OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
ec_asn1.c
Go to the documentation of this file.
1 /* crypto/ec/ec_asn1.c */
2 /*
3  * Written by Nils Larsch for the OpenSSL project.
4  */
5 /* ====================================================================
6  * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  * notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  * notice, this list of conditions and the following disclaimer in
17  * the documentation and/or other materials provided with the
18  * distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  * software must display the following acknowledgment:
22  * "This product includes software developed by the OpenSSL Project
23  * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  * endorse or promote products derived from this software without
27  * prior written permission. For written permission, please contact
28  * [email protected].
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  * nor may "OpenSSL" appear in their names without prior written
32  * permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  * acknowledgment:
36  * "This product includes software developed by the OpenSSL Project
37  * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * ([email protected]). This product includes software written by Tim
55  * Hudson ([email protected]).
56  *
57  */
58 
59 #include <string.h>
60 #include "ec_lcl.h"
61 #include <openssl/err.h>
62 #include <openssl/asn1t.h>
63 #include <openssl/objects.h>
64 
65 
66 int EC_GROUP_get_basis_type(const EC_GROUP *group)
67  {
68  int i=0;
69 
70  if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
71  NID_X9_62_characteristic_two_field)
72  /* everything else is currently not supported */
73  return 0;
74 
75  while (group->poly[i] != 0)
76  i++;
77 
78  if (i == 4)
79  return NID_X9_62_ppBasis;
80  else if (i == 2)
81  return NID_X9_62_tpBasis;
82  else
83  /* everything else is currently not supported */
84  return 0;
85  }
86 #ifndef OPENSSL_NO_EC2M
87 int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
88  {
89  if (group == NULL)
90  return 0;
91 
92  if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
93  || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0)))
94  {
95  ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
96  return 0;
97  }
98 
99  if (k)
100  *k = group->poly[1];
101 
102  return 1;
103  }
104 int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
105  unsigned int *k2, unsigned int *k3)
106  {
107  if (group == NULL)
108  return 0;
109 
110  if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
111  || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0)))
112  {
113  ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
114  return 0;
115  }
116 
117  if (k1)
118  *k1 = group->poly[3];
119  if (k2)
120  *k2 = group->poly[2];
121  if (k3)
122  *k3 = group->poly[1];
123 
124  return 1;
125  }
126 #endif
127 
128 
129 /* some structures needed for the asn1 encoding */
130 typedef struct x9_62_pentanomial_st {
131  long k1;
132  long k2;
133  long k3;
134  } X9_62_PENTANOMIAL;
135 
136 typedef struct x9_62_characteristic_two_st {
137  long m;
138  ASN1_OBJECT *type;
139  union {
140  char *ptr;
141  /* NID_X9_62_onBasis */
142  ASN1_NULL *onBasis;
143  /* NID_X9_62_tpBasis */
144  ASN1_INTEGER *tpBasis;
145  /* NID_X9_62_ppBasis */
146  X9_62_PENTANOMIAL *ppBasis;
147  /* anything else */
148  ASN1_TYPE *other;
149  } p;
150  } X9_62_CHARACTERISTIC_TWO;
151 
152 typedef struct x9_62_fieldid_st {
153  ASN1_OBJECT *fieldType;
154  union {
155  char *ptr;
156  /* NID_X9_62_prime_field */
157  ASN1_INTEGER *prime;
158  /* NID_X9_62_characteristic_two_field */
159  X9_62_CHARACTERISTIC_TWO *char_two;
160  /* anything else */
161  ASN1_TYPE *other;
162  } p;
163  } X9_62_FIELDID;
164 
165 typedef struct x9_62_curve_st {
166  ASN1_OCTET_STRING *a;
167  ASN1_OCTET_STRING *b;
168  ASN1_BIT_STRING *seed;
169  } X9_62_CURVE;
170 
171 typedef struct ec_parameters_st {
172  long version;
173  X9_62_FIELDID *fieldID;
174  X9_62_CURVE *curve;
175  ASN1_OCTET_STRING *base;
176  ASN1_INTEGER *order;
177  ASN1_INTEGER *cofactor;
178  } ECPARAMETERS;
179 
180 struct ecpk_parameters_st {
181  int type;
182  union {
183  ASN1_OBJECT *named_curve;
184  ECPARAMETERS *parameters;
185  ASN1_NULL *implicitlyCA;
186  } value;
187  }/* ECPKPARAMETERS */;
188 
189 /* SEC1 ECPrivateKey */
190 typedef struct ec_privatekey_st {
191  long version;
192  ASN1_OCTET_STRING *privateKey;
193  ECPKPARAMETERS *parameters;
194  ASN1_BIT_STRING *publicKey;
195  } EC_PRIVATEKEY;
196 
197 /* the OpenSSL ASN.1 definitions */
198 ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
