crypto/ec/ec_kmeth.c

   1 /*
   2  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
   3  * project.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    licensing@OpenSSL.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  */
  53
  54 #include <openssl/ec.h>
  55 #ifndef OPENSSL_NO_ENGINE
  56 # include <openssl/engine.h>
  57 #endif
  58 #include <openssl/err.h>
  59 #include "ec_lcl.h"
  60
  61
  62 static const EC_KEY_METHOD openssl_ec_key_method = {
  63     "OpenSSL EC_KEY method",
  64     0,
  65     0,0,0,0,0,0,
  66     ossl_ec_key_gen,
  67     ossl_ecdh_compute_key,
  68     ossl_ecdsa_sign,
  69     ossl_ecdsa_sign_setup,
  70     ossl_ecdsa_sign_sig,
  71     ossl_ecdsa_verify,
  72     ossl_ecdsa_verify_sig
  73 };
  74
  75 static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
  76
  77 const EC_KEY_METHOD *EC_KEY_OpenSSL(void)
  78 {
  79     return &openssl_ec_key_method;
  80 }
  81
  82 const EC_KEY_METHOD *EC_KEY_get_default_method(void)
  83 {
  84     return default_ec_key_meth;
  85 }
  86
  87 void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
  88 {
  89     if (meth == NULL)
  90         default_ec_key_meth = &openssl_ec_key_method;
  91     else
  92         default_ec_key_meth = meth;
  93 }
  94
  95 const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
  96 {
  97     return key->meth;
  98 }
  99
 100 int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
 101 {
 102     void (*finish)(EC_KEY *key) = key->meth->finish;
 103
 104     if (finish != NULL)
 105         finish(key);
 106
 107 #ifndef OPENSSL_NO_ENGINE
 108     ENGINE_finish(key->engine);
 109     key->engine = NULL;
 110 #endif
 111
 112     key->meth = meth;
 113     if (meth->init != NULL)
 114         return meth->init(key);
 115     return 1;
 116 }
 117
 118 EC_KEY *EC_KEY_new_method(ENGINE *engine)
 119 {
 120     EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
 121
 122     if (ret == NULL) {
 123         ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 124         return (NULL);
 125     }
 126     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
 127         OPENSSL_free(ret);
 128         return NULL;
 129     }
 130
 131     ret->meth = EC_KEY_get_default_method();
 132 #ifndef OPENSSL_NO_ENGINE
 133     if (engine != NULL) {
 134         if (!ENGINE_init(engine)) {
 135             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
 136             OPENSSL_free(ret);
 137             return NULL;
 138         }
 139         ret->engine = engine;
 140     } else
 141         ret->engine = ENGINE_get_default_EC();
 142     if (ret->engine != NULL) {
 143         ret->meth = ENGINE_get_EC(ret->engine);
 144         if (ret->meth == NULL) {
 145             ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
 146             ENGINE_finish(ret->engine);
 147             OPENSSL_free(ret);
 148             return NULL;
 149         }
 150     }
 151 #endif
 152
 153     ret->version = 1;
 154     ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
 155     ret->references = 1;
 156     if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
 157         EC_KEY_free(ret);
 158         return NULL;
 159     }
 160     return ret;
 161 }
 162
 163 int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 164                      const EC_KEY *eckey,
 165                      void *(*KDF) (const void *in, size_t inlen, void *out,
 166                                    size_t *outlen))
 167 {
 168     if (eckey->meth->compute_key != NULL)
 169         return eckey->meth->compute_key(out, outlen, pub_key, eckey, KDF);
 170     ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
 171     return 0;
 172 }
 173
 174 EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth)
 175 {
 176     EC_KEY_METHOD *ret = OPENSSL_zalloc(sizeof(*meth));
 177
 178     if (ret == NULL)
 179         return NULL;
 180     if (meth != NULL)
 181         *ret = *meth;
 182     ret->flags |= EC_KEY_METHOD_DYNAMIC;
 183     return ret;
 184 }
 185
 186 void EC_KEY_METHOD_free(EC_KEY_METHOD *meth)
 187 {
 188     if (meth->flags & EC_KEY_METHOD_DYNAMIC)
 189         OPENSSL_free(meth);
 190 }
 191
 192 void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
 193                             int (*init)(EC_KEY *key),
 194                             void (*finish)(EC_KEY *key),
 195                             int (*copy)(EC_KEY *dest, const EC_KEY *src),
 196                             int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
 197                             int (*set_private)(EC_KEY *key,
 198                                                const BIGNUM *priv_key),
 199                             int (*set_public)(EC_KEY *key,
 200                                               const EC_POINT *pub_key))
 201 {
 202     meth->init = init;
 203     meth->finish = finish;
 204     meth->copy = copy;
 205     meth->set_group = set_group;
 206     meth->set_private = set_private;
 207     meth->set_public = set_public;
 208 }
 209
 210 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
 211                               int (*keygen)(EC_KEY *key))
 212 {
 213     meth->keygen = keygen;
 214 }
 215
 216 void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
 217                                    int (*ckey)(void *out,
 218                                                size_t outlen,
 219                                                const EC_POINT *pub_key,
 220                                                const EC_KEY *ecdh,
 221                                                void *(*KDF) (const void *in,
 222                                                              size_t inlen,
 223                                                              void *out,
 224                                                              size_t *outlen)))
 225 {
 226     meth->compute_key = ckey;
 227 }
 228
 229 void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
