0b2baf7219c0ecd4d4b1cc867e3f082c974ea555
[openssl.git] / crypto / ecdsa / ecs_asn1.c
1 /* crypto/ecdsa/ecs_asn1.c */
2 /* ====================================================================
3  * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  *
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer. 
11  *
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in
14  *    the documentation and/or other materials provided with the
15  *    distribution.
16  *
17  * 3. All advertising materials mentioning features or use of this
18  *    software must display the following acknowledgment:
19  *    "This product includes software developed by the OpenSSL Project
20  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21  *
22  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23  *    endorse or promote products derived from this software without
24  *    prior written permission. For written permission, please contact
25  *    licensing@OpenSSL.org.
26  *
27  * 5. Products derived from this software may not be called "OpenSSL"
28  *    nor may "OpenSSL" appear in their names without prior written
29  *    permission of the OpenSSL Project.
30  *
31  * 6. Redistributions of any form whatsoever must retain the following
32  *    acknowledgment:
33  *    "This product includes software developed by the OpenSSL Project
34  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35  *
36  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
40  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47  * OF THE POSSIBILITY OF SUCH DAMAGE.
48  * ====================================================================
49  *
50  * This product includes cryptographic software written by Eric Young
51  * (eay@cryptsoft.com).  This product includes software written by Tim
52  * Hudson (tjh@cryptsoft.com).
53  *
54  */
55
56 #include "cryptlib.h"
57 #include "ecs_locl.h"
58 #include <openssl/asn1.h>
59 #include <openssl/asn1t.h>
60 #include <openssl/objects.h>
61
62 ASN1_SEQUENCE(ECDSA_SIG) = {
63         ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
64         ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
65 } ASN1_SEQUENCE_END(ECDSA_SIG)
66
67 IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
68
69 ASN1_SEQUENCE(X9_62_FIELDID) = {
70         ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
71         ASN1_SIMPLE(X9_62_FIELDID, parameters, ASN1_ANY)
72 } ASN1_SEQUENCE_END(X9_62_FIELDID)
73
74 DECLARE_ASN1_FUNCTIONS_const(X9_62_FIELDID)
75 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_FIELDID, X9_62_FIELDID)
76 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_FIELDID)
77
78 ASN1_SEQUENCE(X9_62_CURVE) = {
79         ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
80         ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
81         ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
82 } ASN1_SEQUENCE_END(X9_62_CURVE)
83
84 DECLARE_ASN1_FUNCTIONS_const(X9_62_CURVE)
85 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_CURVE, X9_62_CURVE)
86 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_CURVE)
87
88 ASN1_SEQUENCE(X9_62_EC_PARAMETERS) = {
89         ASN1_SIMPLE(X9_62_EC_PARAMETERS, version, ASN1_INTEGER),
90         ASN1_SIMPLE(X9_62_EC_PARAMETERS, fieldID, X9_62_FIELDID),
91         ASN1_SIMPLE(X9_62_EC_PARAMETERS, curve, X9_62_CURVE),
92         ASN1_SIMPLE(X9_62_EC_PARAMETERS, base, ASN1_OCTET_STRING),
93         ASN1_SIMPLE(X9_62_EC_PARAMETERS, order, ASN1_INTEGER),
94         ASN1_SIMPLE(X9_62_EC_PARAMETERS, cofactor, ASN1_INTEGER)
95 } ASN1_SEQUENCE_END(X9_62_EC_PARAMETERS)
96
97 DECLARE_ASN1_FUNCTIONS_const(X9_62_EC_PARAMETERS)
98 DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_EC_PARAMETERS, X9_62_EC_PARAMETERS)
99 IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_EC_PARAMETERS)
100
101 ASN1_CHOICE(EC_PARAMETERS) = {
102         ASN1_SIMPLE(EC_PARAMETERS, value.named_curve, ASN1_OBJECT),
103         ASN1_SIMPLE(EC_PARAMETERS, value.parameters, X9_62_EC_PARAMETERS),
104         ASN1_SIMPLE(EC_PARAMETERS, value.implicitlyCA, ASN1_NULL)
105 } ASN1_CHOICE_END(EC_PARAMETERS)
106
107 DECLARE_ASN1_FUNCTIONS_const(EC_PARAMETERS)
108 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PARAMETERS, EC_PARAMETERS)
109 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PARAMETERS)
110              
