fix ECDSA handling

Submitted by: Nils Larsch

diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
index 81b5d0f8203810f97f52bf4224f122ed63755a57..f66d72fd7b4303b446c242346916e07c7949dbfb 100644 (file)
--- a/crypto/asn1/d2i_pu.c
+++ b/crypto/asn1/d2i_pu.c
@@ -113,7 +113,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
 #endif
 #ifndef OPENSSL_NO_ECDSA
        case EVP_PKEY_ECDSA:
-               if ((ret->pkey.ecdsa = d2i_ECDSAPublicKey(&(ret->pkey.ecdsa), 
+               if ((ret->pkey.ecdsa = ECDSAPublicKey_set_octet_string(&(ret->pkey.ecdsa), 
                        (const unsigned char **)pp, length)) == NULL)
                        {
                        ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);

diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
index 2607734ebc63f66b1e9751255d4101564d092a71..2fcc5554a70b3a1f251894724e4fe579e0d7cb92 100644 (file)
--- a/crypto/asn1/i2d_pu.c
+++ b/crypto/asn1/i2d_pu.c
@@ -85,7 +85,7 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
 #endif
 #ifndef OPENSSL_NO_ECDSA
        case EVP_PKEY_ECDSA:
-               return(i2d_ECDSAPublicKey(a->pkey.ecdsa, pp));
+               return(ECDSAPublicKey_get_octet_string(a->pkey.ecdsa, pp));
 #endif
        default:
                ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);

diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
index f169e26252af5a2caabe184892950d922812b04d..1b29fdc4a8911e2d66875fdd415c015fa52c2668 100644 (file)
--- a/crypto/asn1/t_pkey.c
+++ b/crypto/asn1/t_pkey.c
@@ -237,7 +237,8 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
        unsigned char *buffer=NULL;
        int     i, buf_len=0, ret=0, reason=ERR_R_BIO_LIB;
        BIGNUM  *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL,
-               *tmp_4=NULL, *tmp_5=NULL;
+               *tmp_4=NULL, *tmp_5=NULL, *tmp_6=NULL,
+               *tmp_7=NULL;
        BN_CTX  *ctx=NULL;
        EC_POINT *point=NULL;
  