 230                             int (*sign)(int type, const unsigned char *dgst,
 231                                         int dlen, unsigned char *sig,
 232                                         unsigned int *siglen,
 233                                         const BIGNUM *kinv, const BIGNUM *r,
 234                                         EC_KEY *eckey),
 235                             int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
 236                                               BIGNUM **kinvp, BIGNUM **rp),
 237                             ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
 238                                                    int dgst_len,
 239                                                    const BIGNUM *in_kinv,
 240                                                    const BIGNUM *in_r,
 241                                                    EC_KEY *eckey))
 242 {
 243     meth->sign = sign;
 244     meth->sign_setup = sign_setup;
 245     meth->sign_sig = sign_sig;
 246 }
 247
 248 void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
 249                               int (*verify)(int type, const unsigned
 250                                             char *dgst, int dgst_len,
 251                                             const unsigned char *sigbuf,
 252                                             int sig_len, EC_KEY *eckey),
 253                               int (*verify_sig)(const unsigned char *dgst,
 254                                                 int dgst_len,
 255                                                 const ECDSA_SIG *sig,
 256                                                 EC_KEY *eckey))
 257 {
 258     meth->verify = verify;
 259     meth->verify_sig = verify_sig;
 260 }
 261
 262 void EC_KEY_METHOD_get_init(EC_KEY_METHOD *meth,
 263                             int (**pinit)(EC_KEY *key),
 264                             void (**pfinish)(EC_KEY *key),
 265                             int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
 266                             int (**pset_group)(EC_KEY *key,
 267                                                const EC_GROUP *grp),
 268                             int (**pset_private)(EC_KEY *key,
 269                                                  const BIGNUM *priv_key),
 270                             int (**pset_public)(EC_KEY *key,
 271                                                 const EC_POINT *pub_key))
 272 {
 273     if (pinit != NULL)
 274         *pinit = meth->init;
 275     if (pfinish != NULL)
 276         *pfinish = meth->finish;
 277     if (pcopy != NULL)
 278         *pcopy = meth->copy;
 279     if (pset_group != NULL)
 280         *pset_group = meth->set_group;
 281     if (pset_private != NULL)
 282         *pset_private = meth->set_private;
 283     if (pset_public != NULL)
 284         *pset_public = meth->set_public;
 285 }
 286
 287 void EC_KEY_METHOD_get_keygen(EC_KEY_METHOD *meth,
 288                               int (**pkeygen)(EC_KEY *key))
 289 {
 290     if (pkeygen != NULL)
 291         *pkeygen = meth->keygen;
 292 }
 293
 294 void EC_KEY_METHOD_get_compute_key(EC_KEY_METHOD *meth,
 295                                    int (**pck)(void *out,
 296                                                size_t outlen,
 297                                                const EC_POINT *pub_key,
 298                                                const EC_KEY *ecdh,
 299                                                void *(*KDF) (const void *in,
 300                                                              size_t inlen,
 301                                                              void *out,
 302                                                              size_t *outlen)))
 303 {
 304     if (pck != NULL)
 305         *pck = meth->compute_key;
 306 }
 307
 308 void EC_KEY_METHOD_get_sign(EC_KEY_METHOD *meth,
 309                             int (**psign)(int type, const unsigned char *dgst,
 310                                           int dlen, unsigned char *sig,
 311                                           unsigned int *siglen,
 312                                           const BIGNUM *kinv, const BIGNUM *r,
 313                                           EC_KEY *eckey),
 314                             int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
 315                                                 BIGNUM **kinvp, BIGNUM **rp),
 316                             ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
 317                                                      int dgst_len,
 318                                                      const BIGNUM *in_kinv,
 319                                                      const BIGNUM *in_r,
 320                                                      EC_KEY *eckey))
 321 {
 322     if (psign != NULL)
 323         *psign = meth->sign;
 324     if (psign_setup != NULL)
 325         *psign_setup = meth->sign_setup;
 326     if (psign_sig != NULL)
 327         *psign_sig = meth->sign_sig;
 328 }
 329
 330 void EC_KEY_METHOD_get_verify(EC_KEY_METHOD *meth,
 331                               int (**pverify)(int type, const unsigned
 332                                               char *dgst, int dgst_len,
 333                                               const unsigned char *sigbuf,
 334                                               int sig_len, EC_KEY *eckey),
 335                               int (**pverify_sig)(const unsigned char *dgst,
 336                                                   int dgst_len,
 337                                                   const ECDSA_SIG *sig,
 338                                                   EC_KEY *eckey))
 339 {
 340     if (pverify != NULL)
 341         *pverify = meth->verify;
 342     if (pverify_sig != NULL)
 343         *pverify_sig = meth->verify_sig;
 344 }