1 /* crypto/ec/ec_asn1.c */
2 /* ====================================================================
3 * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
31 * 6. Redistributions of any form whatsoever must retain the following
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
57 #include <openssl/err.h>
58 #include <openssl/asn1t.h>
59 #include <openssl/objects.h>
62 /* some structures needed for the asn1 encoding */
63 typedef struct x9_62_fieldid_st {
64 ASN1_OBJECT *fieldType;
65 ASN1_TYPE *parameters;
68 typedef struct x9_62_characteristic_two_st {
71 ASN1_TYPE *parameters;
72 } X9_62_CHARACTERISTIC_TWO;
74 typedef struct x9_62_pentanomial_st {
80 typedef struct x9_62_curve_st {
83 ASN1_BIT_STRING *seed;
86 typedef struct ec_parameters_st {
87 ASN1_INTEGER *version;
88 X9_62_FIELDID *fieldID;
90 ASN1_OCTET_STRING *base;
92 ASN1_INTEGER *cofactor;
95 struct ecpk_parameters_st {
98 ASN1_OBJECT *named_curve;
99 ECPARAMETERS *parameters;
100 ASN1_NULL *implicitlyCA;
102 }/* ECPKPARAMETERS */;
104 /* SEC1 ECPrivateKey */
105 typedef struct ec_privatekey_st {
107 ASN1_OCTET_STRING *privateKey;
108 ECPKPARAMETERS *parameters;
109 ASN1_BIT_STRING *publicKey;
112 /* the OpenSSL asn1 definitions */
114 ASN1_SEQUENCE(X9_62_FIELDID) = {
115 ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
116 ASN1_SIMPLE(X9_62_FIELDID, parameters, ASN1_ANY)
117 } ASN1_SEQUENCE_END(X9_62_FIELDID)
119 DECLARE_ASN1_FUNCTIONS_const(X9_62_FIELDID)
120 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_FIELDID, X9_62_FIELDID)
121 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_FIELDID)
123 ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = {
124 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, ASN1_INTEGER),
125 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, basis, ASN1_OBJECT),
126 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, parameters, ASN1_ANY)
127 } ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO)
129 DECLARE_ASN1_FUNCTIONS_const(X9_62_CHARACTERISTIC_TWO)
130 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_CHARACTERISTIC_TWO, X9_62_CHARACTERISTIC_TWO)
131 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_CHARACTERISTIC_TWO)
133 ASN1_SEQUENCE(X9_62_PENTANOMIAL) = {
134 ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, ASN1_INTEGER),
135 ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, ASN1_INTEGER),
136 ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, ASN1_INTEGER)
137 } ASN1_SEQUENCE_END(X9_62_PENTANOMIAL)
139 DECLARE_ASN1_FUNCTIONS_const(X9_62_PENTANOMIAL)
140 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_PENTANOMIAL, X9_62_PENTANOMIAL)
141 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_PENTANOMIAL)
143 ASN1_SEQUENCE(X9_62_CURVE) = {
144 ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
145 ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
146 ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
147 } ASN1_SEQUENCE_END(X9_62_CURVE)
149 DECLARE_ASN1_FUNCTIONS_const(X9_62_CURVE)
150 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_CURVE, X9_62_CURVE)
151 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_CURVE)
153 ASN1_SEQUENCE(ECPARAMETERS) = {
154 ASN1_SIMPLE(ECPARAMETERS, version, ASN1_INTEGER),
155 ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
156 ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
157 ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
158 ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
159 ASN1_SIMPLE(ECPARAMETERS, cofactor, ASN1_INTEGER)
160 } ASN1_SEQUENCE_END(ECPARAMETERS)
162 DECLARE_ASN1_FUNCTIONS_const(ECPARAMETERS)
163 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPARAMETERS, ECPARAMETERS)
164 IMPLEMENT_ASN1_FUNCTIONS_const(ECPARAMETERS)
166 ASN1_CHOICE(ECPKPARAMETERS) = {
167 ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
168 ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
169 ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL)
170 } ASN1_CHOICE_END(ECPKPARAMETERS)
172 DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
173 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS)
174 IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS)
176 ASN1_SEQUENCE(EC_PRIVATEKEY) = {
177 ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
178 ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