199  ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG),
200  ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG),
201  ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG)
202 } ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
203 
204 DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
205 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL)
206 
207 ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY);
208 
209 ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = {
210  ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onBasis, ASN1_NULL)),
211  ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpBasis, ASN1_INTEGER)),
212  ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppBasis, X9_62_PENTANOMIAL))
213 } ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL);
214 
215 ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
216  ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG),
217  ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT),
218  ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO)
219 } ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
220 
221 DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
222 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO)
223 
224 ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
225 
226 ASN1_ADB(X9_62_FIELDID) = {
227  ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),
228  ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID, p.char_two, X9_62_CHARACTERISTIC_TWO))
229 } ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);
230 
231 ASN1_SEQUENCE(X9_62_FIELDID) = {
232  ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
233  ASN1_ADB_OBJECT(X9_62_FIELDID)
234 } ASN1_SEQUENCE_END(X9_62_FIELDID)
235 
236 ASN1_SEQUENCE(X9_62_CURVE) = {
237  ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
238  ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
239  ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
240 } ASN1_SEQUENCE_END(X9_62_CURVE)
241 
242 ASN1_SEQUENCE(ECPARAMETERS) = {
243  ASN1_SIMPLE(ECPARAMETERS, version, LONG),
244  ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
245  ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
246  ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
247  ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
248  ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)
249 } ASN1_SEQUENCE_END(ECPARAMETERS)
250 
251 DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
252 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS)
253 
254 ASN1_CHOICE(ECPKPARAMETERS) = {
255  ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
256  ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
257  ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
258 } ASN1_CHOICE_END(ECPKPARAMETERS)
259 
260 DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
261 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
262 IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
263 
264 ASN1_SEQUENCE(EC_PRIVATEKEY) = {
265  ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
266  ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
267  ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
268  ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
269 } ASN1_SEQUENCE_END(EC_PRIVATEKEY)
270 
271 DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
272 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
273 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
274 
275 /* some declarations of internal function */
276 
277 /* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */
278 static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *);
279 /* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */
280 static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
281 /* ec_asn1_parameters2group() creates a EC_GROUP object from a
282  * ECPARAMETERS object */
283 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
284 /* ec_asn1_group2parameters() creates a ECPARAMETERS object from a
285  * EC_GROUP object */
286 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,ECPARAMETERS *);
287 /* ec_asn1_pkparameters2group() creates a EC_GROUP object from a
288  * ECPKPARAMETERS object */
289 static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
290 /* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a
291  * EC_GROUP object */
292 static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
293  ECPKPARAMETERS *);
294 
295 
296 /* the function definitions */
297 
298 static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
299  {
300  int ok=0, nid;
301  BIGNUM *tmp = NULL;
302 
303  if (group == NULL || field == NULL)
304  return 0;
305 
