crypto/ec/ec_asn1.c

   1 /* crypto/ec/ec_asn1.c */
   2 /* ====================================================================
   3  * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  *
   9  * 1. Redistributions of source code must retain the above copyright
  10  *    notice, this list of conditions and the following disclaimer.
  11  *
  12  * 2. Redistributions in binary form must reproduce the above copyright
  13  *    notice, this list of conditions and the following disclaimer in
  14  *    the documentation and/or other materials provided with the
  15  *    distribution.
  16  *
  17  * 3. All advertising materials mentioning features or use of this
  18  *    software must display the following acknowledgment:
  19  *    "This product includes software developed by the OpenSSL Project
  20  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  21  *
  22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  23  *    endorse or promote products derived from this software without
  24  *    prior written permission. For written permission, please contact
  25  *    licensing@OpenSSL.org.
  26  *
  27  * 5. Products derived from this software may not be called "OpenSSL"
  28  *    nor may "OpenSSL" appear in their names without prior written
  29  *    permission of the OpenSSL Project.
  30  *
  31  * 6. Redistributions of any form whatsoever must retain the following
  32  *    acknowledgment:
  33  *    "This product includes software developed by the OpenSSL Project
  34  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  35  *
  36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  47  * OF THE POSSIBILITY OF SUCH DAMAGE.
  48  * ====================================================================
  49  *
  50  * This product includes cryptographic software written by Eric Young
  51  * (eay@cryptsoft.com).  This product includes software written by Tim
  52  * Hudson (tjh@cryptsoft.com).
  53  *
  54  */
  55
  56 #include <string.h>
  57 #include "ec_lcl.h"
  58 #include <openssl/err.h>
  59 #include <openssl/asn1t.h>
  60 #include <openssl/objects.h>
  61 #include <string.h>
  62
  63 /* some structures needed for the asn1 encoding */
  64 typedef struct x9_62_fieldid_st {
  65         ASN1_OBJECT *fieldType;
  66         ASN1_TYPE   *parameters;
  67         } X9_62_FIELDID;
  68
  69 typedef struct x9_62_characteristic_two_st {
  70         ASN1_INTEGER *m;
  71         ASN1_OBJECT  *basis;
  72         ASN1_TYPE    *parameters;
  73         } X9_62_CHARACTERISTIC_TWO;
  74
  75 typedef struct x9_62_pentanomial_st {
  76         ASN1_INTEGER k1;
  77         ASN1_INTEGER k2;
  78         ASN1_INTEGER k3;
  79         } X9_62_PENTANOMIAL;
  80
  81 typedef struct x9_62_curve_st {
  82         ASN1_OCTET_STRING *a;
  83         ASN1_OCTET_STRING *b;
  84         ASN1_BIT_STRING   *seed;
  85         } X9_62_CURVE;
  86
  87 typedef struct ec_parameters_st {
  88         ASN1_INTEGER      *version;
  89         X9_62_FIELDID     *fieldID;
  90         X9_62_CURVE       *curve;
  91         ASN1_OCTET_STRING *base;
  92         ASN1_INTEGER      *order;
  93         ASN1_INTEGER      *cofactor;
  94         } ECPARAMETERS;
  95
  96 struct ecpk_parameters_st {
  97         int     type;
  98         union {
  99                 ASN1_OBJECT  *named_curve;
 100                 ECPARAMETERS *parameters;
 101                 ASN1_NULL    *implicitlyCA;
 102         } value;
 103         }/* ECPKPARAMETERS */;
 104
 105 /* SEC1 ECPrivateKey */
 106 typedef struct ec_privatekey_st {
 107         int               version;
 108         ASN1_OCTET_STRING *privateKey;
 109         ECPKPARAMETERS    *parameters;
 110         ASN1_BIT_STRING   *publicKey;
 111         } EC_PRIVATEKEY;
 112
 113 /* the OpenSSL asn1 definitions */
 114
 115 ASN1_SEQUENCE(X9_62_FIELDID) = {
 116         ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
 117         ASN1_SIMPLE(X9_62_FIELDID, parameters, ASN1_ANY)
 118 } ASN1_SEQUENCE_END(X9_62_FIELDID)
 119
 120 DECLARE_ASN1_FUNCTIONS_const(X9_62_FIELDID)
 121 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_FIELDID, X9_62_FIELDID)
 122 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_FIELDID)
 123
 124 ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
 125         ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, ASN1_INTEGER),
 126         ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, basis, ASN1_OBJECT),
 127         ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, parameters, ASN1_ANY)
 128 } ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
 129
 130 DECLARE_ASN1_FUNCTIONS_const(X9_62_CHARACTERISTIC_TWO)
 131 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_CHARACTERISTIC_TWO, X9_62_CHARACTERISTIC_TWO)
 132 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_CHARACTERISTIC_TWO)
 133
 134 ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
 135         ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, ASN1_INTEGER),
 136         ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, ASN1_INTEGER),
 137         ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, ASN1_INTEGER)
 138 } ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
 139
 140 DECLARE_ASN1_FUNCTIONS_const(X9_62_PENTANOMIAL)
 141 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_PENTANOMIAL, X9_62_PENTANOMIAL)
 142 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_PENTANOMIAL)
 143
 144 ASN1_SEQUENCE(X9_62_CURVE) = {
 145         ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
 146         ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
 147         ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
