Add ECDH support.
authorBodo Möller <bodo@openssl.org>
Fri, 9 Aug 2002 08:43:04 +0000 (08:43 +0000)
committerBodo Möller <bodo@openssl.org>
Fri, 9 Aug 2002 08:43:04 +0000 (08:43 +0000)
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>

31 files changed:
CHANGES
Configure
Makefile.org
apps/req.c
apps/speed.c
crypto/Makefile.ssl
crypto/asn1/t_pkey.c
crypto/cryptlib.c
crypto/crypto.h
crypto/ec/ec.h
crypto/ec/ec_asn1.c
crypto/ec/ec_key.c
crypto/ecdh/Makefile.ssl [new file with mode: 0644]
crypto/ecdh/ecdh.h [new file with mode: 0644]
crypto/ecdh/ecdhtest.c [new file with mode: 0644]
crypto/ecdh/ech_err.c [new file with mode: 0644]
crypto/ecdh/ech_key.c [new file with mode: 0644]
crypto/ecdh/ech_lib.c [new file with mode: 0644]
crypto/ecdh/ech_ossl.c [new file with mode: 0644]
crypto/ecdsa/ecdsatest.c
crypto/engine/Makefile.ssl
crypto/engine/eng_fat.c
crypto/engine/eng_int.h
crypto/engine/eng_list.c
crypto/engine/eng_openssl.c
crypto/engine/engine.h
crypto/err/err.h
crypto/err/openssl.ec
crypto/x509/x509.h
test/Makefile.ssl
util/mkdef.pl

diff --git a/CHANGES b/CHANGES
index 7861246..d469038 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,12 @@
 
  Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
 
+  *) Add ECDH engine support.
+     [Nils Gura and Douglas Stebila (Sun Microsystems Laboratories)]
+
+  *) Add ECDH in new directory crypto/ecdh/.
+     [Douglas Stebila (Sun Microsystems Laboratories)]
+
   *) Let BN_rand_range() abort with an error after 100 iterations
      without success (which indicates a broken PRNG).
      [Bodo Moeller]
      - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
        d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
        them suitable for ECDSA where domain parameters must be
-       extracted before the specific public key.
+       extracted before the specific public key;
+     - ECDSA engine support has been added.
      [Nils Larsch <nla@trustcenter.de>]
 
   *) Include some named elliptic curves, and add OIDs from X9.62,
index f6a357b..b459b05 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -747,7 +747,20 @@ PROCESS_ARGS:
                                $depflags .= "-DOPENSSL_NO_MDC2 ";
                                $openssl_algorithm_defines .= "#define OPENSSL_NO_MDC2\n";
                                }
-                       if ($algo eq "EC" || $algo eq "SHA" || $algo eq "SHA1")
+                       if ($algo eq "EC")
+                               {
+                               push @skip, "ecdsa";
+                               push @skip, "ecdh";
+                               $options .= " no-ecdsa";
+                               $options .= " no-ecdh";
+                               $flags .= "-DOPENSSL_NO_ECDSA ";
+                               $flags .= "-DOPENSSL_NO_ECDH ";
+                               $depflags .= "-DOPENSSL_NO_ECDSA ";
+                               $depflags .= "-DOPENSSL_NO_ECDH ";
+                               $openssl_algorithm_defines .= "#define OPENSSL_NO_ECDSA\n";
+                               $openssl_algorithm_defines .= "#define OPENSSL_NO_ECDH\n";
+                               }
+                       if ($algo eq "SHA" || $algo eq "SHA1")
                                {
                                push @skip, "ecdsa";
                                $options .= " no-ecdsa";
index f17b551..53c4d83 100644 (file)
@@ -167,7 +167,7 @@ SHLIBDIRS= crypto ssl
 SDIRS=  \
        md2 md4 md5 sha mdc2 hmac ripemd \
        des rc2 rc4 rc5 idea bf cast \
-       bn ec rsa dsa ecdsa dh dso engine aes \
+       bn ec rsa dsa ecdsa dh ecdh dso engine aes \
        buffer bio stack lhash rand err objects \
        evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
 
index af2db16..b6bc85e 100644 (file)
@@ -369,16 +369,7 @@ int MAIN(int argc, char **argv)
                                BIO_free(in);
                                in=NULL;
                                
-                               {
-                               BIGNUM *order = BN_new();
-                               
-                               if (!order)
-                                       goto end;
-                               if (!EC_GROUP_get_order(ec_params->group, order, NULL))
-                                       goto end;
-                               newkey = BN_num_bits(order);
-                               BN_free(order);
-                               }
+                               newkey = EC_GROUP_get_degree(ec_params->group);
 
                                }
                        else
index fea0ffe..05d2b31 100644 (file)
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by 
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the Contribution as delivered hereunder 
+ * (or portions thereof), provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the Contribution;
+ *  2) separates from the Contribution; or
+ *  3) for infringements caused by:
+ *       i) the modification of the Contribution or
+ *      ii) the combination of the Contribution with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The ECDH and ECDSA speed test software is originally written by 
+ * Sumit Gupta of Sun Microsystems Laboratories.
+ *
+ */
 
 /* most of this code has been pilfered from my libdes speed.c program */
 
@@ -62,6 +88,8 @@
 #define SECONDS                3       
 #define RSA_SECONDS    10
 #define DSA_SECONDS    10
+#define ECDSA_SECONDS   10
+#define ECDH_SECONDS    10
 
 /* 11-Sep-92 Andrew Daviel   Support for Silicon Graphics IRIX added */
 /* 06-Apr-92 Luke Brennan    Support for VMS and add extra signal calls */
 #ifndef OPENSSL_NO_DSA
 #include "./testdsa.h"
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
+#ifndef OPENSSL_NO_ECDH
+#include <openssl/ecdh.h>
+#endif
 
 /* The following if from times(3) man page.  It may need to be changed */
 #ifndef HZ
@@ -226,6 +260,10 @@ static int do_multi(int multi);
 #define SIZE_NUM       5
 #define RSA_NUM                4
 #define DSA_NUM                3
+
+#define EC_NUM       15
+#define MAX_ECDH_SIZE 256
+
 static const char *names[ALGOR_NUM]={
   "md2","mdc2","md4","md5","hmac(md5)","sha1","rmd160","rc4",
   "des cbc","des ede3","idea cbc",
@@ -235,6 +273,9 @@ static double results[ALGOR_NUM][SIZE_NUM];
 static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
 static double rsa_results[RSA_NUM][2];
 static double dsa_results[DSA_NUM][2];
+static double ecdsa_results[EC_NUM][2];
+static double ecdh_results[EC_NUM][1];
+
 
 #ifdef SIGALRM
 #if defined(__STDC__) || defined(sgi) || defined(_AIX)
@@ -477,6 +518,23 @@ int MAIN(int argc, char **argv)
 #define        R_RSA_1024      1
 #define        R_RSA_2048      2
 #define        R_RSA_4096      3
+
+#define R_EC_P160    0
+#define R_EC_P224    1
+#define R_EC_P256    2
+#define R_EC_P384    3
+#define R_EC_P521    4
+#define R_EC_K163    5
+#define R_EC_K233    6
+#define R_EC_K283    7
+#define R_EC_K409    8
+#define R_EC_K571    9
+#define R_EC_B163    10
+#define R_EC_B233    11
+#define R_EC_B283    12
+#define R_EC_B409    13
+#define R_EC_B571    14
+
 #ifndef OPENSSL_NO_RSA
        RSA *rsa_key[RSA_NUM];
        long rsa_c[RSA_NUM][2];
@@ -492,8 +550,81 @@ int MAIN(int argc, char **argv)
        long dsa_c[DSA_NUM][2];
        static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
 #endif
+#ifndef OPENSSL_NO_EC
+       /* We only test over the following curves as they are representative, 
+        * To add tests over more curves, simply add the curve NID
+        * and curve name to the following arrays and increase the 
+        * EC_NUM value accordingly. 
+        */
+       static unsigned int test_curves[EC_NUM] = 
+       {       
+       /* Prime Curves */
+       EC_GROUP_SECG_PRIME_160R1,
+       EC_GROUP_NIST_PRIME_224,
+       EC_GROUP_NIST_PRIME_256,
+       EC_GROUP_NIST_PRIME_384,
+       EC_GROUP_NIST_PRIME_521,
+       /* Binary Curves */
+       EC_GROUP_NIST_CHAR2_K163,
+       EC_GROUP_NIST_CHAR2_K233,
+       EC_GROUP_NIST_CHAR2_K283,
+       EC_GROUP_NIST_CHAR2_K409,
+       EC_GROUP_NIST_CHAR2_K571,
+       EC_GROUP_NIST_CHAR2_B163,
+       EC_GROUP_NIST_CHAR2_B233,
+       EC_GROUP_NIST_CHAR2_B283,
+       EC_GROUP_NIST_CHAR2_B409,
+       EC_GROUP_NIST_CHAR2_B571
+       }; 
+       static char * test_curves_names[EC_NUM] = 
+       {
+       /* Prime Curves */
+       "secp160r1",
+       "nistp224",
+       "nistp256",
+       "nistp384",
+       "nistp521",
+       /* Binary Curves */
+       "nistk163",
+       "nistk233",
+       "nistk283",
+       "nistk409",
+       "nistk571",
+       "nistb163",
+       "nistb233",
+       "nistb283",
+       "nistb409",
+       "nistb571"
+       };
+       static int test_curves_bits[EC_NUM] =
+        {
+        160, 224, 256, 384, 521,
+        163, 233, 283, 409, 571,
+        163, 233, 283, 409, 571
+        };
+
+#endif
+
+#ifndef OPENSSL_NO_ECDSA
+        unsigned char ecdsasig[256];
+        unsigned int ecdsasiglen;
+        EC_KEY *ecdsa[EC_NUM];
+        long ecdsa_c[EC_NUM][2];
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+        EC_KEY *ecdh_a[EC_NUM], *ecdh_b[EC_NUM];
+        unsigned char secret_a[MAX_ECDH_SIZE], secret_b[MAX_ECDH_SIZE];
+        int secret_size_a, secret_size_b;
+        int ecdh_check = 0;
+        int secret_idx = 0;
+        long ecdh_c[EC_NUM][2];
+#endif
+
        int rsa_doit[RSA_NUM];
        int dsa_doit[DSA_NUM];
+       int ecdsa_doit[EC_NUM];
+        int ecdh_doit[EC_NUM];
        int doit[ALGOR_NUM];
        int pr_header=0;
        const EVP_CIPHER *evp_cipher=NULL;
@@ -512,6 +643,17 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_DSA
        memset(dsa_key,0,sizeof(dsa_key));
 #endif
+#ifndef OPENSSL_NO_ECDSA
+       for (i=0; i<EC_NUM; i++) ecdsa[i] = NULL;
+#endif
+#ifndef OPENSSL_NO_ECDH
+       for (i=0; i<EC_NUM; i++)
+               {
+               ecdh_a[i] = NULL;
+               ecdh_b[i] = NULL;
+               }
+#endif
+
 