111 ASN1_SEQUENCE(ECDSAPrivateKey) = {
112         ASN1_SIMPLE(ECDSAPrivateKey, version, LONG),
113         ASN1_SIMPLE(ECDSAPrivateKey, parameters, EC_PARAMETERS),
114         ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING),
115         ASN1_SIMPLE(ECDSAPrivateKey, priv_key, BIGNUM)
116 } ASN1_SEQUENCE_END(ECDSAPrivateKey)
117
118 DECLARE_ASN1_FUNCTIONS_const(ECDSAPrivateKey)
119 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPrivateKey)
120 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(ECDSAPrivateKey, ECDSAPrivateKey, ECDSAPrivateKey)
121 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPrivateKey, ecdsaPrivateKey)
122
123
124 X9_62_FIELDID   *ECDSA_get_X9_62_FIELDID(const ECDSA *ecdsa, X9_62_FIELDID *field)
125 {
126         /* TODO : characteristic two */
127         int     ok=0, reason=ERR_R_ASN1_LIB;
128         X9_62_FIELDID *ret=NULL;
129         BIGNUM  *tmp=NULL;
130         
131         if (!ecdsa || !ecdsa->group)
132                 OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
133         if (field == NULL)
134         {
135                 if ((ret = X9_62_FIELDID_new()) == NULL) return NULL;
136         }
137         else
138         {       
139                 ret = field;
140                 if (ret->fieldType != NULL)     ASN1_OBJECT_free(ret->fieldType);
141                 if (ret->parameters != NULL)    ASN1_TYPE_free(ret->parameters);
142         }
143         if ((tmp = BN_new()) == NULL) 
144                 OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
145         if ((ret->fieldType = OBJ_nid2obj(NID_X9_62_prime_field)) == NULL)
146                 OPENSSL_ECDSA_ABORT(ERR_R_OBJ_LIB)
147         if ((ret->parameters = ASN1_TYPE_new()) == NULL) goto err;
148         ret->parameters->type = V_ASN1_INTEGER;
149         if (!EC_GROUP_get_curve_GFp(ecdsa->group, tmp, NULL, NULL, NULL))
150                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
151         if ((ret->parameters->value.integer = BN_to_ASN1_INTEGER(tmp, NULL)) == NULL) goto err;
152         ok = 1;
153 err :   if (!ok)
154         {
155                 if (ret && !field) X9_62_FIELDID_free(ret);
156                 ret = NULL;
157                 ECDSAerr(ECDSA_F_ECDSA_GET_X9_62_FIELDID, reason);
158         }
159         if (tmp) BN_free(tmp);
160         return(ret);
161 }
162
163 X9_62_CURVE   *ECDSA_get_X9_62_CURVE(const ECDSA *ecdsa, X9_62_CURVE *curve)
164 {
165         int     ok=0, reason=ERR_R_BN_LIB, len1=0, len2=0;
166         X9_62_CURVE *ret=NULL;
167         BIGNUM      *tmp1=NULL, *tmp2=NULL;
168         unsigned char *buffer=NULL;
169         unsigned char char_buf = 0;
170
171         if (!ecdsa || !ecdsa->group)
172                 OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
173         if ((tmp1 = BN_new()) == NULL || (tmp2 = BN_new()) == NULL) goto err;
174         if (curve == NULL)
175         {
176                 if ((ret = X9_62_CURVE_new()) == NULL)
177                         OPENSSL_ECDSA_ABORT(ECDSA_R_X9_62_CURVE_NEW_FAILURE)
178         }
179         else
180         {
181                 ret = curve;
182                 if (ret->a)     ASN1_OCTET_STRING_free(ret->a);
183                 if (ret->b)     ASN1_OCTET_STRING_free(ret->b);
184                 if (ret->seed)  ASN1_BIT_STRING_free(ret->seed);
185         }
186         if (!EC_GROUP_get_curve_GFp(ecdsa->group, NULL, tmp1, tmp2, NULL))
187                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
188
189         if ((ret->a = M_ASN1_OCTET_STRING_new()) == NULL || 
190             (ret->b = M_ASN1_OCTET_STRING_new()) == NULL )
191                 OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
192
193         len1 = BN_num_bytes(tmp1);
194         len2 = BN_num_bytes(tmp2);
195
196         if ((buffer = OPENSSL_malloc(len1 > len2 ? len1 : len2)) == NULL)
197                 OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
198
199         if (len1 == 0) /* => a == 0 */
200         {
201                 if (!M_ASN1_OCTET_STRING_set(ret->a, &char_buf, 1))
202                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
203         }
204         else
205         {
206                 if ((len1 = BN_bn2bin(tmp1, buffer)) == 0) goto err;
207                 if (!M_ASN1_OCTET_STRING_set(ret->a, buffer, len1))
