-/* crypto/ec/ec_lib.c */
/*
* Originally written by Bodo Moeller for the OpenSSL project.
*/
}
ret->meth = meth;
- ret->order = BN_new();
- if (!ret->order)
- goto err;
- ret->cofactor = BN_new();
- if (!ret->cofactor)
- goto err;
+ if ((ret->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) {
+ ret->order = BN_new();
+ if (ret->order == NULL)
+ goto err;
+ ret->cofactor = BN_new();
+ if (ret->cofactor == NULL)
+ goto err;
+ }
ret->asn1_flag = OPENSSL_EC_NAMED_CURVE;
ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED;
if (!meth->group_init(ret))
return NULL;
}
+void EC_pre_comp_free(EC_GROUP *group)
+{
+ switch (group->pre_comp_type) {
+ default:
+ break;
+#ifdef ECP_NISTZ256_REFERENCE_IMPLEMENTATION
+ case pct_nistz256:
+ EC_nistz256_pre_comp_free(group->pre_comp.nistz256);
+ break;
+#endif
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ case pct_nistp224:
+ EC_nistp224_pre_comp_free(group->pre_comp.nistp224);
+ break;
+ case pct_nistp256:
+ EC_nistp256_pre_comp_free(group->pre_comp.nistp256);
+ break;
+ case pct_nistp521:
+ EC_nistp521_pre_comp_free(group->pre_comp.nistp521);
+ break;
+#endif
+ case pct_ec:
+ EC_ec_pre_comp_free(group->pre_comp.ec);
+ break;
+ }
+ group->pre_comp.ec = NULL;
+}
+
void EC_GROUP_free(EC_GROUP *group)
{
if (!group)
if (group->meth->group_finish != 0)
group->meth->group_finish(group);
- EC_EX_DATA_free_all_data(&group->extra_data);
+ EC_pre_comp_free(group);
BN_MONT_CTX_free(group->mont_data);
EC_POINT_free(group->generator);
BN_free(group->order);
else if (group->meth->group_finish != 0)
group->meth->group_finish(group);
- EC_EX_DATA_clear_free_all_data(&group->extra_data);
-
+ EC_pre_comp_free(group);
BN_MONT_CTX_free(group->mont_data);
-
EC_POINT_clear_free(group->generator);
BN_clear_free(group->order);
BN_clear_free(group->cofactor);
int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
{
- EC_EXTRA_DATA *d;
-
if (dest->meth->group_copy == 0) {
ECerr(EC_F_EC_GROUP_COPY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
if (dest == src)
return 1;
- EC_EX_DATA_free_all_data(&dest->extra_data);
-
- for (d = src->extra_data; d != NULL; d = d->next) {
- void *t = d->dup_func(d->data);
-
- if (t == NULL)
- return 0;
- if (!EC_EX_DATA_set_data
- (&dest->extra_data, t, d->dup_func, d->free_func,
- d->clear_free_func))
- return 0;
+ /* Copy precomputed */
+ dest->pre_comp_type = src->pre_comp_type;
+ switch (src->pre_comp_type) {
+ default:
+ dest->pre_comp.ec = NULL;
+ break;
+#ifdef ECP_NISTZ256_REFERENCE_IMPLEMENTATION
+ case pct_nistz256:
+ dest->pre_comp.nistz256 = EC_nistz256_pre_comp_dup(src->pre_comp.nistz256);
+ break;
+#endif
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+ case pct_nistp224:
+ dest->pre_comp.nistp224 = EC_nistp224_pre_comp_dup(src->pre_comp.nistp224);
+ break;
+ case pct_nistp256:
+ dest->pre_comp.nistp256 = EC_nistp256_pre_comp_dup(src->pre_comp.nistp256);
+ break;
+ case pct_nistp521:
+ dest->pre_comp.nistp521 = EC_nistp521_pre_comp_dup(src->pre_comp.nistp521);
+ break;
+#endif
+ case pct_ec:
+ dest->pre_comp.ec = EC_ec_pre_comp_dup(src->pre_comp.ec);
+ break;
}
if (src->mont_data != NULL) {
dest->generator = NULL;
}
- if (!BN_copy(dest->order, src->order))
- return 0;
- if (!BN_copy(dest->cofactor, src->cofactor))
- return 0;
+ if ((src->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) {
+ if (!BN_copy(dest->order, src->order))
+ return 0;
+ if (!BN_copy(dest->cofactor, src->cofactor))
+ return 0;
+ }
dest->curve_name = src->curve_name;
dest->asn1_flag = src->asn1_flag;
} else
BN_zero(group->cofactor);
+
/*
- * We ignore the return value because some groups have an order with
+ * Some groups have an order with
* factors of two, which makes the Montgomery setup fail.