179 ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
180 ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1)
181 } ASN1_SEQUENCE_END(EC_PRIVATEKEY)
183 DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
184 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY)
185 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY)
187 /* some internal functions */
189 static X9_62_FIELDID *ec_asn1_group2field(const EC_GROUP *, X9_62_FIELDID *);
190 static X9_62_CURVE *ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *);
191 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *);
192 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,
194 EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *);
195 ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *, ECPKPARAMETERS *);
197 static X9_62_FIELDID *ec_asn1_group2field(const EC_GROUP *group,
198 X9_62_FIELDID *field)
201 X9_62_FIELDID *ret=NULL;
206 if ((ret = X9_62_FIELDID_new()) == NULL)
208 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
215 if (ret->fieldType != NULL)
216 ASN1_OBJECT_free(ret->fieldType);
217 if (ret->parameters != NULL)
218 ASN1_TYPE_free(ret->parameters);
221 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
223 if ((ret->fieldType = OBJ_nid2obj(nid)) == NULL)
225 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB);
229 if (nid == NID_X9_62_prime_field)
231 if ((tmp = BN_new()) == NULL)
233 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
236 if ((ret->parameters = ASN1_TYPE_new()) == NULL)
238 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE);
241 ret->parameters->type = V_ASN1_INTEGER;
242 if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL))
244 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB);
247 ret->parameters->value.integer = BN_to_ASN1_INTEGER(tmp, NULL);
248 if (ret->parameters->value.integer == NULL)
250 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB);
262 X9_62_FIELDID_free(ret);
270 static X9_62_CURVE *ec_asn1_group2curve(const EC_GROUP *group,
274 X9_62_CURVE *ret=NULL;
277 unsigned char *buffer_1=NULL,
282 unsigned char char_zero = 0;
284 if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL)
286 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
292 if ((ret = X9_62_CURVE_new()) == NULL)
294 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
302 ASN1_OCTET_STRING_free(ret->a);
304 ASN1_OCTET_STRING_free(ret->b);
306 ASN1_BIT_STRING_free(ret->seed);
309 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group));
312 if (nid == NID_X9_62_prime_field)
314 if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL))
316 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB);
320 len_1 = (size_t)BN_num_bytes(tmp_1);
321 len_2 = (size_t)BN_num_bytes(tmp_2);
325 /* len_1 == 0 => a == 0 */
331 if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL)
333 ECerr(EC_F_EC_ASN1_GROUP2CURVE,
334 ERR_R_MALLOC_FAILURE);
337 if ( (len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0)
339 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
347 /* len_2 == 0 => b == 0 */
353 if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL)
355 ECerr(EC_F_EC_ASN1_GROUP2CURVE,
356 ERR_R_MALLOC_FAILURE);
359 if ( (len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0)
361 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB);
371 if ((ret->a = M_ASN1_OCTET_STRING_new()) == NULL ||
372 (ret->b = M_ASN1_OCTET_STRING_new()) == NULL )
374 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
377 if (!M_ASN1_OCTET_STRING_set(ret->a, a_buf, len_1) ||
378 !M_ASN1_OCTET_STRING_set(ret->b, b_buf, len_2))
380 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
384 /* set the seed (optional) */
387 if ((ret->seed = ASN1_BIT_STRING_new()) == NULL) goto err;
388 if (!ASN1_BIT_STRING_set(ret->seed, group->seed,
389 (int)group->seed_len))
391 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB);
403 X9_62_CURVE_free(ret);
407 OPENSSL_free(buffer_1);
409 OPENSSL_free(buffer_2);
417 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
422 ECPARAMETERS *ret=NULL;
424 unsigned char *buffer=NULL;
425 const EC_POINT *point=NULL;
426 point_conversion_form_t form;
428 if ((tmp = BN_new()) == NULL)
430 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
436 if ((ret = ECPARAMETERS_new()) == NULL)
