ECDSA_DATA));
+
OPENSSL_free(r);
}
-int ECDSA_size(const ECDSA *r)
+ECDSA_DATA *ecdsa_check(EC_KEY *key)
+{
+ if (key->meth_data)
+ {
+ if (key->meth_data->finish != ecdsa_finish)
+ {
+ key->meth_data->finish(key);
+ key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new();
+ }
+ }
+ else
+ key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new();
+ return (ECDSA_DATA *)key->meth_data;
+}
+
+static void ecdsa_finish(EC_KEY *key)
+{
+ if (key->meth_data && key->meth_data->finish == ecdsa_finish)
+ ECDSA_DATA_free((ECDSA_DATA *)key->meth_data);
+}
+
+int ECDSA_size(const EC_KEY *r)
{
int ret,i;
ASN1_INTEGER bs;
@@ -207,6 +224,7 @@ int ECDSA_size(const ECDSA *r)
return(ret);
}
+
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
@@ -214,60 +232,20 @@ int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
new_func, dup_func, free_func);
}
-int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg)
+int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
{
- return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
-}
-
-void *ECDSA_get_ex_data(ECDSA *d, int idx)
-{
- return(CRYPTO_get_ex_data(&d->ex_data,idx));
-}
-
-int ECDSA_up_ref(ECDSA *ecdsa)
-{
- int i = CRYPTO_add(&ecdsa->references, 1, CRYPTO_LOCK_ECDSA);
-#ifdef REF_PRINT
- REF_PRINT("ECDSA",r);
-#endif
-#ifdef REF_CHECK
- if (i < 2)
- {
- fprintf(stderr, "ECDSA_up_ref, bad reference count\n");
- abort();
- }
-#endif
- return ((i > 1) ? 1 : 0);
-}
-
-void ECDSA_set_conversion_form(ECDSA *ecdsa, const point_conversion_form_t form)
-{
- if (ecdsa) ecdsa->conversion_form = form;
-}
-
-point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *ecdsa)
-{
- return ecdsa ? ecdsa->conversion_form : 0;
-}
-
-static point_conversion_form_t default_conversion_form = POINT_CONVERSION_UNCOMPRESSED;
-
-void ECDSA_set_default_conversion_form(const point_conversion_form_t form)
-{
- default_conversion_form = form;
-}
-
-point_conversion_form_t ECDSA_get_default_conversion_form(void)
-{
- return default_conversion_form;
-}
-
-unsigned int ECDSA_get_enc_flag(const ECDSA *ecdsa)
-{
- return ecdsa->enc_flag;
+ ECDSA_DATA *ecdsa;
+ ecdsa = ecdsa_check(d);
+ if (ecdsa == NULL)
+ return 0;
+ return(CRYPTO_set_ex_data(&ecdsa->ex_data,idx,arg));
}
-void ECDSA_set_enc_flag(ECDSA *ecdsa, unsigned int flag)
+void *ECDSA_get_ex_data(EC_KEY *d, int idx)
{
- ecdsa->enc_flag = flag;
+ ECDSA_DATA *ecdsa;
+ ecdsa = ecdsa_check(d);
+ if (ecdsa == NULL)
+ return NULL;
+ return(CRYPTO_get_ex_data(&ecdsa->ex_data,idx));
}
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c
index 915ece7bf4..a9814afe0b 100644
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -55,22 +55,26 @@
#include "ecdsa.h"
#include <openssl/err.h>
+#include <openssl/obj_mac.h>
-/* TODO : general case */
-#define EC_POINT_get_affine_coordinates EC_POINT_get_affine_coordinates_GFp
-
-static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa);
-static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
-static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig,
- ECDSA *ecdsa);
+static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen,
+ EC_KEY *eckey);
+static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp);
+static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
+ ECDSA_SIG *sig, EC_KEY *eckey);
static ECDSA_METHOD openssl_ecdsa_meth = {
-"OpenSSL ECDSA method",
-ecdsa_do_sign,
-ecdsa_sign_setup,
-ecdsa_do_verify,
-0,
-NULL
+ "OpenSSL ECDSA method",
+ ecdsa_do_sign,
+ ecdsa_sign_setup,
+ ecdsa_do_verify,
+#if 0
+ NULL, /* init */
+ NULL, /* finish */
+#endif
+ 0, /* flags */
+ NULL /* app_data */
};
const ECDSA_METHOD *ECDSA_OpenSSL(void)
@@ -78,35 +82,52 @@ const ECDSA_METHOD *ECDSA_OpenSSL(void)
return &openssl_ecdsa_meth;
}
-static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp)
{
BN_CTX *ctx = NULL;
BIGNUM k,*kinv=NULL,*r=NULL,*order=NULL,*X=NULL;
EC_POINT *tmp_point=NULL;
- int ret = 0,reason = ERR_R_BN_LIB;
- if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+ int ret = 0;
+ if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key)
{
- reason = ECDSA_R_MISSING_PARAMETERS;
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
if (ctx_in == NULL)
{
- if ((ctx=BN_CTX_new()) == NULL) goto err;
+ if ((ctx=BN_CTX_new()) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
}
else
ctx=ctx_in;
- if ((r = BN_new()) == NULL) goto err;
- if ((order = BN_new()) == NULL) goto err;
- if ((X = BN_new()) == NULL) goto err;
- if ((tmp_point = EC_POINT_new(ecdsa->group)) == NULL)
+ if ((r = BN_new()) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+ goto err;
+ }
+ if ((order = BN_new()) == NULL)
{
- reason = ERR_R_EC_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+ goto err;
+ }
+ if ((X = BN_new()) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+ goto err;
+ }
+ if ((tmp_point = EC_POINT_new(eckey->group)) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
- if (!EC_GROUP_get_order(ecdsa->group,order,ctx))
+ if (!EC_GROUP_get_order(eckey->group,order,ctx))
{
- reason = ERR_R_EC_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
@@ -117,24 +138,53 @@ static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM
do
if (!BN_rand_range(&k,order))
{
- reason = ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED;
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
+ ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
goto err;
}
while (BN_is_zero(&k));