* |group->mont_data| will be NULL in this case.
*/
- ec_precompute_mont_data(group);
+ if (BN_is_odd(group->order)) {
+ return ec_precompute_mont_data(group);
+ }
+ BN_MONT_CTX_free(group->mont_data);
+ group->mont_data = NULL;
return 1;
}
int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
{
+ if (group->order == NULL)
+ return 0;
if (!BN_copy(order, group->order))
return 0;
return !BN_is_zero(order);
}
+const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group)
+{
+ return group->order;
+}
+
+int EC_GROUP_order_bits(const EC_GROUP *group)
+{
+ OPENSSL_assert(group->meth->group_order_bits != NULL);
+ return group->meth->group_order_bits(group);
+}
+
int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor,
BN_CTX *ctx)
{
+
+ if (group->cofactor == NULL)
+ return 0;
if (!BN_copy(cofactor, group->cofactor))
return 0;
return !BN_is_zero(group->cofactor);
}
+const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group)
+{
+ return group->cofactor;
+}
+
void EC_GROUP_set_curve_name(EC_GROUP *group, int nid)
{
group->curve_name = nid;
if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) &&
EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b))
return 1;
+ if (a->meth->flags & EC_FLAGS_CUSTOM_CURVE)
+ return 0;
- if (!ctx)
+ if (ctx == NULL)
ctx_new = ctx = BN_CTX_new();
- if (!ctx)
+ if (ctx == NULL)
return -1;
BN_CTX_start(ctx);
b1 = BN_CTX_get(ctx);
b2 = BN_CTX_get(ctx);
b3 = BN_CTX_get(ctx);
- if (!b3) {
+ if (b3 == NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx_new);
return -1;
r = 1;
if (!r) {
+ const BIGNUM *ao, *bo, *ac, *bc;
/* compare the order and cofactor */
- if (!EC_GROUP_get_order(a, a1, ctx) ||
- !EC_GROUP_get_order(b, b1, ctx) ||
- !EC_GROUP_get_cofactor(a, a2, ctx) ||
- !EC_GROUP_get_cofactor(b, b2, ctx)) {
+ ao = EC_GROUP_get0_order(a);
+ bo = EC_GROUP_get0_order(b);
+ ac = EC_GROUP_get0_cofactor(a);
+ bc = EC_GROUP_get0_cofactor(b);
+ if (ao == NULL || bo == NULL) {
BN_CTX_end(ctx);
BN_CTX_free(ctx_new);
return -1;
}
- if (BN_cmp(a1, b1) || BN_cmp(a2, b2))
+ if (BN_cmp(ao, bo) || BN_cmp(ac, bc))
r = 1;
}
return r;
}
-/* this has 'package' visibility */
-int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data,
- void *(*dup_func) (void *),
- void (*free_func) (void *),
- void (*clear_free_func) (void *))
-{
- EC_EXTRA_DATA *d;
-
- if (ex_data == NULL)
- return 0;
-
- for (d = *ex_data; d != NULL; d = d->next) {
- if (d->dup_func == dup_func && d->free_func == free_func
- && d->clear_free_func == clear_free_func) {
- ECerr(EC_F_EC_EX_DATA_SET_DATA, EC_R_SLOT_FULL);
- return 0;
- }
- }
-
- if (data == NULL)
- /* no explicit entry needed */
- return 1;
-
- d = OPENSSL_malloc(sizeof(*d));
- if (d == NULL)
- return 0;
-
- d->data = data;
- d->dup_func = dup_func;
- d->free_func = free_func;
- d->clear_free_func = clear_free_func;
-
- d->next = *ex_data;
- *ex_data = d;
-
- return 1;