438 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
439 ERR_R_MALLOC_FAILURE);
446 /* set the version (always one) */
447 if (ret->version == NULL && !(ret->version = ASN1_INTEGER_new()))
449 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
452 if (!ASN1_INTEGER_set(ret->version, (long)0x1))
454 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
458 /* set the fieldID */
459 ret->fieldID = ec_asn1_group2field(group, ret->fieldID);
460 if (ret->fieldID == NULL)
462 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
467 ret->curve = ec_asn1_group2curve(group, ret->curve);
468 if (ret->curve == NULL)
470 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
474 /* set the base point */
475 if ((point = EC_GROUP_get0_generator(group)) == NULL)
477 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR);
481 form = EC_GROUP_get_point_conversion_form(group);
483 len = EC_POINT_point2oct(group, point, form, NULL, len, NULL);
486 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
489 if ((buffer = OPENSSL_malloc(len)) == NULL)
491 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
494 if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL))
496 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
499 if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL)
501 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
504 if (!ASN1_OCTET_STRING_set(ret->base, buffer, len))
506 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
511 if (!EC_GROUP_get_order(group, tmp, NULL))
513 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
516 ret->order = BN_to_ASN1_INTEGER(tmp, ret->order);
517 if (ret->order == NULL)
519 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
523 /* set the cofactor */
524 if (!EC_GROUP_get_cofactor(group, tmp, NULL))
526 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
529 ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
530 if (ret->cofactor == NULL)
532 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
541 ECPARAMETERS_free(ret);
547 OPENSSL_free(buffer);
551 ECPKPARAMETERS *EC_ASN1_group2pkparameters(const EC_GROUP *group,
552 ECPKPARAMETERS *params)
555 ECPKPARAMETERS *ret = params;
559 if ((ret = ECPKPARAMETERS_new()) == NULL)
561 ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS,
562 ERR_R_MALLOC_FAILURE);
568 if (ret->type == 0 && ret->value.named_curve)
569 ASN1_OBJECT_free(ret->value.named_curve);
570 else if (ret->type == 1 && ret->value.parameters)
571 ECPARAMETERS_free(ret->value.parameters);
574 if (EC_GROUP_get_asn1_flag(group))
576 /* use the asn1 OID to describe the
577 * the elliptic curve parameters
579 tmp = EC_GROUP_get_nid(group);
583 if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
588 /* we have no nid => use the normal
589 * ECPARAMETERS structure
592 if ((ret->value.parameters = ec_asn1_group2parameters(
593 group, NULL)) == NULL)
599 /* use the ECPARAMETERS structure */
601 if ((ret->value.parameters = ec_asn1_group2parameters(
602 group, NULL)) == NULL)
608 ECPKPARAMETERS_free(ret);
614 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
618 BIGNUM *p=NULL, *a=NULL, *b=NULL;
619 EC_POINT *point=NULL;
621 if (!params->fieldID || !params->fieldID->fieldType ||
622 !params->fieldID->parameters)
624 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
628 tmp = OBJ_obj2nid(params->fieldID->fieldType);
630 if (tmp == NID_X9_62_characteristic_two_field)
632 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED);
635 else if (tmp == NID_X9_62_prime_field)
637 /* we have a curve over a prime field */
638 /* extract the prime number */
639 if (params->fieldID->parameters->type != V_ASN1_INTEGER ||
640 !params->fieldID->parameters->value.integer)
642 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
645 p = ASN1_INTEGER_to_BN(params->fieldID->parameters->value.integer, NULL);
648 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
651 /* now extract the curve parameters a and b */
652 if (!params->curve || !params->curve->a ||
653 !params->curve->a->data || !params->curve->b ||
654 !params->curve->b->data)
656 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
659 a = BN_bin2bn(params->curve->a->data,
660 params->curve->a->length, NULL);
663 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
