add support for ecdsa-with-sha256 etc.

[openssl.git] / crypto / ec / ec_pmeth.c

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index f6a027ef6c3d3b6f91c9fab0655740b58d64c2f2..3f137b892ad5ff436c54e78954818ea2ee383aac 100644 (file)
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -88,6 +88,23 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx)
        return 1;
        }
 
+static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+       {
+       EC_PKEY_CTX *dctx, *sctx;
+       if (!pkey_ec_init(dst))
+               return 0;
+               sctx = src->data;
+       dctx = dst->data;
+       if (sctx->gen_group)
+               {
+               dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
+               if (!dctx->gen_group)
+                       return 0;
+               }
+       dctx->md = sctx->md;
+       return 1;
+       }
+
 static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
        {
        EC_PKEY_CTX *dctx = ctx->data;
@@ -99,8 +116,8 @@ static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
                }
        }
 
-static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
-                                       const unsigned char *tbs, int tbslen)
+static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
+                                       const unsigned char *tbs, size_t tbslen)
        {
        int ret, type;
        unsigned int sltmp;
@@ -112,7 +129,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
                *siglen = ECDSA_size(ec);
                return 1;
                }
-       else if(*siglen < ECDSA_size(ec))
+       else if(*siglen < (size_t)ECDSA_size(ec))
                {
                ECerr(EC_F_PKEY_EC_SIGN, EC_R_BUFFER_TOO_SMALL);
                return 0;
@@ -128,13 +145,13 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, int *siglen,
 
        if (ret < 0)
                return ret;
-       *siglen = sltmp;
+       *siglen = (size_t)sltmp;
        return 1;
        }
 
 static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
-                                       const unsigned char *sig, int siglen,
-                                       const unsigned char *tbs, int tbslen)
+                                       const unsigned char *sig, size_t siglen,
+                                       const unsigned char *tbs, size_t tbslen)
        {
        int ret, type;
        EC_PKEY_CTX *dctx = ctx->data;
@@ -150,7 +167,7 @@ static int pkey_ec_verify(EVP_PKEY_CTX *ctx,
        return ret;
        }
 
-static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, int *keylen)
+static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
        {
        int ret;
        size_t outlen;
@@ -203,7 +220,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                return 1;
 
                case EVP_PKEY_CTRL_MD:
-               if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1)
+               if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
                        {
                        ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
                        return 0;
@@ -213,6 +234,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
                case EVP_PKEY_CTRL_PEER_KEY:
                /* Default behaviour is OK */
+               case EVP_PKEY_CTRL_PKCS7_SIGN:
                return 1;
 
                default:
@@ -284,6 +306,7 @@ const EVP_PKEY_METHOD ec_pkey_meth =
        EVP_PKEY_EC,
        0,
        pkey_ec_init,
+       pkey_ec_copy,
        pkey_ec_cleanup,
 
        0,