208                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
209         }
210         if (len2 == 0) /* => b == 0 */
211         {
212                 if (!M_ASN1_OCTET_STRING_set(ret->a, &char_buf, 1))
213                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
214         }
215         else
216         {
217                 if ((len2 = BN_bn2bin(tmp2, buffer)) == 0) goto err;
218                 if (!M_ASN1_OCTET_STRING_set(ret->b, buffer, len2))
219                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
220         }
221
222         if (ecdsa->seed)
223         {       
224                 if ((ret->seed = ASN1_BIT_STRING_new()) == NULL) goto err;
225                 if (!ASN1_BIT_STRING_set(ret->seed, ecdsa->seed, (int)ecdsa->seed_len))
226                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
227         }
228         else
229                 ret->seed = NULL;
230
231         ok = 1;
232 err :   if (!ok)
233         {
234                 if (ret && !curve) X9_62_CURVE_free(ret);
235                 ret = NULL;
236                 ECDSAerr(ECDSA_F_ECDSA_GET_X9_62_CURVE, reason);
237         }
238         if (buffer) OPENSSL_free(buffer);
239         if (tmp1)   BN_free(tmp1);
240         if (tmp2)   BN_free(tmp2);
241         return(ret);
242 }
243
244 X9_62_EC_PARAMETERS *ECDSA_get_X9_62_EC_PARAMETERS(const ECDSA *ecdsa, X9_62_EC_PARAMETERS *param)
245 {
246         int     ok=0, reason=ERR_R_ASN1_LIB;
247         size_t  len=0;
248         X9_62_EC_PARAMETERS *ret=NULL;
249         BIGNUM        *tmp=NULL;
250         unsigned char *buffer=NULL;
251         EC_POINT      *point=NULL;
252
253         if (!ecdsa || !ecdsa->group)
254                 OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
255         if ((tmp = BN_new()) == NULL)
256                 OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
257         if (param == NULL)
258         {
259                 if ((ret = X9_62_EC_PARAMETERS_new()) == NULL)
260                         OPENSSL_ECDSA_ABORT(ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE)
261         }
262         else
263                 ret = param;
264         if (ecdsa->version == 1)
265                 ret->version = NULL;
266         else
267         {
268                 if (ret->version == NULL && (ret->version = ASN1_INTEGER_new()) == NULL)
269                         OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
270                 if (!ASN1_INTEGER_set(ret->version, (long)ecdsa->version)) goto err;
271         }
272         if ((ret->fieldID = ECDSA_get_X9_62_FIELDID(ecdsa, ret->fieldID)) == NULL)
273                 OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE)
274         if ((ret->curve = ECDSA_get_X9_62_CURVE(ecdsa, ret->curve)) == NULL)
275                 OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE)
276         if ((point = EC_GROUP_get0_generator(ecdsa->group)) == NULL)
277                 OPENSSL_ECDSA_ABORT(ECDSA_R_CAN_NOT_GET_GENERATOR)
278         if (!(len = EC_POINT_point2oct(ecdsa->group, point, POINT_CONVERSION_COMPRESSED, NULL, len, NULL)))
279                 OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_PARAMETER_LENGTH)
280         if ((buffer = OPENSSL_malloc(len)) == NULL)
281                 OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
282         if (!EC_POINT_point2oct(ecdsa->group, point, POINT_CONVERSION_COMPRESSED, buffer, len, NULL)) 
283                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
284         if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL)
285                 OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
286         if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) goto err;
287         if (!EC_GROUP_get_order(ecdsa->group, tmp, NULL))
288                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
289         if ((ret->order = BN_to_ASN1_INTEGER(tmp, ret->order)) == NULL) goto err;
290         if (!EC_GROUP_get_cofactor(ecdsa->group, tmp, NULL))
291                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
292         if ((ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor)) == NULL) goto err;
293         ok = 1;
294
295 err :   if(!ok)
296         {
297                 ECDSAerr(ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS, reason);
