1a15877461a9157568b1f41c44ffa92e9362112b
[openssl.git] / crypto / ec / ec_kmeth.c
1 /*
2  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3  * project.
4  */
5 /* ====================================================================
6  * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  */
53
54 #include <openssl/ec.h>
55 #ifndef OPENSSL_NO_ENGINE
56 # include <openssl/engine.h>
57 #endif
58 #include <openssl/err.h>
59 #include "ec_lcl.h"
60
61
62 static const EC_KEY_METHOD openssl_ec_key_method = {
63     "OpenSSL EC_KEY method",
64     0,
65     0,0,0,0,0,0,
66     ossl_ec_key_gen,
67     ossl_ecdh_compute_key,
68     ossl_ecdsa_sign,
69     ossl_ecdsa_sign_setup,
70     ossl_ecdsa_sign_sig,
71     ossl_ecdsa_verify,
72     ossl_ecdsa_verify_sig
73 };
74
75 static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
76
77 const EC_KEY_METHOD *EC_KEY_OpenSSL(void)
78 {
79     return &openssl_ec_key_method;
80 }
81
82 const EC_KEY_METHOD *EC_KEY_get_default_method(void)
83 {
84     return default_ec_key_meth;
85 }
86
87 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
88 {
89     if (meth == NULL)
90         default_ec_key_meth = &openssl_ec_key_method;
91     else
92         default_ec_key_meth = meth;
93 }
94
95 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
96 {
97     return key->meth;
98 }
99
100 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
101 {
102     void (*finish)(EC_KEY *key) = key->meth->finish;
103
104     if (finish != NULL)
105         finish(key);
106
107 #ifndef OPENSSL_NO_ENGINE
108     ENGINE_finish(key->engine);
109     key->engine = NULL;
110 #endif
111
112     key->meth = meth;
113     if (meth->init != NULL)
114         return meth->init(key);
115     return 1;
116 }
117
118 EC_KEY *EC_KEY_new_method(ENGINE *engine)
119 {
120     EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
121
122     if (ret == NULL) {
123         ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
124         return (NULL);
125     }
126     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
127         OPENSSL_free(ret);
128         return NULL;
129     }
130
131     ret->meth = EC_KEY_get_default_method();
132 #ifndef OPENSSL_NO_ENGINE
133     if (engine != NULL) {
134         if (!ENGINE_init(engine)) {
135             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
136             OPENSSL_free(ret);
137             return NULL;
138         }
139         ret->engine = engine;
140     } else
141         ret->engine = ENGINE_get_default_EC();
142     if (ret->engine != NULL) {
143         ret->meth = ENGINE_get_EC(ret->engine);
144         if (ret->meth == NULL) {
145             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
146             ENGINE_finish(ret->engine);
147             OPENSSL_free(ret);
148             return NULL;
149         }
150     }
151 #endif
152
153     ret->version = 1;
154     ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
155     ret->references = 1;
156     if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
157         EC_KEY_free(ret);
158         return NULL;
159     }
160     return ret;
161 }
162
163 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
164                      const EC_KEY *eckey,
165                      void *(*KDF) (const void *in, size_t inlen, void *out,
166                                    size_t *outlen))
167 {
168     if (eckey->meth->compute_key != NULL)
169         return eckey->meth->compute_key(out, outlen, pub_key, eckey, KDF);
170     ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
171     return 0;
172 }
173
174 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth)
175 {
176     EC_KEY_METHOD *ret = OPENSSL_zalloc(sizeof(*meth));
177
178     if (ret == NULL)
179         return NULL;
180     if (meth != NULL)
181         *ret = *meth;
182     ret->flags |= EC_KEY_METHOD_DYNAMIC;
183     return ret;
184 }
185
186 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth)
187 {
188     if (meth->flags & EC_KEY_METHOD_DYNAMIC)
189         OPENSSL_free(meth);
190 }
191
192 void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
193                             int (*init)(EC_KEY *key),
194                             void (*finish)(EC_KEY *key),
195                             int (*copy)(EC_KEY *dest, const EC_KEY *src),
196                             int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
197                             int (*set_private)(EC_KEY *key,
198                                                const BIGNUM *priv_key),
199                             int (*set_public)(EC_KEY *key,
200                                               const EC_POINT *pub_key))
201 {
202     meth->init = init;
203     meth->finish = finish;
204     meth->copy = copy;
205     meth->set_group = set_group;
206     meth->set_private = set_private;
207     meth->set_public = set_public;
208 }
209
210 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
211                               int (*keygen)(EC_KEY *key))
212 {
213     meth->keygen = keygen;
214 }
215
216 void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
217                                    int (*ckey)(void *out,
218                                                size_t outlen,
219                                                const EC_POINT *pub_key,
220                                                const EC_KEY *ecdh,
221                                                void *(*KDF) (const void *in,
222                                                              size_t inlen,
223                                                              void *out,
224                                                              size_t *outlen)))
225 {
226     meth->compute_key = ckey;
227 }
228
229 void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