/* compute r the x-coordinate of generator * k */
- if (!EC_POINT_mul(ecdsa->group,tmp_point,&k,NULL,NULL,ctx)
- || !EC_POINT_get_affine_coordinates(ecdsa->group,tmp_point,X,NULL,ctx))
+ if (!EC_POINT_mul(eckey->group, tmp_point, &k, NULL, NULL, ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group))
+ == NID_X9_62_prime_field)
+ {
+ if (!EC_POINT_get_affine_coordinates_GFp(eckey->group,
+ tmp_point, X, NULL, ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+ else /* NID_X9_62_characteristic_two_field */
+ {
+ if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group,
+ tmp_point, X, NULL, ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
+ ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+ if (!BN_nnmod(r,X,order,ctx))
{
- reason = ERR_R_EC_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
}
- if (!BN_nnmod(r,X,order,ctx)) goto err;
}
while (BN_is_zero(r));
/* compute the inverse of k */
- if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL) goto err;
+ if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
+ goto err;
+ }
if (*rp == NULL)
BN_clear_free(*rp);
@@ -147,7 +197,6 @@ static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM
err:
if (!ret)
{
- ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,reason);
if (kinv != NULL) BN_clear_free(kinv);
if (r != NULL) BN_clear_free(r);
}
@@ -165,44 +214,60 @@ err:
}
-static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa)
+static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
+ EC_KEY *eckey)
{
BIGNUM *kinv=NULL,*r=NULL,*s=NULL,*m=NULL,*tmp=NULL,*order=NULL;
BIGNUM xr;
BN_CTX *ctx=NULL;
- int reason=ERR_R_BN_LIB;
ECDSA_SIG *ret=NULL;
+ ECDSA_DATA *ecdsa;
+
+ ecdsa = ecdsa_check(eckey);
- if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+ if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key
+ || !ecdsa)
{
- reason = ECDSA_R_MISSING_PARAMETERS;
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
BN_init(&xr);
- if ((ctx = BN_CTX_new()) == NULL) goto err;
- if ((order = BN_new()) == NULL) goto err;
- if ((tmp = BN_new()) == NULL) goto err;
- if ((m = BN_new()) == NULL) goto err;
- if ((s = BN_new()) == NULL) goto err;
+ if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
+ (tmp = BN_new()) == NULL || (m = BN_new()) == NULL ||
+ (s = BN_new()) == NULL )
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
- if (!EC_GROUP_get_order(ecdsa->group,order,ctx))
+ if (!EC_GROUP_get_order(eckey->group,order,ctx))
{
- reason = ECDSA_R_ERR_EC_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
goto err;
}
if (dgst_len > BN_num_bytes(order))
{
- reason = ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
+ ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
goto err;
}
- if (BN_bin2bn(dgst,dgst_len,m) == NULL) goto err;
+ if (BN_bin2bn(dgst,dgst_len,m) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+ goto err;
+ }
do
{
- if ((ecdsa->kinv == NULL) || (ecdsa->r == NULL))
+ if (ecdsa->kinv == NULL || ecdsa->r == NULL)
{
- if (!ECDSA_sign_setup(ecdsa,ctx,&kinv,&r)) goto err;
+ if (!ECDSA_sign_setup(eckey,ctx,&kinv,&r))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
+ ERR_R_ECDSA_LIB);
+ goto err;
+ }
}
else
{
@@ -212,109 +277,174 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *
ecdsa->r = NULL;
}
- if (!BN_mod_mul(tmp,ecdsa->priv_key,r,order,ctx)) goto err;
- if (!BN_add(s,tmp,m)) goto err;
+ if (!BN_mod_mul(tmp,eckey->priv_key,r,order,ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+ goto err;
+ }
+ if (!BN_add(s,tmp,m))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+ goto err;
+ }
if (BN_cmp(s,order) > 0)
BN_sub(s,s,order);
- if (!BN_mod_mul(s,s,kinv,order,ctx)) goto err;
+ if (!BN_mod_mul(s,s,kinv,order,ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
+ goto err;
+ }
}
while (BN_is_zero(s));
if ((ret = ECDSA_SIG_new()) == NULL)
{
- reason = ECDSA_R_SIGNATURE_MALLOC_FAILED;
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (BN_copy(ret->r, r) == NULL || BN_copy(ret->s, s) == NULL)
{
ECDSA_SIG_free(ret);
ret = NULL;
- reason = ERR_R_BN_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
}
err:
- if (!ret)
- {
- ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,reason);
- }
- if (r != NULL) BN_clear_free(r);
- if (s != NULL) BN_clear_free(s);
- if (ctx != NULL) BN_CTX_free(ctx);
- if (m != NULL) BN_clear_free(m);
- if (tmp != NULL) BN_clear_free(tmp);
- if (order != NULL) BN_clear_free(order);
- if (kinv != NULL) BN_clear_free(kinv);
+ if (r)
+ BN_clear_free(r);
+ if (s)
+ BN_clear_free(s);
+ if (ctx)
+ BN_CTX_free(ctx);
+ if (m)
+ BN_clear_free(m);
+ if (tmp)
+ BN_clear_free(tmp);
+ if (order)
+ BN_clear_free(order);
+ if (kinv)
+ BN_clear_free(kinv);
return(ret);
}
-static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig,
- ECDSA *ecdsa)
+static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
+ ECDSA_SIG *sig, EC_KEY *eckey)
{
BN_CTX *ctx;
BIGNUM *order=NULL,*u1=NULL,*u2=NULL,*m=NULL,*X=NULL;
EC_POINT *point=NULL;
- int ret = -1,reason = ERR_R_BN_LIB;
- if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !sig)
+ int ret = -1;
+ if (!eckey || !eckey->group || !eckey->pub_key || !sig)
{
- reason = ECDSA_R_MISSING_PARAMETERS;
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
return -1;
}
- if ((ctx = BN_CTX_new()) == NULL) goto err;
- if ((order = BN_new()) == NULL) goto err;
- if ((u1 = BN_new()) == NULL) goto err;
- if ((u2 = BN_new()) == NULL) goto err;