298                 if (ret && !param) X9_62_EC_PARAMETERS_free(ret);
299                 ret = NULL;
300         }
301         if (tmp)    BN_free(tmp);
302         if (buffer) OPENSSL_free(buffer);
303         return(ret);
304 }
305
306 EC_PARAMETERS *ECDSA_get_EC_PARAMETERS(const ECDSA *ecdsa, EC_PARAMETERS *params)
307 {
308         int ok = 1;
309         int tmp = 0;
310         EC_PARAMETERS *ret = params;
311         if (ret == NULL)
312                 if ((ret = EC_PARAMETERS_new()) == NULL)
313                 {
314                         ECDSAerr(ECDSA_F_ECDSA_GET_EC_PARAMETERS, ERR_R_MALLOC_FAILURE);
315                         return NULL;
316                 }
317         if (ecdsa == NULL)
318         {       /* missing parameter */
319                 ECDSAerr(ECDSA_F_ECDSA_GET_EC_PARAMETERS, ECDSA_R_MISSING_PARAMETERS);
320                 EC_PARAMETERS_free(params);
321                 return NULL;
322         }
323         if (ecdsa->parameter_flags & ECDSA_FLAG_NAMED_CURVE)
324         {       /* use a named curve */
325                 tmp = EC_GROUP_get_nid(ecdsa->group);
326                 if (tmp)
327                 {
328                         ret->type = 0;
329                         if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
330                                 ok = 0;
331                 }
332                 else
333                 {
334                         /* use the x9_64 ec_parameters structure */
335                         ret->type = 1;
336                         if ((ret->value.parameters = ECDSA_get_X9_62_EC_PARAMETERS(ecdsa, NULL)) == NULL)
337                                 ok = 0;
338                 }
339         }
340         else if (ecdsa->parameter_flags & ECDSA_FLAG_IMPLICITLYCA)
341         {       /* use implicitlyCA */
342                 ret->type = 2;
343                 if ((ret->value.implicitlyCA = ASN1_NULL_new()) == NULL)
344                         ok = 0;
345         }
346         else
347         {       /* use the x9_64 ec_parameters structure */
348                 ret->type = 1;
349                 if ((ret->value.parameters = ECDSA_get_X9_62_EC_PARAMETERS(ecdsa, NULL)) == NULL)
350                         ok = 0;
351         }
352         if (!ok)
353         {
354                 EC_PARAMETERS_free(ret);
355                 return NULL;
356         }
357                 return ret;
358 }
359
360 ECDSA         *ECDSA_x9_62parameters2ecdsa(const X9_62_EC_PARAMETERS *params, ECDSA *ecdsa)
361 {
362         int       ok=0, reason=ERR_R_EC_LIB, tmp;
363         ECDSA     *ret=NULL;
364         const EC_METHOD *meth=NULL;
365         BIGNUM    *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL;
366         EC_POINT  *point=NULL;
367
368         if (!params) 
369                 OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
370         if (ecdsa == NULL)
371         {
372                 if ((ret = ECDSA_new()) == NULL) 
373                         OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_NEW_FAILURE)
374         }
375         else
376         {
377                 if (ecdsa->group)       EC_GROUP_free(ecdsa->group);
378                 if (ecdsa->pub_key)     EC_POINT_free(ecdsa->pub_key);
379                 ecdsa->pub_key = NULL;
380                 if (ecdsa->priv_key)    BN_clear_free(ecdsa->priv_key);
381                 ecdsa->priv_key = NULL;
382                 if (ecdsa->seed)        OPENSSL_free(ecdsa->seed);
383                 ecdsa->seed = NULL;
384                 if (ecdsa->kinv)        
385                 {
386                         BN_clear_free(ecdsa->kinv);
387                         ecdsa->kinv = NULL;
388                 }
389                 if (ecdsa->r)
390                 {
391                         BN_clear_free(ecdsa->r);
392                         ecdsa->r = NULL;
393                 }
394                 ret = ecdsa;
395         }
396         /* TODO : characteristic two */
397         if (!params->fieldID || !params->fieldID->fieldType || !params->fieldID->parameters)
398                 OPENSSL_ECDSA_ABORT(ECDSA_R_NO_FIELD_SPECIFIED)
399         tmp = OBJ_obj2nid(params->fieldID->fieldType); 
400         if (tmp == NID_X9_62_characteristic_two_field)
401         {
402                 OPENSSL_ECDSA_ABORT(ECDSA_R_NOT_SUPPORTED)