306  /* clear the old values (if necessary) */
307  if (field->fieldType != NULL)
308  ASN1_OBJECT_free(field->fieldType);
309  if (field->p.other != NULL)
310  ASN1_TYPE_free(field->p.other);
311 
312  nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
313  /* set OID for the field */
314  if ((field->fieldType = OBJ_nid2obj(nid)) == NULL)
315  {
316  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
317  goto err;
318  }
319 
320  if (nid == NID_X9_62_prime_field)
321  {
322  if ((tmp = BN_new()) == NULL)
323  {
324  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
325  goto err;
326  }
327  /* the parameters are specified by the prime number p */
328  if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL))
329  {
330  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
331  goto err;
332  }
333  /* set the prime number */
334  field->p.prime = BN_to_ASN1_INTEGER(tmp,NULL);
335  if (field->p.prime == NULL)
336  {
337  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
338  goto err;
339  }
340  }
341  else /* nid == NID_X9_62_characteristic_two_field */
342 #ifdef OPENSSL_NO_EC2M
343  {
344  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
345  goto err;
346  }
347 #else
348  {
349  int field_type;
350  X9_62_CHARACTERISTIC_TWO *char_two;
351 
352  field->p.char_two = X9_62_CHARACTERISTIC_TWO_new();
353  char_two = field->p.char_two;
354 
355  if (char_two == NULL)
356  {
357  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
358  goto err;
359  }
360 
361  char_two->m = (long)EC_GROUP_get_degree(group);
362 
363  field_type = EC_GROUP_get_basis_type(group);
364 
365  if (field_type == 0)
366  {
367  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
368  goto err;
369  }
370  /* set base type OID */
371  if ((char_two->type = OBJ_nid2obj(field_type)) == NULL)
372  {
373  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
374  goto err;
375  }
376 
377  if (field_type == NID_X9_62_tpBasis)
378  {
379  unsigned int k;
380 
381  if (!EC_GROUP_get_trinomial_basis(group, &k))
382  goto err;
383 
384  char_two->p.tpBasis = ASN1_INTEGER_new();
385  if (!char_two->p.tpBasis)
386  {
387  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
388  goto err;
389  }
390  if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k))
391  {
392  ECerr(EC_F_EC_ASN1_GROUP2FIELDID,
393  ERR_R_ASN1_LIB);
394  goto err;
395  }
396  }
397  else if (field_type == NID_X9_62_ppBasis)
398  {
399  unsigned int k1, k2, k3;
400 
401  if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))
402  goto err;
403 
404  char_two->p.ppBasis = X9_62_PENTANOMIAL_new();
405  if (!char_two->p.ppBasis)
406  {
407  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
408  goto err;
409  }
410 
411  /* set k? values */
412  char_two->p.ppBasis->k1 = (long)k1;
413  char_two->p.ppBasis->k2 = (long)k2;
414  char_two->p.ppBasis->k3 = (long)k3;
415  }
416  else /* field_type == NID_X9_62_onBasis */
417  {
418  /* for ONB the parameters are (asn1) NULL */
419  char_two->p.onBasis = ASN1_NULL_new();
420  if (!char_two->p.onBasis)
421  {
422  ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
423  goto err;
424  }
425  }
426  }
427 #endif
428 
429  ok = 1;
430 
431 err : if (tmp)
432  BN_free(tmp);
433  return(ok);
434 }
435 
436 static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
437  {
438  int ok=0, nid;
439  BIGNUM *tmp_1=NULL, *tmp_2=NULL;
440  unsigned char *buffer_1=NULL, *buffer_2=NULL,
441  *a_buf=NULL, *b_buf=NULL;
442  size_t len_1, len_2;
443  unsigned char char_zero = 0;
444 
445  if (!group || !curve || !curve->a || !curve->b)
446  return 0;
447 
448  if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL)
449  {
450  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
451  goto err;
452  }
453 
454  nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
455 
456  /* get a and b */
457  if (nid == NID_X9_62_prime_field)
458  {
459  if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL))
460  {
461  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
462  goto err;
463  }
464  }
465 #ifndef OPENSSL_NO_EC2M
466  else /* nid == NID_X9_62_characteristic_two_field */
467  {
468  if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL))
469  {
470  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
471  goto err;
472  }
473  }
474 #endif
475  len_1 = (size_t)BN_num_bytes(tmp_1);
476  len_2 = (size_t)BN_num_bytes(tmp_2);
477 
478  if (len_1 == 0)
479  {
480  /* len_1 == 0 => a == 0 */
481  a_buf = &char_zero;
482  len_1 = 1;
483  }
484  else
485  {
486  if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL)
487  {
488  ECerr(EC_F_EC_ASN1_GROUP2CURVE,
489  ERR_R_MALLOC_FAILURE);
490  goto err;
491  }
