crypto/ec/ec_kmeth.c

   1 /*
   2  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   3  * project.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    licensing@OpenSSL.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  */
  53
  54 #include <openssl/ec.h>
  55 #ifndef OPENSSL_NO_ENGINE
  56 # include <openssl/engine.h>
  57 #endif
  58 #include <openssl/err.h>
  59 #include "ec_lcl.h"
  60
  61
  62 static const EC_KEY_METHOD openssl_ec_key_method = {
  63     "OpenSSL EC_KEY method",
  64     0,
  65     0,0,0,0,0,0,
  66     ossl_ec_key_gen,
  67     ossl_ecdh_compute_key,
  68     ossl_ecdsa_sign,
  69     ossl_ecdsa_sign_setup,
  70     ossl_ecdsa_sign_sig,
  71     ossl_ecdsa_verify,
  72     ossl_ecdsa_verify_sig
  73 };
  74
  75 static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
  76
  77 const EC_KEY_METHOD *EC_KEY_OpenSSL(void)
  78 {
  79     return &openssl_ec_key_method;
  80 }
  81
  82 const EC_KEY_METHOD *EC_KEY_get_default_method(void)
  83 {
  84     return default_ec_key_meth;
  85 }
  86
  87 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
  88 {
  89     if (meth == NULL)
  90         default_ec_key_meth = &openssl_ec_key_method;
  91     else
  92         default_ec_key_meth = meth;
  93 }
  94
  95 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
  96 {
  97     return key->meth;
  98 }
  99
 100 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
 101 {
 102     void (*finish)(EC_KEY *key) = key->meth->finish;
 103
 104     if (finish != NULL)
 105         finish(key);
 106
 107 #ifndef OPENSSL_NO_ENGINE
 108     if (key->engine != NULL) {
 109         ENGINE_finish(key->engine);
 110         key->engine = NULL;
 111     }
 112 #endif
 113
 114     key->meth = meth;
 115     if (meth->init != NULL)
 116         return meth->init(key);
 117     return 1;
 118 }
 119
 120 EC_KEY *EC_KEY_new_method(ENGINE *engine)
 121 {
 122     EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
 123
 124     if (ret == NULL) {
 125         ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 126         return (NULL);
 127     }
 128     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
 129         OPENSSL_free(ret);
 130         return NULL;
 131     }
 132
 133     ret->meth = EC_KEY_get_default_method();
 134 #ifndef OPENSSL_NO_ENGINE
 135     if (engine != NULL) {
 136         if (!ENGINE_init(engine)) {
 137             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
 138             OPENSSL_free(ret);
 139             return NULL;
 140         }
 141         ret->engine = engine;
 142     } else
 143         ret->engine = ENGINE_get_default_EC();
 144     if (ret->engine != NULL) {
 145         ret->meth = ENGINE_get_EC(ret->engine);
 146         if (ret->meth == NULL) {
 147             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
 148             ENGINE_finish(ret->engine);
 149             OPENSSL_free(ret);
 150             return NULL;
 151         }
 152     }
 153 #endif
 154
 155     ret->version = 1;
 156     ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
 157     ret->references = 1;
 158     if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
 159         EC_KEY_free(ret);
 160         return NULL;
 161     }
 162     return ret;
 163 }
 164
 165 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 166                      const EC_KEY *eckey,
 167                      void *(*KDF) (const void *in, size_t inlen, void *out,
 168                                    size_t *outlen))
 169 {
 170     if (eckey->meth->compute_key != NULL)
 171         return eckey->meth->compute_key(out, outlen, pub_key, eckey, KDF);
 172     ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
 173     return 0;
 174 }
 175
 176 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth)
 177 {
 178     EC_KEY_METHOD *ret = OPENSSL_zalloc(sizeof(*meth));
 179
 180     if (ret == NULL)
 181         return NULL;
 182     if (meth != NULL)
 183         *ret = *meth;
 184     ret->flags |= EC_KEY_METHOD_DYNAMIC;
 185     return ret;
 186 }
 187
 188 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth)
 189 {
 190     if (meth->flags & EC_KEY_METHOD_DYNAMIC)
 191         OPENSSL_free(meth);
 192 }
 193
 194 void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
 195                             int (*init)(EC_KEY *key),
 196                             void (*finish)(EC_KEY *key),
 197                             int (*copy)(EC_KEY *dest, const EC_KEY *src),
 198                             int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
 199                             int (*set_private)(EC_KEY *key,
 200                                                const BIGNUM *priv_key),
 201                             int (*set_public)(EC_KEY *key,
 202                                               const EC_POINT *pub_key))
 203 {
 204     meth->init = init;
 205     meth->finish = finish;
 206     meth->copy = copy;
 207     meth->set_group = set_group;
 208     meth->set_private = set_private;
 209     meth->set_public = set_public;
 210 }
 211
 212 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
 213                               int (*keygen)(EC_KEY *key))
 214 {
 215     meth->keygen = keygen;
 216 }
 217
 218 void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
 219                                    int (*ckey)(void *out,
 220                                                size_t outlen,
 221                                                const EC_POINT *pub_key,
 222                                                const EC_KEY *ecdh,
 223                                                void *(*KDF) (const void *in,
 224                                                              size_t inlen,
 225                                                              void *out,
 226                                                              size_t *outlen)))
 227 {
 228     meth->compute_key = ckey;
 229 }
 230