 148 } ASN1_SEQUENCE_END(X9_62_CURVE)
 149
 150 DECLARE_ASN1_FUNCTIONS_const(X9_62_CURVE)
 151 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_CURVE, X9_62_CURVE)
 152 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_CURVE)
 153
 154 ASN1_SEQUENCE(ECPARAMETERS) = {
 155         ASN1_SIMPLE(ECPARAMETERS, version, ASN1_INTEGER),
 156         ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
 157         ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
 158         ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
 159         ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
 160         ASN1_SIMPLE(ECPARAMETERS, cofactor, ASN1_INTEGER)
 161 } ASN1_SEQUENCE_END(ECPARAMETERS)
 162
 163 DECLARE_ASN1_FUNCTIONS_const(ECPARAMETERS)
 164 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPARAMETERS, ECPARAMETERS)
 165 IMPLEMENT_ASN1_FUNCTIONS_const(ECPARAMETERS)
 166
 167 ASN1_CHOICE(ECPKPARAMETERS) = {
 168         ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
 169         ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
 170         ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
 171 } ASN1_CHOICE_END(ECPKPARAMETERS)
 172
 173 DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
 174 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
 175 IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
 176
 177 ASN1_SEQUENCE(EC_PRIVATEKEY) = {
 178         ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
 179         ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
 180         ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
 181         ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
 182 } ASN1_SEQUENCE_END(EC_PRIVATEKEY)
 183
 184 DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
 185 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
 186 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
 187
 188 /* some internal functions */
 189
 190 static X9_62_FIELDID *ec_asn1_group2field(const EC_GROUP *, X9_62_FIELDID *);
 191 static X9_62_CURVE *ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
 192 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
 193 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,
 194                                               ECPARAMETERS *);
 195 EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *);
 196 ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *, ECPKPARAMETERS *);
 197
 198 static X9_62_FIELDID *ec_asn1_group2field(const EC_GROUP *group,
 199                                           X9_62_FIELDID *field)
 200         {
 201         int           ok=0, nid;
 202         X9_62_FIELDID *ret=NULL;
 203         BIGNUM        *tmp=NULL;
 204
 205         if (field == NULL)
 206                 {
 207                 if ((ret = X9_62_FIELDID_new()) == NULL)
 208                         {
 209                         ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
 210                         return NULL;
 211                         }
 212                 }
 213         else
 214                 {
 215                 ret = field;
 216                 if (ret->fieldType != NULL)
 217                         ASN1_OBJECT_free(ret->fieldType);
 218                 if (ret->parameters != NULL)
 219                         ASN1_TYPE_free(ret->parameters);
 220                 }
 221
 222         nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
 223
 224         if ((ret->fieldType = OBJ_nid2obj(nid)) == NULL)
 225                 {
 226                 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
 227                 goto err;
 228                 }
 229
 230         if (nid == NID_X9_62_prime_field)
 231                 {
 232                 if ((tmp = BN_new()) == NULL)
 233                         {
 234                         ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
 235                         goto err;
 236                         }
 237                 if ((ret->parameters = ASN1_TYPE_new()) == NULL)
 238                         {
 239                         ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
 240                         goto err;
 241                         }
 242                 ret->parameters->type = V_ASN1_INTEGER;
 243                 if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL))
 244                         {
 245                         ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
 246                         goto err;
 247                         }
 248                 ret->parameters->value.integer = BN_to_ASN1_INTEGER(tmp, NULL);
 249                 if (ret->parameters->value.integer == NULL)
 250                         {
 251                         ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
 252                         goto err;
 253                         }
 254                 }
 255         else
 256                 goto err;
 257
 258         ok = 1;
 259
 260 err :   if (!ok)
 261         {
 262                 if (ret && !field)
 263                         X9_62_FIELDID_free(ret);
 264                 ret = NULL;
 265         }
 266         if (tmp)
 267                 BN_free(tmp);
 268         return(ret);
 269 }
 270
 271 static X9_62_CURVE *ec_asn1_group2curve(const EC_GROUP *group,
 272                                         X9_62_CURVE *curve)
 273         {
 274         int           ok=0, nid;
 275         X9_62_CURVE   *ret=NULL;
 276         BIGNUM        *tmp_1=NULL,
 277                       *tmp_2=NULL;
 278         unsigned char *buffer_1=NULL,
 279                       *buffer_2=NULL,
 280                       *a_buf=NULL,
 281                       *b_buf=NULL;
