From: Dr. Stephen Henson Date: Wed, 5 Apr 2017 18:05:21 +0000 (+0100) Subject: Add ED25519 ASN.1 method X-Git-Tag: OpenSSL_1_1_1-pre1~1420 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=8ecade8bfb85b1d8a473ac12c1589ddbd5a7a431 Add ED25519 ASN.1 method Make X25519 key method more flexible by removing hard coding of NID_X25519 OID. Since the parameters and key syntax between ED25519 and X25519 are almost identical they can share a lot of common code. Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/3503) --- diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 06e3911340..641dff3c59 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -20,6 +20,8 @@ #define X25519_BITS 253 #define X25519_SECURITY_BITS 128 +#define ED25519_SIGSIZE 64 + typedef struct { unsigned char pubkey[X25519_KEYLEN]; unsigned char *privkey; @@ -76,16 +78,21 @@ static int ecx_key_op(EVP_PKEY *pkey, const X509_ALGOR *palg, OPENSSL_free(xkey); return 0; } - xkey->privkey[0] &= 248; - xkey->privkey[31] &= 127; - xkey->privkey[31] |= 64; + if (pkey->ameth->pkey_id == NID_X25519) { + xkey->privkey[0] &= 248; + xkey->privkey[31] &= 127; + xkey->privkey[31] |= 64; + } } else { memcpy(xkey->privkey, p, X25519_KEYLEN); } - X25519_public_from_private(xkey->pubkey, xkey->privkey); + if (pkey->ameth->pkey_id == NID_X25519) + X25519_public_from_private(xkey->pubkey, xkey->privkey); + else + ED25519_public_from_private(xkey->pubkey, xkey->privkey); } - EVP_PKEY_assign(pkey, NID_X25519, xkey); + EVP_PKEY_assign(pkey, pkey->ameth->pkey_id, xkey); return 1; } @@ -105,8 +112,8 @@ static int ecx_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) return 0; } - if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(NID_X25519), V_ASN1_UNDEF, - NULL, penc, X25519_KEYLEN)) { + if (!X509_PUBKEY_set0_param(pk, OBJ_nid2obj(pkey->ameth->pkey_id), + V_ASN1_UNDEF, NULL, penc, X25519_KEYLEN)) { OPENSSL_free(penc); ECerr(EC_F_ECX_PUB_ENCODE, ERR_R_MALLOC_FAILURE); return 0; @@ -182,7 +189,7 @@ static int ecx_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey) return 0; } - if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X25519), 0, + if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(pkey->ameth->pkey_id), 0, V_ASN1_UNDEF, NULL, penc, penclen)) { OPENSSL_clear_free(penc, penclen); ECerr(EC_F_ECX_PRIV_ENCODE, ERR_R_MALLOC_FAILURE); @@ -227,13 +234,15 @@ static int ecx_key_print(BIO *bp, const EVP_PKEY *pkey, int indent, { const X25519_KEY *xkey = pkey->pkey.ptr; + const char *nm = OBJ_nid2ln(pkey->ameth->pkey_id); + if (op == X25519_PRIVATE) { if (xkey == NULL || xkey->privkey == NULL) { if (BIO_printf(bp, "%*s\n", indent, "") <= 0) return 0; return 1; } - if (BIO_printf(bp, "%*sX25519 Private-Key:\n", indent, "") <= 0) + if (BIO_printf(bp, "%*s%s Private-Key:\n", indent, "", nm) <= 0) return 0; if (BIO_printf(bp, "%*spriv:\n", indent, "") <= 0) return 0; @@ -245,7 +254,7 @@ static int ecx_key_print(BIO *bp, const EVP_PKEY *pkey, int indent, return 0; return 1; } - if (BIO_printf(bp, "%*sX25519 Public-Key:\n", indent, "") <= 0) + if (BIO_printf(bp, "%*s%s Public-Key:\n", indent, "", nm) <= 0) return 0; } if (BIO_printf(bp, "%*spub:\n", indent, "") <= 0) @@ -324,6 +333,41 @@ const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth = { NULL }; +static int ecd_size(const EVP_PKEY *pkey) +{ + return ED25519_SIGSIZE; +} + +const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth = { + NID_ED25519, + NID_ED25519, + 0, + "ED25519", + "OpenSSL ED25519 algorithm", + + ecx_pub_decode, + ecx_pub_encode, + ecx_pub_cmp, + ecx_pub_print, + + ecx_priv_decode, + ecx_priv_encode, + ecx_priv_print, + + ecd_size, + ecx_bits, + ecx_security_bits, + + 0, 0, 0, 0, + ecx_cmp_parameters, + 0, 0, + + ecx_free, + 0, + NULL, + NULL +}; + static int pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) { return ecx_key_op(pkey, NULL, NULL, 0, X25519_KEYGEN);