EC_KEY_METHOD keygen support.

Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.

Reviewed-by: Richard Levitte <levitte@openssl.org>

diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c
index 6c5ad4e38d9e85bea11518c573d27fba5f2315ff..aa6ba458cc13ac6e492a1d6a67c397f3c2f0b69c 100644 (file)
--- a/crypto/ec/ec_err.c
+++ b/crypto/ec/ec_err.c
@@ -300,6 +300,7 @@ static ERR_STRING_DATA EC_str_reasons[] = {
     {ERR_REASON(EC_R_NOT_INITIALIZED), "not initialized"},
     {ERR_REASON(EC_R_NO_FIELD_MOD), "no field mod"},
     {ERR_REASON(EC_R_NO_PARAMETERS_SET), "no parameters set"},
+    {ERR_REASON(EC_R_OPERATION_NOT_SUPPORTED), "operation not supported"},
     {ERR_REASON(EC_R_PASSED_NULL_PARAMETER), "passed null parameter"},
     {ERR_REASON(EC_R_PEER_KEY_ERROR), "peer key error"},
     {ERR_REASON(EC_R_PKPARAMETERS2GROUP_FAILURE),

diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index 4a086be09680a030d946bac19788230559b775cb..477d4a26ba9606c3fba9534608e13c05164ae7d1 100644 (file)
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -203,15 +203,22 @@ int EC_KEY_up_ref(EC_KEY *r)
 
 int EC_KEY_generate_key(EC_KEY *eckey)
 {
-    int ok = 0;
-    BN_CTX *ctx = NULL;
-    BIGNUM *priv_key = NULL, *order = NULL;
-    EC_POINT *pub_key = NULL;
-
     if (!eckey || !eckey->group) {
         ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
+    if (eckey->meth->keygen)
+        return eckey->meth->keygen(eckey);
+    ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
+    return 0;
+}
+
+int ossl_ec_key_gen(EC_KEY *eckey)
+{
+    int ok = 0;
+    BN_CTX *ctx = NULL;
+    BIGNUM *priv_key = NULL, *order = NULL;
+    EC_POINT *pub_key = NULL;
 
     if ((order = BN_new()) == NULL)
         goto err;

diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index f0e3fdeadf0b4c5e2be64e85ce8c4c79c14ccfa5..ba6db6e1dfc3d50af401d188cb4d4fee56250167 100644 (file)
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -60,7 +60,8 @@
 
 static const EC_KEY_METHOD openssl_ec_key_method = {
     "OpenSSL EC_KEY method",
-    0
+    0,
+    ossl_ec_key_gen
 };
 
 const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;

diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index 77b294114e5bfaede6052d58649cc1673eb607a6..40612dbe95f23f508602dedf2c47cf278f1cb45b 100644 (file)
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -560,6 +560,9 @@ const EC_METHOD *EC_GFp_nistz256_method(void);
 struct ec_key_method_st {
     const char *name;
     int32_t flags;
+    int (*keygen)(EC_KEY *key);
 } /* EC_KEY_METHOD */ ;
 
 #define EC_KEY_METHOD_DYNAMIC   1
+
+int ossl_ec_key_gen(EC_KEY *eckey);

diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index a1d44807020db79186400e7ddc7f4d6c30bb6a02..7f420b5636e64f4ed0c3d1aee9e5a535caf018e5 100644 (file)
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1266,6 +1266,7 @@ void ERR_load_EC_strings(void);
 # define EC_R_NOT_INITIALIZED                             111
 # define EC_R_NO_FIELD_MOD                                133
 # define EC_R_NO_PARAMETERS_SET                           139
+# define EC_R_OPERATION_NOT_SUPPORTED                     152
 # define EC_R_PASSED_NULL_PARAMETER                       134
 # define EC_R_PEER_KEY_ERROR                              149
 # define EC_R_PKPARAMETERS2GROUP_FAILURE                  127