2 * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/err.h>
11 #include "crypto/ec.h"
12 #include "prov/bio.h" /* ossl_prov_bio_printf() */
13 #include "prov/implementations.h" /* ec_keymgmt_functions */
14 #include "prov/providercommonerr.h" /* PROV_R_MISSING_OID */
15 #include "encoder_local.h"
17 void ec_get_new_free_import(OSSL_FUNC_keymgmt_new_fn **ec_new,
18 OSSL_FUNC_keymgmt_free_fn **ec_free,
19 OSSL_FUNC_keymgmt_import_fn **ec_import)
21 *ec_new = ossl_prov_get_keymgmt_new(ec_keymgmt_functions);
22 *ec_free = ossl_prov_get_keymgmt_free(ec_keymgmt_functions);
23 *ec_import = ossl_prov_get_keymgmt_import(ec_keymgmt_functions);
26 static int ossl_prov_print_ec_param_explicit_curve(BIO *out,
27 const EC_GROUP *group,
30 const char *plabel = "Prime:";
31 BIGNUM *p = NULL, *a = NULL, *b = NULL;
37 || !EC_GROUP_get_curve(group, p, a, b, ctx))
40 if (EC_GROUP_get_field_type(group) == NID_X9_62_characteristic_two_field) {
41 int basis_type = EC_GROUP_get_basis_type(group);
43 /* print the 'short name' of the base type OID */
44 if (basis_type == NID_undef
45 || BIO_printf(out, "Basis Type: %s\n", OBJ_nid2sn(basis_type)) <= 0)
47 plabel = "Polynomial:";
49 return ossl_prov_print_labeled_bignum(out, plabel, p)
50 && ossl_prov_print_labeled_bignum(out, "A: ", a)
51 && ossl_prov_print_labeled_bignum(out, "B: ", b);
54 static int ossl_prov_print_ec_param_explicit_gen(BIO *out,
55 const EC_GROUP *group,
58 const EC_POINT *point = NULL;
60 const char *glabel = NULL;
61 point_conversion_form_t form;
63 form = EC_GROUP_get_point_conversion_form(group);
64 point = EC_GROUP_get0_generator(group);
65 gen = BN_CTX_get(ctx);
69 || EC_POINT_point2bn(group, point, form, gen, ctx) == NULL)
74 case POINT_CONVERSION_COMPRESSED:
75 glabel = "Generator (compressed):";
77 case POINT_CONVERSION_UNCOMPRESSED:
78 glabel = "Generator (uncompressed):";
80 case POINT_CONVERSION_HYBRID:
81 glabel = "Generator (hybrid):";
86 return ossl_prov_print_labeled_bignum(out, glabel, gen);
91 /* Print explicit parameters */
92 static int ossl_prov_print_ec_param_explicit(BIO *out, const EC_GROUP *group,
97 const BIGNUM *order = NULL, *cofactor = NULL;
98 const unsigned char *seed;
101 ctx = BN_CTX_new_ex(libctx);
106 tmp_nid = EC_GROUP_get_field_type(group);
107 order = EC_GROUP_get0_order(group);
111 seed = EC_GROUP_get0_seed(group);
113 seed_len = EC_GROUP_get_seed_len(group);
114 cofactor = EC_GROUP_get0_cofactor(group);
116 /* print the 'short name' of the field type */
117 if (BIO_printf(out, "Field Type: %s\n", OBJ_nid2sn(tmp_nid)) <= 0
118 || !ossl_prov_print_ec_param_explicit_curve(out, group, ctx)
119 || !ossl_prov_print_ec_param_explicit_gen(out, group, ctx)
120 || !ossl_prov_print_labeled_bignum(out, "Order: ", order)
122 && !ossl_prov_print_labeled_bignum(out, "Cofactor: ", cofactor))
124 && !ossl_prov_print_labeled_buf(out, "Seed:", seed, seed_len)))
133 static int ossl_prov_print_ec_param(BIO *out, const EC_GROUP *group,
136 if (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) {
137 const char *curve_name;
138 int curve_nid = EC_GROUP_get_curve_name(group);
140 /* Explicit parameters */
141 if (curve_nid == NID_undef)
144 if (BIO_printf(out, "%s: %s\n", "ASN1 OID", OBJ_nid2sn(curve_nid)) <= 0)
147 /* TODO(3.0): Only named curves are currently supported */
148 curve_name = EC_curve_nid2nist(curve_nid);