@@ -249,7 +250,8 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
                goto err;
                }
        if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL ||
-               (tmp_3 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL)
+               (tmp_3 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL ||
+               (tmp_6 = BN_new()) == NULL || (tmp_7 = BN_new()) == NULL)
                {
                reason = ERR_R_MALLOC_FAILURE;
                goto err;
@@ -264,7 +266,12 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
                reason = ERR_R_EC_LIB;
                goto err;
                }
-       if ((buf_len = EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx)) == 0)
+       if (!EC_GROUP_get_order(x->group, tmp_6, NULL) || !EC_GROUP_get_cofactor(x->group, tmp_7, NULL))
+               {
+               reason = ERR_R_EC_LIB;
+               goto err;
+               }
+       if ((buf_len = EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), NULL, 0, ctx)) == 0)
                {
                reason = ECDSA_R_UNEXPECTED_PARAMETER_LENGTH;
                goto err;
@@ -274,14 +281,14 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
                reason = ERR_R_MALLOC_FAILURE;
                goto err;
                }
-       if (!EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, 
+       if (!EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), 
                                buffer, buf_len, ctx)) goto err;
        if ((tmp_4 = BN_bin2bn(buffer, buf_len, NULL)) == NULL)
                {
                reason = ERR_R_BN_LIB;
                goto err;
                }
-       if ((i = EC_POINT_point2oct(x->group, x->pub_key, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx)) == 0)
+       if ((i = EC_POINT_point2oct(x->group, x->pub_key, ECDSA_get_conversion_form(x), NULL, 0, ctx)) == 0)
                {
                reason = ECDSA_R_UNEXPECTED_PARAMETER_LENGTH;
                goto err;
@@ -292,7 +299,7 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
                buf_len = i;
                goto err;
                }
-       if (!EC_POINT_point2oct(x->group, x->pub_key, POINT_CONVERSION_COMPRESSED, 
+       if (!EC_POINT_point2oct(x->group, x->pub_key, ECDSA_get_conversion_form(x), 
                                buffer, buf_len, ctx))
                {
                reason = ERR_R_EC_LIB;
@@ -330,6 +337,8 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off)
        if ((tmp_2 != NULL) && !print(bp, "A:   ", tmp_2, buffer, off)) goto err;
        if ((tmp_3 != NULL) && !print(bp, "B:   ", tmp_3, buffer, off)) goto err;
        if ((tmp_4 != NULL) && !print(bp, "Gen: ", tmp_4, buffer, off)) goto err;
+       if ((tmp_6 != NULL) && !print(bp, "Order: ", tmp_6, buffer, off)) goto err;
+       if ((tmp_7 != NULL) && !print(bp, "Cofactor: ", tmp_7, buffer, off)) goto err;
        ret=1;
 err:
        if (!ret)
@@ -339,6 +348,8 @@ err:
        if (tmp_3) BN_free(tmp_3);
        if (tmp_4) BN_free(tmp_4);
        if (tmp_5) BN_free(tmp_5);
+       if (tmp_6) BN_free(tmp_6);
+       if (tmp_7) BN_free(tmp_7);
        if (ctx)   BN_CTX_free(ctx);
        if (buffer != NULL) OPENSSL_free(buffer);
        return(ret);
@@ -541,13 +552,13 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x)
        if ((point = EC_GROUP_get0_generator(x->group)) == NULL) goto err;
        if (!EC_GROUP_get_order(x->group, tmp_5, ctx)) goto err;
        if (!EC_GROUP_get_cofactor(x->group, tmp_6, ctx)) goto err;     
-       buf_len = EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx);
+       buf_len = EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), NULL, 0, ctx);
        if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL)
        {
                reason = ERR_R_MALLOC_FAILURE;
                goto err;
        }
-       if (!EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, buffer, buf_len, ctx))
+       if (!EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), buffer, buf_len, ctx))
        {
                reason = ERR_R_EC_LIB;
                goto err;

diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index f6f2a0daca06fc2a79dcf1f0ed687bda9220dc03..9fea31a8a5b5e6291e92c60be7c8098b79760a02 100644 (file)
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -136,7 +136,6 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
                ECDSA *ecdsa;
                
                ecdsa = pkey->pkey.ecdsa;
-               ecdsa->write_params=0;
                ASN1_TYPE_free(a->parameter);
                if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0)
                        {
@@ -272,7 +271,6 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
                                X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
                                goto err;
                                }
-                       ret->pkey.ecdsa->write_params = 0;
                        cp = p = a->parameter->value.sequence->data;
                        j = a->parameter->value.sequence->length;
                        if (!d2i_ECDSAParameters(&ret->pkey.ecdsa, &cp, (long)j))

diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index 5250e15fee087da6a3630d3215763a20efe9a551..9b2a17f02d7d3851bf00dcea130cc7c084fee7ec 100644 (file)
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -99,7 +99,7 @@ typedef struct ecdsa_method
 struct ecdsa_st
 {
        int version;
-       int write_params;
+       point_conversion_form_t conversion_form;
 
        EC_GROUP *group;
 
@@ -164,6 +164,15 @@ int        ECDSA_print_fp(FILE *fp, const ECDSA *x, int off);
 void   ECDSA_set_parameter_flags(ECDSA *, int);
 int    ECDSA_get_parameter_flags(const ECDSA*);
 