 282         size_t        len_1, len_2;
 283         unsigned char char_zero = 0;
 284
 285         if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL)
 286                 {
 287                 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
 288                 goto err;
 289                 }
 290
 291         if (curve == NULL)
 292                 {
 293                 if ((ret = X9_62_CURVE_new()) == NULL)
 294                         {
 295                         ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
 296                         goto err;
 297                         }
 298                 }
 299         else
 300                 {
 301                 ret = curve;
 302                 if (ret->a)
 303                         ASN1_OCTET_STRING_free(ret->a);
 304                 if (ret->b)
 305                         ASN1_OCTET_STRING_free(ret->b);
 306                 if (ret->seed)
 307                         ASN1_BIT_STRING_free(ret->seed);
 308                 }
 309
 310         nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
 311
 312         /* get a and b */
 313         if (nid == NID_X9_62_prime_field)
 314                 {
 315                 if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL))
 316                         {
 317                         ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
 318                         goto err;
 319                         }
 320
 321                 len_1 = (size_t)BN_num_bytes(tmp_1);
 322                 len_2 = (size_t)BN_num_bytes(tmp_2);
 323
 324                 if (len_1 == 0)
 325                         {
 326                         /* len_1 == 0 => a == 0 */
 327                         a_buf = &char_zero;
 328                         len_1 = 1;
 329                         }
 330                 else
 331                         {
 332                         if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL)
 333                                 {
 334                                 ECerr(EC_F_EC_ASN1_GROUP2CURVE,
 335                                       ERR_R_MALLOC_FAILURE);
 336                                 goto err;
 337                                 }
 338                         if ( (len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0)
 339                                 {
 340                                 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
 341                                 goto err;
 342                                 }
 343                         a_buf = buffer_1;
 344                         }
 345
 346                 if (len_2 == 0)
 347                         {
 348                         /* len_2 == 0 => b == 0 */
 349                         b_buf = &char_zero;
 350                         len_2 = 1;
 351                         }
 352                 else
 353                         {
 354                         if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL)
 355                                 {
 356                                 ECerr(EC_F_EC_ASN1_GROUP2CURVE,
 357                                       ERR_R_MALLOC_FAILURE);
 358                                 goto err;
 359                                 }
 360                         if ( (len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0)
 361                                 {
 362                                 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
 363                                 goto err;
 364                                 }
 365                         b_buf = buffer_2;
 366                         }
 367                 }
 368         else
 369                 goto err;
 370
 371         /* set a and b */
 372         if ((ret->a = M_ASN1_OCTET_STRING_new()) == NULL ||
 373             (ret->b = M_ASN1_OCTET_STRING_new()) == NULL )
 374                 {
 375                 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
 376                 goto err;
 377                 }
 378         if (!M_ASN1_OCTET_STRING_set(ret->a, a_buf, len_1) ||
 379             !M_ASN1_OCTET_STRING_set(ret->b, b_buf, len_2))
 380                 {
 381                 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
 382                 goto err;
 383                 }
 384
 385         /* set the seed (optional) */
 386         if (group->seed)
 387                 {
 388                 if ((ret->seed = ASN1_BIT_STRING_new()) == NULL) goto err;
 389                 if (!ASN1_BIT_STRING_set(ret->seed, group->seed,
 390                                          (int)group->seed_len))
 391                         {
 392                         ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
 393                         goto err;
 394                         }
 395                 }
 396         else
 397                 ret->seed = NULL;
 398
 399         ok = 1;
 400
 401 err :   if (!ok)
 402         {
 403                 if (ret && !curve)
 404                         X9_62_CURVE_free(ret);
 405                 ret = NULL;
 406         }
 407         if (buffer_1)
 408                 OPENSSL_free(buffer_1);
 409         if (buffer_2)
 410                 OPENSSL_free(buffer_2);
 411         if (tmp_1)
 412                 BN_free(tmp_1);
 413         if (tmp_2)
 414                 BN_free(tmp_2);
 415         return(ret);
 416 }
 417
 418 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
 419                                               ECPARAMETERS *param)
 420         {
 421         int     ok=0;
 422         size_t  len=0;
 423         ECPARAMETERS   *ret=NULL;
 424         BIGNUM         *tmp=NULL;
 425         unsigned char  *buffer=NULL;