492  if ( (len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0)
493  {
494  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
495  goto err;
496  }
497  a_buf = buffer_1;
498  }
499 
500  if (len_2 == 0)
501  {
502  /* len_2 == 0 => b == 0 */
503  b_buf = &char_zero;
504  len_2 = 1;
505  }
506  else
507  {
508  if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL)
509  {
510  ECerr(EC_F_EC_ASN1_GROUP2CURVE,
511  ERR_R_MALLOC_FAILURE);
512  goto err;
513  }
514  if ( (len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0)
515  {
516  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
517  goto err;
518  }
519  b_buf = buffer_2;
520  }
521 
522  /* set a and b */
523  if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) ||
524  !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2))
525  {
526  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
527  goto err;
528  }
529 
530  /* set the seed (optional) */
531  if (group->seed)
532  {
533  if (!curve->seed)
534  if ((curve->seed = ASN1_BIT_STRING_new()) == NULL)
535  {
536  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
537  goto err;
538  }
539  curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
540  curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
541  if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
542  (int)group->seed_len))
543  {
544  ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
545  goto err;
546  }
547  }
548  else
549  {
550  if (curve->seed)
551  {
552  ASN1_BIT_STRING_free(curve->seed);
553  curve->seed = NULL;
554  }
555  }
556 
557  ok = 1;
558 
559 err: if (buffer_1)
560  OPENSSL_free(buffer_1);
561  if (buffer_2)
562  OPENSSL_free(buffer_2);
563  if (tmp_1)
564  BN_free(tmp_1);
565  if (tmp_2)
566  BN_free(tmp_2);
567  return(ok);
568  }
569 
570 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
571  ECPARAMETERS *param)
572  {
573  int ok=0;
574  size_t len=0;
575  ECPARAMETERS *ret=NULL;
576  BIGNUM *tmp=NULL;
577  unsigned char *buffer=NULL;
578  const EC_POINT *point=NULL;
579  point_conversion_form_t form;
580 
581  if ((tmp = BN_new()) == NULL)
582  {
583  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
584  goto err;
585  }
586 
587  if (param == NULL)
588  {
589  if ((ret = ECPARAMETERS_new()) == NULL)
590  {
591  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
592  ERR_R_MALLOC_FAILURE);
593  goto err;
594  }
595  }
596  else
597  ret = param;
598 
599  /* set the version (always one) */
600  ret->version = (long)0x1;
601 
602  /* set the fieldID */
603  if (!ec_asn1_group2fieldid(group, ret->fieldID))
604  {
605  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
606  goto err;
607  }
608 
609  /* set the curve */
610  if (!ec_asn1_group2curve(group, ret->curve))
611  {
612  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
613  goto err;
614  }
615 
616  /* set the base point */
617  if ((point = EC_GROUP_get0_generator(group)) == NULL)
618  {
619  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
620  goto err;
621  }
622 
623  form = EC_GROUP_get_point_conversion_form(group);
624 
625  len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
626  if (len == 0)
627  {
628  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
629  goto err;
630  }
631  if ((buffer = OPENSSL_malloc(len)) == NULL)
632  {
633  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
634  goto err;
635  }
636  if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL))
637  {
638  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
639  goto err;
640  }
641  if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL)
642  {
643  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
644  goto err;
645  }
646  if (!ASN1_OCTET_STRING_set(ret->base, buffer, len))
647  {
648  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
649  goto err;
650  }
651 
652  /* set the order */
653  if (!EC_GROUP_get_order(group, tmp, NULL))
654  {
655  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
656  goto err;
657  }
658  ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
659  if (ret->order == NULL)
660  {
661  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
662  goto err;
663  }
664 
665  /* set the cofactor (optional) */
666  if (EC_GROUP_get_cofactor(group, tmp, NULL))
667  {
668  ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
669  if (ret->cofactor == NULL)
670  {
671  ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
672  goto err;
673  }
674  }
675 
676  ok = 1;
677 
678 err : if(!ok)
679  {
680  if (ret && !param)
681  ECPARAMETERS_free(ret);
682  ret = NULL;
683  }
684  if (tmp)
685  BN_free(tmp);
686  if (buffer)
687  OPENSSL_free(buffer);
688  return(ret);
689  }
690 