403         }
404         else if (tmp == NID_X9_62_prime_field)
405         {
406                 /* TODO : optimal method for the curve */
407                 meth = EC_GFp_mont_method();
408                 if ((ret->group = EC_GROUP_new(meth)) == NULL) goto err;
409                 if (params->fieldID->parameters->type != V_ASN1_INTEGER)
410                         OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_ASN1_TYPE)
411                 if (!params->fieldID->parameters->value.integer)
412                         OPENSSL_ECDSA_ABORT(ECDSA_R_PRIME_MISSING)
413                 if ((tmp_1 = ASN1_INTEGER_to_BN(params->fieldID->parameters->value.integer, NULL)) == NULL)
414                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
415                 if (!params->curve)
416                         OPENSSL_ECDSA_ABORT(ECDSA_R_NO_CURVE_SPECIFIED)
417                 if (!params->curve->a || !params->curve->a->data)
418                         OPENSSL_ECDSA_ABORT(ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED)
419                 if ((tmp_2 = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL)) == NULL)
420                         OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
421                 if (!params->curve->b || !params->curve->b->data)
422                         OPENSSL_ECDSA_ABORT(ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED)
423                 if ((tmp_3 = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL)) == NULL)
424                         OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
425                 if (!EC_GROUP_set_curve_GFp(ret->group, tmp_1, tmp_2, tmp_3, NULL)) goto err;
426                 if ((point = EC_POINT_new(ret->group)) == NULL) goto err;
427         }
428         else OPENSSL_ECDSA_ABORT(ECDSA_R_WRONG_FIELD_IDENTIFIER)
429         if (params->curve->seed != NULL)
430         {
431                 if (ret->seed != NULL)
432                         OPENSSL_free(ret->seed);
433                 if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL)
434                         OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
435                 memcpy(ret->seed, params->curve->seed->data, params->curve->seed->length);
436                 ret->seed_len = params->curve->seed->length;
437         }
438         if (params->version)
439         {
440                 if ((ret->version = (int)ASN1_INTEGER_get(params->version)) < 0)
441                         OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_VERSION_NUMER)
442         }
443         else
444                 ret->version  = 1;
445         if (params->order && params->cofactor && params->base && params->base->data)
446         {
447                 if ((tmp_1 = ASN1_INTEGER_to_BN(params->order, tmp_1)) == NULL)
448                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
449                 if ((tmp_2 = ASN1_INTEGER_to_BN(params->cofactor, tmp_2)) == NULL)
450                         OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
451                 if (!EC_POINT_oct2point(ret->group, point, params->base->data, 
452                                 params->base->length, NULL)) goto err;
453                 if (!EC_GROUP_set_generator(ret->group, point, tmp_1, tmp_2)) goto err;
454         }
455         ok = 1;
456
457 err:    if (!ok)
458         {
459                 ECDSAerr(ECDSA_F_ECDSA_GET, reason);
460                 if (ret && !ecdsa) ECDSA_free(ret);
461                 ret = NULL;
462         }
463         if (tmp_1)      BN_free(tmp_1);
464         if (tmp_2)      BN_free(tmp_2);
465         if (tmp_3)      BN_free(tmp_3);
466         if (point)      EC_POINT_free(point);
467         return(ret);
468 }
469
470 ECDSA *ECDSA_ecparameters2ecdsa(const EC_PARAMETERS *params, ECDSA *ecdsa)
471 {
472         ECDSA *ret = ecdsa;
473         int tmp = 0;
474         if (ret == NULL)
475                 if ((ret = ECDSA_new()) == NULL)
476                 {
477                         ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ERR_R_MALLOC_FAILURE);
478                         return NULL;
479                 }
480         if (params == NULL)
481         {
482                 ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ECDSA_R_MISSING_PARAMETERS);