 426         const EC_POINT *point=NULL;
 427         point_conversion_form_t form;
 428
 429         if ((tmp = BN_new()) == NULL)
 430                 {
 431                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
 432                 goto err;
 433                 }
 434
 435         if (param == NULL)
 436         {
 437                 if ((ret = ECPARAMETERS_new()) == NULL)
 438                         {
 439                         ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
 440                               ERR_R_MALLOC_FAILURE);
 441                         goto err;
 442                         }
 443         }
 444         else
 445                 ret = param;
 446
 447         /* set the version (always one) */
 448         if (ret->version == NULL && !(ret->version = ASN1_INTEGER_new()))
 449                 {
 450                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
 451                 goto err;
 452                 }
 453         if (!ASN1_INTEGER_set(ret->version, (long)0x1))
 454                 {
 455                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
 456                 goto err;
 457                 }
 458
 459         /* set the fieldID */
 460         ret->fieldID = ec_asn1_group2field(group, ret->fieldID);
 461         if (ret->fieldID == NULL)
 462                 {
 463                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
 464                 goto err;
 465                 }
 466
 467         /* set the curve */
 468         ret->curve = ec_asn1_group2curve(group, ret->curve);
 469         if (ret->curve == NULL)
 470                 {
 471                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
 472                 goto err;
 473                 }
 474
 475         /* set the base point */
 476         if ((point = EC_GROUP_get0_generator(group)) == NULL)
 477                 {
 478                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
 479                 goto err;
 480                 }
 481
 482         form = EC_GROUP_get_point_conversion_form(group);
 483
 484         len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
 485         if (len == 0)
 486                 {
 487                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
 488                 goto err;
 489                 }
 490         if ((buffer = OPENSSL_malloc(len)) == NULL)
 491                 {
 492                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
 493                 goto err;
 494                 }
 495         if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL))
 496                 {
 497                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
 498                 goto err;
 499                 }
 500         if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL)
 501                 {
 502                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
 503                 goto err;
 504                 }
 505         if (!ASN1_OCTET_STRING_set(ret->base, buffer, len))
 506                 {
 507                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
 508                 goto err;
 509                 }
 510
 511         /* set the order */
 512         if (!EC_GROUP_get_order(group, tmp, NULL))
 513                 {
 514                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
 515                 goto err;
 516                 }
 517         ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
 518         if (ret->order == NULL)
 519                 {
 520                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
 521                 goto err;
 522                 }
 523
 524         /* set the cofactor */
 525         if (!EC_GROUP_get_cofactor(group, tmp, NULL))
 526                 {
 527                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
 528                 goto err;
 529                 }
 530         ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
 531         if (ret->cofactor == NULL)
 532                 {
 533                 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
 534                 goto err;
 535                 }
 536
 537         ok = 1;
 538
 539 err :   if(!ok)
 540                 {
 541                 if (ret && !param)
 542                         ECPARAMETERS_free(ret);
 543                 ret = NULL;
 544                 }
 545         if (tmp)
 546                 BN_free(tmp);
 547         if (buffer)
 548                 OPENSSL_free(buffer);
 549         return(ret);
 550         }
 551
 552 ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *group,
 553                                            ECPKPARAMETERS *params)
 554         {
 555         int            ok = 1, tmp;
 556         ECPKPARAMETERS *ret = params;
 557
 558         if (ret == NULL)
 559                 {
 560                 if ((ret = ECPKPARAMETERS_new()) == NULL)
 561                         {
 562                         ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS,
 563                               ERR_R_MALLOC_FAILURE);
 564                         return NULL;
 565                         }
 566                 }
 567         else
 568                 {
 569                 if (ret->type == 0 && ret->value.named_curve)
 570                         ASN1_OBJECT_free(ret->value.named_curve);
 571                 else if (ret->type == 1 && ret->value.parameters)
 572                         ECPARAMETERS_free(ret->value.parameters);
 573                 }
 574
 575         if (EC_GROUP_get_asn1_flag(group))
 576                 {