- if ((m = BN_new()) == NULL) goto err;
- if ((X = BN_new()) == NULL) goto err;
- if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) goto err;
+ if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
+ (u1 = BN_new()) == NULL || (u2 = BN_new()) == NULL ||
+ (m = BN_new()) == NULL || (X = BN_new()) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (!EC_GROUP_get_order(eckey->group, order, ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+ goto err;
+ }
if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, order) >= 0)
{
- reason = ECDSA_R_BAD_SIGNATURE;
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
ret = 0;
goto err;
}
if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, order) >= 0)
{
- reason = ECDSA_R_BAD_SIGNATURE;
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
ret = 0;
goto err;
}
/* calculate tmp1 = inv(S) mod order */
- if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL) goto err;
+ if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+ goto err;
+ }
/* digest -> m */
- if (BN_bin2bn(dgst,dgst_len,m) == NULL) goto err;
+ if (BN_bin2bn(dgst,dgst_len,m) == NULL)
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+ goto err;
+ }
/* u1 = m * tmp mod order */
- if (!BN_mod_mul(u1,m,u2,order,ctx)) goto err;
+ if (!BN_mod_mul(u1,m,u2,order,ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+ goto err;
+ }
/* u2 = r * w mod q */
- if (!BN_mod_mul(u2,sig->r,u2,order,ctx)) goto err;
+ if (!BN_mod_mul(u2,sig->r,u2,order,ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
+ goto err;
+ }
- if ((point = EC_POINT_new(ecdsa->group)) == NULL)
+ if ((point = EC_POINT_new(eckey->group)) == NULL)
{
- reason = ERR_R_EC_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EC_POINT_mul(ecdsa->group,point,u1,ecdsa->pub_key,u2,ctx)
- || !EC_POINT_get_affine_coordinates(ecdsa->group,point,X,NULL,ctx))
+ if (!EC_POINT_mul(eckey->group, point, u1, eckey->pub_key, u2, ctx))
{
- reason = ERR_R_EC_LIB;
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
+ goto err;
+ }
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group))
+ == NID_X9_62_prime_field)
+ {
+ if (!EC_POINT_get_affine_coordinates_GFp(eckey->group,
+ point, X, NULL, ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+ else /* NID_X9_62_characteristic_two_field */
+ {
+ if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group,
+ point, X, NULL, ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
+ goto err;
+ }
+ }
+
+ if (!BN_nnmod(u1,X,order,ctx))
+ {
+ ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
- if (!BN_nnmod(u1,X,order,ctx)) goto err;
/* is now in u1. If the signature is correct, it will be
* equal to R. */
ret = (BN_ucmp(u1,sig->r) == 0);
err:
- if (ret != 1) ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY,reason);
- if (ctx != NULL) BN_CTX_free(ctx);
- if (u1 != NULL) BN_clear_free(u1);
- if (u2 != NULL) BN_clear_free(u2);
- if (m != NULL) BN_clear_free(m);
- if (X != NULL) BN_clear_free(X);
- if (order != NULL) BN_clear_free(order);
- if (point != NULL) EC_POINT_free(point);
+ if (ctx)
+ BN_CTX_free(ctx);
+ if (u1)
+ BN_clear_free(u1);
+ if (u2)
+ BN_clear_free(u2);
+ if (m)
+ BN_clear_free(m);
+ if (X)
+ BN_clear_free(X);
+ if (order)
+ BN_clear_free(order);
+ if (point)
+ EC_POINT_free(point);
return(ret);
}
diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c
index c1d3e3bf3c..215da1211a 100644
--- a/crypto/ecdsa/ecs_sign.c
+++ b/crypto/ecdsa/ecs_sign.c
@@ -56,16 +56,19 @@
#include "ecdsa.h"
#include <openssl/engine.h>
-ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa)
+ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
{
- return ecdsa->meth->ecdsa_do_sign(dgst, dlen, ecdsa);
+ ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+ if (ecdsa == NULL)
+ return NULL;
+ return ecdsa->meth->ecdsa_do_sign(dgst, dlen, eckey);
}
-int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
- unsigned int *siglen, ECDSA *ecdsa)
+int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char
+ *sig, unsigned int *siglen, EC_KEY *eckey)
{
ECDSA_SIG *s;
- s=ECDSA_do_sign(dgst,dlen,ecdsa);
+ s=ECDSA_do_sign(dgst,dlen,eckey);
if (s == NULL)
{
*siglen=0;
@@ -76,7 +79,11 @@ int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig
return(1);
}
-int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
+ BIGNUM **rp)
{
- return ecdsa->meth->ecdsa_sign_setup(ecdsa, ctx_in, kinvp, rp);
+ ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+ if (ecdsa == NULL)
+ return 0;
+ return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
}
diff --git a/crypto/ecdsa/ecs_vrf.c b/crypto/ecdsa/ecs_vrf.c
index 58c98b5593..269671bec8 100644
--- a/crypto/ecdsa/ecs_vrf.c
+++ b/crypto/ecdsa/ecs_vrf.c
@@ -61,9 +61,13 @@
* 0: incorrect signature
* -1: error
*/
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa)
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
+ ECDSA_SIG *sig, EC_KEY *eckey)
{
- return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, ecdsa);
+ ECDSA_DATA *ecdsa = ecdsa_check(eckey);
+ if (ecdsa == NULL)
+ return 0;
+ return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
}
/* returns
@@ -71,15 +75,16 @@ int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECD
* 0: incorrect signature
* -1: error
*/
-int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sigbuf, int sig_len, ECDSA *ecdsa)
+int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
+ const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
