Inlcude README.ECC in FIPS restricted tarball.

[openssl.git] / crypto / ec / ec_pmeth.c

diff --git a/crypto/ec/ec_pmeth.c b/crypto/ec/ec_pmeth.c
index 760200892ec45ff12346969b3f0edf2d1a6686e5..f433076ca121800ed16439d49351a8785afac8ef 100644 (file)
--- a/crypto/ec/ec_pmeth.c
+++ b/crypto/ec/ec_pmeth.c
@@ -1,4 +1,4 @@
-/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006.
  */
 /* ====================================================================
@@ -88,6 +88,23 @@ static int pkey_ec_init(EVP_PKEY_CTX *ctx)
        return 1;
        }
 
+static int pkey_ec_copy(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
+       {
+       EC_PKEY_CTX *dctx, *sctx;
+       if (!pkey_ec_init(dst))
+               return 0;
+               sctx = src->data;
+       dctx = dst->data;
+       if (sctx->gen_group)
+               {
+               dctx->gen_group = EC_GROUP_dup(sctx->gen_group);
+               if (!dctx->gen_group)
+                       return 0;
+               }
+       dctx->md = sctx->md;
+       return 1;
+       }
+
 static void pkey_ec_cleanup(EVP_PKEY_CTX *ctx)
        {
        EC_PKEY_CTX *dctx = ctx->data;
@@ -103,7 +120,7 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                                        const unsigned char *tbs, size_t tbslen)
        {
        int ret, type;
-       size_t sltmp;
+       unsigned int sltmp;
        EC_PKEY_CTX *dctx = ctx->data;
        EC_KEY *ec = ctx->pkey->pkey.ec;
 
@@ -126,9 +143,9 @@ static int pkey_ec_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
 
        ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
 
-       if (ret < 0)
+       if (ret <= 0)
                return ret;
-       *siglen = sltmp;
+       *siglen = (size_t)sltmp;
        return 1;
        }
 
@@ -203,7 +220,11 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
                return 1;
 
                case EVP_PKEY_CTRL_MD:
-               if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1)
+               if (EVP_MD_type((const EVP_MD *)p2) != NID_sha1 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha224 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha256 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha384 &&
+                   EVP_MD_type((const EVP_MD *)p2) != NID_sha512)
                        {
                        ECerr(EC_F_PKEY_EC_CTRL, EC_R_INVALID_DIGEST_TYPE);
                        return 0;
@@ -213,6 +234,9 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 
                case EVP_PKEY_CTRL_PEER_KEY:
                /* Default behaviour is OK */
+               case EVP_PKEY_CTRL_DIGESTINIT:
+               case EVP_PKEY_CTRL_PKCS7_SIGN:
+               case EVP_PKEY_CTRL_CMS_SIGN:
                return 1;
 
                default:
@@ -284,6 +308,7 @@ const EVP_PKEY_METHOD ec_pkey_meth =
        EVP_PKEY_EC,
        0,
        pkey_ec_init,
+       pkey_ec_copy,
        pkey_ec_cleanup,
 
        0,