+/* The ECDSA_{set|get}_conversion_type() functions set/get the
+ * conversion form for ec-points (see ec.h) in a ECDSA-structure */
+void   ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t);
+point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *);
+/* The ECDSA_{set|get}_default_conversion_form() functions set/get the 
+ * default conversion form */
+void   ECDSA_set_default_conversion_form(const point_conversion_form_t);
+point_conversion_form_t ECDSA_get_default_conversion_form(void);
+
 /* the basic de- and encode functions ( see ecs_asn1.c ) */
 ECDSA   *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len);
 int     i2d_ECDSAParameters(ECDSA *a, unsigned char **out);
@@ -171,8 +180,14 @@ int     i2d_ECDSAParameters(ECDSA *a, unsigned char **out);
 ECDSA   *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len);
 int     i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out);
 
-ECDSA   *d2i_ECDSAPublicKey(ECDSA **a, const unsigned char **in, long len);
-int     i2d_ECDSAPublicKey(ECDSA *a, unsigned char **out);
+/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure.
+ * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero 
+ * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */
+ECDSA  *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len);
+/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding
+ * of the public key. If out != NULL then the function returns in *out 
+ * a pointer to the octet string */
+int    ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out);
 
 
 #define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \

diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c
index 18b0ce18b3b9e34ddd37bc604974217c524138cd..cffc1949283bc7c6022c13012c2d994a46710bda 100644 (file)
--- a/crypto/ecdsa/ecdsatest.c
+++ b/crypto/ecdsa/ecdsatest.c
@@ -390,23 +390,6 @@ int main(void)
        OPENSSL_free(buffer);
        buffer = NULL;
 
-       /* i2d_ - d2i_ECDSAPublicKey() */
-
-       BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPublicKey \n");
-       buf_len = i2d_ECDSAPublicKey(ecdsa, NULL);
-       if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
-       pp = buffer;
-       if (!i2d_ECDSAPublicKey(ecdsa, &pp)) goto err;
-       pp = buffer;
-       if ((ret_ecdsa = d2i_ECDSAPublicKey(&ret_ecdsa , (const unsigned char**)&pp, 
-                       buf_len)) == NULL) goto err;
-       ECDSA_print(bio_err, ret_ecdsa, 0);
-       if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
-       OPENSSL_free(buffer);
-       buffer = NULL;
-       ECDSA_free(ret_ecdsa);
-       ret_ecdsa = NULL;       
-       
        /* X509_PUBKEY_set() &  X509_PUBKEY_get() */    
 
        BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set}            : ");

diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c
index 8c47a14da6f8d9f2e197ba32314b066f98a10d04..30e8bfb340190776425ffdf83ecbe963f968bb0f 100644 (file)
--- a/crypto/ecdsa/ecs_asn1.c
+++ b/crypto/ecdsa/ecs_asn1.c
@@ -59,8 +59,6 @@
 #include <openssl/asn1t.h>
 #include <openssl/objects.h>
 
-static point_conversion_form_t POINT_CONVERSION_FORM = POINT_CONVERSION_COMPRESSED;
-
 ASN1_SEQUENCE(ECDSA_SIG) = {
        ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
        ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
@@ -122,19 +120,6 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPrivateKey)
 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(ECDSAPrivateKey, ECDSAPrivateKey, ECDSAPrivateKey)
 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPrivateKey, ecdsaPrivateKey)
 
-ASN1_SEQUENCE(ecdsa_pub_internal) = {
-       ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING),
-       ASN1_SIMPLE(ECDSAPrivateKey, parameters, EC_PARAMETERS),
-} ASN1_SEQUENCE_END_name(ECDSAPrivateKey, ecdsa_pub_internal)
-
-ASN1_CHOICE(ECDSAPublicKey) = {
-       ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING),
-       ASN1_EX_COMBINE(0, 0, ecdsa_pub_internal)
-} ASN1_CHOICE_END_selector(ECDSAPrivateKey, ECDSAPublicKey, write_params)
-
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPublicKey)
-IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPublicKey, ecdsaPublicKey)
-
 