 231 void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
 232                             int (*sign)(int type, const unsigned char *dgst,
 233                                         int dlen, unsigned char *sig,
 234                                         unsigned int *siglen,
 235                                         const BIGNUM *kinv, const BIGNUM *r,
 236                                         EC_KEY *eckey),
 237                             int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
 238                                               BIGNUM **kinvp, BIGNUM **rp),
 239                             ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
 240                                                    int dgst_len,
 241                                                    const BIGNUM *in_kinv,
 242                                                    const BIGNUM *in_r,
 243                                                    EC_KEY *eckey))
 244 {
 245     meth->sign = sign;
 246     meth->sign_setup = sign_setup;
 247     meth->sign_sig = sign_sig;
 248 }
 249
 250 void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
 251                               int (*verify)(int type, const unsigned
 252                                             char *dgst, int dgst_len,
 253                                             const unsigned char *sigbuf,
 254                                             int sig_len, EC_KEY *eckey),
 255                               int (*verify_sig)(const unsigned char *dgst,
 256                                                 int dgst_len,
 257                                                 const ECDSA_SIG *sig,
 258                                                 EC_KEY *eckey))
 259 {
 260     meth->verify = verify;
 261     meth->verify_sig = verify_sig;
 262 }
 263
 264 void EC_KEY_METHOD_get_init(EC_KEY_METHOD *meth,
 265                             int (**pinit)(EC_KEY *key),
 266                             void (**pfinish)(EC_KEY *key),
 267                             int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
 268                             int (**pset_group)(EC_KEY *key,
 269                                                const EC_GROUP *grp),
 270                             int (**pset_private)(EC_KEY *key,
 271                                                  const BIGNUM *priv_key),
 272                             int (**pset_public)(EC_KEY *key,
 273                                                 const EC_POINT *pub_key))
 274 {
 275     if (pinit != NULL)
 276         *pinit = meth->init;
 277     if (pfinish != NULL)
 278         *pfinish = meth->finish;
 279     if (pcopy != NULL)
 280         *pcopy = meth->copy;
 281     if (pset_group != NULL)
 282         *pset_group = meth->set_group;
 283     if (pset_private != NULL)
 284         *pset_private = meth->set_private;
 285     if (pset_public != NULL)
 286         *pset_public = meth->set_public;
 287 }
 288
 289 void EC_KEY_METHOD_get_keygen(EC_KEY_METHOD *meth,
 290                               int (**pkeygen)(EC_KEY *key))
 291 {
 292     if (pkeygen != NULL)
 293         *pkeygen = meth->keygen;
 294 }
 295
 296 void EC_KEY_METHOD_get_compute_key(EC_KEY_METHOD *meth,
 297                                    int (**pck)(void *out,
 298                                                size_t outlen,
 299                                                const EC_POINT *pub_key,
 300                                                const EC_KEY *ecdh,
 301                                                void *(*KDF) (const void *in,
 302                                                              size_t inlen,
 303                                                              void *out,
 304                                                              size_t *outlen)))
 305 {
 306     if (pck != NULL)
 307         *pck = meth->compute_key;
 308 }
 309
 310 void EC_KEY_METHOD_get_sign(EC_KEY_METHOD *meth,
 311                             int (**psign)(int type, const unsigned char *dgst,
 312                                           int dlen, unsigned char *sig,
 313                                           unsigned int *siglen,
 314                                           const BIGNUM *kinv, const BIGNUM *r,
 315                                           EC_KEY *eckey),
 316                             int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
 317                                                 BIGNUM **kinvp, BIGNUM **rp),
 318                             ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
 319                                                      int dgst_len,
 320                                                      const BIGNUM *in_kinv,
 321                                                      const BIGNUM *in_r,
 322                                                      EC_KEY *eckey))
 323 {
 324     if (psign != NULL)
 325         *psign = meth->sign;
 326     if (psign_setup != NULL)
 327         *psign_setup = meth->sign_setup;
 328     if (psign_sig != NULL)
 329         *psign_sig = meth->sign_sig;
 330 }
 331
 332 void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
 333                               int (**pverify)(int type, const unsigned
 334                                               char *dgst, int dgst_len,
 335                                               const unsigned char *sigbuf,
 336                                               int sig_len, EC_KEY *eckey),
 337                               int (**pverify_sig)(const unsigned char *dgst,
 338                                                   int dgst_len,
 339                                                   const ECDSA_SIG *sig,
 340                                                   EC_KEY *eckey))
 341 {
 342     if (pverify != NULL)
 343         *pverify = meth->verify;
 344     if (pverify_sig != NULL)
 345         *pverify_sig = meth->verify_sig;
 346 }