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
@@ -550,6 +692,15 @@ int MAIN(int argc, char **argv)
                rsa_doit[i]=0;
        for (i=0; i<DSA_NUM; i++)
                dsa_doit[i]=0;
+#ifndef OPENSSL_NO_ECDSA
+       for (i=0; i<EC_NUM; i++)
+               ecdsa_doit[i]=0;
+#endif
+#ifndef OPENSSL_NO_ECDH
+       for (i=0; i<EC_NUM; i++)
+               ecdh_doit[i]=0;
+#endif
+
        
        j=0;
        argc--;
@@ -768,6 +919,52 @@ int MAIN(int argc, char **argv)
                        dsa_doit[R_DSA_1024]=1;
                        }
                else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+                    if (strcmp(*argv,"ecdsap160") == 0) ecdsa_doit[R_EC_P160]=2;
+               else if (strcmp(*argv,"ecdsap224") == 0) ecdsa_doit[R_EC_P224]=2;
+               else if (strcmp(*argv,"ecdsap256") == 0) ecdsa_doit[R_EC_P256]=2;
+               else if (strcmp(*argv,"ecdsap384") == 0) ecdsa_doit[R_EC_P384]=2;
+               else if (strcmp(*argv,"ecdsap521") == 0) ecdsa_doit[R_EC_P521]=2;
+               else if (strcmp(*argv,"ecdsak163") == 0) ecdsa_doit[R_EC_K163]=2;
+               else if (strcmp(*argv,"ecdsak233") == 0) ecdsa_doit[R_EC_K233]=2;
+               else if (strcmp(*argv,"ecdsak283") == 0) ecdsa_doit[R_EC_K283]=2;
+               else if (strcmp(*argv,"ecdsak409") == 0) ecdsa_doit[R_EC_K409]=2;
+               else if (strcmp(*argv,"ecdsak571") == 0) ecdsa_doit[R_EC_K571]=2;
+               else if (strcmp(*argv,"ecdsab163") == 0) ecdsa_doit[R_EC_B163]=2;
+               else if (strcmp(*argv,"ecdsab233") == 0) ecdsa_doit[R_EC_B233]=2;
+               else if (strcmp(*argv,"ecdsab283") == 0) ecdsa_doit[R_EC_B283]=2;
+               else if (strcmp(*argv,"ecdsab409") == 0) ecdsa_doit[R_EC_B409]=2;
+               else if (strcmp(*argv,"ecdsab571") == 0) ecdsa_doit[R_EC_B571]=2;
+               else if (strcmp(*argv,"ecdsa") == 0)
+                       {
+                       for (i=0; i < EC_NUM; i++)
+                               ecdsa_doit[i]=1;
+                       }
+               else
+#endif
+#ifndef OPENSSL_NO_ECDH
+                    if (strcmp(*argv,"ecdhp160") == 0) ecdh_doit[R_EC_P160]=2;
+               else if (strcmp(*argv,"ecdhp224") == 0) ecdh_doit[R_EC_P224]=2;
+               else if (strcmp(*argv,"ecdhp256") == 0) ecdh_doit[R_EC_P256]=2;
+               else if (strcmp(*argv,"ecdhp384") == 0) ecdh_doit[R_EC_P384]=2;
+               else if (strcmp(*argv,"ecdhp521") == 0) ecdh_doit[R_EC_P521]=2;
+               else if (strcmp(*argv,"ecdhk163") == 0) ecdh_doit[R_EC_K163]=2;
+               else if (strcmp(*argv,"ecdhk233") == 0) ecdh_doit[R_EC_K233]=2;
+               else if (strcmp(*argv,"ecdhk283") == 0) ecdh_doit[R_EC_K283]=2;
+               else if (strcmp(*argv,"ecdhk409") == 0) ecdh_doit[R_EC_K409]=2;
+               else if (strcmp(*argv,"ecdhk571") == 0) ecdh_doit[R_EC_K571]=2;
+               else if (strcmp(*argv,"ecdhb163") == 0) ecdh_doit[R_EC_B163]=2;
+               else if (strcmp(*argv,"ecdhb233") == 0) ecdh_doit[R_EC_B233]=2;
+               else if (strcmp(*argv,"ecdhb283") == 0) ecdh_doit[R_EC_B283]=2;
+               else if (strcmp(*argv,"ecdhb409") == 0) ecdh_doit[R_EC_B409]=2;
+               else if (strcmp(*argv,"ecdhb571") == 0) ecdh_doit[R_EC_B571]=2;
+               else if (strcmp(*argv,"ecdh") == 0)
+                       {
+                       for (i=0; i < EC_NUM; i++)
+                               ecdh_doit[i]=1;
+                       }
+               else
 #endif
                        {
                        BIO_printf(bio_err,"Error: bad option or value\n");
@@ -834,6 +1031,18 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_DSA
                        BIO_printf(bio_err,"dsa512   dsa1024  dsa2048\n");
 #endif
+#ifndef OPENSSL_NO_ECDSA
+                       BIO_printf(bio_err,"ecdsap160 ecdsap224 ecdsap256 ecdsap384 ecdsap521\n");
+                       BIO_printf(bio_err,"ecdsak163 ecdsak233 ecdsak283 ecdsak409 ecdsak571\n");
+                       BIO_printf(bio_err,"ecdsab163 ecdsab233 ecdsab283 ecdsab409 ecdsab571\n");
+                       BIO_printf(bio_err,"ecdsa\n");
+#endif
+#ifndef OPENSSL_NO_ECDH
+                       BIO_printf(bio_err,"ecdhp160  ecdhp224  ecdhp256  ecdhp384  ecdhp521\n");
+                       BIO_printf(bio_err,"ecdhk163  ecdhk233  ecdhk283  ecdhk409  ecdhk571\n");
+                       BIO_printf(bio_err,"ecdhb163  ecdhb233  ecdhb283  ecdhb409  ecdhb571\n");
+                       BIO_printf(bio_err,"ecdh\n");
+#endif
 
 #ifndef OPENSSL_NO_IDEA
                        BIO_printf(bio_err,"idea     ");
@@ -1063,6 +1272,114 @@ int MAIN(int argc, char **argv)
                }
 #endif
 