 X9_62_FIELDID  *ECDSA_get_X9_62_FIELDID(const ECDSA *ecdsa, X9_62_FIELDID *field)
 {
@@ -583,7 +568,6 @@ ECDSA       *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
        if ((ret = ECDSA_ecparameters2ecdsa(priv_key->parameters, NULL)) == NULL)
                OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_FAILURE)
        ret->version = priv_key->version;
-       ret->write_params = priv_key->write_params;
        if (priv_key->priv_key)
        {
                if ((ret->priv_key = BN_dup(priv_key->priv_key)) == NULL)
@@ -641,85 +625,58 @@ err:      if (!ok)
 }
 
 
-ECDSA  *d2i_ECDSAPublicKey(ECDSA **a, const unsigned char **in, long len)
+ECDSA  *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len)
 {
-       int reason=ERR_R_BN_LIB, ok=0, ecdsa_new=1;
        ECDSA *ret=NULL;
-       ECDSAPrivateKey *priv_key=NULL;
 
-       if (a && *a)
+       if (a == NULL || (*a) == NULL || (*a)->group == NULL)
        {
-               ecdsa_new = 0;
-               ret = *a;
+               /* sorry, but a EC_GROUP-structur is necessary
+                 * to set the public key */
+               ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ECDSA_R_MISSING_PARAMETERS);
+               return 0;
        }
-       else if ((ret = ECDSA_new()) == NULL)
-               OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE); 
-       if ((priv_key = ECDSAPrivateKey_new()) == NULL)
-               OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE)
-       if ((priv_key = d2i_ecdsaPublicKey(&priv_key, in, len)) == NULL)
-               OPENSSL_ECDSA_ABORT(ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE)
-       if (priv_key->write_params == 0)
+       ret = *a;
+       if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
        {
-               if (ecdsa_new || !ret->group)
-                       OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
-               if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
-                       OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
-               if (!EC_POINT_oct2point(ret->group, ret->pub_key, priv_key->pub_key->data,
-                                       priv_key->pub_key->length, NULL))
-                       OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
-       }
-       else if (priv_key->write_params == 1)
-       {
-               if ((ret = ECDSA_ecparameters2ecdsa(priv_key->parameters, ret)) == NULL)
-                       OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_FAILURE)
-               if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
-                       OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
-               if (!EC_POINT_oct2point(ret->group, ret->pub_key, priv_key->pub_key->data, 
-                               priv_key->pub_key->length, NULL))
-                       OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
-       }
-       else    OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_PARAMETER)
-       ret->write_params = 1;
-       ok = 1;
-err :  if (!ok)
+               ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+               return 0;
+       }
+       if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
        {
-               if (ret && ecdsa_new) ECDSA_free(ret);
-               ret = NULL;
-               ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, reason);
+               ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+               return 0;
        }
-       if (priv_key)   ECDSAPrivateKey_free(priv_key);
-       return(ret);
+       ECDSA_set_conversion_form(ret, (point_conversion_form_t)*in[0]);
+       return ret;
 }
 
-int    i2d_ECDSAPublicKey(ECDSA *a, unsigned char **out)
+int    ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out)
 {
-        int    ret=0, reason=ERR_R_EC_LIB, ok=0;
-        unsigned char   *buffer=NULL;
-        size_t          buf_len=0;
-        ECDSAPrivateKey *priv_key=NULL;
+        size_t  buf_len=0;
 