 577                 /* use the asn1 OID to describe the
 578                  * the elliptic curve parameters
 579                  */
 580                 tmp = EC_GROUP_get_nid(group);
 581                 if (tmp)
 582                         {
 583                         ret->type = 0;
 584                         if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
 585                                 ok = 0;
 586                         }
 587                 else
 588                         {
 589                         /* we have no nid => use the normal
 590                          * ECPARAMETERS structure
 591                          */
 592                         ret->type = 1;
 593                         if ((ret->value.parameters = ec_asn1_group2parameters(
 594                              group, NULL)) == NULL)
 595                                 ok = 0;
 596                         }
 597                 }
 598         else
 599                 {
 600                 /* use the ECPARAMETERS structure */
 601                 ret->type = 1;
 602                 if ((ret->value.parameters = ec_asn1_group2parameters(
 603                      group, NULL)) == NULL)
 604                         ok = 0;
 605                 }
 606
 607         if (!ok)
 608                 {
 609                 ECPKPARAMETERS_free(ret);
 610                 return NULL;
 611                 }
 612         return ret;
 613         }
 614
 615 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 616         {
 617         int       ok=0, tmp;
 618         EC_GROUP  *ret=NULL;
 619         BIGNUM    *p=NULL, *a=NULL, *b=NULL;
 620         EC_POINT  *point=NULL;
 621
 622         if (!params->fieldID || !params->fieldID->fieldType ||
 623             !params->fieldID->parameters)
 624                 {
 625                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
 626                 goto err;
 627                 }
 628
 629         tmp = OBJ_obj2nid(params->fieldID->fieldType);
 630
 631         if (tmp == NID_X9_62_characteristic_two_field)
 632                 {
 633                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
 634                 goto err;
 635                 }
 636         else if (tmp == NID_X9_62_prime_field)
 637                 {
 638                 /* we have a curve over a prime field */
 639                 /* extract the prime number */
 640                 if (params->fieldID->parameters->type != V_ASN1_INTEGER ||
 641                     !params->fieldID->parameters->value.integer)
 642                         {
 643                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
 644                         goto err;
 645                         }
 646                 p = ASN1_INTEGER_to_BN(params->fieldID->parameters->value.integer, NULL);
 647                 if (p == NULL)
 648                         {
 649                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
 650                         goto err;
 651                         }
 652                 /* now extract the curve parameters a and b */
 653                 if (!params->curve || !params->curve->a ||
 654                     !params->curve->a->data || !params->curve->b ||
 655                     !params->curve->b->data)
 656                         {
 657                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
 658                         goto err;
 659                         }
 660                 a = BN_bin2bn(params->curve->a->data,
 661                               params->curve->a->length, NULL);
 662                 if (a == NULL)
 663                         {
 664                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
 665                         goto err;
 666                         }
 667                 b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
 668                 if (b == NULL)
 669                         {
 670                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
 671                         goto err;
 672                         }
 673                 /* create the EC_GROUP structure */
 674 /* TODO */
 675                 ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
 676                 if (ret == NULL)
 677                         {
 678                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
 679                         goto err;
 680                         }
 681                 /* create the generator */
 682                 if ((point = EC_POINT_new(ret)) == NULL) goto err;
 683                 }
 684         else
 685                 {
 686                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_UNKNOWN_FIELD);
 687                 goto err;
 688                 }
 689
 690         if (params->curve->seed != NULL)
 691                 {
 692                 if (ret->seed != NULL)
 693                         OPENSSL_free(ret->seed);
 694                 if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length)))
 695                         {
 696                         ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
 697                               ERR_R_MALLOC_FAILURE);
 698                         goto err;
 699                         }
 700                 memcpy(ret->seed, params->curve->seed->data,
 701                        params->curve->seed->length);
 702                 ret->seed_len = params->curve->seed->length;
 703                 }
 704
 705         if (!params->order || !params->cofactor || !params->base ||
 706             !params->base->data)
 707                 {
 708                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
