#include "crypto/asn1.h"
#include "crypto/evp.h"
#include <openssl/core_names.h>
-#include "internal/param_build.h"
+#include "openssl/param_build.h"
#include "ec_local.h"
#ifndef OPENSSL_NO_CMS
if ((curve_name = OBJ_nid2sn(curve_nid)) == NULL)
return 0;
- if (!ossl_param_bld_push_utf8_string(tmpl, OSSL_PKEY_PARAM_EC_NAME, curve_name, 0))
+ if (!OSSL_PARAM_BLD_push_utf8_string(tmpl, OSSL_PKEY_PARAM_EC_NAME, curve_name, 0))
return 0;
}
static
int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata,
- EVP_KEYMGMT *to_keymgmt)
+ EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx,
+ const char *propq)
{
const EC_KEY *eckey = NULL;
const EC_GROUP *ecg = NULL;
unsigned char *pub_key_buf = NULL;
size_t pub_key_buflen;
- OSSL_PARAM_BLD tmpl;
+ OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
const BIGNUM *priv_key = NULL;
const EC_POINT *pub_point = NULL;
int selection = 0;
int rv = 0;
+ BN_CTX *bnctx = NULL;
if (from == NULL
|| (eckey = from->pkey.ec) == NULL
if (EC_KEY_get_method(eckey) != EC_KEY_OpenSSL())
return 0;
- ossl_param_bld_init(&tmpl);
+ tmpl = OSSL_PARAM_BLD_new();
+ if (tmpl == NULL)
+ return 0;
/* export the domain parameters */
- if (!ecparams_to_params(eckey, &tmpl))
+ if (!ecparams_to_params(eckey, tmpl))
goto err;
selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
pub_point = EC_KEY_get0_public_key(eckey);
if (pub_point != NULL) {
+ /*
+ * EC_POINT_point2buf() can generate random numbers in some
+ * implementations so we need to ensure we use the correct libctx.
+ */
+ bnctx = BN_CTX_new_ex(libctx);
+ if (bnctx == NULL)
+ goto err;
+
/* convert pub_point to a octet string according to the SECG standard */
if ((pub_key_buflen = EC_POINT_point2buf(ecg, pub_point,
POINT_CONVERSION_COMPRESSED,
- &pub_key_buf, NULL)) == 0
- || !ossl_param_bld_push_octet_string(&tmpl,
+ &pub_key_buf, bnctx)) == 0
+ || !OSSL_PARAM_BLD_push_octet_string(tmpl,
OSSL_PKEY_PARAM_PUB_KEY,
pub_key_buf,
pub_key_buflen))
goto err;
sz = (ecbits + 7 ) / 8;
- if (!ossl_param_bld_push_BN_pad(&tmpl,
+ if (!OSSL_PARAM_BLD_push_BN_pad(tmpl,
OSSL_PKEY_PARAM_PRIV_KEY,
priv_key, sz))
goto err;
(EC_KEY_get_flags(eckey) & EC_FLAG_COFACTOR_ECDH) ? 1 : 0;
/* Export the ECDH_COFACTOR_MODE parameter */
- if (!ossl_param_bld_push_int(&tmpl,
+ if (!OSSL_PARAM_BLD_push_int(tmpl,
OSSL_PKEY_PARAM_USE_COFACTOR_ECDH,
ecdh_cofactor_mode))
goto err;
selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS;
}
- params = ossl_param_bld_to_param(&tmpl);
+ params = OSSL_PARAM_BLD_to_param(tmpl);
/* We export, the provider imports */
rv = evp_keymgmt_import(to_keymgmt, to_keydata, selection, params);
err:
- ossl_param_bld_free(params);
+ OSSL_PARAM_BLD_free(tmpl);
+ OSSL_PARAM_BLD_free_params(params);
OPENSSL_free(pub_key_buf);
+ BN_CTX_free(bnctx);
return rv;
}
-static int ec_pkey_import_from(const OSSL_PARAM params[], void *key)
+static int ec_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
{
- EVP_PKEY *pkey = key;
- EC_KEY *ec = EC_KEY_new();
+ EVP_PKEY_CTX *pctx = vpctx;
+ EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
+ EC_KEY *ec = EC_KEY_new_ex(pctx->libctx);
if (ec == NULL) {
ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);