691 ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
692  ECPKPARAMETERS *params)
693  {
694  int ok = 1, tmp;
695  ECPKPARAMETERS *ret = params;
696 
697  if (ret == NULL)
698  {
699  if ((ret = ECPKPARAMETERS_new()) == NULL)
700  {
701  ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS,
702  ERR_R_MALLOC_FAILURE);
703  return NULL;
704  }
705  }
706  else
707  {
708  if (ret->type == 0 && ret->value.named_curve)
709  ASN1_OBJECT_free(ret->value.named_curve);
710  else if (ret->type == 1 && ret->value.parameters)
711  ECPARAMETERS_free(ret->value.parameters);
712  }
713 
714  if (EC_GROUP_get_asn1_flag(group))
715  {
716  /* use the asn1 OID to describe the
717  * the elliptic curve parameters
718  */
719  tmp = EC_GROUP_get_curve_name(group);
720  if (tmp)
721  {
722  ret->type = 0;
723  if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
724  ok = 0;
725  }
726  else
727  /* we don't kmow the nid => ERROR */
728  ok = 0;
729  }
730  else
731  {
732  /* use the ECPARAMETERS structure */
733  ret->type = 1;
734  if ((ret->value.parameters = ec_asn1_group2parameters(
735  group, NULL)) == NULL)
736  ok = 0;
737  }
738 
739  if (!ok)
740  {
741  ECPKPARAMETERS_free(ret);
742  return NULL;
743  }
744  return ret;
745  }
746 
747 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
748  {
749  int ok = 0, tmp;
750  EC_GROUP *ret = NULL;
751  BIGNUM *p = NULL, *a = NULL, *b = NULL;
752  EC_POINT *point=NULL;
753  long field_bits;
754 
755  if (!params->fieldID || !params->fieldID->fieldType ||
756  !params->fieldID->p.ptr)
757  {
758  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
759  goto err;
760  }
761 
762  /* now extract the curve parameters a and b */
763  if (!params->curve || !params->curve->a ||
764  !params->curve->a->data || !params->curve->b ||
765  !params->curve->b->data)
766  {
767  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
768  goto err;
769  }
770  a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL);
771  if (a == NULL)
772  {
773  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
774  goto err;
775  }
776  b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
777  if (b == NULL)
778  {
779  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
780  goto err;
781  }
782 
783  /* get the field parameters */
784  tmp = OBJ_obj2nid(params->fieldID->fieldType);
785  if (tmp == NID_X9_62_characteristic_two_field)
786 #ifdef OPENSSL_NO_EC2M
787  {
788  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
789  goto err;
790  }
791 #else
792  {
793  X9_62_CHARACTERISTIC_TWO *char_two;
794 
795  char_two = params->fieldID->p.char_two;
796 
797  field_bits = char_two->m;
798  if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
799  {
800  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
801  goto err;
802  }
803 
804  if ((p = BN_new()) == NULL)
805  {
806  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
807  goto err;
808  }
809 
810  /* get the base type */
811  tmp = OBJ_obj2nid(char_two->type);
812 
813  if (tmp == NID_X9_62_tpBasis)
814  {
815  long tmp_long;
816 
817  if (!char_two->p.tpBasis)
818  {
819  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
820  goto err;
821  }
822 
823  tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
824 
825  if (!(char_two->m > tmp_long && tmp_long > 0))
826  {
827  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
828  goto err;
829  }
830 
831  /* create the polynomial */
832  if (!BN_set_bit(p, (int)char_two->m))
833  goto err;
834  if (!BN_set_bit(p, (int)tmp_long))
835  goto err;
836  if (!BN_set_bit(p, 0))
837  goto err;
838  }
839  else if (tmp == NID_X9_62_ppBasis)
840  {
841  X9_62_PENTANOMIAL *penta;
842 
843  penta = char_two->p.ppBasis;
844  if (!penta)
845  {
846  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
847  goto err;
848  }
849 
850  if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0))
851  {
852  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
853  goto err;
854  }
855 
856  /* create the polynomial */
857  if (!BN_set_bit(p, (int)char_two->m)) goto err;
858  if (!BN_set_bit(p, (int)penta->k1)) goto err;
859  if (!BN_set_bit(p, (int)penta->k2)) goto err;
860  if (!BN_set_bit(p, (int)penta->k3)) goto err;
861  if (!BN_set_bit(p, 0)) goto err;
862  }
863  else if (tmp == NID_X9_62_onBasis)
864  {
865  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
866  goto err;
867  }
868  else /* error */
869  {
870  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
871  goto err;
872  }
873 
874  /* create the EC_GROUP structure */
875  ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
876  }
877 #endif
878  else if (tmp == NID_X9_62_prime_field)
879  {