+#ifndef OPENSSL_NO_ECDSA
+       ecdsa_c[R_EC_P160][0]=count/1000;
+       ecdsa_c[R_EC_P160][1]=count/1000/2;
+       for (i=R_EC_P224; i<=R_EC_P521; i++)
+               {
+               ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
+               ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
+               if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+                       ecdsa_doit[i]=0;
+               else
+                       {
+                       if (ecdsa_c[i] == 0)
+                               {
+                               ecdsa_c[i][0]=1;
+                               ecdsa_c[i][1]=1;
+                               }
+                       }
+               }
+       ecdsa_c[R_EC_K163][0]=count/1000;
+       ecdsa_c[R_EC_K163][1]=count/1000/2;
+       for (i=R_EC_K233; i<=R_EC_K571; i++)
+               {
+               ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
+               ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
+               if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+                       ecdsa_doit[i]=0;
+               else
+                       {
+                       if (ecdsa_c[i] == 0)
+                               {
+                               ecdsa_c[i][0]=1;
+                               ecdsa_c[i][1]=1;
+                               }
+                       }
+               }
+       ecdsa_c[R_EC_B163][0]=count/1000;
+       ecdsa_c[R_EC_B163][1]=count/1000/2;
+       for (i=R_EC_B233; i<=R_EC_B571; i++)
+               {
+               ecdsa_c[i][0]=ecdsa_c[i-1][0]/2;
+               ecdsa_c[i][1]=ecdsa_c[i-1][1]/2;
+               if ((ecdsa_doit[i] <= 1) && (ecdsa_c[i][0] == 0))
+                       ecdsa_doit[i]=0;
+               else
+                       {
+                       if (ecdsa_c[i] == 0)
+                               {
+                               ecdsa_c[i][0]=1;
+                               ecdsa_c[i][1]=1;
+                               }
+                       }
+               }
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+       ecdh_c[R_EC_P160][0]=count/1000;
+       ecdh_c[R_EC_P160][1]=count/1000;
+       for (i=R_EC_P224; i<=R_EC_P521; i++)
+               {
+               ecdh_c[i][0]=ecdh_c[i-1][0]/2;
+               ecdh_c[i][1]=ecdh_c[i-1][1]/2;
+               if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+                       ecdh_doit[i]=0;
+               else
+                       {
+                       if (ecdh_c[i] == 0)
+                               {
+                               ecdh_c[i][0]=1;
+                               ecdh_c[i][1]=1;
+                               }
+                       }
+               }
+       ecdh_c[R_EC_K163][0]=count/1000;
+       ecdh_c[R_EC_K163][1]=count/1000;
+       for (i=R_EC_K233; i<=R_EC_K571; i++)
+               {
+               ecdh_c[i][0]=ecdh_c[i-1][0]/2;
+               ecdh_c[i][1]=ecdh_c[i-1][1]/2;
+               if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+                       ecdh_doit[i]=0;
+               else
+                       {
+                       if (ecdh_c[i] == 0)
+                               {
+                               ecdh_c[i][0]=1;
+                               ecdh_c[i][1]=1;
+                               }
+                       }
+               }
+       ecdh_c[R_EC_B163][0]=count/1000;
+       ecdh_c[R_EC_B163][1]=count/1000;
+       for (i=R_EC_B233; i<=R_EC_B571; i++)
+               {
+               ecdh_c[i][0]=ecdh_c[i-1][0]/2;
+               ecdh_c[i][1]=ecdh_c[i-1][1]/2;
+               if ((ecdh_doit[i] <= 1) && (ecdh_c[i][0] == 0))
+                       ecdh_doit[i]=0;
+               else
+                       {
+                       if (ecdh_c[i] == 0)
+                               {
+                               ecdh_c[i][0]=1;
+                               ecdh_c[i][1]=1;
+                               }
+                       }
+               }
+#endif
+
 #define COND(d)        (count < (d))
 #define COUNT(d) (d)
 #else
@@ -1587,6 +1904,215 @@ int MAIN(int argc, char **argv)
                }
        if (rnd_fake) RAND_cleanup();
 #endif
+
+#ifndef OPENSSL_NO_ECDSA
+       if (RAND_status() != 1) 
+               {
+               RAND_seed(rnd_seed, sizeof rnd_seed);
+               rnd_fake = 1;
+               }
+       for (j=0; j<EC_NUM; j++) 
+               {
+               int ret;
+
+               if (!ecdsa_doit[j]) continue; /* Ignore Curve */ 
+               ecdsa[j] = EC_KEY_new();
+               if (ecdsa[j] == NULL) 
+                       {
+                       BIO_printf(bio_err,"ECDSA failure.\n");
+                       ERR_print_errors(bio_err);
+                       rsa_count=1;
+                       } 
+               else 
+                       {
+                       ecdsa[j]->group = EC_GROUP_new_by_nid(test_curves[j]);
+                       /* Could not obtain group information */
+                       if (ecdsa[j]->group == NULL) 
+                               {
+                               BIO_printf(bio_err,"ECDSA failure.Could not obtain group information\n");
+                               ERR_print_errors(bio_err);
+                               rsa_count=1;
+                               } 
+                       else 
+                               {
+                               /* Perform ECDSA signature test */
+                               EC_KEY_generate_key(ecdsa[j]);
+                               ret = ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, 
+                                       &ecdsasiglen, ecdsa[j]);
+                               if (ret == 0) 
+                                       {
+                                       BIO_printf(bio_err,"ECDSA sign failure.  No ECDSA sign will be done.\n");
+                                       ERR_print_errors(bio_err);
+                                       rsa_count=1;
+                                       } 
+                               else 
+                                       {
+                                       pkey_print_message("sign","ecdsa",
+                                               ecdsa_c[j][0], 
+                                               test_curves_bits[j],
+                                               ECDSA_SECONDS);
+
+                                       Time_F(START);
+                                       for (count=0,run=1; COND(ecdsa_c[j][0]); count++) 
+                                               {
+                                               ret=ECDSA_sign(EVP_PKEY_ECDSA, buf, 20, ecdsasig, &ecdsasiglen, ecdsa[j]);
+                                               if (ret == 0) 
+                                                       {
+                                                       BIO_printf(bio_err, "ECDSA sign failure\n");
+                                                       ERR_print_errors(bio_err);
+                                                       count=1;
+                                                       break;
+                                                       }
+                                               }
+                                               d=Time_F(STOP);
+
+                                               BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" :
+                                               "%ld %d bit ECDSA signs in %.2fs \n", 
+                                               count, test_curves_bits[j], d);
+                                               ecdsa_results[j][0]=d/(double)count;
+                                               rsa_count=count;
+                                       }
+
+                               /* Perform ECDSA verification test */
+                               ret=ECDSA_verify(EVP_PKEY_ECDSA, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+                               if (ret != 1) 
+                                       {
+                                       BIO_printf(bio_err,"ECDSA verify failure.  No ECDSA verify will be done.\n");
+                                       ERR_print_errors(bio_err);
+                                       ecdsa_doit[j] = 0;
+                                       } 
+                               else 
+                                       {
+                                       pkey_print_message("verify","ecdsa",
+                                       ecdsa_c[j][1],
+                                       test_curves_bits[j],
+                                       ECDSA_SECONDS);
+                                       Time_F(START);
+                                       for (count=0,run=1; COND(ecdsa_c[j][1]); count++) 
+                                               {
+                                               ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]);
+                                               if (ret != 1) 
+                                                       {
+                                                       BIO_printf(bio_err, "ECDSA verify failure\n");
+                                                       ERR_print_errors(bio_err);
+                                                       count=1;
+                                                       break;
+                                                       }
+                                               }
+                                               d=Time_F(STOP);
+                                               BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n"
+                                                       : "%ld %d bit ECDSA verify in %.2fs\n",
+                                               count, test_curves_bits[j], d);
+                                               ecdsa_results[j][1]=d/(double)count;
+                                       }
+
+                               if (rsa_count <= 1) 
+                                       {
+                                       /* if longer than 10s, don't do any more */
+                                       for (j++; j<EC_NUM; j++)
+                                       ecdsa_doit[j]=0;
+                                       }
+                               }
+                       }
+               }
+       if (rnd_fake) RAND_cleanup();
+#endif
+
+#ifndef OPENSSL_NO_ECDH
+       if (RAND_status() != 1)
+               {
+               RAND_seed(rnd_seed, sizeof rnd_seed);
+               rnd_fake = 1;
+               }
+       for (j=0; j<EC_NUM; j++)
+               {
+               if (!ecdh_doit[j]) continue;
+               ecdh_a[j] = EC_KEY_new();
+               ecdh_b[j] = EC_KEY_new();
+               if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL))
+                       {
+                       BIO_printf(bio_err,"ECDH failure.\n");
+                       ERR_print_errors(bio_err);
+                       rsa_count=1;
+                       }
+               else
+                       {
+                       ecdh_a[j]->group = EC_GROUP_new_by_nid(test_curves[j]);
+                       if (ecdh_a[j]->group == NULL)
+                               {
+                               BIO_printf(bio_err,"ECDH failure.\n");
+                               ERR_print_errors(bio_err);
+                               rsa_count=1;
+                               }
+                       else
+                               {
+                               ecdh_b[j]->group = ecdh_a[j]->group;
+
+                               /* generate two ECDH key pairs */
+                               if (!EC_KEY_generate_key(ecdh_a[j]) ||
+                                       !EC_KEY_generate_key(ecdh_b[j]))
+                                       {
+                                       BIO_printf(bio_err,"ECDH key generation failure.\n");
+                                       ERR_print_errors(bio_err);
+                                       rsa_count=1;            
+                                       }
+                               else
+                                       {
+                                       secret_size_a = ECDH_compute_key(secret_a, 
+                                               ecdh_b[j]->pub_key,
+                                               ecdh_a[j]);
+                                       secret_size_b = ECDH_compute_key(secret_b, 
+                                               ecdh_a[j]->pub_key,
+                                               ecdh_b[j]);
+                                       if (secret_size_a != secret_size_b) 
+                                               ecdh_check = 0;
+                                       else
+                                               ecdh_check = 1;
+
+                                       for (secret_idx = 0; 
+                                           (secret_idx < secret_size_a) && (ecdh_check == 1);
+                                           secret_idx++)
+                                               {
+                                               if (secret_a[secret_idx] != secret_b[secret_idx])
+                                               ecdh_check = 0;
+                                               }
+
+                                       if (ecdh_check == 0)
+                                               {
+                                               BIO_printf(bio_err,"ECDH computations don't match.\n");
+                                               ERR_print_errors(bio_err);
+                                               rsa_count=1;            
+                                               }
+
+                                       pkey_print_message("","ecdh",
+                                       ecdh_c[j][0], 
+                                       test_curves_bits[j],
+                                       ECDH_SECONDS);
+                                       Time_F(START);
+                                       for (count=0,run=1; COND(ecdh_c[j][0]); count++)
+                                               {
+                                               ECDH_compute_key(secret_a, 
+                                               ecdh_b[j]->pub_key,
+                                               ecdh_a[j]);
+                                               }
+                                       d=Time_F(STOP);
+                                       BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n",
+                                       count, test_curves_bits[j], d);
+                                       ecdh_results[j][0]=d/(double)count;
+                                       rsa_count=count;
+                                       }
+                               }
+                       }
+
+               if (rsa_count <= 1)
+                       {
+                       /* if longer than 10s, don't do any more */
+                       for (j++; j<EC_NUM; j++)
+                       ecdh_doit[j]=0;
+                       }
+               }
+       if (rnd_fake) RAND_cleanup();
+#endif
 #ifdef HAVE_FORK
 show_res:
 #endif
@@ -1712,7 +2238,57 @@ show_res:
                                1.0/dsa_results[k][0],1.0/dsa_results[k][1]);
                }
 #endif
+#ifndef OPENSSL_NO_ECDSA
+       j=1;
+       for (k=0; k<EC_NUM; k++)
+               {
+               if (!ecdsa_doit[k]) continue;
+               if (j && !mr)
+                       {
+                       printf("%30ssign    verify    sign/s verify/s\n"," ");
+                       j=0;
+                       }
+
+               if (mr)
+                       fprintf(stdout,"+F4:%u:%u:%f:%f\n", 
+                               k, test_curves_bits[k],
+                               ecdsa_results[k][0],ecdsa_results[k][1]);
+               else
+                       fprintf(stdout,
+                               "%4u bit ecdsa (%s) %8.4fs %8.4fs %8.1f %8.1f\n", 
+                               test_curves_bits[k],
+                               test_curves_names[k],
+                               ecdsa_results[k][0],ecdsa_results[k][1], 
+                               1.0/ecdsa_results[k][0],1.0/ecdsa_results[k][1]);
+               }
+#endif
+
+
+#ifndef OPENSSL_NO_ECDH
+       j=1;
+       for (k=0; k<EC_NUM; k++)
+               {
+               if (!ecdh_doit[k]) continue;
+               if (j && !mr)
+                       {
+                       printf("%30sop      op/s\n"," ");
+                       j=0;
+                       }
+               if (mr)
+                       fprintf(stdout,"+F5:%u:%u:%f:%f\n",
+                               k, test_curves_bits[k],
+                               ecdh_results[k][0], 1.0/ecdh_results[k][0]);
+
+               else
+                       fprintf(stdout,"%4u bit ecdh (%s) %8.4fs %8.1f\n",
+                               test_curves_bits[k],
+                               test_curves_names[k],
+                               ecdh_results[k][0], 1.0/ecdh_results[k][0]);
+               }
+#endif
+
        mret=0;
+
 end:
        ERR_print_errors(bio_err);
        if (buf != NULL) OPENSSL_free(buf);
@@ -1727,6 +2303,22 @@ end:
                if (dsa_key[i] != NULL)
                        DSA_free(dsa_key[i]);
 #endif
+
+#ifndef OPENSSL_NO_ECDSA
+       for (i=0; i<EC_NUM; i++)
+               if (ecdsa[i] != NULL)
+                       EC_KEY_free(ecdsa[i]);
+#endif
+#ifndef OPENSSL_NO_ECDH
+       for (i=0; i<EC_NUM; i++)
+       {
+               if (ecdh_a[i] != NULL)
+                       EC_KEY_free(ecdh_a[i]);
+               if (ecdh_b[i] != NULL)
+                       EC_KEY_free(ecdh_b[i]);
+       }
+#endif
+
        apps_shutdown();
        EXIT(mret);
        }
@@ -1928,6 +2520,49 @@ static int do_multi(int multi)
                                else
                                        dsa_results[k][1]=d;
                                }
+#ifndef OPENSSL_NO_ECDSA
+                       else if(!strncmp(buf,"+F4:",4))
+                               {
+                               int k;
+                               double d;
+                               
+                               p=buf+4;
+                               k=atoi(sstrsep(&p,sep));
+                               sstrsep(&p,sep);
+
+                               d=atof(sstrsep(&p,sep));
+                               if(n)
+                                       ecdsa_results[k][0]=1/(1/ecdsa_results[k][0]+1/d);
+                               else
+                                       ecdsa_results[k][0]=d;
+
+                               d=atof(sstrsep(&p,sep));
+                               if(n)
+                                       ecdsa_results[k][1]=1/(1/ecdsa_results[k][1]+1/d);
+                               else
+                                       ecdsa_results[k][1]=d;
+                               }
+#endif 
+
+#ifndef OPENSSL_NO_ECDH
+                       else if(!strncmp(buf,"+F5:",4))
+                               {
+                               int k;
+                               double d;
+                               
+                               p=buf+4;
+                               k=atoi(sstrsep(&p,sep));
+                               sstrsep(&p,sep);
+
+                               d=atof(sstrsep(&p,sep));
+                               if(n)
+                                       ecdh_results[k][0]=1/(1/ecdh_results[k][0]+1/d);
+                               else
+                                       ecdh_results[k][0]=d;
+
+                               }
+#endif
+
                        else if(!strncmp(buf,"+H:",3))
                                {
                                }
index 55e970b..42a01e1 100644 (file)
@@ -28,7 +28,7 @@ LIBS=
 
