diff options
| author | Bodo Möller <bodo@openssl.org> | 2002-08-07 10:49:54 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2002-08-07 10:49:54 +0000 |
| commit | 14a7cfb32a0347a4bc620ae1b552b21c4c1e270b (patch) | |
| tree | 13c4bcc3d58ba7db5e598cd668670873b51e8ce3 /crypto/ecdsa | |
| parent | 7a8645d1716d7f84435b0f3d8d2fd122d6f75113 (diff) | |
use a generic EC_KEY structure (EC keys are not ECDSA specific)
Submitted by: Nils Larsch
Diffstat (limited to 'crypto/ecdsa')
| -rw-r--r-- | crypto/ecdsa/Makefile.ssl | 15 | ||||
| -rw-r--r-- | crypto/ecdsa/ecdsa.h | 215 | ||||
| -rw-r--r-- | crypto/ecdsa/ecdsatest.c | 134 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_asn1.c | 321 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_err.c | 56 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_gen.c | 83 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_key.c | 140 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_lib.c | 182 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_ossl.c | 320 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_sign.c | 21 | ||||
| -rw-r--r-- | crypto/ecdsa/ecs_vrf.c | 15 |
11 files changed, 454 insertions, 1048 deletions
diff --git a/crypto/ecdsa/Makefile.ssl b/crypto/ecdsa/Makefile.ssl index 5d8eff00c2..a0eb51031d 100644 --- a/crypto/ecdsa/Makefile.ssl +++ b/crypto/ecdsa/Makefile.ssl @@ -23,11 +23,9 @@ TEST=ecdsatest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= ecs_lib.c ecs_gen.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c \ - ecs_key.c ecs_err.c +LIBSRC= ecs_lib.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c ecs_err.c -LIBOBJ= ecs_lib.o ecs_gen.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o \ - ecs_key.o ecs_err.o +LIBOBJ= ecs_lib.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o ecs_err.o SRC= $(LIBSRC) @@ -98,15 +96,6 @@ ecs_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h ecs_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h ecs_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h ecs_err.o: ../../include/openssl/symhacks.h ecs_err.c -ecs_gen.o: ecs_gen.c -ecs_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -ecs_key.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h -ecs_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -ecs_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -ecs_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -ecs_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -ecs_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -ecs_key.o: ecdsa.h ecs_key.c ecs_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h ecs_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 00cd71d068..d72d0b1363 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -59,9 +59,6 @@ #error ECDSA is disabled. #endif -#ifndef OPENSSL_NO_BIO -#include <openssl/bio.h> -#endif #include <openssl/bn.h> #include <openssl/ec.h> #include <openssl/ossl_typ.h> @@ -70,8 +67,6 @@ extern "C" { #endif -typedef struct ecdsa_st ECDSA; - typedef struct ECDSA_SIG_st { BIGNUM *r; @@ -81,122 +76,70 @@ typedef struct ECDSA_SIG_st typedef struct ecdsa_method { const char *name; - ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa); - int (*ecdsa_sign_setup)(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r); - int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa); - int (*init)(ECDSA *ecdsa); - int (*finish)(ECDSA *ecdsa); + ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, + EC_KEY *eckey); + int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, + BIGNUM **r); + int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, + ECDSA_SIG *sig, EC_KEY *eckey); +#if 0 + int (*init)(EC_KEY *eckey); + int (*finish)(EC_KEY *eckey); +#endif int flags; char *app_data; } ECDSA_METHOD; -struct ecdsa_st -{ - int