         if (a == NULL) 
-               OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
-        if ((priv_key = ECDSAPrivateKey_new()) == NULL) 
-               OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE)
-        if ((priv_key->parameters = ECDSA_get_EC_PARAMETERS(a, priv_key->parameters)) == NULL)
-               OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE)
-        priv_key->version = a->version;
-        priv_key->write_params = a->write_params;
-        buf_len = EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_FORM, NULL, 0, NULL);
-        if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL)
-               OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
-        if (!EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_FORM,
-                               buffer, buf_len, NULL)) goto err;
-        if (!M_ASN1_OCTET_STRING_set(priv_key->pub_key, buffer, buf_len))
-               OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
-        if ((ret = i2d_ecdsaPublicKey(priv_key, out)) == 0)
-               OPENSSL_ECDSA_ABORT(ECDSA_R_I2D_ECDSA_PUBLICKEY)
-       ok = 1;
-
-err:    if (!ok)
-               ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, reason);
-       if (buffer)   OPENSSL_free(buffer);
-        if (priv_key) ECDSAPrivateKey_free(priv_key);
-        return(ok?ret:0);
+       {
+               ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ECDSA_R_MISSING_PARAMETERS);
+               return 0;
+       }
+        buf_len = EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a), NULL, 0, NULL);
+       if (out == NULL || buf_len == 0)
+       /* out == NULL => just return the length of the octet string */
+               return buf_len;
+       if (*out == NULL)
+               if ((*out = OPENSSL_malloc(buf_len)) == NULL)
+               {
+                       ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_MALLOC_FAILURE);
+                       return 0;
+               }
+        if (!EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a),
+                               *out, buf_len, NULL))
+       {
+               ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_EC_LIB);
+               OPENSSL_free(*out);
+               *out = NULL;
+               return 0;
+       }
+       return buf_len;
 }

diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index b161b6c2d21b1b3f224d674c6bdd51ab32128ac6..7063d8a18fc2ffc3a7232aace1e83b9be90a0802 100644 (file)
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -177,7 +177,7 @@ ECDSA *ECDSA_new_method(ENGINE *engine)
        }
 
        ret->version = 1;
-       ret->write_params=1;
+       ret->conversion_form = ECDSA_get_default_conversion_form();
        ret->group = NULL;
 
        ret->pub_key = NULL;
@@ -310,3 +310,25 @@ int ECDSA_get_parameter_flags(const ECDSA *ecdsa)
 {
        return ecdsa->parameter_flags;
 }
+
+void   ECDSA_set_conversion_form(ECDSA *ecdsa, const point_conversion_form_t form)
+{
+       if (ecdsa) ecdsa->conversion_form = form;
+}
+
+point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *ecdsa)
+{
+       return ecdsa ? ecdsa->conversion_form : 0;
+}
+
+static point_conversion_form_t default_conversion_form = POINT_CONVERSION_COMPRESSED;
+
+void   ECDSA_set_default_conversion_form(const point_conversion_form_t form)
+{
+       default_conversion_form = form;
+}
+
+point_conversion_form_t ECDSA_get_default_conversion_form(void)
+{
+       return default_conversion_form;
+}

diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h
index 61b63668caef7e6fc0cba0789544db84cb802fb1..3c353049e41ffd7a0e62f8d3be186ae127270719 100644 (file)
--- a/crypto/ecdsa/ecs_locl.h
+++ b/crypto/ecdsa/ecs_locl.h
@@ -96,7 +96,6 @@ typedef struct ec_parameters {
 
 typedef struct ecdsa_priv_key_st {
         int               version;
-        int               write_params;
         EC_PARAMETERS    *parameters;
        ASN1_OBJECT       *named_curve;
         ASN1_OCTET_STRING *pub_key;

diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index 3577837fa9bfbced78858ee58320c3d41ea72c86..1772647b164a81640a63f123658d1f013f8f3e14 100644 (file)
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -585,11 +585,11 @@ static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey)
                        EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB);
                        return 0;
                }
-               len = EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, POINT_CONVERSION_COMPRESSED,
+               len = EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, ECDSA_get_conversion_form(pkey->pkey.ecdsa),
                                         NULL, 0, NULL);
                p = OPENSSL_malloc(len);
                if (!len || !p || !EC_POINT_point2oct(pkey->pkey.ecdsa->group, point,
-                       POINT_CONVERSION_COMPRESSED, p, len, NULL))
+                       ECDSA_get_conversion_form(pkey->pkey.ecdsa), p, len, NULL))
                {
                        EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB);
                        OPENSSL_free(p);