 SDIRS= md2 md5 sha mdc2 hmac ripemd \
        des rc2 rc4 rc5 idea bf cast \
-       bn ec rsa dsa ecdsa dh dso engine aes \
+       bn ec rsa dsa ecdsa ecdh dh dso engine aes \
        buffer bio stack lhash rand err objects \
        evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
 
index fb01e38..873b5d7 100644 (file)
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Binary polynomial ECC support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #include <stdio.h>
 #include "cryptlib.h"
@@ -333,10 +338,21 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
                        goto err;
                        }
 
-               if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
+               if (EC_METHOD_get_field_type(EC_GROUP_method_of(x)) == NID_X9_62_prime_field) 
                        {
-                       reason = ERR_R_EC_LIB;
-                       goto err;
+                       if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
+                               {
+                               reason = ERR_R_EC_LIB;
+                               goto err;
+                               }
+                       }
+               else
+                       {
+                       if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx))
+                               {
+                               reason = ERR_R_EC_LIB;
+                               goto err;
+                               }
                        }
 
                if ((point = EC_GROUP_get0_generator(x)) == NULL)
index 9a7ed2c..b72f7fb 100644 (file)
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #include <stdio.h>
 #include <string.h>
@@ -105,7 +110,8 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
        "ui",
        "ecdsa",
        "ec",
-#if CRYPTO_NUM_LOCKS != 33
+       "ecdh",
+#if CRYPTO_NUM_LOCKS != 34
 # error "Inconsistency between crypto.h and cryptlib.c"
 #endif
        };
index 0991cf2..e4d1526 100644 (file)
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #ifndef HEADER_CRYPTO_H
 #define HEADER_CRYPTO_H
@@ -128,7 +133,8 @@ extern "C" {
 #define        CRYPTO_LOCK_UI                  30
 #define CRYPTO_LOCK_ECDSA               31
 #define CRYPTO_LOCK_EC                 32
-#define        CRYPTO_NUM_LOCKS                33
+#define CRYPTO_LOCK_ECDH                       33
+#define        CRYPTO_NUM_LOCKS                34
 
 #define CRYPTO_LOCK            1
 #define CRYPTO_UNLOCK          2
@@ -236,6 +242,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
 #define CRYPTO_EX_INDEX_X509           10
 #define CRYPTO_EX_INDEX_UI             11
 #define CRYPTO_EX_INDEX_ECDSA          12
+#define CRYPTO_EX_INDEX_ECDH           13
 
 /* Dynamically assigned indexes start from this value (don't use directly, use
  * via CRYPTO_ex_data_new_class). */
index 4a1787f..17083f2 100644 (file)
@@ -386,6 +386,7 @@ EC_KEY *EC_KEY_new(void);
 void EC_KEY_free(EC_KEY *);
 EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *);
 EC_KEY *EC_KEY_dup(const EC_KEY *);
+int EC_KEY_up_ref(EC_KEY *);
 
 /* EC_KEY_generate_key() creates a ec private (public) key */
 int EC_KEY_generate_key(EC_KEY *);
index bb81cfb..fa38f52 100644 (file)
@@ -57,6 +57,7 @@
 #include <openssl/err.h>
 #include <openssl/asn1t.h>
 #include <openssl/objects.h>
+#include <string.h>
 
 /* some structures needed for the asn1 encoding */
 typedef struct x9_62_fieldid_st {
index 790d930..f9f98cf 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * Portions originally developed by SUN MICROSYSTEMS, INC., and 
+ * contributed to the OpenSSL project.
+ */
 
 #include "ec_lcl.h"
 #include <openssl/err.h>
+#include <string.h>
 
 EC_KEY *EC_KEY_new(void)
        {
@@ -210,6 +216,22 @@ EC_KEY *EC_KEY_dup(const EC_KEY *eckey)
        return ret;
        }
 