880  /* we have a curve over a prime field */
881  /* extract the prime number */
882  if (!params->fieldID->p.prime)
883  {
884  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
885  goto err;
886  }
887  p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL);
888  if (p == NULL)
889  {
890  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
891  goto err;
892  }
893 
894  if (BN_is_negative(p) || BN_is_zero(p))
895  {
896  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
897  goto err;
898  }
899 
900  field_bits = BN_num_bits(p);
901  if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
902  {
903  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
904  goto err;
905  }
906 
907  /* create the EC_GROUP structure */
908  ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
909  }
910  else
911  {
912  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
913  goto err;
914  }
915 
916  if (ret == NULL)
917  {
918  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
919  goto err;
920  }
921 
922  /* extract seed (optional) */
923  if (params->curve->seed != NULL)
924  {
925  if (ret->seed != NULL)
926  OPENSSL_free(ret->seed);
927  if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length)))
928  {
929  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
930  ERR_R_MALLOC_FAILURE);
931  goto err;
932  }
933  memcpy(ret->seed, params->curve->seed->data,
934  params->curve->seed->length);
935  ret->seed_len = params->curve->seed->length;
936  }
937 
938  if (!params->order || !params->base || !params->base->data)
939  {
940  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
941  goto err;
942  }
943 
944  if ((point = EC_POINT_new(ret)) == NULL) goto err;
945 
946  /* set the point conversion form */
947  EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
948  (params->base->data[0] & ~0x01));
949 
950  /* extract the ec point */
951  if (!EC_POINT_oct2point(ret, point, params->base->data,
952  params->base->length, NULL))
953  {
954  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
955  goto err;
956  }
957 
958  /* extract the order */
959  if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL)
960  {
961  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
962  goto err;
963  }
964  if (BN_is_negative(a) || BN_is_zero(a))
965  {
966  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
967  goto err;
968  }
969  if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */
970  {
971  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
972  goto err;
973  }
974 
975  /* extract the cofactor (optional) */
976  if (params->cofactor == NULL)
977  {
978  if (b)
979  {
980  BN_free(b);
981  b = NULL;
982  }
983  }
984  else
985  if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL)
986  {
987  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
988  goto err;
989  }
990  /* set the generator, order and cofactor (if present) */
991  if (!EC_GROUP_set_generator(ret, point, a, b))
992  {
993  ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
994  goto err;
995  }
996 
997  ok = 1;
998 
999 err: if (!ok)
1000  {
1001  if (ret)
1002  EC_GROUP_clear_free(ret);
1003  ret = NULL;
1004  }
1005 
1006  if (p)
1007  BN_free(p);
1008  if (a)
1009  BN_free(a);
1010  if (b)
1011  BN_free(b);
1012  if (point)
1013  EC_POINT_free(point);
1014  return(ret);
1015 }
1016 
1017 EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
1018  {
1019  EC_GROUP *ret=NULL;
1020  int tmp=0;
1021 
1022  if (params == NULL)
1023  {
1024  ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
1025  EC_R_MISSING_PARAMETERS);
1026  return NULL;
1027  }
1028 
1029  if (params->type == 0)
1030  { /* the curve is given by an OID */
1031  tmp = OBJ_obj2nid(params->value.named_curve);
1032  if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL)
1033  {
1034  ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
1035  EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
1036  return NULL;
1037  }
1038  EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
1039  }
1040  else if (params->type == 1)
1041  { /* the parameters are given by a ECPARAMETERS
1042  * structure */
1043  ret = ec_asn1_parameters2group(params->value.parameters);
1044  if (!ret)
1045  {
1046  ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
1047  return NULL;
1048  }
1049  EC_GROUP_set_asn1_flag(ret, 0x0);
1050  }
1051  else if (params->type == 2)
1052  { /* implicitlyCA */
1053  return NULL;
1054  }
1055  else
1056  {
1057  ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
1058  return NULL;
1059  }
1060 
1061  return ret;
1062  }
1063 
1064 /* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
1065 
1066 EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