483                 ECDSA_free(ret);
484                 return NULL;
485         }
486         if (params->type == 0)
487         {
488                 if (ret->group)
489                         EC_GROUP_free(ret->group);
490                 tmp = OBJ_obj2nid(params->value.named_curve);
491                 ret->parameter_flags |= ECDSA_FLAG_NAMED_CURVE;
492                 if ((ret->group = EC_GROUP_new_by_name(tmp)) == NULL)
493                 {
494                         ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ECDSA_R_EC_GROUP_NID2CURVE_FAILURE);
495                         ECDSA_free(ret);
496                         return NULL;
497                 }
498         }
499         else if (params->type == 1)
500         {
501                 ret = ECDSA_x9_62parameters2ecdsa(params->value.parameters, ret);
502         }
503         else if (params->type == 2)
504         {
505                 if (ret->group)
506                         EC_GROUP_free(ret->group);
507                 ret->group = NULL;
508                 ret->parameter_flags |= ECDSA_FLAG_IMPLICITLYCA;                
509         }
510         else
511         {
512                 ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ECDSA_R_UNKNOWN_PARAMETERS_TYPE);
513                 ECDSA_free(ret);
514                 ret = NULL;
515         }
516         return ret;
517 }
518
519 ECDSA   *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len)
520 {
521         ECDSA           *ecdsa = (a && *a)? *a : NULL;
522         EC_PARAMETERS   *params = NULL;
523
524         if ((params = d2i_EC_PARAMETERS(NULL, in, len)) == NULL)
525         {
526                 ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, ECDSA_R_D2I_EC_PARAMETERS_FAILURE);
527                 EC_PARAMETERS_free(params);
528                 return NULL;
529         }
530         if ((ecdsa = ECDSA_ecparameters2ecdsa(params, ecdsa)) == NULL)
531         {
532                 ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, ECDSA_R_ECPARAMETERS2ECDSA_FAILURE);
533                 return NULL; 
534         }
535         EC_PARAMETERS_free(params);
536         return(ecdsa);  
537 }
538
539 int     i2d_ECDSAParameters(ECDSA *a, unsigned char **out)
540 {
541         int             ret=0;
542         EC_PARAMETERS   *tmp = ECDSA_get_EC_PARAMETERS(a, NULL);
543         if (tmp == NULL)
544         {
545                 ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS, ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE);
546                 return 0;
547         }
548         if ((ret = i2d_EC_PARAMETERS(tmp, out)) == 0)
549         {
550                 ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS, ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE);
551                 EC_PARAMETERS_free(tmp);
552                 return 0;
553         }       
554         EC_PARAMETERS_free(tmp);
555         return(ret);
556 }
557
558 ECDSA   *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
559 {
560         int reason=ERR_R_BN_LIB, ok=0;
561         ECDSA *ret=NULL;
562         ECDSAPrivateKey *priv_key=NULL;
563
564         if ((priv_key = ECDSAPrivateKey_new()) == NULL)
565                 OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE)
566         if ((priv_key = d2i_ecdsaPrivateKey(&priv_key, in, len)) == NULL)
567                 OPENSSL_ECDSA_ABORT(ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE)
568         if ((ret = ECDSA_ecparameters2ecdsa(priv_key->parameters, NULL)) == NULL)
569                 OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_FAILURE)
570         ret->version = priv_key->version;
571         if (priv_key->priv_key)
572         {
573                 if ((ret->priv_key = BN_dup(priv_key->priv_key)) == NULL)
574                         OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
575         }
576         else
577                 OPENSSL_ECDSA_ABORT(ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY)
578         if ((ret->pub_key = EC_POINT_new(ret->group)) == NULL)
579                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
580         if (!EC_POINT_oct2point(ret->group, ret->pub_key, priv_key->pub_key->data, priv_key->pub_key->length, NULL))
581                 OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