{
ECDSA_SIG *s;
int ret=-1;
s = ECDSA_SIG_new();
if (s == NULL) return(ret);
- if (d2i_ECDSA_SIG(&s,&sigbuf,sig_len) == NULL) goto err;
- ret=ECDSA_do_verify(dgst,dgst_len,s,ecdsa);
+ if (d2i_ECDSA_SIG(&s, &sigbuf, sig_len) == NULL) goto err;
+ ret=ECDSA_do_verify(dgst, dgst_len, s, eckey);
err:
ECDSA_SIG_free(s);
return(ret);
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 1a679d5e20..e4d60eeb4d 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -168,7 +168,8 @@
#define EVP_PKEY_DSA3 NID_dsaWithSHA1
#define EVP_PKEY_DSA4 NID_dsaWithSHA1_2
#define EVP_PKEY_DH NID_dhKeyAgreement
-#define EVP_PKEY_ECDSA NID_X9_62_id_ecPublicKey
+#define EVP_PKEY_EC NID_X9_62_id_ecPublicKey
+#define EVP_PKEY_ECDSA EVP_PKEY_EC
#ifdef __cplusplus
extern "C" {
@@ -193,8 +194,8 @@ struct evp_pkey_st
#ifndef OPENSSL_NO_DH
struct dh_st *dh; /* DH */
#endif
-#ifndef OPENSSL_NO_ECDSA
- struct ecdsa_st *ecdsa; /* ECDSA */
+#ifndef OPENSSL_NO_EC
+ struct ec_key_st *eckey;/* ECC */
#endif
} pkey;
int save_parameters;
@@ -454,9 +455,9 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
(char *)(dh))
#endif
-#ifndef OPENSSL_NO_ECDSA
-#define EVP_PKEY_assign_ECDSA(pkey,ecdsa) EVP_PKEY_assign((pkey),EVP_PKEY_ECDSA,\
- (char *)(ecdsa))
+#ifndef OPENSSL_NO_EC
+#define EVP_PKEY_assign_EC_KEY(pkey,eckey) EVP_PKEY_assign((pkey),EVP_PKEY_EC,\
+ (char *)(eckey))
#endif
/* Add some extra combinations */
@@ -785,10 +786,10 @@ struct dh_st;
int EVP_PKEY_set1_DH(EVP_PKEY *pkey,struct dh_st *key);
struct dh_st *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
#endif
-#ifndef OPENSSL_NO_ECDSA
-struct ecdsa_st;
-int EVP_PKEY_set1_ECDSA(EVP_PKEY *pkey,struct ecdsa_st *key);
-struct ecdsa_st *EVP_PKEY_get1_ECDSA(EVP_PKEY *pkey);
+#ifndef OPENSSL_NO_EC
+struct ec_key_st;
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey,struct ec_key_st *key);
+struct ec_key_st *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
#endif
EVP_PKEY * EVP_PKEY_new(void);
@@ -848,6 +849,7 @@ void ERR_load_EVP_strings(void);
/* Function codes. */
#define EVP_F_D2I_PKEY 100
#define EVP_F_ECDSA_PKEY2PKCS8 129
+#define EVP_F_EC_KEY_PKEY2PKCS8 132
#define EVP_F_EVP_CIPHERINIT 123
#define EVP_F_EVP_CIPHER_CTX_CTRL 124
#define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH 122
@@ -867,6 +869,7 @@ void ERR_load_EVP_strings(void);
#define EVP_F_EVP_PKEY_GET1_DH 119
#define EVP_F_EVP_PKEY_GET1_DSA 120
#define EVP_F_EVP_PKEY_GET1_ECDSA 130
+#define EVP_F_EVP_PKEY_GET1_EC_KEY 131
#define EVP_F_EVP_PKEY_GET1_RSA 121
#define EVP_F_EVP_PKEY_NEW 106
#define EVP_F_EVP_RIJNDAEL 126
@@ -896,6 +899,7 @@ void ERR_load_EVP_strings(void);
#define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_EXPECTING_A_ECDSA_KEY 141
+#define EVP_R_EXPECTING_A_EC_KEY 142
#define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111
#define EVP_R_INVALID_KEY_LENGTH 130
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
index e6c71d4e01..815ce63b3b 100644
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
/* crypto/evp/evp_err.c */
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -68,6 +68,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
{
{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
{ERR_PACK(0,EVP_F_ECDSA_PKEY2PKCS8,0), "ECDSA_PKEY2PKCS8"},
+{ERR_PACK(0,EVP_F_EC_KEY_PKEY2PKCS8,0), "EC_KEY_PKEY2PKCS8"},
{ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0), "EVP_CipherInit"},
{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0), "EVP_CIPHER_CTX_ctrl"},
{ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0), "EVP_CIPHER_CTX_set_key_length"},
@@ -86,7 +87,8 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_PACK(0,EVP_F_EVP_PKEY_ENCRYPT,0), "EVP_PKEY_encrypt"},
{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DH,0), "EVP_PKEY_get1_DH"},
{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_DSA,0), "EVP_PKEY_get1_DSA"},
-{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_ECDSA,0), "EVP_PKEY_get1_ECDSA"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_ECDSA,0), "EVP_PKEY_GET1_ECDSA"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_EC_KEY,0), "EVP_PKEY_get1_EC_KEY"},
{ERR_PACK(0,EVP_F_EVP_PKEY_GET1_RSA,0), "EVP_PKEY_get1_RSA"},
{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
{ERR_PACK(0,EVP_F_EVP_RIJNDAEL,0), "EVP_RIJNDAEL"},
@@ -119,6 +121,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{EVP_R_EXPECTING_A_DH_KEY ,"expecting a dh key"},
{EVP_R_EXPECTING_A_DSA_KEY ,"expecting a dsa key"},
{EVP_R_EXPECTING_A_ECDSA_KEY ,"expecting a ecdsa key"},
+{EVP_R_EXPECTING_A_EC_KEY ,"expecting a ec key"},
{EVP_R_INITIALIZATION_ERROR ,"initialization error"},
{EVP_R_INPUT_NOT_INITIALIZED ,"input not initialized"},
{EVP_R_INVALID_KEY_LENGTH ,"invalid key length"},
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index 1772647b16..25f920201f 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -65,8 +65,8 @@
#ifndef OPENSSL_NO_DSA
static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
#endif
-#ifndef OPENSSL_NO_ECDSA
-static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
+#ifndef OPENSSL_NO_EC
+static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8inf, EVP_PKEY *pkey);
#endif
/* Extract a private key from a PKCS8 structure */
@@ -80,8 +80,8 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
#ifndef OPENSSL_NO_DSA
DSA *dsa = NULL;
#endif
-#ifndef OPENSSL_NO_ECDSA
- ECDSA *ecdsa = NULL;
+#ifndef OPENSSL_NO_EC