version; - point_conversion_form_t conversion_form; - - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - BIGNUM *kinv; /* signing pre-calc */ - BIGNUM *r; /* signing pre-calc */ - - unsigned int enc_flag; - - int references; +typedef struct ecdsa_data_st { + /* EC_KEY_METH_DATA part */ + int (*init)(EC_KEY *); + void (*finish)(EC_KEY *); + /* method specific part */ + BIGNUM *kinv; /* signing pre-calc */ + BIGNUM *r; /* signing pre-calc */ + ENGINE *engine; int flags; - CRYPTO_EX_DATA ex_data; const ECDSA_METHOD *meth; - struct engine_st *engine; -}; - -/* some values for the encoding_flag */ -#define ECDSA_PKEY_NO_PARAMETERS 0x001 -#define ECDSA_PKEY_NO_PUBKEY 0x002 + CRYPTO_EX_DATA ex_data; +} ECDSA_DATA; +/* signature functions */ ECDSA_SIG *ECDSA_SIG_new(void); void ECDSA_SIG_free(ECDSA_SIG *a); int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp); ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length); -ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa); -int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA* ecdsa); -int ECDSA_generate_key(ECDSA *ecdsa); -int ECDSA_check_key(ECDSA *ecdsa); +/* ECDSA_DATA functions */ +ECDSA_DATA *ECDSA_DATA_new(void); +ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *); +void ECDSA_DATA_free(ECDSA_DATA *); + +ECDSA_DATA *ecdsa_check(EC_KEY *); + +ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *); +int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG + *sig, EC_KEY* eckey); const ECDSA_METHOD *ECDSA_OpenSSL(void); void ECDSA_set_default_method(const ECDSA_METHOD *); const ECDSA_METHOD *ECDSA_get_default_method(void); -int ECDSA_set_method(ECDSA *, const ECDSA_METHOD *); - -ECDSA *ECDSA_new(void); -ECDSA *ECDSA_new_method(ENGINE *engine); -int ECDSA_size(const ECDSA *); -int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp); -int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, unsigned char *sig, - unsigned int *siglen, ECDSA *ecdsa); -int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sig, - int sig_len, ECDSA *ecdsa); -int ECDSA_up_ref(ECDSA *ecdsa); -void ECDSA_free(ECDSA *a); -int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg); -void *ECDSA_get_ex_data(ECDSA *d, int idx); - -#ifndef OPENSSL_NO_BIO -int ECDSAParameters_print(BIO *bp, const ECDSA *x); -int ECDSA_print(BIO *bp, const ECDSA *x, int off); -#endif -#ifndef OPENSSL_NO_FP_API -int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x); -int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off); -#endif - -/* the ECDSA_{set|get}_enc_flag() specify the encoding - * of the elliptic curve private key */ -unsigned int ECDSA_get_enc_flag(const ECDSA *); -void ECDSA_set_enc_flag(ECDSA *, unsigned int); - -/* The ECDSA_{set|get}_conversion_type() functions set/get the - * conversion form for ec-points (see ec.h) in a ECDSA-structure */ -void ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t); -point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *); -/* The ECDSA_{set|get}_default_conversion_form() functions set/get the - * default conversion form */ -void ECDSA_set_default_conversion_form(const point_conversion_form_t); -point_conversion_form_t ECDSA_get_default_conversion_form(void); - -/* the basic de- and encode functions ( see ecs_asn1.c ) */ -ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAParameters(ECDSA *a, unsigned char **out); +int ECDSA_set_method(EC_KEY *, const ECDSA_METHOD *); -ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out); +int ECDSA_size(const EC_KEY *); +int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, + BIGNUM **rp); +int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, + unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); +int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, + const unsigned char *sig, int sig_len, EC_KEY *eckey); -/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure. - * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero - * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */ -ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len); -/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding - * of the public key. If out != NULL then the function returns in *out - * a pointer to the octet string */ -int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out); +int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); +int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg); +void *ECDSA_get_ex_data(EC_KEY *d, int idx); -#define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \ - (char *(*)())d2i_ECDSAParameters,(char *)(x)) -#define d2i_ECDSAParameters_fp(fp,x) (ECDSA *)ASN1_d2i_fp((char *(*)())ECDSA_new, \ - (char *(*)())d2i_ECDSAParameters,(fp),(unsigned char **)(x)) -#define i2d_ECDSAParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECDSAParameters,(fp), \ - (unsigned char *)(x)) -#define d2i_ECDSAParameters_bio(bp,x) (ECDSA *)ASN1_d2i_bio((char *(*)())ECDSA_new, \ - (char *(*)())d2i_ECDSAParameters,(bp),(unsigned char **)(x)) -#define i2d_ECDSAParameters_bio(bp,x) ASN1_i2d_bio(i2d_ECDSAParameters,(bp), \ - (unsigned char *)(x)) /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes @@ -207,72 +150,18 @@ void ERR_load_ECDSA_strings(void); /* Error codes for the ECDSA functions. */ /* Function codes. */ -#define ECDSA_F_D2I_ECDSAPARAMETERS 100 -#define ECDSA_F_D2I_ECDSAPRIVATEKEY 101 -#define ECDSA_F_ECDSAPARAMETERS_PRINT 102 -#define ECDSA_F_ECDSAPARAMETERS_PRINT_FP 103 -#define ECDSA_F_ECDSA_DO_SIGN 104 -#define ECDSA_F_ECDSA_DO_VERIFY 105 -#define ECDSA_F_ECDSA_GENERATE_KEY 106 -#define ECDSA_F_ECDSA_GET 107 -#define ECDSA_F_ECDSA_GET_CURVE_NID 120 -#define ECDSA_F_ECDSA_GET_ECDSA 121 -#define ECDSA_F_ECDSA_GET_EC_PARAMETERS 122 -#define ECDSA_F_ECDSA_GET_X9_62_CURVE 108 -#define ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS 109 -#define ECDSA_F_ECDSA_GET_X9_62_FIELDID 110 -#define ECDSA_F_ECDSA_NEW 111 -#define ECDSA_F_ECDSA_PRINT 112 -#define ECDSA_F_ECDSA_PRINT_FP 113 -#define ECDSA_F_ECDSA_SET_GROUP_P 114 -#define ECDSA_F_ECDSA_SET_PRIME_GROUP 123 -#define ECDSA_F_ECDSA_SIGN_SETUP 115 -#define ECDSA_F_I2D_ECDSAPARAMETERS 116 -#define ECDSA_F_I2D_ECDSAPRIVATEKEY 117 -#define ECDSA_F_I2D_ECDSAPUBLICKEY 118 -#define ECDSA_F_SIG_CB 119 +#define ECDSA_F_ECDSA_DATA_NEW 100 +#define ECDSA_F_ECDSA_DO_SIGN 101 +#define ECDSA_F_ECDSA_DO_VERIFY 102 +#define ECDSA_F_ECDSA_SIGN_SETUP 103 /* Reason codes. */ #define ECDSA_R_BAD_SIGNATURE 100 -#define ECDSA_R_CAN_NOT_GET_GENERATOR 101 -#define ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY 102 -#define ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE 103 -#define ECDSA_R_D2I_EC_PARAMETERS_FAILURE 133 -#define ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 104 -#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 105 -#define ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE 106 -#define ECDSA_R_ECDSA_F_ECDSA_NEW 107 -#define ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE 134 -#define ECDSA_R_ECDSA_GET_FAILURE 108 -#define ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE 109 -#define ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE 110 -#define ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE 111 -#define ECDSA_R_ECDSA_NEW_FAILURE 112 -#define ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE 135 -#define ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE 113 -#define ECDSA_R_ECPARAMETERS2ECDSA_FAILURE 138 -#define ECDSA_R_EC_GROUP_NID2CURVE_FAILURE 136 -#define ECDSA_R_ERR_EC_LIB 114 -#define ECDSA_R_I2D_ECDSA_PRIVATEKEY 115 -#define