149 return (curve_name == NULL
150 || BIO_printf(out, "%s: %s\n", "NIST CURVE", curve_name) > 0);
152 return ossl_prov_print_ec_param_explicit(out, group, libctx);
156 int ossl_prov_print_eckey(BIO *out, EC_KEY *eckey, enum ec_print_type type)
159 const char *type_label = NULL;
160 unsigned char *priv = NULL, *pub = NULL;
161 size_t priv_len = 0, pub_len = 0;
162 const EC_GROUP *group;
164 if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL)
169 type_label = "Private-Key";
172 type_label = "Public-Key";
174 case ec_print_params:
175 type_label = "EC-Parameters";
179 if (type == ec_print_priv) {
180 const BIGNUM *priv_key = EC_KEY_get0_private_key(eckey);
182 if (priv_key == NULL)
184 priv_len = EC_KEY_priv2buf(eckey, &priv);
189 if (type == ec_print_priv || type == ec_print_pub) {
190 const EC_POINT *pub_pt = EC_KEY_get0_public_key(eckey);
195 pub_len = EC_KEY_key2buf(eckey, EC_KEY_get_conv_form(eckey), &pub, NULL);
200 if (BIO_printf(out, "%s: (%d bit)\n", type_label,
201 EC_GROUP_order_bits(group)) <= 0)
204 && !ossl_prov_print_labeled_buf(out, "priv:", priv, priv_len))
207 && !ossl_prov_print_labeled_buf(out, "pub:", pub, pub_len))
209 ret = ossl_prov_print_ec_param(out, group, ec_key_get_libctx(eckey));
211 OPENSSL_clear_free(priv, priv_len);
215 ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
219 static int ossl_prov_prepare_ec_explicit_params(const void *eckey,
220 void **pstr, int *pstrtype)
222 ASN1_STRING *params = ASN1_STRING_new();
224 if (params == NULL) {
225 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
229 params->length = i2d_ECParameters(eckey, ¶ms->data);
230 if (params->length <= 0) {
231 ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE);
232 ASN1_STRING_free(params);
236 *pstrtype = V_ASN1_SEQUENCE;
241 int ossl_prov_prepare_ec_params(const void *eckey, int nid,
242 void **pstr, int *pstrtype)
245 const EC_GROUP *group = EC_KEY_get0_group(eckey);
246 ASN1_OBJECT *params = NULL;
250 curve_nid = EC_GROUP_get_curve_name(group);
251 if (curve_nid != NID_undef) {
252 params = OBJ_nid2obj(curve_nid);
257 if (curve_nid != NID_undef
258 && (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE)) {
259 if (OBJ_length(params) == 0) {
260 /* Some curves might not have an associated OID */
261 ERR_raise(ERR_LIB_PROV, PROV_R_MISSING_OID);
262 ASN1_OBJECT_free(params);
266 *pstrtype = V_ASN1_OBJECT;
269 return ossl_prov_prepare_ec_explicit_params(eckey, pstr, pstrtype);
273 int ossl_prov_ec_pub_to_der(const void *eckey, unsigned char **pder)
275 return i2o_ECPublicKey(eckey, pder);
278 int ossl_prov_ec_priv_to_der(const void *veckey, unsigned char **pder)
280 EC_KEY *eckey = (EC_KEY *)veckey;
281 unsigned int old_flags;
285 * For PKCS8 the curve name appears in the PKCS8_PRIV_KEY_INFO object
286 * as the pkeyalg->parameter field. (For a named curve this is an OID)
287 * The pkey field is an octet string that holds the encoded
288 * ECPrivateKey SEQUENCE with the optional parameters field omitted.
289 * We omit this by setting the EC_PKEY_NO_PARAMETERS flag.
291 old_flags = EC_KEY_get_enc_flags(eckey); /* save old flags */
292 EC_KEY_set_enc_flags(eckey, old_flags | EC_PKEY_NO_PARAMETERS);
293 ret = i2d_ECPrivateKey(eckey, pder);
294 EC_KEY_set_enc_flags(eckey, old_flags); /* restore old flags */
295 return ret; /* return the length of the der encoded data */