+int EC_KEY_up_ref(EC_KEY *r)
+       {
+       int i = CRYPTO_add(&r->references, 1, CRYPTO_LOCK_EC);
+#ifdef REF_PRINT
+       REF_PRINT("EC_KEY",r);
+#endif
+#ifdef REF_CHECK
+       if (i < 2)
+               {
+               fprintf(stderr, "EC_KEY_up, bad reference count\n");
+               abort();
+               }
+#endif
+       return ((i > 1) ? 1 : 0);
+       }
+
 int EC_KEY_generate_key(EC_KEY *eckey)
        {       
        int     ok = 0;
diff --git a/crypto/ecdh/Makefile.ssl b/crypto/ecdh/Makefile.ssl
new file mode 100644 (file)
index 0000000..f8a4746
--- /dev/null
@@ -0,0 +1,121 @@
+#
+# crypto/ecdh/Makefile
+#
+
+DIR=   ecdh
+TOP=   ../..
+CC=    cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=          make -f Makefile.ssl
+MAKEDEPPROG=   makedepend
+MAKEDEPEND=    $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=      Makefile.ssl
+AR=            ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=        ech_lib.c ech_ossl.c ech_key.c ech_err.c
+
+LIBOBJ=        ech_lib.o ech_ossl.o ech_key.o ech_err.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdh.h
+HEADER=        $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+       (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:   lib
+
+lib:   $(LIBOBJ)
+       $(AR) $(LIB) $(LIBOBJ)
+       $(RANLIB) $(LIB) || echo Never mind.
+       @touch lib
+
+files:
+       $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+       @$(TOP)/util/point.sh Makefile.ssl Makefile
+       @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+       @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+       @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+       @for i in $(EXHEADER) ; \
+       do  \
+       (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+       chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+       done;
+
+tags:
+       ctags $(SRC)
+
+tests:
+
+lint:
+       lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+       $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
+
+dclean:
+       $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+       mv -f Makefile.new $(MAKEFILE)
+
+clean:
+       rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ech_err.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+ech_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ecdh.h
+ech_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ech_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_err.o: ../../include/openssl/symhacks.h ech_err.c
+ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ech_key.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ech_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ech_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ecdh.h
+ech_key.o: ech_key.c
+ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ech_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ech_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ech_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ech_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ech_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ech_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h ecdh.h
+ech_lib.o: ech_lib.c
+ech_ossl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ech_ossl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+ech_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ech_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ech_ossl.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h
+ech_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ech_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ech_ossl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ech_ossl.o: ecdh.h ech_ossl.c
diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h
new file mode 100644 (file)
index 0000000..b5b877b
--- /dev/null
@@ -0,0 +1,164 @@
+/* crypto/ecdh/ecdh.h */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the ECC Code;
+ *  2) separates from the ECC Code; or
+ *  3) for infringements caused by:
+ *       i) the modification of the ECC Code or
+ *      ii) the combination of the ECC Code with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDH_H
+#define HEADER_ECDH_H
+
+#ifdef OPENSSL_NO_ECDH
+#error ECDH is disabled.
+#endif
+
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/ossl_typ.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct ecdh_method 
+{
+       const char *name;
+       int (*compute_key)(unsigned char *key,const EC_POINT *pub_key, EC_KEY *ecdh);
+#if 0
+       int (*init)(EC_KEY *eckey);
+       int (*finish)(EC_KEY *eckey);
+#endif
+       int flags;
+       char *app_data;
+} ECDH_METHOD;
+
+typedef struct ecdh_data_st {
+       /* EC_KEY_METH_DATA part */
+       int (*init)(EC_KEY *);
+       void (*finish)(EC_KEY *);
+       /* method specific part */
+       ENGINE  *engine;
+       int     flags;
+       const ECDH_METHOD *meth;
+       CRYPTO_EX_DATA ex_data;
+} ECDH_DATA; 
+
+/* ECDH_DATA functions */
+ECDH_DATA *ECDH_DATA_new(void);
+ECDH_DATA *ECDH_DATA_new_method(ENGINE *);
+void ECDH_DATA_free(ECDH_DATA *);
+
+ECDH_DATA *ecdh_check(EC_KEY *);
+
+
+const ECDH_METHOD *ECDH_OpenSSL(void);
+
+void     ECDH_set_default_method(const ECDH_METHOD *);
+const ECDH_METHOD *ECDH_get_default_method(void);
+int      ECDH_set_method(EC_KEY *, const ECDH_METHOD *);
+
+int      ECDH_size(const EC_KEY *);
+int ECDH_compute_key(unsigned char *key,const EC_POINT *pub_key, EC_KEY *ecdh);
+
+
+int      ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new 
+               *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int      ECDH_set_ex_data(EC_KEY *d, int idx, void *arg);
+void     *ECDH_get_ex_data(EC_KEY *d, int idx);
+
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDH_strings(void);
+
+/* Error codes for the ECDH functions. */
+
+/* Function codes. */
+#define ECDH_F_ECDH_COMPUTE_KEY                                 100
+#define ECDH_F_ECDH_DATA_NEW                            101
+
+/* Reason codes. */
+#define ECDH_R_NO_PRIVATE_VALUE                                 100
+#define ECDH_R_POINT_ARITHMETIC_FAILURE                         101
+#define ECDH_R_SHA1_DIGEST_FAILED                       102
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c
new file mode 100644 (file)
index 0000000..65d0d14
--- /dev/null
@@ -0,0 +1,288 @@
+/* crypto/ecdh/ecdhtest.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the ECC Code;
+ *  2) separates from the ECC Code; or
+ *  3) for infringements caused by:
+ *       i) the modification of the ECC Code or
+ *      ii) the combination of the ECC Code with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef OPENSSL_SYS_WINDOWS
+#include "../bio/bss_file.c" 
+#endif
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/objects.h>
+#include <openssl/rand.h>
+#include <openssl/err.h>
+
+#ifdef OPENSSL_NO_ECDH
+int main(int argc, char *argv[])
+{
+    printf("No ECDH support\n");
+    return(0);
+}
+#else
+#include <openssl/ecdh.h>
+
+#ifdef OPENSSL_SYS_WIN16
+#define MS_CALLBACK    _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+static void MS_CALLBACK cb(int p, int n, void *arg);
+#ifdef OPENSSL_NO_STDIO
+#define APPS_WIN16
+#include "bss_file.c"
+#endif
+
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+
+int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out)
+       {
+       EC_KEY *a=NULL;
+       EC_KEY *b=NULL;
+       BIGNUM *x=NULL, *y=NULL;
+       char buf[12];
+       unsigned char *abuf=NULL,*bbuf=NULL;
+       int i,alen,blen,aout,bout,ret=0;
+
+       if ((a=EC_KEY_new()) == NULL) goto err;
+       if ((a->group=EC_GROUP_new_by_name(nid)) == NULL) goto err;
+
+       if ((b=EC_KEY_new()) == NULL) goto err;
+       b->group = a->group;
+
+       if ((x=BN_new()) == NULL) goto err;
+       if ((y=BN_new()) == NULL) goto err;
+
+       BIO_puts(out,"Testing key generation with ");
+       BIO_puts(out,text);
+       BIO_puts(out,"\n");
+
+       if (!EC_KEY_generate_key(a)) goto err;
+       BIO_puts(out,"  pri 1=");
+       BN_print(out,a->priv_key);
+       BIO_puts(out,"\n  pub 1=");
+       if (EC_METHOD_get_field_type(EC_GROUP_method_of(a->group)) == NID_X9_62_prime_field) 
+               {
+               if (!EC_POINT_get_affine_coordinates_GFp(a->group, a->pub_key, x, y, ctx)) goto err;
+               }
+       else
+               {
+               if (!EC_POINT_get_affine_coordinates_GF2m(a->group, a->pub_key, x, y, ctx)) goto err;
+               }
+       BN_print(out,x);
+       BIO_puts(out,",");
+       BN_print(out,y);
+       BIO_puts(out,"\n");
+
+       if (!EC_KEY_generate_key(b)) goto err;
+       BIO_puts(out,"  pri 2=");
+       BN_print(out,b->priv_key);
+       BIO_puts(out,"\n  pub 2=");
+       if (EC_METHOD_get_field_type(EC_GROUP_method_of(b->group)) == NID_X9_62_prime_field) 
+               {
+               if (!EC_POINT_get_affine_coordinates_GFp(b->group, b->pub_key, x, y, ctx)) goto err;
+               }
+       else
+               {
+               if (!EC_POINT_get_affine_coordinates_GF2m(a->group, b->pub_key, x, y, ctx)) goto err;
+               }
+       BN_print(out,x);
+       BIO_puts(out,",");
+       BN_print(out,y);
+       BIO_puts(out,"\n");
+
+       alen=ECDH_size(a);
+       abuf=(unsigned char *)OPENSSL_malloc(alen);
+       aout=ECDH_compute_key(abuf,b->pub_key,a);
+
+       BIO_puts(out,"  key1 =");
+       for (i=0; i<aout; i++)
+               {
+               sprintf(buf,"%02X",abuf[i]);
+               BIO_puts(out,buf);
+               }
+       BIO_puts(out,"\n");
+
+       blen=ECDH_size(b);
+       bbuf=(unsigned char *)OPENSSL_malloc(blen);
+       bout=ECDH_compute_key(bbuf,a->pub_key,b);
+
+       BIO_puts(out,"  key2 =");
+       for (i=0; i<bout; i++)
+               {
+               sprintf(buf,"%02X",bbuf[i]);
+               BIO_puts(out,buf);
+               }
+       BIO_puts(out,"\n");
+       if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
+               {
+               fprintf(stderr,"Error in ECDH routines\n");
+               ret=0;
+               }
+       else
+               ret=1;
+err:
+       ERR_print_errors_fp(stderr);
+
+       if (abuf != NULL) OPENSSL_free(abuf);
+       if (bbuf != NULL) OPENSSL_free(bbuf);
+       if (x) BN_free(x);
+       if (y) BN_free(y);
+       if (a->group) EC_GROUP_free(a->group);
+       a->group = b->group = NULL;
+       if (b) EC_KEY_free(b);
+       if (a) EC_KEY_free(a);
+       return(ret);
+       }
+
+int main(int argc, char *argv[])
+       {
+       BN_CTX *ctx=NULL;
+       int ret=1;
+       BIO *out;
+
+       CRYPTO_malloc_debug_init();
+       CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
+       CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+#ifdef OPENSSL_SYS_WIN32
+       CRYPTO_malloc_init();
+#endif
+
+       RAND_seed(rnd_seed, sizeof rnd_seed);
+
+       out=BIO_new(BIO_s_file());
+       if (out == NULL) exit(1);
+       BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+       if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+       /* NIST PRIME CURVES TESTS */
+       if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_192, "NIST Prime-Curve P-192", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_224, "NIST Prime-Curve P-224", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_256, "NIST Prime-Curve P-256", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_384, "NIST Prime-Curve P-384", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_PRIME_521, "NIST Prime-Curve P-521", ctx, out)) goto err;
+       /* NIST BINARY CURVES TESTS */
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K163, "NIST Binary-Curve K-163", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B163, "NIST Binary-Curve B-163", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K233, "NIST Binary-Curve K-233", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B233, "NIST Binary-Curve B-233", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K283, "NIST Binary-Curve K-283", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B283, "NIST Binary-Curve B-283", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K409, "NIST Binary-Curve K-409", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B409, "NIST Binary-Curve B-409", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_K571, "NIST Binary-Curve K-571", ctx, out)) goto err;
+       if (!test_ecdh_curve(EC_GROUP_NIST_CHAR2_B571, "NIST Binary-Curve B-571", ctx, out)) goto err;
+
+       ret = 0;
+
+err:
+       ERR_print_errors_fp(stderr);
+       if (ctx) BN_CTX_free(ctx);
+       BIO_free(out);
+       CRYPTO_cleanup_all_ex_data();
+       ERR_remove_state(0);
+       CRYPTO_mem_leaks_fp(stderr);
+       exit(ret);
+       return(ret);
+       }
+
+static void MS_CALLBACK cb(int p, int n, void *arg)
+       {
+       char c='*';
+
+       if (p == 0) c='.';
+       if (p == 1) c='+';
+       if (p == 2) c='*';
+       if (p == 3) c='\n';
+       BIO_write((BIO *)arg,&c,1);
+       (void)BIO_flush((BIO *)arg);
+#ifdef LINT
+       p=n;
+#endif
+       }
+#endif
diff --git a/crypto/ecdh/ech_err.c b/crypto/ecdh/ech_err.c
new file mode 100644 (file)
index 0000000..819b8ab
--- /dev/null
@@ -0,0 +1,97 @@
+/* crypto/ecdh/ech_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ecdh.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ECDH_str_functs[]=
+       {
+{ERR_PACK(0,ECDH_F_ECDH_COMPUTE_KEY,0),        "ECDH_compute_key"},
+{ERR_PACK(0,ECDH_F_ECDH_DATA_NEW,0),   "ECDH_DATA_new"},
+{0,NULL}
+       };
+
+static ERR_STRING_DATA ECDH_str_reasons[]=
+       {
+{ECDH_R_NO_PRIVATE_VALUE                 ,"no private value"},
+{ECDH_R_POINT_ARITHMETIC_FAILURE         ,"point arithmetic failure"},
+{ECDH_R_SHA1_DIGEST_FAILED               ,"sha1 digest failed"},
+{0,NULL}
+       };
+
+#endif
+
+void ERR_load_ECDH_strings(void)
+       {
+       static int init=1;
+
+       if (init)
+               {
+               init=0;
+#ifndef OPENSSL_NO_ERR
+               ERR_load_strings(ERR_LIB_ECDH,ECDH_str_functs);
+               ERR_load_strings(ERR_LIB_ECDH,ECDH_str_reasons);
+#endif
+
+               }
+       }
diff --git a/crypto/ecdh/ech_key.c b/crypto/ecdh/ech_key.c
new file mode 100644 (file)
index 0000000..d2fd363
--- /dev/null
@@ -0,0 +1,92 @@
+/* crypto/ecdh/ecdh_key.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the ECC Code;
+ *  2) separates from the ECC Code; or
+ *  3) for infringements caused by:
+ *       i) the modification of the ECC Code or
+ *      ii) the combination of the ECC Code with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecdh.h"
+#include <openssl/engine.h>
+
+int ECDH_compute_key(unsigned char *key, const EC_POINT *pub_key, EC_KEY *eckey)
+{
+       ECDH_DATA *ecdh = ecdh_check(eckey);
+       if (ecdh == NULL)
+               return NULL;
+       return ecdh->meth->compute_key(key, pub_key, eckey);
+}
diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c
new file mode 100644 (file)
index 0000000..d7f2e1a
--- /dev/null
@@ -0,0 +1,248 @@
+/* crypto/ecdh/ech_lib.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the ECC Code;
+ *  2) separates from the ECC Code; or
+ *  3) for infringements caused by:
+ *       i) the modification of the ECC Code or
+ *      ii) the combination of the ECC Code with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecdh.h"
+#include <string.h>
+#include <openssl/engine.h>
+
+const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT;
+
+static void ecdh_finish(EC_KEY *);
+
+static const ECDH_METHOD *default_ECDH_method = NULL;
+
+void ECDH_set_default_method(const ECDH_METHOD *meth)
+       {
+       default_ECDH_method = meth;
+       }
+
+const ECDH_METHOD *ECDH_get_default_method(void)
+       {
+       if(!default_ECDH_method) 
+               default_ECDH_method = ECDH_OpenSSL();
+       return default_ECDH_method;
+       }
+
+int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth)
+       {
+       const ECDH_METHOD *mtmp;
+       ECDH_DATA *ecdh;
+
+       ecdh = ecdh_check(eckey);
+
+       if (ecdh == NULL)
+               return 0;
+
+        mtmp = ecdh->meth;
+#if 0
+        if (mtmp->finish)
+               mtmp->finish(eckey);
+#endif
+       if (ecdh->engine)
+               {
+               ENGINE_finish(ecdh->engine);
+               ecdh->engine = NULL;
+               }
+        ecdh->meth = meth;
+#if 0
+        if (meth->init) 
+               meth->init(eckey);
+#endif
+        return 1;
+       }
+
+ECDH_DATA *ECDH_DATA_new(void)
+       {
+       return ECDH_DATA_new_method(NULL);
+       }
+
+ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine)
+       {
+       ECDH_DATA *ret;
+
+       ret=(ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA));
+       if (ret == NULL)
+               {
+               ECDHerr(ECDH_F_ECDH_DATA_NEW, ERR_R_MALLOC_FAILURE);
+               return(NULL);
+               }
+
+       ret->init = NULL;
+       ret->finish = ecdh_finish;
+
+       ret->meth = ECDH_get_default_method();
+       ret->engine = engine;
+       if (!ret->engine)
+               ret->engine = ENGINE_get_default_ECDH();
+       if (ret->engine)
+               {
+               ret->meth = ENGINE_get_ECDH(ret->engine);
+               if (!ret->meth)
+                       {
+                       ECDHerr(ECDH_F_ECDH_DATA_NEW, ERR_R_ENGINE_LIB);
+                       ENGINE_finish(ret->engine);
+                       OPENSSL_free(ret);
+                       return NULL;
+                       }
+               }
+
+       ret->flags = ret->meth->flags;
+       CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+#if 0
+       if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+               {
+               CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data);
+               OPENSSL_free(ret);
+               ret=NULL;
+               }
+#endif 
+       return(ret);
+       }
+
+void ECDH_DATA_free(ECDH_DATA *r)
+       {
+#if 0
+       if (r->meth->finish)
+               r->meth->finish(r);
+#endif
+       if (r->engine)
+               ENGINE_finish(r->engine);
+
+       CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data);
+
+       memset((void *)r, 0x0, sizeof(ECDH_DATA));
+
+       OPENSSL_free(r);
+       }
+
+ECDH_DATA *ecdh_check(EC_KEY *key)
+       {
+       if (key->meth_data)
+               {
+               if (key->meth_data->finish != ecdh_finish)
+                       {
+                       key->meth_data->finish(key);
+                       key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new();
+                       }
+               }
+       else
+               key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new();
+       return (ECDH_DATA *)key->meth_data;
+       }
+
+static void ecdh_finish(EC_KEY *key)
+       {
+       if (key->meth_data && key->meth_data->finish == ecdh_finish)
+               ECDH_DATA_free((ECDH_DATA *)key->meth_data);
+       }
+
+
+int ECDH_size(const EC_KEY *ecdh)
+       {
+       return 20;
+       }
+
+
+int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+            CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+       {
+       return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp,
+                               new_func, dup_func, free_func);
+       }
+
+int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg)
+       {
+       ECDH_DATA *ecdh;
+       ecdh = ecdh_check(d);
+       if (ecdh == NULL)
+               return 0;
+       return(CRYPTO_set_ex_data(&ecdh->ex_data,idx,arg));
+       }
+
+void *ECDH_get_ex_data(EC_KEY *d, int idx)
+       {
+       ECDH_DATA *ecdh;
+       ecdh = ecdh_check(d);
+       if (ecdh == NULL)
+               return NULL;
+       return(CRYPTO_get_ex_data(&ecdh->ex_data,idx));
+       }
diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c
new file mode 100644 (file)
index 0000000..105bc57
--- /dev/null
@@ -0,0 +1,187 @@
+/* crypto/ecdh/ech_ossl.c */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
+ * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
+ * to the OpenSSL project.
+ *
+ * The ECC Code is licensed pursuant to the OpenSSL open source
+ * license provided below.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the ECC Code as delivered hereunder (or portions thereof),
+ * provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the ECC Code;
+ *  2) separates from the ECC Code; or
+ *  3) for infringements caused by:
+ *       i) the modification of the ECC Code or
+ *      ii) the combination of the ECC Code with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The ECDH software is originally written by Douglas Stebila of
+ * Sun Microsystems Laboratories.
+ *
+ */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include "ecdh.h"
+#include <openssl/err.h>
+#include <openssl/sha.h>
+#include <openssl/obj_mac.h>
+
+static int ecdh_compute_key(unsigned char *key, const EC_POINT *pub_key, EC_KEY *ecdh);
+
+static ECDH_METHOD openssl_ecdh_meth = {
+       "OpenSSL ECDH method",
+       ecdh_compute_key,
+#if 0
+       NULL, /* init     */
+       NULL, /* finish   */
+#endif
+       0,    /* flags    */
+       NULL  /* app_data */
+};
+
+const ECDH_METHOD *ECDH_OpenSSL(void)
+       {
+       return &openssl_ecdh_meth;
+       }
+
+
+/* This implementation is based on the following primitives in the IEEE 1363 standard:
+ *  - ECKAS-DH1
+ *  - ECSVDP-DH
+ *  - KDF1 with SHA-1
+ */
+static int ecdh_compute_key(unsigned char *key, const EC_POINT *pub_key, EC_KEY *ecdh)
+       {
+       BN_CTX *ctx;
+       EC_POINT *tmp=NULL;
+       BIGNUM *x=NULL, *y=NULL;
+       int ret= -1, len;
+       unsigned char *buf=NULL;
+
+       if ((ctx = BN_CTX_new()) == NULL) goto err;
+       BN_CTX_start(ctx);
+       x = BN_CTX_get(ctx);
+       y = BN_CTX_get(ctx);
+       
+       if (ecdh->priv_key == NULL)
+               {
+               ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
+               goto err;
+               }
+
+       if ((tmp=EC_POINT_new(ecdh->group)) == NULL)
+               {
+               ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
+               goto err;
+               }
+
+       if (!EC_POINT_mul(ecdh->group, tmp, NULL, pub_key, ecdh->priv_key, ctx)) 
+               {
+               ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+               goto err;
+               }
+               
+       if (EC_METHOD_get_field_type(EC_GROUP_method_of(ecdh->group)) == NID_X9_62_prime_field) 
+               {
+               if (!EC_POINT_get_affine_coordinates_GFp(ecdh->group, tmp, x, y, ctx)) 
+                       {
+                       ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+                       goto err;
+                       }
+               }
+       else
+               {
+               if (!EC_POINT_get_affine_coordinates_GF2m(ecdh->group, tmp, x, y, ctx)) 
+                       {
+                       ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+                       goto err;
+                       }
+               }
+
+       if ((buf = (unsigned char *)OPENSSL_malloc(sizeof(unsigned char) * BN_num_bytes(x))) == NULL) 
+               {
+               ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
+               goto err;
+               }
+       
+       if ((len = BN_bn2bin(x,buf)) <= 0)
+               {
+               ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
+               goto err;
+               }
+
+       if ((SHA1(buf, len, key) == NULL))
+               {
+               ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_SHA1_DIGEST_FAILED);
+               goto err;
+               }
+       
+       ret = 20;
+
+err:
+       if (tmp) EC_POINT_free(tmp);
+       if (ctx) BN_CTX_end(ctx);
+       if (ctx) BN_CTX_free(ctx);
+       if (buf) OPENSSL_free(buf);
+       return(ret);
+       }
index daf6427..f69d8e9 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ *
+ * Portions of the attached software ("Contribution") are developed by 
+ * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
+ *
+ * The Contribution is licensed pursuant to the OpenSSL open source
+ * license provided above.
+ *
+ * In addition, Sun covenants to all licensees who provide a reciprocal
+ * covenant with respect to their own patents if any, not to sue under
+ * current and future patent claims necessarily infringed by the making,
+ * using, practicing, selling, offering for sale and/or otherwise
+ * disposing of the Contribution as delivered hereunder 
+ * (or portions thereof), provided that such covenant shall not apply:
+ *  1) for code that a licensee deletes from the Contribution;
+ *  2) separates from the Contribution; or
+ *  3) for infringements caused by:
+ *       i) the modification of the Contribution or
+ *      ii) the combination of the Contribution with other software or
+ *          devices where such combination causes the infringement.
+ *
+ * The elliptic curve binary polynomial software is originally written by 
+ * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories.
+ *
+ */
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -520,149 +547,63 @@ int main(void)
        OPENSSL_free(dgst);
        dgst = NULL;
 
