2 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
5 /* ====================================================================
6 * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
34 * 6. Redistributions of any form whatsoever must retain the following
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
55 #include <openssl/ec.h>
56 #ifndef OPENSSL_NO_ENGINE
57 # include <openssl/engine.h>
59 #include <openssl/err.h>
63 static const EC_KEY_METHOD openssl_ec_key_method = {
64 "OpenSSL EC_KEY method",
68 ossl_ecdh_compute_key,
70 ossl_ecdsa_sign_setup,
76 static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
78 const EC_KEY_METHOD *EC_KEY_OpenSSL(void)
80 return &openssl_ec_key_method;
83 const EC_KEY_METHOD *EC_KEY_get_default_method(void)
85 return default_ec_key_meth;
88 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
91 default_ec_key_meth = &openssl_ec_key_method;
93 default_ec_key_meth = meth;
96 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
101 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
103 void (*finish)(EC_KEY *key) = key->meth->finish;
108 #ifndef OPENSSL_NO_ENGINE
109 ENGINE_finish(key->engine);
114 if (meth->init != NULL)
115 return meth->init(key);
119 EC_KEY *EC_KEY_new_method(ENGINE *engine)
121 EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
124 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
127 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
132 ret->meth = EC_KEY_get_default_method();
133 #ifndef OPENSSL_NO_ENGINE
134 if (engine != NULL) {
135 if (!ENGINE_init(engine)) {
136 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
140 ret->engine = engine;
142 ret->engine = ENGINE_get_default_EC();
143 if (ret->engine != NULL) {
144 ret->meth = ENGINE_get_EC(ret->engine);
145 if (ret->meth == NULL) {
146 ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
147 ENGINE_finish(ret->engine);
155 ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
157 if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
164 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
166 void *(*KDF) (const void *in, size_t inlen, void *out,
169 unsigned char *sec = NULL;
171 if (eckey->meth->compute_key == NULL) {
172 ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
175 if (outlen > INT_MAX) {
176 ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_INVALID_OUTPUT_LENGTH);
179 if (!eckey->meth->compute_key(&sec, &seclen, pub_key, eckey))
182 KDF(sec, seclen, out, &outlen);
186 memcpy(out, sec, outlen);
188 OPENSSL_clear_free(sec, seclen);
192 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth)
194 EC_KEY_METHOD *ret = OPENSSL_zalloc(sizeof(*meth));
200 ret->flags |= EC_KEY_METHOD_DYNAMIC;
204 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth)
206 if (meth->flags & EC_KEY_METHOD_DYNAMIC)
210 void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
211 int (*init)(EC_KEY *key),
212 void (*finish)(EC_KEY *key),
213 int (*copy)(EC_KEY *dest, const EC_KEY *src),
214 int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
215 int (*set_private)(EC_KEY *key,
216 const BIGNUM *priv_key),
217 int (*set_public)(EC_KEY *key,
218 const EC_POINT *pub_key))
221 meth->finish = finish;
223 meth->set_group = set_group;
224 meth->set_private = set_private;
225 meth->set_public = set_public;
228 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
229 int (*keygen)(EC_KEY *key))
231 meth->keygen = keygen;
234 void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
235 int (*ckey)(unsigned char **psec,
237 const EC_POINT *pub_key,
240 meth->compute_key = ckey;
243 void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
244 int (*sign)(int type, const unsigned char *dgst,
245 int dlen, unsigned char *sig,
246 unsigned int *siglen,
247 const BIGNUM *kinv, const BIGNUM *r,
249 int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
250 BIGNUM **kinvp, BIGNUM **rp),
251 ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
253 const BIGNUM *in_kinv,
258 meth->sign_setup = sign_setup;
259 meth->sign_sig = sign_sig;
262 void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
263 int (*verify)(int type, const unsigned
264 char *dgst, int dgst_len,
265 const unsigned char *sigbuf,
266 int sig_len, EC_KEY *eckey),
267 int (*verify_sig)(const unsigned char *dgst,
269 const ECDSA_SIG *sig,
272 meth->verify = verify;
273 meth->verify_sig = verify_sig;
276 void EC_KEY_METHOD_get_init(EC_KEY_METHOD *meth,
277 int (**pinit)(EC_KEY *key),
278 void (**pfinish)(EC_KEY *key),
279 int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
280 int (**pset_group)(EC_KEY *key,
281 const EC_GROUP *grp),
282 int (**pset_private)(EC_KEY *key,
283 const BIGNUM *priv_key),
284 int (**pset_public)(EC_KEY *key,
285 const EC_POINT *pub_key))
290 *pfinish = meth->finish;
293 if (pset_group != NULL)
294 *pset_group = meth->set_group;
295 if (pset_private != NULL)
296 *pset_private = meth->set_private;
297 if (pset_public != NULL)
298 *pset_public = meth->set_public;
301 void EC_KEY_METHOD_get_keygen(EC_KEY_METHOD *meth,
302 int (**pkeygen)(EC_KEY *key))
305 *pkeygen = meth->keygen;
308 void EC_KEY_METHOD_get_compute_key(EC_KEY_METHOD *meth,
309 int (**pck)(unsigned char **pout,
311 const EC_POINT *pub_key,
315 *pck = meth->compute_key;
318 void EC_KEY_METHOD_get_sign(EC_KEY_METHOD *meth,
319 int (**psign)(int type, const unsigned char *dgst,
320 int dlen, unsigned char *sig,
321 unsigned int *siglen,
322 const BIGNUM *kinv, const BIGNUM *r,
324 int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
325 BIGNUM **kinvp, BIGNUM **rp),
326 ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
328 const BIGNUM *in_kinv,
334 if (psign_setup != NULL)
335 *psign_setup = meth->sign_setup;
336 if (psign_sig != NULL)
337 *psign_sig = meth->sign_sig;
340 void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
341 int (**pverify)(int type, const unsigned
342 char *dgst, int dgst_len,
343 const unsigned char *sigbuf,
344 int sig_len, EC_KEY *eckey),
345 int (**pverify_sig)(const unsigned char *dgst,
347 const ECDSA_SIG *sig,
351 *pverify = meth->verify;
352 if (pverify_sig != NULL)
353 *pverify_sig = meth->verify_sig;