+ EC_KEY *eckey = NULL;
#endif
#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
ASN1_INTEGER *privkey;
@@ -236,34 +236,37 @@ EVP_PKEY *EVP_PKCS82PKEY (PKCS8_PRIV_KEY_INFO *p8)
else /* nid == NID_ecdsa_with_SHA1 */
{
#ifndef OPENSSL_NO_ECDSA
- if ((ecdsa = d2i_ECDSAParameters(NULL, &cp, plen)) == NULL)
+ if ((eckey = d2i_ECParameters(NULL, &cp,
+ plen)) == NULL)
{
EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
goto err;
}
- if ((ecdsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL)) == NULL)
+ if ((eckey->priv_key = ASN1_INTEGER_to_BN(privkey,
+ NULL)) == NULL)
{
EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);
goto err;
}
- if ((ecdsa->pub_key = EC_POINT_new(ecdsa->group)) == NULL)
+ if ((eckey->pub_key = EC_POINT_new(eckey->group)) == NULL)
{
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
goto err;
}
- if (!EC_POINT_copy(ecdsa->pub_key, EC_GROUP_get0_generator(ecdsa->group)))
+ if (!EC_POINT_copy(eckey->pub_key,
+ EC_GROUP_get0_generator(eckey->group)))
{
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
goto err;
}
- if (!EC_POINT_mul(ecdsa->group, ecdsa->pub_key, ecdsa->priv_key,
- NULL, NULL, ctx))
+ if (!EC_POINT_mul(eckey->group, eckey->pub_key,
+ eckey->priv_key, NULL, NULL, ctx))
{
EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);
goto err;
}
- EVP_PKEY_assign_ECDSA(pkey, ecdsa);
+ EVP_PKEY_assign_EC_KEY(pkey, eckey);
BN_CTX_free(ctx);
if (n_stack) sk_ASN1_TYPE_pop_free(n_stack, ASN1_TYPE_free);
else
@@ -280,8 +283,9 @@ err:
#ifndef OPENSSL_NO_DSA
if (dsa) DSA_free(dsa);
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (ecdsa) ECDSA_free(ecdsa);
+#ifndef OPENSSL_NO_EC
+ if (eckey)
+ EC_KEY_free(eckey);
#endif
if (pkey) EVP_PKEY_free(pkey);
return NULL;
@@ -348,7 +352,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken)
#endif
#ifndef OPENSSL_NO_ECDSA
case EVP_PKEY_ECDSA:
- if (!ecdsa_pkey2pkcs8(p8, pkey))
+ if (!eckey_pkey2pkcs8(p8, pkey))
{
PKCS8_PRIV_KEY_INFO_free(p8);
return(NULL);
@@ -499,53 +503,54 @@ static int dsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
}
#endif
-#ifndef OPENSSL_NO_ECDSA
-static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
+#ifndef OPENSSL_NO_EC
+static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
{
ASN1_STRING *params=NULL;
ASN1_INTEGER *prkey=NULL;
ASN1_TYPE *ttmp=NULL;
- STACK_OF(ASN1_TYPE) *necdsa=NULL;
+ STACK_OF(ASN1_TYPE) *neckey=NULL;
unsigned char *p=NULL, *q=NULL;
int len=0;
EC_POINT *point=NULL;
- if (pkey->pkey.ecdsa == NULL || pkey->pkey.ecdsa->group == NULL)
+ if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS);
return 0;
}
p8->pkeyalg->algorithm = OBJ_nid2obj(NID_ecdsa_with_SHA1);
- len = i2d_ECDSAParameters(pkey->pkey.ecdsa, NULL);
+ len = i2d_ECParameters(pkey->pkey.eckey, NULL);
if ((p = OPENSSL_malloc(len)) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
return 0;
}
q = p;
- if (!i2d_ECDSAParameters(pkey->pkey.ecdsa, &q))
+ if (!i2d_ECParameters(pkey->pkey.eckey, &q))
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_ECDSA_LIB);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ECDSA_LIB);
OPENSSL_free(p);
return 0;
}
if ((params = ASN1_STRING_new()) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
OPENSSL_free(p);
return 0;
}
if (!ASN1_STRING_set(params, p, len))
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_ASN1_LIB);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
OPENSSL_free(p);
return 0;
}
OPENSSL_free(p);
- if ((prkey = BN_to_ASN1_INTEGER(pkey->pkey.ecdsa->priv_key, NULL)) == NULL)
+ if ((prkey = BN_to_ASN1_INTEGER(pkey->pkey.eckey->priv_key, NULL))
+ == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_ASN1_LIB);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_ASN1_LIB);
return 0;
}
@@ -557,7 +562,7 @@ static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
if (!ASN1_pack_string((char *)prkey, i2d_ASN1_INTEGER,
&p8->pkey->value.octet_string))
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
M_ASN1_INTEGER_free(prkey);
return 0;
}
@@ -572,134 +577,137 @@ static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
p8->pkeyalg->parameter->value.sequence = params;
p8->pkeyalg->parameter->type = V_ASN1_SEQUENCE;
- necdsa = sk_ASN1_TYPE_new_null();
- if (necdsa == NULL || (ttmp = ASN1_TYPE_new()) == NULL)
+ neckey = sk_ASN1_TYPE_new_null();
+ if (neckey == NULL || (ttmp = ASN1_TYPE_new()) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
return 0;
}
- if ((point = EC_GROUP_get0_generator(pkey->pkey.ecdsa->group)) == NULL)
+ if ((point = EC_GROUP_get0_generator(pkey->pkey.eckey->group))
+ == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
return 0;
}
- len = EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, ECDSA_get_conversion_form(pkey->pkey.ecdsa),
- NULL, 0, NULL);
+ len = EC_POINT_point2oct(pkey->pkey.eckey->group, point,
+ pkey->pkey.eckey->conv_form, NULL, 0, NULL);
p = OPENSSL_malloc(len);
- if (!len || !p || !EC_POINT_point2oct(pkey->pkey.ecdsa->group, point,
- ECDSA_get_conversion_form(pkey->pkey.ecdsa), p, len, NULL))
+ if (!len || !p || !EC_POINT_point2oct(pkey->pkey.eckey->group,
+ point, pkey->pkey.eckey->conv_form, p, len, NULL))
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_EC_LIB);
OPENSSL_free(p);
return 0;
}
- if ((ttmp->value.octet_string = ASN1_OCTET_STRING_new()) == NULL)
+ if ((ttmp->value.octet_string =ASN1_OCTET_STRING_new()) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!ASN1_OCTET_STRING_set(ttmp->value.octet_string, p, len))