230                             int (*sign)(int type, const unsigned char *dgst,
231                                         int dlen, unsigned char *sig,
232                                         unsigned int *siglen,
233                                         const BIGNUM *kinv, const BIGNUM *r,
234                                         EC_KEY *eckey),
235                             int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
236                                               BIGNUM **kinvp, BIGNUM **rp),
237                             ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
238                                                    int dgst_len,
239                                                    const BIGNUM *in_kinv,
240                                                    const BIGNUM *in_r,
241                                                    EC_KEY *eckey))
242 {
243     meth->sign = sign;
244     meth->sign_setup = sign_setup;
245     meth->sign_sig = sign_sig;
246 }
247
248 void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
249                               int (*verify)(int type, const unsigned
250                                             char *dgst, int dgst_len,
251                                             const unsigned char *sigbuf,
252                                             int sig_len, EC_KEY *eckey),
253                               int (*verify_sig)(const unsigned char *dgst,
254                                                 int dgst_len,
255                                                 const ECDSA_SIG *sig,
256                                                 EC_KEY *eckey))
257 {
258     meth->verify = verify;
259     meth->verify_sig = verify_sig;
260 }
261
262 void EC_KEY_METHOD_get_init(EC_KEY_METHOD *meth,
263                             int (**pinit)(EC_KEY *key),
264                             void (**pfinish)(EC_KEY *key),
265                             int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
266                             int (**pset_group)(EC_KEY *key,
267                                                const EC_GROUP *grp),
268                             int (**pset_private)(EC_KEY *key,
269                                                  const BIGNUM *priv_key),
270                             int (**pset_public)(EC_KEY *key,
271                                                 const EC_POINT *pub_key))
272 {
273     if (pinit != NULL)
274         *pinit = meth->init;
275     if (pfinish != NULL)
276         *pfinish = meth->finish;
277     if (pcopy != NULL)
278         *pcopy = meth->copy;
279     if (pset_group != NULL)
280         *pset_group = meth->set_group;
281     if (pset_private != NULL)
282         *pset_private = meth->set_private;
283     if (pset_public != NULL)
284         *pset_public = meth->set_public;
285 }
286
287 void EC_KEY_METHOD_get_keygen(EC_KEY_METHOD *meth,
288                               int (**pkeygen)(EC_KEY *key))
289 {
290     if (pkeygen != NULL)
291         *pkeygen = meth->keygen;
292 }
293
294 void EC_KEY_METHOD_get_compute_key(EC_KEY_METHOD *meth,
295                                    int (**pck)(void *out,
296                                                size_t outlen,
297                                                const EC_POINT *pub_key,
298                                                const EC_KEY *ecdh,
299                                                void *(*KDF) (const void *in,
300                                                              size_t inlen,
301                                                              void *out,
302                                                              size_t *outlen)))
303 {
304     if (pck != NULL)
305         *pck = meth->compute_key;
306 }
307
308 void EC_KEY_METHOD_get_sign(EC_KEY_METHOD *meth,
309                             int (**psign)(int type, const unsigned char *dgst,
310                                           int dlen, unsigned char *sig,
311                                           unsigned int *siglen,
312                                           const BIGNUM *kinv, const BIGNUM *r,
313                                           EC_KEY *eckey),
314                             int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
315                                                 BIGNUM **kinvp, BIGNUM **rp),
316                             ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
317                                                      int dgst_len,
318                                                      const BIGNUM *in_kinv,
319                                                      const BIGNUM *in_r,
320                                                      EC_KEY *eckey))
321 {
322     if (psign != NULL)
323         *psign = meth->sign;
324     if (psign_setup != NULL)
325         *psign_setup = meth->sign_setup;
326     if (psign_sig != NULL)
327         *psign_sig = meth->sign_sig;
328 }
329
330 void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
331                               int (**pverify)(int type, const unsigned
332                                               char *dgst, int dgst_len,
333                                               const unsigned char *sigbuf,
334                                               int sig_len, EC_KEY *eckey),
335                               int (**pverify_sig)(const unsigned char *dgst,
336                                                   int dgst_len,
337                                                   const ECDSA_SIG *sig,
338                                                   EC_KEY *eckey))
339 {
340     if (pverify != NULL)
341         *pverify = meth->verify;
342     if (pverify_sig != NULL)
343         *pverify_sig = meth->verify_sig;
344 }