666 b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL);
669 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB);
672 /* create the EC_GROUP structure */
674 ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
677 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
680 /* create the generator */
681 if ((point = EC_POINT_new(ret)) == NULL) goto err;
685 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_UNKNOWN_FIELD);
689 if (params->curve->seed != NULL)
691 if (ret->seed != NULL)
692 OPENSSL_free(ret->seed);
693 if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length)))
695 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP,
696 ERR_R_MALLOC_FAILURE);
699 memcpy(ret->seed, params->curve->seed->data,
700 params->curve->seed->length);
701 ret->seed_len = params->curve->seed->length;
704 if (!params->order || !params->cofactor || !params->base ||
707 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
712 a = ASN1_INTEGER_to_BN(params->order, a);
713 b = ASN1_INTEGER_to_BN(params->cofactor, b);
716 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
720 if (!EC_POINT_oct2point(ret, point, params->base->data,
721 params->base->length, NULL))
723 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
727 /* set the point conversion form */
728 EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t)
729 (params->base->data[0] & ~0x01));
731 if (!EC_GROUP_set_generator(ret, point, a, b))
733 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
742 EC_GROUP_clear_free(ret);
753 EC_POINT_free(point);
757 EC_GROUP *EC_ASN1_pkparameters2group(const ECPKPARAMETERS *params)
764 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
765 EC_R_MISSING_PARAMETERS);
769 if (params->type == 0)
770 { /* the curve is given by an OID */
771 tmp = OBJ_obj2nid(params->value.named_curve);
772 if ((ret = EC_GROUP_new_by_name(tmp)) == NULL)
774 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
775 EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
778 EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE);
780 else if (params->type == 1)
781 { /* the parameters are given by a ECPARAMETERS
783 ret = ec_asn1_parameters2group(params->value.parameters);
786 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB);
789 EC_GROUP_set_asn1_flag(ret, 0x0);
791 else if (params->type == 2)
797 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
804 /* EC_GROUP <-> DER encoding of ECPKPARAMETERS */
806 EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
808 EC_GROUP *group = NULL;
809 ECPKPARAMETERS *params = NULL;
811 if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL)
813 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE);
814 ECPKPARAMETERS_free(params);
818 if ((group = EC_ASN1_pkparameters2group(params)) == NULL)
820 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
826 EC_GROUP_clear_free(*a);
830 ECPKPARAMETERS_free(params);
834 int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out)
837 ECPKPARAMETERS *tmp = EC_ASN1_group2pkparameters(a, NULL);
840 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE);
843 if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0)
845 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE);
846 ECPKPARAMETERS_free(tmp);
849 ECPKPARAMETERS_free(tmp);
853 /* some EC_KEY functions */
855 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
859 EC_PRIVATEKEY *priv_key=NULL;
861 if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
863 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
867 if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL)
869 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
870 EC_PRIVATEKEY_free(priv_key);
874 if (a == NULL || *a == NULL)
876 if ((ret = EC_KEY_new()) == NULL)
878 ECerr(EC_F_D2I_ECPRIVATEKEY,
879 ERR_R_MALLOC_FAILURE);
888 if (priv_key->parameters)
891 EC_GROUP_clear_free(ret->group);
892 ret->group = EC_ASN1_pkparameters2group(priv_key->parameters);
895 if (ret->group == NULL)
897 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
901 ret->version = priv_key->version;
903 if (priv_key->privateKey)
905 ret->priv_key = BN_bin2bn(
906 M_ASN1_STRING_data(priv_key->privateKey),
907 M_ASN1_STRING_length(priv_key->privateKey),
909 if (ret->priv_key == NULL)
911 ECerr(EC_F_D2I_ECPRIVATEKEY,
918 ECerr(EC_F_D2I_ECPRIVATEKEY,