-
-       /* NIST PRIME CURVES TESTS */
-       /* EC_GROUP_NIST_PRIME_192 */
        for (i=0; i<ECDSA_NIST_TESTS; i++)
-               if (!RAND_bytes(digest[i], 20)) goto err;       
-
-       BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n");
-       EC_KEY_free(ecdsa);
-       if ((ecdsa = EC_KEY_new()) == NULL) goto err;
-       if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) 
-               == NULL) goto err;
-       if (!EC_KEY_generate_key(ecdsa)) goto err;
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
-        tim = clock() - tim;
-       tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
-               , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
-       tim = clock();
-       for (i=0; i<ECDSA_NIST_TESTS; i++)
-               if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
-       tim = clock() - tim;
-       tim_d = (double)tim / CLOCKS_PER_SEC;
-       BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
-       for (i=0; i<ECDSA_NIST_TESTS; i++)
-       {
-               ECDSA_SIG_free(signatures[i]);
-               signatures[i] = NULL;
-       }
-
-       /* EC_GROUP_NIST_PRIME_224 */
-       BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n");
-        EC_KEY_free(ecdsa);
-        if ((ecdsa = EC_KEY_new()) == NULL) goto err;
-        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err;
-        if (!EC_KEY_generate_key(ecdsa)) goto err;
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
-       for (i=0; i<ECDSA_NIST_TESTS; i++)
-       {
-               ECDSA_SIG_free(signatures[i]);
-               signatures[i] = NULL;
-       }
-
-       /* EC_GROUP_NIST_PRIME_256 */
-        BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n");
-        EC_KEY_free(ecdsa);
-        if ((ecdsa = EC_KEY_new()) == NULL) goto err;
-        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err;
-        if (!EC_KEY_generate_key(ecdsa)) goto err;
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
-       for (i=0; i<ECDSA_NIST_TESTS; i++)
-       {
-               ECDSA_SIG_free(signatures[i]);
-               signatures[i] = NULL;
-       }
-
-       /* EC_GROUP_NIST_PRIME_384 */
-        BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n");
-        EC_KEY_free(ecdsa);
-        if ((ecdsa = EC_KEY_new()) == NULL) goto err;
-        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err;
-        if (!EC_KEY_generate_key(ecdsa)) goto err;
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
-       for (i=0; i<ECDSA_NIST_TESTS; i++)
-       {
-               ECDSA_SIG_free(signatures[i]);
-               signatures[i] = NULL;
+               if (!RAND_bytes(digest[i], 20)) goto err;
+
+       BIO_printf(bio_err, "\n");
+
+/* Macro for each test */
+#define ECDSA_GROUP_TEST(text, curve) \
+       BIO_printf(bio_err, "Testing sign & verify with %s : \n", text); \
+       EC_KEY_free(ecdsa); \
+       if ((ecdsa = EC_KEY_new()) == NULL) goto err; \
+       if ((ecdsa->group = EC_GROUP_new_by_name(curve)) == NULL) goto err; \
+       if (!EC_KEY_generate_key(ecdsa)) goto err; \
+        tim = clock(); \
+        for (i=0; i<ECDSA_NIST_TESTS; i++) \
+                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; \
+        tim = clock() - tim; \
+       tim_d = (double)tim / CLOCKS_PER_SEC; \
+        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n" \
+               , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS); \
+       tim = clock(); \
+       for (i=0; i<ECDSA_NIST_TESTS; i++) \
+               if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err; \
+       tim = clock() - tim; \
+       tim_d = (double)tim / CLOCKS_PER_SEC; \
+       BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n" \
+                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS); \
+       for (i=0; i<ECDSA_NIST_TESTS; i++) \
+       { \
+               ECDSA_SIG_free(signatures[i]); \
+               signatures[i] = NULL; \
        }
+       
+       /* NIST PRIME CURVES TESTS */
+       ECDSA_GROUP_TEST("NIST Prime-Curve P-192", EC_GROUP_NIST_PRIME_192);
+       ECDSA_GROUP_TEST("NIST Prime-Curve P-224", EC_GROUP_NIST_PRIME_224);
+       ECDSA_GROUP_TEST("NIST Prime-Curve P-256", EC_GROUP_NIST_PRIME_256);
+       ECDSA_GROUP_TEST("NIST Prime-Curve P-384", EC_GROUP_NIST_PRIME_384);
+       ECDSA_GROUP_TEST("NIST Prime-Curve P-521", EC_GROUP_NIST_PRIME_521);
+       /* NIST BINARY CURVES TESTS */
+       ECDSA_GROUP_TEST("NIST Binary-Curve K-163", EC_GROUP_NIST_CHAR2_K163);
+       ECDSA_GROUP_TEST("NIST Binary-Curve B-163", EC_GROUP_NIST_CHAR2_B163);
+       ECDSA_GROUP_TEST("NIST Binary-Curve K-233", EC_GROUP_NIST_CHAR2_K233);
+       ECDSA_GROUP_TEST("NIST Binary-Curve B-233", EC_GROUP_NIST_CHAR2_B233);
+       ECDSA_GROUP_TEST("NIST Binary-Curve K-283", EC_GROUP_NIST_CHAR2_K283);
+       ECDSA_GROUP_TEST("NIST Binary-Curve B-283", EC_GROUP_NIST_CHAR2_B283);
+       ECDSA_GROUP_TEST("NIST Binary-Curve K-409", EC_GROUP_NIST_CHAR2_K409);
+       ECDSA_GROUP_TEST("NIST Binary-Curve B-409", EC_GROUP_NIST_CHAR2_B409);
+       ECDSA_GROUP_TEST("NIST Binary-Curve K-571", EC_GROUP_NIST_CHAR2_K571);
+       ECDSA_GROUP_TEST("NIST Binary-Curve B-571", EC_GROUP_NIST_CHAR2_B571);
+#undef ECDSA_GROUP_TEST
 