ECDSA_R_I2D_ECDSA_PUBLICKEY 116 -#define ECDSA_R_MISSING_PARAMETERS 117 -#define ECDSA_R_MISSING_PRIVATE_KEY 139 -#define ECDSA_R_NOT_SUPPORTED 118 -#define ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED 119 -#define ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED 120 -#define ECDSA_R_NO_CURVE_SPECIFIED 121 -#define ECDSA_R_NO_FIELD_SPECIFIED 122 -#define ECDSA_R_PRIME_MISSING 123 -#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 124 -#define ECDSA_R_SIGNATURE_MALLOC_FAILED 125 -#define ECDSA_R_UNEXPECTED_ASN1_TYPE 126 -#define ECDSA_R_UNEXPECTED_PARAMETER 127 -#define ECDSA_R_UNEXPECTED_PARAMETER_LENGTH 128 -#define ECDSA_R_UNEXPECTED_VERSION_NUMER 129 -#define ECDSA_R_UNKNOWN_PARAMETERS_TYPE 137 -#define ECDSA_R_WRONG_FIELD_IDENTIFIER 130 -#define ECDSA_R_X9_62_CURVE_NEW_FAILURE 131 -#define ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE 132 +#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 101 +#define ECDSA_R_ERR_EC_LIB 102 +#define ECDSA_R_MISSING_PARAMETERS 103 +#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 +#define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 #ifdef __cplusplus } diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index cffc194928..daf6427718 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -89,7 +89,7 @@ static const char rnd_seed[] = "string to make the random number generator think ECDSA_SIG* signatures[ECDSA_NIST_TESTS]; unsigned char digest[ECDSA_NIST_TESTS][20]; -void clear_ecdsa(ECDSA *ecdsa) +void clear_ecdsa(EC_KEY *ecdsa) { if (!ecdsa) return; @@ -110,7 +110,7 @@ void clear_ecdsa(ECDSA *ecdsa) } } -int set_p192_param(ECDSA *ecdsa) +int set_p192_param(EC_KEY *ecdsa) { BN_CTX *ctx=NULL; int ret=0; @@ -143,7 +143,7 @@ err : if (ctx) BN_CTX_free(ctx); return ret; } -int set_p239_param(ECDSA *ecdsa) +int set_p239_param(EC_KEY *ecdsa) { BN_CTX *ctx=NULL; int ret=0; @@ -176,7 +176,7 @@ err : if (ctx) BN_CTX_free(ctx); return ret; } -int test_sig_vrf(ECDSA *ecdsa, const unsigned char* dgst) +int test_sig_vrf(EC_KEY *ecdsa, const unsigned char* dgst) { int ret=0,type=0; unsigned char *buffer=NULL; @@ -216,7 +216,7 @@ err: OPENSSL_free(buffer); return(ret == 1); } -int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst, +int test_x962_sig_vrf(EC_KEY *eckey, const unsigned char *dgst, const char *k_in, const char *r_in, const char *s_in) { int ret=0; @@ -225,23 +225,28 @@ int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst, BIGNUM *r=NULL,*s=NULL,*k=NULL,*x=NULL,*y=NULL,*m=NULL,*ord=NULL; BN_CTX *ctx=NULL; char *tmp_char=NULL; - - if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key) + ECDSA_DATA *ecdsa = ecdsa_check(eckey);; + + if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key + || !ecdsa) return 0; - if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err; - if ((r = BN_new()) == NULL || (s = BN_new()) == NULL || (k = BN_new()) == NULL || - (x = BN_new()) == NULL || (y = BN_new()) == NULL || (m = BN_new()) == NULL || - (ord = BN_new()) == NULL) goto err; + if ((point = EC_POINT_new(eckey->group)) == NULL) goto err; + if ((r = BN_new()) == NULL || (s = BN_new()) == NULL + || (k = BN_new()) == NULL || (x = BN_new()) == NULL || + (y = BN_new()) == NULL || (m = BN_new()) == NULL || + (ord = BN_new()) == NULL) goto err; if ((ctx = BN_CTX_new()) == NULL) goto err; if (!BN_bin2bn(dgst, 20, m)) goto err; if (!BN_dec2bn(&k, k_in)) goto err; - if (!EC_POINT_mul(ecdsa->group, point, k, NULL, NULL, ctx)) goto err; - if (!EC_POINT_get_affine_coordinates_GFp(ecdsa->group, point, x, y, ctx)) goto err; - if (!EC_GROUP_get_order(ecdsa->group, ord, ctx)) goto err; + if (!EC_POINT_mul(eckey->group, point, k, NULL, NULL, ctx)) goto err; + if (!EC_POINT_get_affine_coordinates_GFp(eckey->group, point, x, y, + ctx)) goto err; + if (!EC_GROUP_get_order(eckey->group, ord, ctx)) goto err; if ((ecdsa->r = BN_dup(x)) == NULL) goto err; - if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL) goto err; + if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL) + goto err; - if ((sig = ECDSA_do_sign(dgst, 20, ecdsa)) == NULL) + if ((sig = ECDSA_do_sign(dgst, 20, eckey)) == NULL) { BIO_printf(bio_err,"ECDSA_do_sign() failed \n"); goto err; @@ -260,7 +265,7 @@ int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst, BIO_printf(bio_err,"sig->s = %s\n",tmp_char); goto err; } - ret = ECDSA_do_verify(dgst, 20, sig, ecdsa); + ret = ECDSA_do_verify(dgst, 20, sig, eckey); if (ret != 1) { BIO_printf(bio_err,"ECDSA_do_verify : signature verification failed \n"); @@ -282,7 +287,7 @@ err : if (r) BN_free(r); return(ret == 1); } -int ecdsa_cmp(const ECDSA *a, const ECDSA *b) +int ecdsa_cmp(const EC_KEY *a, const EC_KEY *b) { int ret=1; BN_CTX *ctx=NULL; @@ -316,7 +321,7 @@ err: if (tmp_a1) BN_free(tmp_a1); int main(void) { - ECDSA *ecdsa=NULL, *ret_ecdsa=NULL; + EC_KEY *ecdsa=NULL, *ret_ecdsa=NULL; BIGNUM *d=NULL; X509_PUBKEY *x509_pubkey=NULL; PKCS8_PRIV_KEY_INFO *pkcs8=NULL; @@ -351,41 +356,41 @@ int main(void) RAND_seed(rnd_seed, sizeof(rnd_seed)); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + if ((ecdsa = EC_KEY_new()) == NULL) goto err; set_p192_param(ecdsa); - ECDSA_print(bio_err, ecdsa, 0); + EC_KEY_print(bio_err, ecdsa, 0); /* en- decode tests */ - /* i2d_ - d2i_ECDSAParameters() */ + /* i2d_ - d2i_ECParameters() */ BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAParameters \n"); - buf_len = i2d_ECDSAParameters(ecdsa, NULL); + buf_len = i2d_ECParameters(ecdsa, NULL); if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err; pp = buffer; - if (!i2d_ECDSAParameters(ecdsa, &pp)) goto err; + if (!i2d_ECParameters(ecdsa, &pp)) goto err; pp = buffer; - if ((ret_ecdsa = d2i_ECDSAParameters(&ret_ecdsa, (const unsigned char **)&pp, + if ((ret_ecdsa = d2i_ECParameters(&ret_ecdsa, (const unsigned char **)&pp, buf_len)) == NULL) goto err; - ECDSAParameters_print(bio_err, ret_ecdsa); + ECParameters_print(bio_err, ret_ecdsa); if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err; OPENSSL_free(buffer); buffer = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; - /* i2d_ - d2i_ECDSAPrivateKey() */ + /* i2d_ - d2i_ECPrivateKey() */ BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPrivateKey \n"); - buf_len = i2d_ECDSAPrivateKey(ecdsa, NULL); + buf_len = i2d_ECPrivateKey(ecdsa, NULL); if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err; pp = buffer; - if (!i2d_ECDSAPrivateKey(ecdsa, &pp)) goto err; + if (!i2d_ECPrivateKey(ecdsa, &pp)) goto err; pp = buffer; - if ((ret_ecdsa = d2i_ECDSAPrivateKey(&ret_ecdsa, (const unsigned char**)&pp, + if ((ret_ecdsa = d2i_ECPrivateKey(&ret_ecdsa, (const unsigned char**)&pp, buf_len)) == NULL) goto err; - ECDSA_print(bio_err, ret_ecdsa, 0); + EC_KEY_print(bio_err, ret_ecdsa, 0); if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; OPENSSL_free(buffer); buffer = NULL; @@ -394,12 +399,12 @@ int main(void) BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set} : "); if ((pkey = EVP_PKEY_new()) == NULL) goto err; - EVP_PKEY_assign_ECDSA(pkey, ecdsa); + EVP_PKEY_assign_EC_KEY(pkey, ecdsa); if ((x509_pubkey = X509_PUBKEY_new()) == NULL) goto err; if (!X509_PUBKEY_set(&x509_pubkey, pkey)) goto err; if ((ret_pkey = X509_PUBKEY_get(x509_pubkey)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; @@ -411,7 +416,7 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); X509_PUBKEY_free(x509_pubkey); x509_pubkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; /* Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY */ @@ -419,7 +424,7 @@ int main(void) BIO_printf(bio_err, "PKCS8_OK : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -428,13 +433,13 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; PKCS8_PRIV_KEY_INFO_free(pkcs8); BIO_printf(bio_err, "PKCS8_NO_OCTET : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NO_OCTET)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -443,13 +448,13 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; PKCS8_PRIV_KEY_INFO_free(pkcs8); BIO_printf(bio_err, "PKCS8_EMBEDDED_PARAM : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_EMBEDDED_PARAM)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -458,13 +463,13 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; PKCS8_PRIV_KEY_INFO_free(pkcs8); BIO_printf(bio_err, "PKCS8_NS_DB : "); if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NS_DB)) == NULL) goto err; if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err; - ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey); + ret_ecdsa = EVP_PKEY_get1_EC_KEY(ret_pkey); if (ecdsa_cmp(ecdsa, ret_ecdsa)) { BIO_printf(bio_err, "TEST FAILED \n"); @@ -473,7 +478,7 @@ int main(void) else BIO_printf(bio_err, "TEST OK \n"); EVP_PKEY_free(ret_pkey); ret_pkey = NULL; - ECDSA_free(ret_ecdsa); + EC_KEY_free(ret_ecdsa); ret_ecdsa = NULL; EVP_PKEY_free(pkey); pkey = NULL; @@ -492,7 +497,7 @@ int main(void) BIO_printf(bio_err, "Performing tests based on examples H.3.1 and H.3.2 of X9.62 \n"); BIO_printf(bio_err, "PRIME_192_V1 : "); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if (!set_p192_param(ecdsa)) goto err; if (!test_x962_sig_vrf(ecdsa, dgst, "6140507067065001063065065565667405560006161556565665656654", "3342403536405981729393488334694600415596881826869351677613", @@ -510,7 +515,7 @@ int main(void) else BIO_printf(bio_err, "OK\n"); - ECDSA_free(ecdsa); + EC_KEY_free(ecdsa); ecdsa = NULL; OPENSSL_free(dgst); dgst = NULL; @@ -522,10 +527,11 @@ int main(void) if (!RAND_bytes(digest[i], 20)) goto err; BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; - if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; + if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) + == NULL) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -548,10 +554,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_224 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -574,10 +580,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_256 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -600,10 +606,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_384 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -626,10 +632,10 @@ int main(void) /* EC_GROUP_NIST_PRIME_521 */ BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n"); - ECDSA_free(ecdsa); - if ((ecdsa = ECDSA_new()) == NULL) goto err; + EC_KEY_free(ecdsa); + if ((ecdsa = EC_KEY_new()) == NULL) goto err; if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err; - if (!ECDSA_generate_key(ecdsa)) goto err; + if (!EC_KEY_generate_key(ecdsa)) goto err; tim = clock(); for (i=0; i<ECDSA_NIST_TESTS; i++) if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err; @@ -644,7 +650,7 @@ int main(void) tim_d = (double)tim / CLOCKS_PER_SEC; BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n" , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS); - ECDSA_free(ecdsa); + EC_KEY_free(ecdsa); ecdsa = NULL; for (i=0; i<ECDSA_NIST_TESTS; i++) { @@ -665,7 +671,7 @@ err: if (!ret) BIO_printf(bio_err, "TEST PASSED \n"); if (!ret) ERR_print_errors(bio_err); - if (ecdsa) ECDSA_free(ecdsa); + if (ecdsa) EC_KEY_free(ecdsa); if (d) BN_free(d); if (dgst) OPENSSL_free(dgst); if (md_ctx) EVP_MD_CTX_destroy(md_ctx); diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c index 048fa88de9..e9e1c2b51e 100644 --- a/crypto/ecdsa/ecs_asn1.c +++ b/crypto/ecdsa/ecs_asn1.c @@ -65,324 +65,3 @@ ASN1_SEQUENCE(ECDSA_SIG) = { DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG) - -int