From 6903e2e7e9a47bb350920ae640287cf9f43a22ce Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 1 Feb 2016 18:15:57 +0000 Subject: Extended EC_METHOD customisation support. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add support for optional overrides of various private key operations in EC_METHOD. Reviewed-by: Rich Salz Reviewed-by: Emilia Käsper --- crypto/ec/ec_asn1.c | 14 ++++++++++---- crypto/ec/ec_check.c | 4 ++++ crypto/ec/ec_curve.c | 4 ++++ crypto/ec/ec_key.c | 24 ++++++++++++++++++++++++ crypto/ec/ec_lib.c | 26 ++++++++++++++++---------- crypto/ec/ecdh_ossl.c | 4 ++++ 6 files changed, 62 insertions(+), 14 deletions(-) (limited to 'crypto/ec') diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index d56e6cdc2e..f033613993 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -342,7 +342,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB); goto err; } - } else /* nid == NID_X9_62_characteristic_two_field */ + } else if (nid == NID_X9_62_characteristic_two_field) #ifdef OPENSSL_NO_EC2M { ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_GF2M_NOT_SUPPORTED); @@ -417,6 +417,10 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) } } #endif + else { + ECerr(EC_F_EC_ASN1_GROUP2FIELDID, EC_R_UNSUPPORTED_FIELD); + goto err; + } ok = 1; @@ -1050,9 +1054,11 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) goto err; } } else { - if (!EC_POINT_mul - (ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { - ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); + if (ret->group->meth->keygenpub != NULL) { + if (ret->group->meth->keygenpub(ret) == 0) + goto err; + } else if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, + NULL, NULL)) { goto err; } /* Remember the original private-key-only encoding. */ diff --git a/crypto/ec/ec_check.c b/crypto/ec/ec_check.c index aa35322355..601559f4c4 100644 --- a/crypto/ec/ec_check.c +++ b/crypto/ec/ec_check.c @@ -62,6 +62,10 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) BN_CTX *new_ctx = NULL; EC_POINT *point = NULL; + /* Custom curves assumed to be correct */ + if ((group->meth->flags & EC_FLAGS_CUSTOM_CURVE) != 0) + return 1; + if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index 107beb5fb3..befe59d2bc 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3037,6 +3037,10 @@ static EC_GROUP *ec_group_new_from_data(const ec_list_element curve) const EC_CURVE_DATA *data; const unsigned char *params; + /* If no curve data curve method must handle everything */ + if (curve.data == NULL) + return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL); + if ((ctx = BN_CTX_new()) == NULL) { ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE); goto err; diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index c382e7e41e..e488523654 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -111,6 +111,9 @@ void EC_KEY_free(EC_KEY *r) ENGINE_finish(r->engine); #endif + if (r->group && r->group->meth->keyfinish) + r->group->meth->keyfinish(r); + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data); EC_GROUP_free(r->group); EC_POINT_free(r->pub_key); @@ -128,6 +131,8 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src) if (src->meth != dest->meth) { if (dest->meth->finish != NULL) dest->meth->finish(dest); + if (dest->group && dest->group->meth->keyfinish) + dest->group->meth->keyfinish(dest); #ifndef OPENSSL_NO_ENGINE if (ENGINE_finish(dest->engine) == 0) return 0; @@ -163,8 +168,12 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src) } if (!BN_copy(dest->priv_key, src->priv_key)) return NULL; + if (src->group->meth->keycopy + && src->group->meth->keycopy(dest, src) == 0) + return NULL; } + /* copy the rest */ dest->enc_flag = src->enc_flag; dest->conv_form = src->conv_form; @@ -231,6 +240,9 @@ int ossl_ec_key_gen(EC_KEY *eckey) const BIGNUM *order = NULL; EC_POINT *pub_key = NULL; + if (eckey->group->meth->keygen != NULL) + return eckey->group->meth->keygen(eckey); + if ((ctx = BN_CTX_new()) == NULL) goto err; @@ -286,6 +298,9 @@ int EC_KEY_check_key(const EC_KEY *eckey) return 0; } + if (eckey->group->meth->keycheck) + return eckey->group->meth->keycheck(eckey); + if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) { ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY); goto err; @@ -442,6 +457,11 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key) int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) { + if (key->group == NULL || key->group->meth == NULL) + return 0; + if (key->group->meth->set_private + && key->meth->set_private(key, priv_key) == 0) + return 0; if (key->meth->set_private != NULL && key->meth->set_private(key, priv_key) == 0) return 0; @@ -540,6 +560,8 @@ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len) size_t buf_len; if (eckey->group == NULL || eckey->group->meth == NULL) return 0; + if (eckey->group->meth->priv2oct) + return eckey->group->meth->priv2oct(eckey, buf, len); buf_len = (EC_GROUP_get_degree(eckey->group) + 7) / 8; if (eckey->priv_key == NULL) @@ -563,6 +585,8 @@ int EC_KEY_oct2priv(EC_KEY *eckey, unsigned char *buf, size_t len) { if (eckey->group == NULL || eckey->group->meth == NULL) return 0; + if (eckey->group->meth->oct2priv) + return eckey->group->meth->oct2priv(eckey, buf, len); if (eckey->priv_key == NULL) eckey->priv_key = BN_secure_new(); diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index a34113c953..b7bbc41cdf 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -89,12 +89,14 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) } ret->meth = meth; - ret->order = BN_new(); - if (ret->order == NULL) - goto err; - ret->cofactor = BN_new(); - if (ret->cofactor == NULL) - goto err; + if ((ret->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) { + ret->order = BN_new(); + if (ret->order == NULL) + goto err; + ret->cofactor = BN_new(); + if (ret->cofactor == NULL) + goto err; + } ret->asn1_flag = OPENSSL_EC_NAMED_CURVE; ret->asn1_form = POINT_CONVERSION_UNCOMPRESSED; if (!meth->group_init(ret)) @@ -240,10 +242,12 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) dest->generator = NULL; } - if (!BN_copy(dest->order, src->order)) - return 0; - if (!BN_copy(dest->cofactor, src->cofactor)) - return 0; + if ((src->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) { + if (!BN_copy(dest->order, src->order)) + return 0; + if (!BN_copy(dest->cofactor, src->cofactor)) + return 0; + } dest->curve_name = src->curve_name; dest->asn1_flag = src->asn1_flag; @@ -527,6 +531,8 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) if (EC_GROUP_get_curve_name(a) && EC_GROUP_get_curve_name(b) && EC_GROUP_get_curve_name(a) != EC_GROUP_get_curve_name(b)) return 1; + if (a->meth->flags & EC_FLAGS_CUSTOM_CURVE) + return 0; if (ctx == NULL) ctx_new = ctx = BN_CTX_new(); diff --git a/crypto/ec/ecdh_ossl.c b/crypto/ec/ecdh_ossl.c index 15a179fbc6..fadc007e14 100644 --- a/crypto/ec/ecdh_ossl.c +++ b/crypto/ec/ecdh_ossl.c @@ -103,6 +103,10 @@ int ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, return -1; } + if (ecdh->group->meth->ecdh_compute_key != 0) + return ecdh->group->meth->ecdh_compute_key(out, outlen, pub_key, ecdh, + KDF); + if ((ctx = BN_CTX_new()) == NULL) goto err; BN_CTX_start(ctx); -- cgit v1.2.3