/* everything else is currently not supported */
return 0;
}
-
+#ifndef OPENSSL_NO_EC2M
int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k)
{
if (group == NULL)
return 0;
- if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+ NID_X9_62_characteristic_two_field
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0)))
{
ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 1;
}
-
int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1,
unsigned int *k2, unsigned int *k3)
{
if (group == NULL)
return 0;
- if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve
+ if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=
+ NID_X9_62_characteristic_two_field
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0)))
{
ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 1;
}
-
+#endif
/* some structures needed for the asn1 encoding */
}
}
else /* nid == NID_X9_62_characteristic_two_field */
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED);
+ goto err;
+ }
+#else
{
int field_type;
X9_62_CHARACTERISTIC_TWO *char_two;
}
if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k))
{
- ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
+ ECerr(EC_F_EC_ASN1_GROUP2FIELDID,
ERR_R_ASN1_LIB);
goto err;
}
}
}
}
+#endif
ok = 1;
goto err;
}
}
+#ifndef OPENSSL_NO_EC2M
else /* nid == NID_X9_62_characteristic_two_field */
{
if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL))
goto err;
}
}
-
+#endif
len_1 = (size_t)BN_num_bytes(tmp_1);
len_2 = (size_t)BN_num_bytes(tmp_2);
ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
goto err;
}
+ curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+ curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
if (!ASN1_BIT_STRING_set(curve->seed, group->seed,
(int)group->seed_len))
{
/* use the asn1 OID to describe the
* the elliptic curve parameters
*/
- tmp = EC_GROUP_get_nid(group);
+ tmp = EC_GROUP_get_curve_name(group);
if (tmp)
{
ret->type = 0;
EC_GROUP *ret = NULL;
BIGNUM *p = NULL, *a = NULL, *b = NULL;
EC_POINT *point=NULL;
+ long field_bits;
if (!params->fieldID || !params->fieldID->fieldType ||
!params->fieldID->p.ptr)
/* get the field parameters */
tmp = OBJ_obj2nid(params->fieldID->fieldType);
-
if (tmp == NID_X9_62_characteristic_two_field)
+#ifdef OPENSSL_NO_EC2M
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_GF2M_NOT_SUPPORTED);
+ goto err;
+ }
+#else
{
X9_62_CHARACTERISTIC_TWO *char_two;
char_two = params->fieldID->p.char_two;
+ field_bits = char_two->m;
+ if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
+ goto err;
+ }
+
if ((p = BN_new()) == NULL)
{
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
}
tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
+
+ if (!(char_two->m > tmp_long && tmp_long > 0))
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
+ goto err;
+ }
+
/* create the polynomial */
if (!BN_set_bit(p, (int)char_two->m))
goto err;
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
goto err;
}
+
+ if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0))
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
+ goto err;
+ }
+
/* create the polynomial */
if (!BN_set_bit(p, (int)char_two->m)) goto err;
if (!BN_set_bit(p, (int)penta->k1)) goto err;
/* create the EC_GROUP structure */
ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
- if (ret == NULL)
- {
- ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
- goto err;
- }
}
+#endif
else if (tmp == NID_X9_62_prime_field)
{
/* we have a curve over a prime field */
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
goto err;
}
- /* create the EC_GROUP structure */
- ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
- if (ret == NULL)
+
+ if (BN_is_negative(p) || BN_is_zero(p))
{
- ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
goto err;
}
+
+ field_bits = BN_num_bits(p);
+ if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
+ goto err;
+ }
+
+ /* create the EC_GROUP structure */
+ ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
+ }
+ else
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+ goto err;
+ }
+
+ if (ret == NULL)
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+ goto err;
}
/* extract seed (optional) */
ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
goto err;
}
+ if (BN_is_negative(a) || BN_is_zero(a))
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+ goto err;
+ }
+ if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */
+ {
+ ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+ goto err;
+ }
/* extract the cofactor (optional) */
if (params->cofactor == NULL)
if (params->type == 0)
{ /* the curve is given by an OID */
tmp = OBJ_obj2nid(params->value.named_curve);
- if ((ret = EC_GROUP_new_by_nid(tmp)) == NULL)
+ if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL)
{
ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP,
EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
}
else
{
- ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+ ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
return NULL;
}
if ((group = ec_asn1_pkparameters2group(params)) == NULL)
{
ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE);
+ ECPKPARAMETERS_free(params);
return NULL;
}
goto err;
}
+ if (ret->pub_key)
+ EC_POINT_clear_free(ret->pub_key);
+ ret->pub_key = EC_POINT_new(ret->group);
+ if (ret->pub_key == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+
if (priv_key->publicKey)
{
const unsigned char *pub_oct;
- size_t pub_oct_len;
+ int pub_oct_len;
- if (ret->pub_key)
- EC_POINT_clear_free(ret->pub_key);
- ret->pub_key = EC_POINT_new(ret->group);
- if (ret->pub_key == NULL)
+ pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
+ pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
+ /* The first byte - point conversion form - must be present. */
+ if (pub_oct_len <= 0)
{
- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
goto err;
}
- pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
- pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
- /* save the point conversion form */
+ /* Save the point conversion form. */
ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01);
if (!EC_POINT_oct2point(ret->group, ret->pub_key,
- pub_oct, pub_oct_len, NULL))
+ pub_oct, (size_t)(pub_oct_len), NULL))
{
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
goto err;
}
}
+ else
+ {
+ if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL))
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ /* Remember the original private-key-only encoding. */
+ ret->enc_flag |= EC_PKEY_NO_PUBKEY;
+ }
ok = 1;
err:
size_t buf_len=0, tmp_len;
EC_PRIVATEKEY *priv_key=NULL;
- if (a == NULL || a->group == NULL || a->priv_key == NULL)
+ if (a == NULL || a->group == NULL || a->priv_key == NULL ||
+ (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL))
{
ECerr(EC_F_I2D_ECPRIVATEKEY,
ERR_R_PASSED_NULL_PARAMETER);
goto err;
}
+ priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+ priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer,
buf_len))
{
*out, buf_len, NULL))
{
ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB);
- OPENSSL_free(*out);
- *out = NULL;
+ if (new_buffer)
+ {
+ OPENSSL_free(*out);
+ *out = NULL;
+ }
return 0;
}
if (!new_buffer)