i2d_ECDSAParameters(ECDSA *a, unsigned char **out) - { - if (a == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS, - ERR_R_PASSED_NULL_PARAMETER); - return 0; - } - return i2d_ECPKParameters(a->group, out); - } - -ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len) - { - EC_GROUP *group; - ECDSA *ret; - - if (in == NULL || *in == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, - ERR_R_PASSED_NULL_PARAMETER); - return NULL; - } - - group = d2i_ECPKParameters(NULL, in, len); - - if (group == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, - ERR_R_EC_LIB); - return NULL; - } - - if (a == NULL || *a == NULL) - { - if ((ret = ECDSA_new()) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, - ERR_R_MALLOC_FAILURE); - return NULL; - } - if (a) - *a = ret; - } - else - ret = *a; - - if (ret->group) - EC_GROUP_clear_free(ret->group); - - ret->group = group; - - return ret; - } - -ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len) - { - int ok=0; - ECDSA *ret=NULL; - EC_PRIVATEKEY *priv_key=NULL; - - if ((priv_key = EC_PRIVATEKEY_new()) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE); - return NULL; - } - - if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - EC_PRIVATEKEY_free(priv_key); - return NULL; - } - - if (a == NULL || *a == NULL) - { - if ((ret = ECDSA_new()) == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - if (a) - *a = ret; - } - else - ret = *a; - - if (priv_key->parameters) - { - if (ret->group) - EC_GROUP_clear_free(ret->group); - ret->group = EC_ASN1_pkparameters2group(priv_key->parameters); - } - - if (ret->group == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - - ret->version = priv_key->version; - - if (priv_key->privateKey) - { - ret->priv_key = BN_bin2bn( - M_ASN1_STRING_data(priv_key->privateKey), - M_ASN1_STRING_length(priv_key->privateKey), - ret->priv_key); - if (ret->priv_key == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, - ERR_R_BN_LIB); - goto err; - } - } - else - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, - ECDSA_R_MISSING_PRIVATE_KEY); - goto err; - } - - if (priv_key->publicKey) - { - if (ret->pub_key) - EC_POINT_clear_free(ret->pub_key); - ret->pub_key = EC_POINT_new(ret->group); - if (ret->pub_key == NULL) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - if (!EC_POINT_oct2point(ret->group, ret->pub_key, - M_ASN1_STRING_data(priv_key->publicKey), - M_ASN1_STRING_length(priv_key->publicKey), NULL)) - { - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); - goto err; - } - } - - ok = 1; -err: - if (!ok) - { - if (ret) - ECDSA_free(ret); - ret = NULL; - } - - if (priv_key) - EC_PRIVATEKEY_free(priv_key); - - return(ret); - } - -int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out) - { - int ret=0, ok=0; - unsigned char *buffer=NULL; - size_t buf_len=0, tmp_len; - EC_PRIVATEKEY *priv_key=NULL; - - if (a == NULL || a->group == NULL || a->priv_key == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - - if ((priv_key = EC_PRIVATEKEY_new()) == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - priv_key->version = a->version; - - buf_len = (size_t)BN_num_bytes(a->priv_key); - buffer = OPENSSL_malloc(buf_len); - if (buffer == NULL) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, - ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!BN_bn2bin(a->priv_key, buffer)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_BN_LIB); - goto err; - } - - if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) - { - ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, ERR_R_ASN1_LIB); - goto err; - } - - if (!(ECDSA_get_enc_flag(a) & ECDSA_PKEY_NO_PARAMETERS)) - { - if ((priv_key->parameters = EC_ASN1_group2pkparameters( - a->group, priv_key->parameters)) == NULL) - { |