 709                 goto err;
 710                 }
 711
 712
 713         a = ASN1_INTEGER_to_BN(params->order, a);
 714         b = ASN1_INTEGER_to_BN(params->cofactor, b);
 715         if (!a || !b)
 716                 {
 717                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
 718                 goto err;
 719                 }
 720
 721         if (!EC_POINT_oct2point(ret, point, params->base->data,
 722                                 params->base->length, NULL))
 723                 {
 724                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
 725                 goto err;
 726                 }
 727
 728         /* set the point conversion form */
 729         EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
 730                                 (params->base->data[0] & ~0x01));
 731
 732         if (!EC_GROUP_set_generator(ret, point, a, b))
 733                 {
 734                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
 735                 goto err;
 736                 }
 737
 738         ok = 1;
 739
 740 err:    if (!ok)
 741                 {
 742                 if (ret)
 743                         EC_GROUP_clear_free(ret);
 744                 ret = NULL;
 745                 }
 746
 747         if (p)
 748                 BN_free(p);
 749         if (a)
 750                 BN_free(a);
 751         if (b)
 752                 BN_free(b);
 753         if (point)
 754                 EC_POINT_free(point);
 755         return(ret);
 756 }
 757
 758 EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *params)
 759         {
 760         EC_GROUP *ret=NULL;
 761         int      tmp=0;
 762
 763         if (params == NULL)
 764                 {
 765                 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
 766                       EC_R_MISSING_PARAMETERS);
 767                 return NULL;
 768                 }
 769
 770         if (params->type == 0)
 771                 { /* the curve is given by an OID */
 772                 tmp = OBJ_obj2nid(params->value.named_curve);
 773                 if ((ret = EC_GROUP_new_by_name(tmp)) == NULL)
 774                         {
 775                         ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
 776                               EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
 777                         return NULL;
 778                         }
 779                 EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
 780                 }
 781         else if (params->type == 1)
 782                 { /* the parameters are given by a ECPARAMETERS
 783                    * structure */
 784                 ret = ec_asn1_parameters2group(params->value.parameters);
 785                 if (!ret)
 786                         {
 787                         ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
 788                         return NULL;
 789                         }
 790                 EC_GROUP_set_asn1_flag(ret, 0x0);
 791                 }
 792         else if (params->type == 2)
 793                 { /* implicitlyCA */
 794                 return NULL;
 795                 }
 796         else
 797         {
 798                 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
 799                 return NULL;
 800         }
 801
 802         return ret;
 803 }
 804
 805 /* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
 806
 807 EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
 808         {
 809         EC_GROUP        *group  = NULL;
 810         ECPKPARAMETERS  *params = NULL;
 811
 812         if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL)
 813                 {
 814                 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
 815                 ECPKPARAMETERS_free(params);
 816                 return NULL;
 817                 }
 818
 819         if ((group = EC_ASN1_pkparameters2group(params)) == NULL)
 820                 {
 821                 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
 822                 return NULL;
 823                 }
 824
 825
 826         if (a && *a)
 827                 EC_GROUP_clear_free(*a);
 828         if (a)
 829                 *a = group;
 830
 831         ECPKPARAMETERS_free(params);
 832         return(group);
 833         }
 834
 835 int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
 836         {
 837         int             ret=0;
 838         ECPKPARAMETERS  *tmp = EC_ASN1_group2pkparameters(a, NULL);
 839         if (tmp == NULL)
 840                 {
 841                 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
 842                 return 0;
 843                 }
 844         if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0)
 845                 {
 846                 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
 847                 ECPKPARAMETERS_free(tmp);
 848                 return 0;
 849                 }
 850         ECPKPARAMETERS_free(tmp);
 851         return(ret);
 852         }
 853
 854 /* some EC_KEY functions */
 855
 856 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
 857         {
 858         int             ok=0;
 859         EC_KEY          *ret=NULL;
 860         EC_PRIVATEKEY   *priv_key=NULL;
 861
 862         if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
 863                 {
 864                 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
 865                 return NULL;
 866                 }
 867
 868         if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL)
 869                 {
 870                 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