1067  {
1068  EC_GROUP *group = NULL;
1069  ECPKPARAMETERS *params = NULL;
1070 
1071  if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL)
1072  {
1073  ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
1074  ECPKPARAMETERS_free(params);
1075  return NULL;
1076  }
1077 
1078  if ((group = ec_asn1_pkparameters2group(params)) == NULL)
1079  {
1080  ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
1081  ECPKPARAMETERS_free(params);
1082  return NULL;
1083  }
1084 
1085 
1086  if (a && *a)
1087  EC_GROUP_clear_free(*a);
1088  if (a)
1089  *a = group;
1090 
1091  ECPKPARAMETERS_free(params);
1092  return(group);
1093  }
1094 
1095 int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
1096  {
1097  int ret=0;
1098  ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL);
1099  if (tmp == NULL)
1100  {
1101  ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
1102  return 0;
1103  }
1104  if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0)
1105  {
1106  ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
1107  ECPKPARAMETERS_free(tmp);
1108  return 0;
1109  }
1110  ECPKPARAMETERS_free(tmp);
1111  return(ret);
1112  }
1113 
1114 /* some EC_KEY functions */
1115 
1116 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
1117  {
1118  int ok=0;
1119  EC_KEY *ret=NULL;
1120  EC_PRIVATEKEY *priv_key=NULL;
1121 
1122  if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
1123  {
1124  ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
1125  return NULL;
1126  }
1127 
1128  if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL)
1129  {
1130  ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1131  EC_PRIVATEKEY_free(priv_key);
1132  return NULL;
1133  }
1134 
1135  if (a == NULL || *a == NULL)
1136  {
1137  if ((ret = EC_KEY_new()) == NULL)
1138  {
1139  ECerr(EC_F_D2I_ECPRIVATEKEY,
1140  ERR_R_MALLOC_FAILURE);
1141  goto err;
1142  }
1143  if (a)
1144  *a = ret;
1145  }
1146  else
1147  ret = *a;
1148 
1149  if (priv_key->parameters)
1150  {
1151  if (ret->group)
1152  EC_GROUP_clear_free(ret->group);
1153  ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
1154  }
1155 
1156  if (ret->group == NULL)
1157  {
1158  ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1159  goto err;
1160  }
1161 
1162  ret->version = priv_key->version;
1163 
1164  if (priv_key->privateKey)
1165  {
1166  ret->priv_key = BN_bin2bn(
1167  M_ASN1_STRING_data(priv_key->privateKey),
1168  M_ASN1_STRING_length(priv_key->privateKey),
1169  ret->priv_key);
1170  if (ret->priv_key == NULL)
1171  {
1172  ECerr(EC_F_D2I_ECPRIVATEKEY,
1173  ERR_R_BN_LIB);
1174  goto err;
1175  }
1176  }
1177  else
1178  {
1179  ECerr(EC_F_D2I_ECPRIVATEKEY,
1180  EC_R_MISSING_PRIVATE_KEY);
1181  goto err;
1182  }
1183 
1184  if (priv_key->publicKey)
1185  {
1186  const unsigned char *pub_oct;
1187  size_t pub_oct_len;
1188 
1189  if (ret->pub_key)
1190  EC_POINT_clear_free(ret->pub_key);
1191  ret->pub_key = EC_POINT_new(ret->group);
1192  if (ret->pub_key == NULL)
1193  {
1194  ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1195  goto err;
1196  }
1197  pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
1198  pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
1199  /* save the point conversion form */
1200  ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01);
1201  if (!EC_POINT_oct2point(ret->group, ret->pub_key,
1202  pub_oct, pub_oct_len, NULL))
1203  {
1204  ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
1205  goto err;
1206  }
1207  }
1208 
1209  ok = 1;
1210 err:
1211  if (!ok)
1212  {
1213  if (ret)
1214  EC_KEY_free(ret);
1215  ret = NULL;
1216  }
1217 
1218  if (priv_key)
1219  EC_PRIVATEKEY_free(priv_key);
1220 
1221  return(ret);
1222  }
1223 
1224 int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
1225  {
1226  int ret=0, ok=0;
1227  unsigned char *buffer=NULL;
1228  size_t buf_len=0, tmp_len;
1229  EC_PRIVATEKEY *priv_key=NULL;
1230 
1231  if (a == NULL || a->group == NULL || a->priv_key == NULL)
1232  {
1233  ECerr(EC_F_I2D_ECPRIVATEKEY,
1234  ERR_R_PASSED_NULL_PARAMETER);
1235  goto err;
1236  }
1237 
1238  if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
1239  {
1240  ECerr(EC_F_I2D_ECPRIVATEKEY,
1241  ERR_R_MALLOC_FAILURE);
1242  goto err;
1243  }
1244 
1245  priv_key->version = a->version;
1246 
1247  buf_len = (size_t)BN_num_bytes(a->priv_key);
1248  buffer = OPENSSL_malloc(buf_len);
1249  if (buffer == NULL)
1250  {
1251  ECerr(EC_F_I2D_ECPRIVATEKEY,
1252  ERR_R_MALLOC_FAILURE);
1253  goto err;
1254  }
1255 
1256  if (!BN_bn2bin(a->priv_key, buffer))
1257  {
1258  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
1259  goto err;
1260  }
1261 