919 EC_R_MISSING_PRIVATE_KEY);
923 if (priv_key->publicKey)
926 EC_POINT_clear_free(ret->pub_key);
927 ret->pub_key = EC_POINT_new(ret->group);
928 if (ret->pub_key == NULL)
930 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
933 if (!EC_POINT_oct2point(ret->group, ret->pub_key,
934 M_ASN1_STRING_data(priv_key->publicKey),
935 M_ASN1_STRING_length(priv_key->publicKey), NULL))
937 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
952 EC_PRIVATEKEY_free(priv_key);
957 int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
960 unsigned char *buffer=NULL;
961 size_t buf_len=0, tmp_len;
962 EC_PRIVATEKEY *priv_key=NULL;
964 if (a == NULL || a->group == NULL || a->priv_key == NULL)
966 ECerr(EC_F_I2D_ECPRIVATEKEY,
967 ERR_R_PASSED_NULL_PARAMETER);
971 if ((priv_key = EC_PRIVATEKEY_new()) == NULL)
973 ECerr(EC_F_I2D_ECPRIVATEKEY,
974 ERR_R_MALLOC_FAILURE);
978 priv_key->version = a->version;
980 buf_len = (size_t)BN_num_bytes(a->priv_key);
981 buffer = OPENSSL_malloc(buf_len);
984 ECerr(EC_F_I2D_ECPRIVATEKEY,
985 ERR_R_MALLOC_FAILURE);
989 if (!BN_bn2bin(a->priv_key, buffer))
991 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB);
995 if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len))
997 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1001 if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS))
1003 if ((priv_key->parameters = EC_ASN1_group2pkparameters(
1004 a->group, priv_key->parameters)) == NULL)
1006 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1011 if (!(a->enc_flag & EC_PKEY_NO_PUBKEY))
1013 priv_key->publicKey = M_ASN1_BIT_STRING_new();
1014 if (priv_key->publicKey == NULL)
1016 ECerr(EC_F_I2D_ECPRIVATEKEY,
1017 ERR_R_MALLOC_FAILURE);
1021 tmp_len = EC_POINT_point2oct(a->group, a->pub_key,
1022 a->conv_form, NULL, 0, NULL);
1024 if (tmp_len > buf_len)
1025 buffer = OPENSSL_realloc(buffer, tmp_len);
1028 ECerr(EC_F_I2D_ECPRIVATEKEY,
1029 ERR_R_MALLOC_FAILURE);
1035 if (!EC_POINT_point2oct(a->group, a->pub_key,
1036 a->conv_form, buffer, buf_len, NULL))
1038 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1042 if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
1045 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB);
1050 if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0)
1052 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB);
1058 OPENSSL_free(buffer);
1060 EC_PRIVATEKEY_free(priv_key);
1064 int i2d_ECParameters(EC_KEY *a, unsigned char **out)
1068 ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1071 return i2d_ECPKParameters(a->group, out);
1074 EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len)
1079 if (in == NULL || *in == NULL)
1081 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER);
1085 group = d2i_ECPKParameters(NULL, in, len);
1089 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB);
1093 if (a == NULL || *a == NULL)
1095 if ((ret = EC_KEY_new()) == NULL)
1097 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE);
1107 EC_GROUP_clear_free(ret->group);
1114 EC_KEY *ECPublicKey_set_octet_string(EC_KEY **a, const unsigned char **in,
1119 if (a == NULL || (*a) == NULL || (*a)->group == NULL)
1121 /* sorry, but a EC_GROUP-structur is necessary
1122 * to set the public key */
1123 ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_PASSED_NULL_PARAMETER);
1127 if (ret->pub_key == NULL &&
1128 (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
1130 ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_MALLOC_FAILURE);
1133 if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
1135 ECerr(EC_F_ECPUBLICKEY_SET_OCTET, ERR_R_EC_LIB);
1138 /* save the point conversion form */
1139 ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01);
1143 int ECPublicKey_get_octet_string(EC_KEY *a, unsigned char **out)
1149 ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_PASSED_NULL_PARAMETER);
1153 buf_len = EC_POINT_point2oct(a->group, a->pub_key,
1154 a->conv_form, NULL, 0, NULL);
1156 if (out == NULL || buf_len == 0)
1157 /* out == NULL => just return the length of the octet string */
1161 if ((*out = OPENSSL_malloc(buf_len)) == NULL)
1163 ECerr(EC_F_ECPUBLICKEY_GET_OCTET,
1164 ERR_R_MALLOC_FAILURE);
1167 if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form,
1168 *out, buf_len, NULL))
1170 ECerr(EC_F_ECPUBLICKEY_GET_OCTET, ERR_R_EC_LIB);