-       /* EC_GROUP_NIST_PRIME_521 */
-        BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n");
-        EC_KEY_free(ecdsa);
-        if ((ecdsa = EC_KEY_new()) == NULL) goto err;
-        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err;
-        if (!EC_KEY_generate_key(ecdsa)) goto err;
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
-        tim = clock();
-        for (i=0; i<ECDSA_NIST_TESTS; i++)
-                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
-        tim = clock() - tim;
-        tim_d = (double)tim / CLOCKS_PER_SEC;
-        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
-                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
        EC_KEY_free(ecdsa);
        ecdsa = NULL;
-       for (i=0; i<ECDSA_NIST_TESTS; i++)
-       {
-               ECDSA_SIG_free(signatures[i]);
-               signatures[i] = NULL;
-       }
-
        OPENSSL_free(buffer);
        buffer = NULL;
        EVP_PKEY_free(pkey);
        pkey = NULL;
-       ecdsa = NULL;
        
        ret = 1;
 err:   if (!ret)       
@@ -675,6 +616,7 @@ err:        if (!ret)
        if (d)          BN_free(d);
        if (dgst)       OPENSSL_free(dgst);
        if (md_ctx)     EVP_MD_CTX_destroy(md_ctx);
+       if (pkey)       EVP_PKEY_free(pkey);
        CRYPTO_cleanup_all_ex_data();
        ERR_remove_state(0);
        ERR_free_strings();
index 1b3680b..4dab2dc 100644 (file)
@@ -25,13 +25,13 @@ APPS=
 LIB=$(TOP)/libcrypto.a
 LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
        eng_table.c eng_pkey.c eng_fat.c eng_all.c \
-       tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
+       tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c tb_ecdh.c \
        eng_openssl.c eng_dyn.c eng_cnf.c \
        hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
        hw_openbsd_dev_crypto.c hw_aep.c hw_sureware.c hw_4758_cca.c
 LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
        eng_table.o eng_pkey.o eng_fat.o eng_all.o \
-       tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
+       tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o tb_ecdh.o \
        eng_openssl.o eng_dyn.o eng_cnf.o \
        hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
        hw_openbsd_dev_crypto.o hw_aep.o hw_sureware.o hw_4758_cca.o
@@ -540,6 +540,28 @@ tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 tb_dsa.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 tb_dsa.o: eng_int.h tb_dsa.c
+tb_ecdh.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
+tb_ecdh.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+tb_ecdh.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+tb_ecdh.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+tb_ecdh.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+tb_ecdh.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+tb_ecdh.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+tb_ecdh.o: ../../include/openssl/ecdh.h ../../include/openssl/engine.h
+tb_ecdh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+tb_ecdh.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+tb_ecdh.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+tb_ecdh.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+tb_ecdh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_ecdh.o: ../../include/openssl/opensslconf.h
+tb_ecdh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdh.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
+tb_ecdh.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+tb_ecdh.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+tb_ecdh.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+tb_ecdh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_ecdh.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
+tb_ecdh.o: eng_int.h tb_ecdh.c
 tb_ecdsa.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
 tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 tb_ecdsa.o: ../../include/openssl/bn.h ../../include/openssl/cast.h
index f7edb5a..c0d03cc 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #include <openssl/crypto.h>
 #include "cryptlib.h"
@@ -76,6 +81,14 @@ int ENGINE_set_default(ENGINE *e, unsigned int flags)
 #ifndef OPENSSL_NO_DH
        if((flags & ENGINE_METHOD_DH) & !ENGINE_set_default_DH(e))
                return 0;
+#endif
+#ifndef OPENSSL_NO_ECDH
+       if((flags & ENGINE_METHOD_ECDH) & !ENGINE_set_default_ECDH(e))
+               return 0;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+       if((flags & ENGINE_METHOD_ECDSA) & !ENGINE_set_default_ECDSA(e))
+               return 0;
 #endif
        if((flags & ENGINE_METHOD_RAND) & !ENGINE_set_default_RAND(e))
                return 0;
@@ -93,6 +106,10 @@ static int int_def_cb(const char *alg, int len, void *arg)
                *pflags |= ENGINE_METHOD_RSA;
        else if (!strncmp(alg, "DSA", len))
                *pflags |= ENGINE_METHOD_DSA;
+       else if (!strncmp(alg, "ECDH", len))
+               *pflags |= ENGINE_METHOD_ECDH;
+       else if (!strncmp(alg, "ECDSA", len))
+               *pflags |= ENGINE_METHOD_ECDSA;
        else if (!strncmp(alg, "DH", len))
                *pflags |= ENGINE_METHOD_DH;
        else if (!strncmp(alg, "RAND", len))
@@ -132,6 +149,12 @@ int ENGINE_register_complete(ENGINE *e)
 #endif
 #ifndef OPENSSL_NO_DH
        ENGINE_register_DH(e);
+#endif
+#ifndef OPENSSL_NO_ECDH
+       ENGINE_register_ECDH(e);
+#endif
+#ifndef OPENSSL_NO_ECDSA
+       ENGINE_register_ECDSA(e);
 #endif
        ENGINE_register_RAND(e);
        return 1;
index 0407de9..2c82861 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #ifndef HEADER_ENGINE_INT_H
 #define HEADER_ENGINE_INT_H
@@ -146,6 +151,7 @@ struct engine_st
        const RSA_METHOD *rsa_meth;
        const DSA_METHOD *dsa_meth;
        const DH_METHOD *dh_meth;
+       const ECDH_METHOD *ecdh_meth;
        const ECDSA_METHOD *ecdsa_meth;
        const RAND_METHOD *rand_meth;
        /* Cipher handling is via this callback */
index da53c1c..5018856 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #include <openssl/crypto.h>
 #include "cryptlib.h"
@@ -324,6 +329,9 @@ static void engine_cpy(ENGINE *dest, const ENGINE *src)
 #ifndef OPENSSL_NO_DH
        dest->dh_meth = src->dh_meth;
 #endif
+#ifndef OPENSSL_NO_ECDH
+       dest->ecdh_meth = src->ecdh_meth;
+#endif
 #ifndef OPENSSL_NO_ECDSA
        dest->ecdsa_meth = src->ecdsa_meth;
 #endif
index e9d976f..45fa618 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 
 #include <stdio.h>
@@ -109,6 +114,12 @@ static int bind_helper(ENGINE *e)
 #ifndef OPENSSL_NO_DSA
                        || !ENGINE_set_DSA(e, DSA_get_default_method())
 #endif
+#ifndef OPENSSL_NO_ECDH
+                       || !ENGINE_set_ECDH(e, ECDH_OpenSSL())
+#endif
+#ifndef OPENSSL_NO_ECDSA
+                       || !ENGINE_set_ECDSA(e, ECDSA_OpenSSL())
+#endif
 #ifndef OPENSSL_NO_DH
                        || !ENGINE_set_DH(e, DH_get_default_method())
 #endif
index 1cd27f8..50638d4 100644 (file)
  * Hudson (tjh@cryptsoft.com).
  *
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #ifndef HEADER_ENGINE_H
 #define HEADER_ENGINE_H
@@ -70,6 +75,9 @@
 #ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
 #endif
+#ifndef OPENSSL_NO_ECDH
+#include <openssl/ecdh.h>
+#endif
 #ifndef OPENSSL_NO_ECDSA
 #include <openssl/ecdsa.h>
 #endif
@@ -92,6 +100,9 @@ typedef void DSA_METHOD;
 #ifdef OPENSSL_NO_DH
 typedef void DH_METHOD;
 #endif
+#ifdef OPENSSL_NO_ECDH
+typedef void ECDH_METHOD;
+#endif
 #ifdef OPENSSL_NO_ECDSA
 typedef void ECDSA_METHOD;
 #endif
@@ -102,7 +113,8 @@ typedef void ECDSA_METHOD;
 #define ENGINE_METHOD_DSA              (unsigned int)0x0002
 #define ENGINE_METHOD_DH               (unsigned int)0x0004
 #define ENGINE_METHOD_RAND             (unsigned int)0x0008
-#define ENGINE_METHOD_ECDSA            (unsigned int)0x000F
+#define ENGINE_METHOD_ECDH             (unsigned int)0x0010
+#define ENGINE_METHOD_ECDSA            (unsigned int)0x0020
 #define ENGINE_METHOD_CIPHERS          (unsigned int)0x0040
 #define ENGINE_METHOD_DIGESTS          (unsigned int)0x0080
 /* Obvious all-or-nothing cases. */
@@ -338,6 +350,10 @@ int ENGINE_register_DSA(ENGINE *e);
 void ENGINE_unregister_DSA(ENGINE *e);
 void ENGINE_register_all_DSA(void);
 
+int ENGINE_register_ECDH(ENGINE *e);
+void ENGINE_unregister_ECDH(ENGINE *e);
+void ENGINE_register_all_ECDH(void);
+
 int ENGINE_register_ECDSA(ENGINE *e);
 void ENGINE_unregister_ECDSA(ENGINE *e);
 void ENGINE_register_all_ECDSA(void);
@@ -421,6 +437,7 @@ int ENGINE_set_id(ENGINE *e, const char *id);
 int ENGINE_set_name(ENGINE *e, const char *name);
 int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
 int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
+int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
 int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
 int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
 int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
@@ -454,6 +471,7 @@ const char *ENGINE_get_id(const ENGINE *e);
 const char *ENGINE_get_name(const ENGINE *e);
 const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
 const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
+const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
 const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
 const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
 const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
@@ -507,6 +525,7 @@ EVP_PKEY *ENGINE_load_public_key(ENGINE *e, const char *key_id,
 ENGINE *ENGINE_get_default_RSA(void);
 /* Same for the other "methods" */
 ENGINE *ENGINE_get_default_DSA(void);
+ENGINE *ENGINE_get_default_ECDH(void);
 ENGINE *ENGINE_get_default_ECDSA(void);
 ENGINE *ENGINE_get_default_DH(void);
 ENGINE *ENGINE_get_default_RAND(void);
@@ -523,6 +542,7 @@ int ENGINE_set_default_RSA(ENGINE *e);
 int ENGINE_set_default_string(ENGINE *e, const char *list);
 /* Same for the other "methods" */
 int ENGINE_set_default_DSA(ENGINE *e);
+int ENGINE_set_default_ECDH(ENGINE *e);
 int ENGINE_set_default_ECDSA(ENGINE *e);
 int ENGINE_set_default_DH(ENGINE *e);
 int ENGINE_set_default_RAND(ENGINE *e);
index b591d11..ec895c4 100644 (file)
@@ -132,6 +132,7 @@ typedef struct err_state_st
 #define ERR_LIB_UI              40
 #define ERR_LIB_COMP            41
 #define ERR_LIB_ECDSA          42
+#define ERR_LIB_ECDH           43
 