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, EVP_R_ASN1_LIB);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, EVP_R_ASN1_LIB);
return 0;
}
OPENSSL_free(p);
ttmp->type = V_ASN1_OCTET_STRING;
- if (!sk_ASN1_TYPE_push(necdsa, ttmp))
+ if (!sk_ASN1_TYPE_push(neckey, ttmp))
{
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
ASN1_INTEGER_free(prkey);
return 0;
}
if ((ttmp = ASN1_TYPE_new()) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
return 0;
}
ttmp->value.integer = prkey;
ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(necdsa, ttmp))
+ if (!sk_ASN1_TYPE_push(neckey, ttmp))
{
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
ASN1_INTEGER_free(prkey);
return 0;
}
- if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) == NULL)
+ if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())
+ == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
return 0;
}
- if (!ASN1_seq_pack_ASN1_TYPE(necdsa, i2d_ASN1_TYPE,
+ if (!ASN1_seq_pack_ASN1_TYPE(neckey, i2d_ASN1_TYPE,
&p8->pkey->value.octet_string->data,
&p8->pkey->value.octet_string->length))
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
return 0;
}
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
break;
case PKCS8_EMBEDDED_PARAM:
p8->pkeyalg->parameter->type = V_ASN1_NULL;
- necdsa = sk_ASN1_TYPE_new_null();
+ neckey = sk_ASN1_TYPE_new_null();
if ((ttmp = ASN1_TYPE_new()) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
ASN1_INTEGER_free(prkey);
return 0;
}
ttmp->value.sequence = params;
ttmp->type = V_ASN1_SEQUENCE;
- if (!sk_ASN1_TYPE_push(necdsa, ttmp))
+ if (!sk_ASN1_TYPE_push(neckey, ttmp))
{
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
ASN1_INTEGER_free(prkey);
return 0;
}
if ((ttmp = ASN1_TYPE_new()) == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
ASN1_INTEGER_free(prkey);
return 0;
}
ttmp->value.integer = prkey;
ttmp->type = V_ASN1_INTEGER;
- if (!sk_ASN1_TYPE_push(necdsa, ttmp))
+ if (!sk_ASN1_TYPE_push(neckey, ttmp))
{
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
ASN1_INTEGER_free(prkey);
return 0;
}
- if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new()) == NULL)
+ if ((p8->pkey->value.octet_string = ASN1_OCTET_STRING_new())
+ == NULL)
{
- EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ EVPerr(EVP_F_EC_KEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
return 0;
}
- if (!ASN1_seq_pack_ASN1_TYPE(necdsa, i2d_ASN1_TYPE,
+ if (!ASN1_seq_pack_ASN1_TYPE(neckey, i2d_ASN1_TYPE,
&p8->pkey->value.octet_string->data,
&p8->pkey->value.octet_string->length))
{
EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_MALLOC_FAILURE);
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
return 0;
}
- sk_ASN1_TYPE_pop_free(necdsa, ASN1_TYPE_free);
+ sk_ASN1_TYPE_pop_free(neckey, ASN1_TYPE_free);
break;
}
return 1;
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index fcb5711753..ac0556b488 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -79,8 +79,8 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
else if (pkey->type == EVP_PKEY_DSA)
return(BN_num_bits(pkey->pkey.dsa->p));
#endif
-#ifndef OPENSSL_NO_ECDSA
- else if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ else if (pkey->type == EVP_PKEY_EC)
{
BIGNUM *order = BN_new();
int ret;
@@ -90,7 +90,7 @@ int EVP_PKEY_bits(EVP_PKEY *pkey)
ERR_clear_error();
return 0;
}
- if (!EC_GROUP_get_order(pkey->pkey.ecdsa->group, order, NULL))
+ if (!EC_GROUP_get_order(pkey->pkey.eckey->group, order, NULL))
{
ERR_clear_error();
return 0;
@@ -117,9 +117,9 @@ int EVP_PKEY_size(EVP_PKEY *pkey)
if (pkey->type == EVP_PKEY_DSA)
return(DSA_size(pkey->pkey.dsa));
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
- return(ECDSA_size(pkey->pkey.ecdsa));
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
+ return(ECDSA_size(pkey->pkey.eckey));
#endif
return(0);
@@ -181,13 +181,16 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, EVP_PKEY *from)
to->pkey.dsa->g=a;
}
#endif
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
if (to->type == EVP_PKEY_ECDSA)
{
- if (to->pkey.ecdsa->group != NULL)
- EC_GROUP_free(to->pkey.ecdsa->group);
- if ((to->pkey.ecdsa->group = EC_GROUP_new(EC_GROUP_method_of(from->pkey.ecdsa->group))) == NULL) goto err;
- if (!EC_GROUP_copy(to->pkey.ecdsa->group,from->pkey.ecdsa->group)) goto err;
+ if (to->pkey.eckey->group != NULL)
+ EC_GROUP_free(to->pkey.eckey->group);
+ if ((to->pkey.eckey->group = EC_GROUP_new(
+ EC_GROUP_method_of(from->pkey.eckey->group))) == NULL)
+ goto err;
+ if (!EC_GROUP_copy(to->pkey.eckey->group,
+ from->pkey.eckey->group)) goto err;
}
#endif
return(1);
@@ -207,10 +210,10 @@ int EVP_PKEY_missing_parameters(EVP_PKEY *pkey)
return(1);
}
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+ if (pkey->type == EVP_PKEY_EC)
{
- if (pkey->pkey.ecdsa->group == NULL)
+ if (pkey->pkey.eckey->group == NULL)
return(1);
}
#endif
@@ -303,24 +306,24 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey)
}
#endif
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
-int EVP_PKEY_set1_ECDSA(EVP_PKEY *pkey, ECDSA *key)
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key)
{
- int ret = EVP_PKEY_assign_ECDSA(pkey,key);
- if (ret) CRYPTO_add(&key->references, 1,CRYPTO_LOCK_ECDSA);
+ int ret = EVP_PKEY_assign_EC_KEY(pkey,key);
+ if (ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EC);
return ret;
}
-ECDSA *EVP_PKEY_get1_ECDSA(EVP_PKEY *pkey)