 871                 EC_PRIVATEKEY_free(priv_key);
 872                 return NULL;
 873                 }
 874
 875         if (a == NULL || *a == NULL)
 876                 {
 877                 if ((ret = EC_KEY_new()) == NULL)
 878                         {
 879                         ECerr(EC_F_D2I_ECPRIVATEKEY,
 880                                  ERR_R_MALLOC_FAILURE);
 881                         goto err;
 882                         }
 883                 if (a)
 884                         *a = ret;
 885                 }
 886         else
 887                 ret = *a;
 888
 889         if (priv_key->parameters)
 890                 {
 891                 if (ret->group)
 892                         EC_GROUP_clear_free(ret->group);
 893                 ret->group = EC_ASN1_pkparameters2group(priv_key->parameters);
 894                 }
 895
 896         if (ret->group == NULL)
 897                 {
 898                 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
 899                 goto err;
 900                 }
 901
 902         ret->version = priv_key->version;
 903
 904         if (priv_key->privateKey)
 905                 {
 906                 ret->priv_key = BN_bin2bn(
 907                         M_ASN1_STRING_data(priv_key->privateKey),
 908                         M_ASN1_STRING_length(priv_key->privateKey),
 909                         ret->priv_key);
 910                 if (ret->priv_key == NULL)
 911                         {
 912                         ECerr(EC_F_D2I_ECPRIVATEKEY,
 913                               ERR_R_BN_LIB);
 914                         goto err;
 915                         }
 916                 }
 917         else
 918                 {
 919                 ECerr(EC_F_D2I_ECPRIVATEKEY,
 920                       EC_R_MISSING_PRIVATE_KEY);
 921                 goto err;
 922                 }
 923
 924         if (priv_key->publicKey)
 925                 {
 926                 if (ret->pub_key)
 927                         EC_POINT_clear_free(ret->pub_key);
 928                 ret->pub_key = EC_POINT_new(ret->group);
 929                 if (ret->pub_key == NULL)
 930                         {
 931                         ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
 932                         goto err;
 933                         }
 934                 if (!EC_POINT_oct2point(ret->group, ret->pub_key,
 935                         M_ASN1_STRING_data(priv_key->publicKey),
 936                         M_ASN1_STRING_length(priv_key->publicKey), NULL))
 937                         {
 938                         ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
 939                         goto err;
 940                         }
 941                 }
 942
 943         ok = 1;
 944 err:
 945         if (!ok)
 946                 {
 947                 if (ret)
 948                         EC_KEY_free(ret);
 949                 ret = NULL;
 950                 }
 951
 952         if (priv_key)
 953                 EC_PRIVATEKEY_free(priv_key);
 954
 955         return(ret);
 956         }
 957
 958 int     i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
 959         {
 960         int             ret=0, ok=0;
 961         unsigned char   *buffer=NULL;
 962         size_t          buf_len=0, tmp_len;
 963         EC_PRIVATEKEY   *priv_key=NULL;
 964
 965         if (a == NULL || a->group == NULL || a->priv_key == NULL)
 966                 {
 967                 ECerr(EC_F_I2D_ECPRIVATEKEY,
 968                       ERR_R_PASSED_NULL_PARAMETER);
 969                 goto err;
 970                 }
 971
 972         if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
 973                 {
 974                 ECerr(EC_F_I2D_ECPRIVATEKEY,
 975                       ERR_R_MALLOC_FAILURE);
 976                 goto err;
 977                 }
 978
 979         priv_key->version = a->version;
 980
 981         buf_len = (size_t)BN_num_bytes(a->priv_key);
 982         buffer = OPENSSL_malloc(buf_len);
 983         if (buffer == NULL)
 984                 {
 985                 ECerr(EC_F_I2D_ECPRIVATEKEY,
 986                       ERR_R_MALLOC_FAILURE);
 987                 goto err;
 988                 }
 989
 990         if (!BN_bn2bin(a->priv_key, buffer))
 991                 {
 992                 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
 993                 goto err;
 994                 }
 995
 996         if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len))
 997                 {
 998                 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
 999                 goto err;
1000                 }
1001
1002         if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS))
1003                 {
1004                 if ((priv_key->parameters = EC_ASN1_group2pkparameters(
1005                         a->group, priv_key->parameters)) == NULL)
1006                         {
1007                         ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1008                         goto err;
1009                         }
1010                 }
1011
1012         if (!(a->enc_flag & EC_PKEY_NO_PUBKEY))
1013                 {
1014                 priv_key->publicKey = M_ASN1_BIT_STRING_new();
1015                 if (priv_key->publicKey == NULL)
1016                         {
1017                         ECerr(EC_F_I2D_ECPRIVATEKEY,
1018                                 ERR_R_MALLOC_FAILURE);
1019                         goto err;
1020                         }
1021
1022                 tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
