From 94c2f77a62be7079ab1893ab14b18a30157c4532 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 18 Sep 2013 00:50:15 +0100
Subject: [PATCH 1/1] Add functions to set ECDSA_METHOD structure.

Add various functions to allocate and set the fields of an ECDSA_METHOD
structure.
---
 CHANGES                 |  4 +++
 crypto/ecdsa/ecdsa.h    | 54 ++++++++++++++++++++++++++++++++++
 crypto/ecdsa/ecs_err.c  |  1 +
 crypto/ecdsa/ecs_lib.c  | 65 +++++++++++++++++++++++++++++++++++++++++
 crypto/ecdsa/ecs_locl.h |  5 ++++
 5 files changed, 129 insertions(+)

diff --git a/CHANGES b/CHANGES
index 2ad78e95e4..46384f093c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -277,6 +277,10 @@
 
  Changes between 1.0.1e and 1.0.2 [xx XXX xxxx]
 
+  *) Add functions to allocate and set the fields of an ECDSA_METHOD
+     structure.
+     [Douglas E. Engert, Steve Henson]
+
   *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
      avoids preferring ECDHE-ECDSA ciphers when the client appears to be
      Safari on OS X.  Safari on OS X 10.8..10.8.3 advertises support for
diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index cd6d19ccde..746c020605 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -244,6 +244,59 @@ ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key,
 #endif
 
 
+/** Allocates and initialize a ECDSA_METHOD structure
+ *  \param ecdsa_method pointer to ECDSA_METHOD to copy.  (May be NULL)
+ *  \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
+ */
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
+
+/** frees a ECDSA_METHOD structure
+ *  \param  ecdsa_method  pointer to the ECDSA_METHOD structure
+ */
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
+
+/**  Set the ECDSA_do_sign function in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  ecdsa_do_sign a funtion of type ECDSA_do_sign
+ */
+
+void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
+        ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
+                const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey));
+
+/**  Set the  ECDSA_sign_setup function in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  ecdsa_sign_setup a funtion of type ECDSA_sign_setup
+ */
+
+void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+        int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+                BIGNUM **r));
+
+/**  Set the ECDSA_do_verify function in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  ecdsa_do_verify a funtion of type ECDSA_do_verify
+ */
+
+void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+        int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
+                const ECDSA_SIG *sig, EC_KEY *eckey));
+
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
+
+/**  Set the flags field in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  flags flags value to set
+ */
+
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
+
+/**  Set the name field in the ECDSA_METHOD
+ *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
+ *   \param  name name to set
+ */
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
@@ -256,6 +309,7 @@ void ERR_load_ECDSA_strings(void);
 #define ECDSA_F_ECDSA_DATA_NEW_METHOD			 100
 #define ECDSA_F_ECDSA_DO_SIGN				 101
 #define ECDSA_F_ECDSA_DO_VERIFY				 102
+#define ECDSA_F_ECDSA_METHOD_NEW			 105
 #define ECDSA_F_ECDSA_SIGN_SETUP			 103
 
 /* Reason codes. */
diff --git a/crypto/ecdsa/ecs_err.c b/crypto/ecdsa/ecs_err.c
index d549ee5323..919cced040 100644
--- a/crypto/ecdsa/ecs_err.c
+++ b/crypto/ecdsa/ecs_err.c
@@ -73,6 +73,7 @@ static ERR_STRING_DATA ECDSA_str_functs[]=
 {ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD),	"ECDSA_DATA_NEW_METHOD"},
 {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN),	"ECDSA_do_sign"},
 {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY),	"ECDSA_do_verify"},
+{ERR_FUNC(ECDSA_F_ECDSA_METHOD_NEW),	"ECDSA_METHOD_new"},
 {ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP),	"ECDSA_sign_setup"},
 {0,NULL}
 	};
diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c
index 81082c9727..d559c9e1cb 100644
--- a/crypto/ecdsa/ecs_lib.c
+++ b/crypto/ecdsa/ecs_lib.c
@@ -264,3 +264,68 @@ void *ECDSA_get_ex_data(EC_KEY *d, int idx)
 		return NULL;
 	return(CRYPTO_get_ex_data(&ecdsa->ex_data,idx));
 }
+
+ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
+	{
+	ECDSA_METHOD  *ret;
+
+	ret = OPENSSL_malloc(sizeof(ECDSA_METHOD));
+	if (ret == NULL)
+		{
+		ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
+		return NULL;
+        	}
+
+	if (ecdsa_meth)
+		*ret = *ecdsa_meth;
+	else
+		{
+		ret->ecdsa_sign_setup = 0;
+		ret->ecdsa_do_sign = 0;
+		ret->ecdsa_do_verify = 0;
+		ret->name = NULL;
+		ret->flags = 0;
+		}
+	ret->flags |= ECDSA_METHOD_FLAG_ALLOCATED;
+	return ret;
+	}
+
+
+void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
+	ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
+		const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey))
+	{
+	ecdsa_method->ecdsa_do_sign = ecdsa_do_sign;
+	}
+
+void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
+	int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
+		BIGNUM **r))
+	{
+	ecdsa_method->ecdsa_sign_setup = ecdsa_sign_setup;
+	}
+
+void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
+	int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
+		const ECDSA_SIG *sig, EC_KEY *eckey))
+	{
+	ecdsa_method->ecdsa_do_verify = ecdsa_do_verify;
+	}
+
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags)
+	{
+	ecdsa_method->flags = flags | ECDSA_METHOD_FLAG_ALLOCATED;
+	}
+
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name)
+	{
+	ecdsa_method->name = name;
+	}
+
+void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method)
+	{
+	if (ecdsa_method->flags & ECDSA_METHOD_FLAG_ALLOCATED)
+		OPENSSL_free(ecdsa_method);
+	}
+
+
diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h
index ad466e2b61..4b10530ad6 100644
--- a/crypto/ecdsa/ecs_locl.h
+++ b/crypto/ecdsa/ecs_locl.h
@@ -82,6 +82,11 @@ struct ecdsa_method
 	char *app_data;
 	};
 
+/* The ECDSA_METHOD was allocated and can be freed */
+
+#define ECDSA_METHOD_FLAG_ALLOCATED 0x2
+
+
 /* If this flag is set the ECDSA method is FIPS compliant and can be used
  * in FIPS mode. This is set in the validated module method. If an
  * application sets this flag in its own methods it is its responsibility
-- 
2.34.1