1262  if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len))
1263  {
1264  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1265  goto err;
1266  }
1267 
1268  if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS))
1269  {
1270  if ((priv_key->parameters = ec_asn1_group2pkparameters(
1271  a->group, priv_key->parameters)) == NULL)
1272  {
1273  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1274  goto err;
1275  }
1276  }
1277 
1278  if (!(a->enc_flag & EC_PKEY_NO_PUBKEY))
1279  {
1280  priv_key->publicKey = M_ASN1_BIT_STRING_new();
1281  if (priv_key->publicKey == NULL)
1282  {
1283  ECerr(EC_F_I2D_ECPRIVATEKEY,
1284  ERR_R_MALLOC_FAILURE);
1285  goto err;
1286  }
1287 
1288  tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
1289  a->conv_form, NULL, 0, NULL);
1290 
1291  if (tmp_len > buf_len)
1292  {
1293  unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_len);
1294  if (!tmp_buffer)
1295  {
1296  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
1297  goto err;
1298  }
1299  buffer = tmp_buffer;
1300  buf_len = tmp_len;
1301  }
1302 
1303  if (!EC_POINT_point2oct(a->group, a->pub_key,
1304  a->conv_form, buffer, buf_len, NULL))
1305  {
1306  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1307  goto err;
1308  }
1309 
1310  priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
1311  priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
1312  if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
1313  buf_len))
1314  {
1315  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1316  goto err;
1317  }
1318  }
1319 
1320  if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0)
1321  {
1322  ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1323  goto err;
1324  }
1325  ok=1;
1326 err:
1327  if (buffer)
1328  OPENSSL_free(buffer);
1329  if (priv_key)
1330  EC_PRIVATEKEY_free(priv_key);
1331  return(ok?ret:0);
1332  }
1333 
1334 int i2d_ECParameters(EC_KEY *a, unsigned char **out)
1335  {
1336  if (a == NULL)
1337  {
1338  ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1339  return 0;
1340  }
1341  return i2d_ECPKParameters(a->group, out);
1342  }
1343 
1344 EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
1345  {
1346  EC_KEY *ret;
1347 
1348  if (in == NULL || *in == NULL)
1349  {
1350  ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1351  return NULL;
1352  }
1353 
1354  if (a == NULL || *a == NULL)
1355  {
1356  if ((ret = EC_KEY_new()) == NULL)
1357  {
1358  ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
1359  return NULL;
1360  }
1361  if (a)
1362  *a = ret;
1363  }
1364  else
1365  ret = *a;
1366 
1367  if (!d2i_ECPKParameters(&ret->group, in, len))
1368  {
1369  ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
1370  return NULL;
1371  }
1372 
1373  return ret;
1374  }
1375 
1376 EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len)
1377  {
1378  EC_KEY *ret=NULL;
1379 
1380  if (a == NULL || (*a) == NULL || (*a)->group == NULL)
1381  {
1382  /* sorry, but a EC_GROUP-structur is necessary
1383  * to set the public key */
1384  ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
1385  return 0;
1386  }
1387  ret = *a;
1388  if (ret->pub_key == NULL &&
1389  (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
1390  {
1391  ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
1392  return 0;
1393  }
1394  if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
1395  {
1396  ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB);
1397  return 0;
1398  }
1399  /* save the point conversion form */
1400  ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01);
1401  *in += len;
1402  return ret;
1403  }
1404 
1405 int i2o_ECPublicKey(EC_KEY *a, unsigned char **out)
1406  {
1407  size_t buf_len=0;
1408  int new_buffer = 0;
1409 
1410  if (a == NULL)
1411  {
1412  ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER);
1413  return 0;
1414  }
1415 
1416  buf_len = EC_POINT_point2oct(a->group, a->pub_key,
1417  a->conv_form, NULL, 0, NULL);
1418 
1419  if (out == NULL || buf_len == 0)
1420  /* out == NULL => just return the length of the octet string */
1421  return buf_len;
1422 
1423  if (*out == NULL)
1424  {
1425  if ((*out = OPENSSL_malloc(buf_len)) == NULL)
1426  {
1427  ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE);
1428  return 0;
1429  }
1430  new_buffer = 1;
1431  }
1432  if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
1433  *out, buf_len, NULL))
1434  {
1435  ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
1436  OPENSSL_free(*out);
1437  *out = NULL;
1438  return 0;
1439  }
1440  if (!new_buffer)
1441  *out += buf_len;
1442  return buf_len;
1443  }
Generated on Thu Jan 10 2013 09:53:36 for OpenSSL by   doxygen 1.8.2