1023                                 a->conv_form, NULL, 0, NULL);
1024
1025                 if (tmp_len > buf_len)
1026                         buffer = OPENSSL_realloc(buffer, tmp_len);
1027                 if (buffer == NULL)
1028                         {
1029                         ECerr(EC_F_I2D_ECPRIVATEKEY,
1030                                 ERR_R_MALLOC_FAILURE);
1031                         goto err;
1032                         }
1033
1034                 buf_len = tmp_len;
1035
1036                 if (!EC_POINT_point2oct(a->group, a->pub_key,
1037                         a->conv_form, buffer, buf_len, NULL))
1038                         {
1039                         ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1040                         goto err;
1041                         }
1042
1043                 if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
1044                                 buf_len))
1045                         {
1046                         ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1047                         goto err;
1048                         }
1049                 }
1050
1051         if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0)
1052                 {
1053                 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1054                 goto err;
1055                 }
1056         ok=1;
1057 err:
1058         if (buffer)
1059                 OPENSSL_free(buffer);
1060         if (priv_key)
1061                 EC_PRIVATEKEY_free(priv_key);
1062         return(ok?ret:0);
1063         }
1064
1065 int i2d_ECParameters(EC_KEY *a, unsigned char **out)
1066         {
1067         if (a == NULL)
1068                 {
1069                 ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1070                 return 0;
1071                 }
1072         return i2d_ECPKParameters(a->group, out);
1073         }
1074
1075 EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
1076         {
1077         EC_GROUP *group;
1078         EC_KEY   *ret;
1079
1080         if (in == NULL || *in == NULL)
1081                 {
1082                 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1083                 return NULL;
1084                 }
1085
1086         group = d2i_ECPKParameters(NULL, in, len);
1087
1088         if (group == NULL)
1089                 {
1090                 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
1091                 return NULL;
1092                 }
1093
1094         if (a == NULL || *a == NULL)
1095                 {
1096                 if ((ret = EC_KEY_new()) == NULL)
1097                         {
1098                         ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
1099                         return NULL;
1100                         }
1101                 if (a)
1102                         *a = ret;
1103                 }
1104         else
1105                 ret = *a;
1106
1107         if (ret->group)
1108                 EC_GROUP_clear_free(ret->group);
1109
1110         ret->group = group;
1111
1112         return ret;
1113         }
1114
1115 EC_KEY *ECPublicKey_set_octet_string(EC_KEY **a, const unsigned char **in,
1116                                         long len)
1117         {
1118         EC_KEY *ret=NULL;
1119
1120         if (a == NULL || (*a) == NULL || (*a)->group == NULL)
1121                 {
1122                 /* sorry, but a EC_GROUP-structur is necessary
1123                  * to set the public key */
1124                 ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_PASSED_NULL_PARAMETER);
1125                 return 0;
1126                 }
1127         ret = *a;
1128         if (ret->pub_key == NULL &&
1129                 (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
1130                 {
1131                 ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_MALLOC_FAILURE);
1132                 return 0;
1133                 }
1134         if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
1135                 {
1136                 ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_EC_LIB);
1137                 return 0;
1138                 }
1139         /* save the point conversion form */
1140         ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01);
1141         return ret;
1142         }
1143
1144 int ECPublicKey_get_octet_string(EC_KEY *a, unsigned char **out)
1145         {
1146         size_t  buf_len=0;
1147
1148         if (a == NULL)
1149                 {
1150                 ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_PASSED_NULL_PARAMETER);
1151                 return 0;
1152                 }
1153
1154         buf_len = EC_POINT_point2oct(a->group, a->pub_key,
1155                               a->conv_form, NULL, 0, NULL);
1156
1157         if (out == NULL || buf_len == 0)
1158         /* out == NULL => just return the length of the octet string */
1159                 return buf_len;
1160
1161         if (*out == NULL)
1162                 if ((*out = OPENSSL_malloc(buf_len)) == NULL)
1163                         {
1164                         ECerr(EC_F_ECPUBLICKEY_GET_OCTET,
1165                                 ERR_R_MALLOC_FAILURE);
1166                         return 0;
1167                         }
1168         if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
1169                                 *out, buf_len, NULL))
1170                 {
1171                 ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_EC_LIB);
1172                 OPENSSL_free(*out);
1173                 *out = NULL;
1174                 return 0;
1175                 }
1176         return buf_len;
1177         }