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey)
{
- if (pkey->type != EVP_PKEY_ECDSA)
+ if (pkey->type != EVP_PKEY_EC)
{
- EVPerr(EVP_F_EVP_PKEY_GET1_ECDSA, EVP_R_EXPECTING_A_ECDSA_KEY);
+ EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY);
return NULL;
}
- CRYPTO_add(&pkey->pkey.ecdsa->references, 1, CRYPTO_LOCK_ECDSA);
- return pkey->pkey.ecdsa;
+ CRYPTO_add(&pkey->pkey.eckey->references, 1, CRYPTO_LOCK_EC);
+ return pkey->pkey.eckey;
}
#endif
@@ -361,8 +364,8 @@ int EVP_PKEY_type(int type)
return(EVP_PKEY_DSA);
case EVP_PKEY_DH:
return(EVP_PKEY_DH);
- case EVP_PKEY_ECDSA:
- return(EVP_PKEY_ECDSA);
+ case EVP_PKEY_EC:
+ return(EVP_PKEY_EC);
default:
return(NID_undef);
}
@@ -408,9 +411,9 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
DSA_free(x->pkey.dsa);
break;
#endif
-#ifndef OPENSSL_NO_ECDSA
- case EVP_PKEY_ECDSA:
- ECDSA_free(x->pkey.ecdsa);
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ EC_KEY_free(x->pkey.eckey);
break;
#endif
#ifndef OPENSSL_NO_DH
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index d5805ab85a..fb196562fa 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -578,13 +578,10 @@ DECLARE_PEM_rw(DSAparams, DSA)
#endif
-#ifndef OPENSSL_NO_ECDSA
-DECLARE_PEM_rw_cb(ECDSAPrivateKey, ECDSA)
-DECLARE_PEM_rw(ECDSA_PUBKEY, ECDSA)
-#endif
-
#ifndef OPENSSL_NO_EC
DECLARE_PEM_rw(ECPKParameters, EC_GROUP)
+DECLARE_PEM_rw_cb(ECPrivateKey, EC_KEY)
+DECLARE_PEM_rw(EC_PUBKEY, EC_KEY)
#endif
#ifndef OPENSSL_NO_DH
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
index 0b818d2e87..60f5188f30 100644
--- a/crypto/pem/pem_all.c
+++ b/crypto/pem/pem_all.c
@@ -125,8 +125,8 @@ static RSA *pkey_get_rsa(EVP_PKEY *key, RSA **rsa);
static DSA *pkey_get_dsa(EVP_PKEY *key, DSA **dsa);
#endif
-#ifndef OPENSSL_NO_ECDSA
-static ECDSA *pkey_get_ecdsa(EVP_PKEY *key, ECDSA **ecdsa);
+#ifndef OPENSSL_NO_EC
+static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey);
#endif
IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ)
@@ -234,52 +234,51 @@ IMPLEMENT_PEM_rw(DSAparams, DSA, PEM_STRING_DSAPARAMS, DSAparams)
#endif
-#ifndef OPENSSL_NO_ECDSA
-static ECDSA *pkey_get_ecdsa(EVP_PKEY *key, ECDSA **ecdsa)
+#ifndef OPENSSL_NO_EC
+static EC_KEY *pkey_get_eckey(EVP_PKEY *key, EC_KEY **eckey)
{
- ECDSA *dtmp;
+ EC_KEY *dtmp;
if(!key) return NULL;
- dtmp = EVP_PKEY_get1_ECDSA(key);
+ dtmp = EVP_PKEY_get1_EC_KEY(key);
EVP_PKEY_free(key);
if(!dtmp) return NULL;
- if(ecdsa)
+ if(eckey)
{
- ECDSA_free(*ecdsa);
- *ecdsa = dtmp;
+ EC_KEY_free(*eckey);
+ *eckey = dtmp;
}
return dtmp;
}
-ECDSA *PEM_read_bio_ECDSAPrivateKey(BIO *bp, ECDSA **ecdsa, pem_password_cb *cb,
+EC_KEY *PEM_read_bio_ECPrivateKey(BIO *bp, EC_KEY **key, pem_password_cb *cb,
void *u)
{
EVP_PKEY *pktmp;
pktmp = PEM_read_bio_PrivateKey(bp, NULL, cb, u);
- return pkey_get_ecdsa(pktmp, ecdsa);
+ return pkey_get_eckey(pktmp, key);
}
-IMPLEMENT_PEM_write_cb(ECDSAPrivateKey, ECDSA, PEM_STRING_ECPRIVATEKEY, ECDSAPrivateKey)
-IMPLEMENT_PEM_rw(ECDSA_PUBKEY, ECDSA, PEM_STRING_PUBLIC, ECDSA_PUBKEY)
+IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
+
+IMPLEMENT_PEM_write_cb(ECPrivateKey, EC_KEY, PEM_STRING_ECPRIVATEKEY, ECPrivateKey)
+
+IMPLEMENT_PEM_rw(EC_PUBKEY, EC_KEY, PEM_STRING_PUBLIC, EC_PUBKEY)
#ifndef OPENSSL_NO_FP_API
-ECDSA *PEM_read_ECDSAPrivateKey(FILE *fp, ECDSA **ecdsa, pem_password_cb *cb,
+EC_KEY *PEM_read_ECPrivateKey(FILE *fp, EC_KEY **eckey, pem_password_cb *cb,
void *u)
{
EVP_PKEY *pktmp;
pktmp = PEM_read_PrivateKey(fp, NULL, cb, u);
- return pkey_get_ecdsa(pktmp, ecdsa);
+ return pkey_get_eckey(pktmp, eckey);
}
#endif
#endif
-#ifndef OPENSSL_NO_EC
-IMPLEMENT_PEM_rw(ECPKParameters, EC_GROUP, PEM_STRING_ECPARAMETERS, ECPKParameters)
-#endif
-
#ifndef OPENSSL_NO_DH
IMPLEMENT_PEM_rw(DHparams, DH, PEM_STRING_DHPARAMS, DHparams)
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index a577d38687..328afd2e95 100644
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -203,10 +203,10 @@ start:
}
else
#endif
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
{
- d2i=(char *(*)())d2i_ECDSAPrivateKey;
+ d2i=(char *(*)())d2i_ECPrivateKey;
if (xi->x_pkey != NULL)
{
if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -220,8 +220,8 @@ start:
xi->x_pkey=X509_PKEY_new();
if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
goto err;
- xi->x_pkey->dec_pkey->type=EVP_PKEY_ECDSA;
- pp=(char **)&(xi->x_pkey->dec_pkey->pkey.ecdsa);
+ xi->x_pkey->dec_pkey->type=EVP_PKEY_EC;
+ pp=(char **)&(xi->x_pkey->dec_pkey->pkey.eckey);
if ((int)strlen(header) > 10) /* assume encrypted */
raw=1;
}
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 7687e3bf2e..46a6e5a872 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -81,6 +81,10 @@
#include <openssl/dsa.h>
#endif
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
+#endif
+
#ifndef OPENSSL_NO_ECDSA
#include <openssl/ecdsa.h>
#endif
@@ -656,15 +660,15 @@ extern "C" {
#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
(unsigned char *)dsa)
-#define d2i_ECDSAPrivateKey_fp(fp,ecdsa) (ECDSA *)ASN1_d2i_fp((char *(*)())\
- ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (fp), \
+#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\
+ EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \
(unsigned char **)(ecdsa))
-#define i2d_ECDSAPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECDSAPrivateKey,fp, \
+#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \
(unsigned char *)ecdsa)