-}
-
-/* this has 'package' visibility */
-void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data,
- void *(*dup_func) (void *),
- void (*free_func) (void *),
- void (*clear_free_func) (void *))
-{
- const EC_EXTRA_DATA *d;
-
- for (d = ex_data; d != NULL; d = d->next) {
- if (d->dup_func == dup_func && d->free_func == free_func
- && d->clear_free_func == clear_free_func)
- return d->data;
- }
-
- return NULL;
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data,
- void *(*dup_func) (void *),
- void (*free_func) (void *),
- void (*clear_free_func) (void *))
-{
- EC_EXTRA_DATA **p;
-
- if (ex_data == NULL)
- return;
-
- for (p = ex_data; *p != NULL; p = &((*p)->next)) {
- if ((*p)->dup_func == dup_func && (*p)->free_func == free_func
- && (*p)->clear_free_func == clear_free_func) {
- EC_EXTRA_DATA *next = (*p)->next;
-
- (*p)->free_func((*p)->data);
- OPENSSL_free(*p);
-
- *p = next;
- return;
- }
- }
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **ex_data,
- void *(*dup_func) (void *),
- void (*free_func) (void *),
- void (*clear_free_func) (void *))
-{
- EC_EXTRA_DATA **p;
-
- if (ex_data == NULL)
- return;
-
- for (p = ex_data; *p != NULL; p = &((*p)->next)) {
- if ((*p)->dup_func == dup_func && (*p)->free_func == free_func
- && (*p)->clear_free_func == clear_free_func) {
- EC_EXTRA_DATA *next = (*p)->next;
-
- (*p)->clear_free_func((*p)->data);
- OPENSSL_free(*p);
-
- *p = next;
- return;
- }
- }
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data)
-{
- EC_EXTRA_DATA *d;
-
- if (ex_data == NULL)
- return;
-
- d = *ex_data;
- while (d) {
- EC_EXTRA_DATA *next = d->next;
-
- d->free_func(d->data);
- OPENSSL_free(d);
-
- d = next;
- }
- *ex_data = NULL;
-}
-
-/* this has 'package' visibility */
-void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data)
-{
- EC_EXTRA_DATA *d;
-
- if (ex_data == NULL)
- return;
-
- d = *ex_data;
- while (d) {
- EC_EXTRA_DATA *next = d->next;
-
- d->clear_free_func(d->data);
- OPENSSL_free(d);
-
- d = next;
- }
- *ex_data = NULL;
-}
-
/* functions for EC_POINT objects */
EC_POINT *EC_POINT_new(const EC_GROUP *group)
return NULL;
}
- ret = OPENSSL_malloc(sizeof(*ret));
+ ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
ECerr(EC_F_EC_POINT_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
goto err;
group->mont_data = BN_MONT_CTX_new();
- if (!group->mont_data)
+ if (group->mont_data == NULL)
goto err;
if (!BN_MONT_CTX_set(group->mont_data, group->order, ctx)) {
BN_CTX_free(ctx);
return ret;
}
+
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg)
+{
+ return CRYPTO_set_ex_data(&key->ex_data, idx, arg);
+}
+
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx)
+{
+ return CRYPTO_get_ex_data(&key->ex_data, idx);
+}
+
+int ec_group_simple_order_bits(const EC_GROUP *group)
+{
+ if (group->order == NULL)
+ return 0;
+ return BN_num_bits(group->order);
+}