 #define ERR_LIB_USER           128
 
@@ -161,6 +162,7 @@ typedef struct err_state_st
 #define UIerr(f,r) ERR_PUT_error(ERR_LIB_UI,(f),(r),__FILE__,__LINE__)
 #define COMPerr(f,r) ERR_PUT_error(ERR_LIB_COMP,(f),(r),__FILE__,__LINE__)
 #define ECDSAerr(f,r)  ERR_PUT_error(ERR_LIB_ECDSA,(f),(r),__FILE__,__LINE__)
+#define ECDHerr(f,r)  ERR_PUT_error(ERR_LIB_ECDH,(f),(r),__FILE__,__LINE__)
 
 /* Borland C seems too stupid to be able to shift and do longs in
  * the pre-processor :-( */
@@ -214,6 +216,7 @@ typedef struct err_state_st
 #define ERR_R_UI_LIB    ERR_LIB_UI       /* 40 */
 #define ERR_R_COMP_LIB ERR_LIB_COMP     /* 41 */
 #define ERR_R_ECDSA_LIB ERR_LIB_ECDSA   /* 42 */
+#define ERR_R_ECDH_LIB  ERR_LIB_ECDH    /* 43 */
 
 #define ERR_R_NESTED_ASN1_ERROR                        58
 #define ERR_R_BAD_ASN1_OBJECT_HEADER           59
index 11bb1f9..38d68f2 100644 (file)
@@ -28,6 +28,7 @@ L ENGINE      crypto/engine/engine.h          crypto/engine/eng_err.c
 L OCSP         crypto/ocsp/ocsp.h              crypto/ocsp/ocsp_err.c
 L UI           crypto/ui/ui.h                  crypto/ui/ui_err.c
 L ECDSA                crypto/ecdsa/ecdsa.h            crypto/ecdsa/ecs_err.c
+L ECDH         crypto/ecdh/ecdh.h              crypto/ecdh/ech_err.c
 
 # additional header files to be scanned for function names
 L NONE         crypto/x509/x509_vfy.h          NONE
index 46a6e5a..8b42b09 100644 (file)
  * copied and put under another distribution licence
  * [including the GNU Public Licence.]
  */
+/* ====================================================================
+ * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
+ * ECDH support in OpenSSL originally developed by 
+ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
+ */
 
 #ifndef HEADER_X509_H
 #define HEADER_X509_H
 #include <openssl/ecdsa.h>
 #endif
 
+#ifndef OPENSSL_NO_ECDH
+#include <openssl/ecdh.h>
+#endif
+
 #ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
 #endif
index 860f569..bc27eeb 100644 (file)
@@ -34,6 +34,7 @@ LIBSSL= -L.. -lssl
 BNTEST=                bntest
 ECTEST=                ectest
 ECDSATEST=     ecdsatest
+ECDHTEST=      ecdhtest
 EXPTEST=       exptest
 IDEATEST=      ideatest
 SHATEST=       shatest
@@ -61,7 +62,7 @@ EVPTEST=      evp_test
 
 TESTS=         alltests
 
-EXE=   $(BNTEST) $(ECTEST)  $(ECDSATEST) $(IDEATEST) \
+EXE=   $(BNTEST) $(ECTEST)  $(ECDSATEST) $(ECDHTEST) $(IDEATEST) \
        $(MD2TEST)  $(MD4TEST) $(MD5TEST) $(HMACTEST) \
        $(RC2TEST) $(RC4TEST) $(RC5TEST) \
        $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RMDTEST) \
@@ -71,7 +72,7 @@ EXE=  $(BNTEST) $(ECTEST)  $(ECDSATEST) $(IDEATEST) \
 
 # $(METHTEST)
 
-OBJ=   $(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(IDEATEST).o \
+OBJ=   $(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(ECDHTEST).o $(IDEATEST).o \
        $(MD2TEST).o $(MD4TEST).o $(MD5TEST).o \
        $(HMACTEST).o \
        $(RC2TEST).o $(RC4TEST).o $(RC5TEST).o \
@@ -79,7 +80,7 @@ OBJ=  $(BNTEST).o $(ECTEST).o  $(ECDSATEST).o $(IDEATEST).o \
        $(RANDTEST).o $(DHTEST).o $(ENGINETEST).o $(CASTTEST).o \
        $(BFTEST).o  $(SSLTEST).o  $(DSATEST).o  $(EXPTEST).o $(RSATEST).o \
        $(EVPTEST).o
-SRC=   $(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(IDEATEST).c \
+SRC=   $(BNTEST).c $(ECTEST).c  $(ECDSATEST).c $(ECDHTEST).c $(IDEATEST).c \
        $(MD2TEST).c  $(MD4TEST).c $(MD5TEST).c \
        $(HMACTEST).c \
        $(RC2TEST).c $(RC4TEST).c $(RC5TEST).c \
@@ -130,7 +131,7 @@ alltests.chooser: \
        test_des test_idea test_sha test_md4 test_md5 test_hmac \
        test_md2 test_mdc2 \
        test_rmd test_rc2 test_rc4 test_rc5 test_bf test_cast test_rd \
-       test_rand test_bn test_ec test_ecdsa \
+       test_rand test_bn test_ec test_ecdsa test_ecdh \
        test_enc test_x509 test_rsa test_crl test_sid \
        test_gen test_req test_pkcs7 test_verify test_dh test_dsa \
        test_ss test_ca test_engine test_evp test_ssl
@@ -230,6 +231,10 @@ test_ecdsa:
        @echo 'test ecdsa'
        ./$(ECDSATEST)
 
+test_ecdh:
+       @echo 'test ecdh'
+       ./$(ECDHTEST)
+
 test_verify:
        @echo "The following command should have some OK's and some failures"
        @echo "There are definitly a few expired certificates"
@@ -372,6 +377,9 @@ $(EVPTEST): $(EVPTEST).o $(DLIBCRYPTO)
 $(ECDSATEST): $(ECDSATEST).o $(DLIBCRYPTO)
        $(CC) -o $(ECDSATEST) $(CFLAGS) $(ECDSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
        
+$(ECDHTEST): $(ECDHTEST).o $(DLIBCRYPTO)
+       $(CC) -o $(ECDHTEST) $(CFLAGS) $(ECDHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
 #$(RDTEST).o: $(RDTEST).c
 #      $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(RDTEST).c
 
@@ -466,6 +474,21 @@ ectest.o: ../include/openssl/opensslv.h ../include/openssl/ossl_typ.h
 ectest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
 ectest.o: ../include/openssl/safestack.h ../include/openssl/stack.h
 ectest.o: ../include/openssl/symhacks.h ../include/openssl/ui.h ectest.c
+ecdhtest.o: ../include/openssl/bio.h ../include/openssl/bn.h
+ecdhtest.o: ../include/openssl/buffer.h ../include/openssl/crypto.h
+ecdhtest.o: ../include/openssl/dh.h ../include/openssl/dsa.h
+ecdhtest.o: ../include/openssl/e_os2.h ../include/openssl/ec.h
+ecdhtest.o: ../include/openssl/ecdh.h ../include/openssl/ecdsa.h
+ecdhtest.o: ../include/openssl/engine.h ../include/openssl/err.h
+ecdhtest.o: ../include/openssl/evp.h ../include/openssl/lhash.h
+ecdhtest.o: ../include/openssl/obj_mac.h ../include/openssl/objects.h
+ecdhtest.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
+ecdhtest.o: ../include/openssl/ossl_typ.h ../include/openssl/pkcs7.h
+ecdhtest.o: ../include/openssl/rand.h ../include/openssl/rsa.h
+ecdhtest.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+ecdhtest.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
+ecdhtest.o: ../include/openssl/ui.h ../include/openssl/x509.h
+ecdhtest.o: ../include/openssl/x509_vfy.h ecdhtest.c
 enginetest.o: ../include/openssl/asn1.h ../include/openssl/bio.h
 enginetest.o: ../include/openssl/bn.h ../include/openssl/buffer.h
 enginetest.o: ../include/openssl/crypto.h ../include/openssl/dh.h
index 64d2124..3fe6d28 100755 (executable)
@@ -84,7 +84,7 @@ my @known_ossl_platforms = ( "VMS", "WIN16", "WIN32", "WINNT", "OS2" );
 my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
                         "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
                         "RIPEMD",
-                        "MDC2", "RSA", "DSA", "DH", "EC", "ECDSA", "HMAC", "AES",
+                        "MDC2", "RSA", "DSA", "DH", "EC", "ECDH", "ECDSA", "HMAC", "AES",
                         # Envelope "algorithms"
                         "EVP", "X509", "ASN1_TYPEDEFS",
                         # Helper "algorithms"
@@ -107,7 +107,7 @@ my $no_rc2; my $no_rc4; my $no_rc5; my $no_idea; my $no_des; my $no_bf;
 my $no_cast;
 my $no_md2; my $no_md4; my $no_md5; my $no_sha; my $no_ripemd; my $no_mdc2;
 my $no_rsa; my $no_dsa; my $no_dh; my $no_hmac=0; my $no_aes; my $no_krb5;
-my $no_ec; my $no_ecdsa;
+my $no_ec; my $no_ecdsa; my $no_ecdh;
 my $no_fp_api;
 
 foreach (@ARGV, split(/ /, $options))
@@ -165,6 +165,7 @@ foreach (@ARGV, split(/ /, $options))
        elsif (/^no-dh$/)       { $no_dh=1; }
        elsif (/^no-ec$/)       { $no_ec=1; }
        elsif (/^no-ecdsa$/)    { $no_ecdsa=1; }
+       elsif (/^no-ecdh$/)     { $no_ecdh=1; }
        elsif (/^no-hmac$/)     { $no_hmac=1; }
        elsif (/^no-aes$/)      { $no_aes=1; }
        elsif (/^no-evp$/)      { $no_evp=1; }
@@ -235,6 +236,7 @@ $crypto.=" crypto/dsa/dsa.h" ; # unless $no_dsa;
 $crypto.=" crypto/dh/dh.h" ; # unless $no_dh;
 $crypto.=" crypto/ec/ec.h" ; # unless $no_ec;
 $crypto.=" crypto/ecdsa/ecdsa.h" ; # unless $no_ecdsa;
+$crypto.=" crypto/ecdh/ecdh.h" ; # unless $no_ecdh;
 $crypto.=" crypto/hmac/hmac.h" ; # unless $no_hmac;
 
 $crypto.=" crypto/engine/engine.h";
@@ -1044,6 +1046,7 @@ sub is_valid
                        if ($keyword eq "DH" && $no_dh) { return 0; }
                        if ($keyword eq "EC" && $no_ec) { return 0; }
                        if ($keyword eq "ECDSA" && $no_ecdsa) { return 0; }
+                       if ($keyword eq "ECDH" && $no_ecdh) { return 0; }
                        if ($keyword eq "HMAC" && $no_hmac) { return 0; }
                        if ($keyword eq "AES" && $no_aes) { return 0; }
                        if ($keyword eq "EVP" && $no_evp) { return 0; }