-#define d2i_ECDSAPrivateKey_bio(bp,ecdsa) (ECDSA *)ASN1_d2i_bio((char *(*)())\
- ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (bp), \
+#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\
+ EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \
(unsigned char **)(ecdsa))
-#define i2d_ECDSAPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECDSAPrivateKey,bp, \
+#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \
(unsigned char *)ecdsa)
#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
@@ -770,11 +774,11 @@ int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
#endif
-#ifndef OPENSSL_NO_ECDSA
-ECDSA *d2i_ECDSA_PUBKEY_fp(FILE *fp, ECDSA **ecdsa);
-int i2d_ECDSA_PUBKEY_fp(FILE *fp, ECDSA *ecdsa);
-ECDSA *d2i_ECDSAPrivateKey_fp(FILE *fp, ECDSA **ecdsa);
-int i2d_ECDSAPrivateKey_fp(FILE *fp, ECDSA *ecdsa);
+#ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
+int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
#endif
X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
@@ -809,11 +813,11 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
#endif
-#ifndef OPENSSL_NO_ECDSA
-ECDSA *d2i_ECDSA_PUBKEY_bio(BIO *bp, ECDSA **ecdsa);
-int i2d_ECDSA_PUBKEY_bio(BIO *bp, ECDSA *ecdsa);
-ECDSA *d2i_ECDSAPrivateKey_bio(BIO *bp, ECDSA **ecdsa);
-int i2d_ECDSAPrivateKey_bio(BIO *bp, ECDSA *ecdsa);
+#ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
+int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
+int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
#endif
X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
@@ -879,9 +883,9 @@ int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp);
DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp,
long length);
#endif
-#ifndef OPENSSL_NO_ECDSA
-int i2d_ECDSA_PUBKEY(ECDSA *a, unsigned char **pp);
-ECDSA *d2i_ECDSA_PUBKEY(ECDSA **a, unsigned char **pp,
+#ifndef OPENSSL_NO_EC
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp,
long length);
#endif
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
index dbbe0a9236..415e5f3863 100644
--- a/crypto/x509/x509_cmp.c
+++ b/crypto/x509/x509_cmp.c
@@ -295,10 +295,11 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
}
break;
#endif
-#ifndef OPENSSL_NO_ECDSA
- case EVP_PKEY_ECDSA:
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
{
- int r = EC_POINT_cmp(xk->pkey.ecdsa->group,xk->pkey.ecdsa->pub_key,k->pkey.ecdsa->pub_key,NULL);
+ int r = EC_POINT_cmp(xk->pkey.eckey->group,
+ xk->pkey.eckey->pub_key,k->pkey.eckey->pub_key,NULL);
if (r != 0)
{
if (r == 1)
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index cc1ff90e9a..801df78f08 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c
@@ -325,59 +325,58 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
#endif
-#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_EC
#ifndef OPENSSL_NO_FP_API
-ECDSA *d2i_ECDSAPrivateKey_fp(FILE *fp, ECDSA **ecdsa)
+EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
{
- return((ECDSA *)ASN1_d2i_fp((char *(*)())
- ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (fp),
- (unsigned char **)(ecdsa)));
+ return((EC_KEY *)ASN1_d2i_fp((char *(*)())
+ EC_KEY_new,(char *(*)())d2i_EC_PUBKEY, (fp),
+ (unsigned char **)(eckey)));
}
-int i2d_ECDSAPrivateKey_fp(FILE *fp, ECDSA *ecdsa)
+int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
{
- return(ASN1_i2d_fp(i2d_ECDSAPrivateKey,fp,(unsigned char *)ecdsa));
+ return(ASN1_i2d_fp(i2d_EC_PUBKEY,fp,(unsigned char *)eckey));
}
-
-ECDSA *d2i_ECDSA_PUBKEY_fp(FILE *fp, ECDSA **ecdsa)
+
+EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
{
- return((ECDSA *)ASN1_d2i_fp((char *(*)())
- ECDSA_new,(char *(*)())d2i_ECDSA_PUBKEY, (fp),
- (unsigned char **)(ecdsa)));
+ return((EC_KEY *)ASN1_d2i_fp((char *(*)())
+ EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp),
+ (unsigned char **)(eckey)));
}
-int i2d_ECDSA_PUBKEY_fp(FILE *fp, ECDSA *ecdsa)
+int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
{
- return(ASN1_i2d_fp(i2d_ECDSA_PUBKEY,fp,(unsigned char *)ecdsa));
+ return(ASN1_i2d_fp(i2d_ECPrivateKey,fp,(unsigned char *)eckey));
}
#endif
-
-ECDSA *d2i_ECDSAPrivateKey_bio(BIO *bp, ECDSA **ecdsa)
+EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
{
- return((ECDSA *)ASN1_d2i_bio((char *(*)())
- ECDSA_new,(char *(*)())d2i_ECDSAPrivateKey, (bp),
- (unsigned char **)(ecdsa)));
+ return((EC_KEY *)ASN1_d2i_bio((char *(*)())
+ EC_KEY_new,(char *(*)())d2i_EC_PUBKEY, (bp),
+ (unsigned char **)(eckey)));
}
-int i2d_ECDSAPrivateKey_bio(BIO *bp, ECDSA *ecdsa)
+int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
{
- return(ASN1_i2d_bio(i2d_ECDSAPrivateKey,bp,(unsigned char *)ecdsa));
+ return(ASN1_i2d_bio(i2d_EC_PUBKEY,bp,(unsigned char *)ecdsa));
}
-
-ECDSA *d2i_ECDSA_PUBKEY_bio(BIO *bp, ECDSA **ecdsa)
+
+EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
{
- return((ECDSA *)ASN1_d2i_bio((char *(*)())
- ECDSA_new,(char *(*)())d2i_ECDSA_PUBKEY, (bp),
- (unsigned char **)(ecdsa)));
+ return((EC_KEY *)ASN1_d2i_bio((char *(*)())
+ EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp),
+ (unsigned char **)(eckey)));
}
-int i2d_ECDSA_PUBKEY_bio(BIO *bp, ECDSA *ecdsa)
+int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
{
- return(ASN1_i2d_bio(i2d_ECDSA_PUBKEY,bp,(unsigned char *)ecdsa));
+ return(ASN1_i2d_bio(i2d_ECPrivateKey,bp,(unsigned char *)eckey));
}
-
#endif
+
int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
unsigned int *len)
{