582         ok = 1;
583 err :   if (!ok)
584         {
585                 if (ret) ECDSA_free(ret);
586                 ret = NULL;
587                 ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, reason);
588         }
589         if (priv_key)   ECDSAPrivateKey_free(priv_key);
590         return(ret);
591 }
592
593 int     i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out)
594 {
595         int ret=0, ok=0, reason=ERR_R_EC_LIB;
596         unsigned char   *buffer=NULL;
597         size_t          buf_len=0;
598         ECDSAPrivateKey *priv_key=NULL;
599
600         if (a == NULL || a->group == NULL)
601                 OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
602         if ((priv_key = ECDSAPrivateKey_new()) == NULL)
603                 OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE)
604         if ((priv_key->parameters = ECDSA_get_EC_PARAMETERS(a, priv_key->parameters)) == NULL)
605                 OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE)
606         priv_key->version      = a->version;
607         if (BN_copy(priv_key->priv_key, a->priv_key) == NULL)
608                 OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
609         buf_len = EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
610         if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
611                 OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
612         if (!EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_COMPRESSED,
613                                 buffer, buf_len, NULL)) goto err;
614         if (!M_ASN1_OCTET_STRING_set(priv_key->pub_key, buffer, buf_len))
615                 OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
616         if ((ret = i2d_ecdsaPrivateKey(priv_key, out)) == 0)
617                 OPENSSL_ECDSA_ABORT(ECDSA_R_I2D_ECDSA_PRIVATEKEY)
618         ok=1;
619         
620 err:    if (!ok)
621                 ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, reason);
622         if (buffer)   OPENSSL_free(buffer);
623         if (priv_key) ECDSAPrivateKey_free(priv_key);   
624         return(ok?ret:0);
625 }
626
627
628 ECDSA   *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len)
629 {
630         ECDSA *ret=NULL;
631
632         if (a == NULL || (*a) == NULL || (*a)->group == NULL)
633         {
634                 /* sorry, but a EC_GROUP-structur is necessary
635                  * to set the public key */
636                 ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ECDSA_R_MISSING_PARAMETERS);
637                 return 0;
638         }
639         ret = *a;
640         if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
641         {
642                 ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
643                 return 0;
644         }
645         if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
646         {
647                 ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
648                 return 0;
649         }
650         ECDSA_set_conversion_form(ret, (point_conversion_form_t)(*in[0] & ~0x01));
651         return ret;
652 }
653
654 int     ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out)
655 {
656         size_t  buf_len=0;
657
658         if (a == NULL) 
659         {
660                 ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ECDSA_R_MISSING_PARAMETERS);
661                 return 0;
662         }
663         buf_len = EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a), NULL, 0, NULL);
664         if (out == NULL || buf_len == 0)
665         /* out == NULL => just return the length of the octet string */
666                 return buf_len;
667         if (*out == NULL)
668                 if ((*out = OPENSSL_malloc(buf_len)) == NULL)
669                 {
670                         ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_MALLOC_FAILURE);
671                         return 0;
672                 }
673         if (!EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a),
674                                 *out, buf_len, NULL))
675         {
676                 ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_EC_LIB);
677                 OPENSSL_free(*out);
678                 *out = NULL;
679                 return 0;
680         }
681         return buf_len;
682 }