1 /* $OpenBSD: ec_kmeth.c,v 1.6 2021/12/04 16:08:32 tb Exp $ */ 2 /* 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 4 * project. 5 */ 6 /* ==================================================================== 7 * Copyright (c) 2015 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * licensing@OpenSSL.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 */ 54 55 #include <openssl/ec.h> 56 #ifndef OPENSSL_NO_ENGINE 57 #include <openssl/engine.h> 58 #endif 59 #include <openssl/err.h> 60 61 #include "bn_lcl.h" 62 #include "ec_lcl.h" 63 #include "ecs_locl.h" 64 65 static const EC_KEY_METHOD openssl_ec_key_method = { 66 .name = "OpenSSL EC_KEY method", 67 .flags = 0, 68 69 .init = NULL, 70 .finish = NULL, 71 .copy = NULL, 72 73 .set_group = NULL, 74 .set_private = NULL, 75 .set_public = NULL, 76 77 .keygen = ossl_ec_key_gen, 78 .compute_key = ossl_ecdh_compute_key, 79 80 .sign = ossl_ecdsa_sign, 81 .sign_setup = ossl_ecdsa_sign_setup, 82 .sign_sig = ossl_ecdsa_sign_sig, 83 84 .verify = ossl_ecdsa_verify, 85 .verify_sig = ossl_ecdsa_verify_sig, 86 }; 87 88 const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method; 89 90 const EC_KEY_METHOD * 91 EC_KEY_OpenSSL(void) 92 { 93 return &openssl_ec_key_method; 94 } 95 96 const EC_KEY_METHOD * 97 EC_KEY_get_default_method(void) 98 { 99 return default_ec_key_meth; 100 } 101 102 void 103 EC_KEY_set_default_method(const EC_KEY_METHOD *meth) 104 { 105 if (meth == NULL) 106 default_ec_key_meth = &openssl_ec_key_method; 107 else 108 default_ec_key_meth = meth; 109 } 110 111 const EC_KEY_METHOD * 112 EC_KEY_get_method(const EC_KEY *key) 113 { 114 return key->meth; 115 } 116 117 int 118 EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth) 119 { 120 void (*finish)(EC_KEY *key) = key->meth->finish; 121 122 if (finish != NULL) 123 finish(key); 124 125 #ifndef OPENSSL_NO_ENGINE 126 ENGINE_finish(key->engine); 127 key->engine = NULL; 128 #endif 129 130 key->meth = meth; 131 if (meth->init != NULL) 132 return meth->init(key); 133 return 1; 134 } 135 136 EC_KEY * 137 EC_KEY_new_method(ENGINE *engine) 138 { 139 EC_KEY *ret; 140 141 if ((ret = calloc(1, sizeof(EC_KEY))) == NULL) { 142 ECerror(ERR_R_MALLOC_FAILURE); 143 return NULL; 144 } 145 ret->meth = EC_KEY_get_default_method(); 146 #ifndef OPENSSL_NO_ENGINE 147 if (engine != NULL) { 148 if (!ENGINE_init(engine)) { 149 ECerror(ERR_R_ENGINE_LIB); 150 goto err; 151 } 152 ret->engine = engine; 153 } else 154 ret->engine = ENGINE_get_default_EC(); 155 if (ret->engine) { 156 ret->meth = ENGINE_get_EC(ret->engine); 157 if (ret->meth == NULL) { 158 ECerror(ERR_R_ENGINE_LIB); 159 goto err; 160 } 161 } 162 #endif 163 ret->version = 1; 164 ret->flags = 0; 165 ret->group = NULL; 166 ret->pub_key = NULL; 167 ret->priv_key = NULL; 168 ret->enc_flag = 0; 169 ret->conv_form = POINT_CONVERSION_UNCOMPRESSED; 170 ret->references = 1; 171 ret->method_data = NULL; 172 173 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) 174 goto err; 175 if (ret->meth->init != NULL && ret->meth->init(ret) == 0) 176 goto err; 177 178 return ret; 179 180 err: 181 EC_KEY_free(ret); 182 return NULL; 183 } 184 185 EC_KEY_METHOD * 186 EC_KEY_METHOD_new(const EC_KEY_METHOD *meth) 187 { 188 EC_KEY_METHOD *ret; 189 190 if ((ret = calloc(1, sizeof(*meth))) == NULL) 191 return NULL; 192 if (meth != NULL) 193 *ret = *meth; 194 ret->flags |= EC_KEY_METHOD_DYNAMIC; 195 return ret; 196 } 197 198 void 199 EC_KEY_METHOD_free(EC_KEY_METHOD *meth) 200 { 201 if (meth == NULL) 202 return; 203 if (meth->flags & EC_KEY_METHOD_DYNAMIC) 204 free(meth); 205 } 206 207 void 208 EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth, 209 int (*init)(EC_KEY *key), 210 void (*finish)(EC_KEY *key), 211 int (*copy)(EC_KEY *dest, const EC_KEY *src), 212 int (*set_group)(EC_KEY *key, const EC_GROUP *grp), 213 int (*set_private)(EC_KEY *key, const BIGNUM *priv_key), 214 int (*set_public)(EC_KEY *key, const EC_POINT *pub_key)) 215 { 216 meth->init = init; 217 meth->finish = finish; 218 meth->copy = copy; 219 meth->set_group = set_group; 220 meth->set_private = set_private; 221 meth->set_public = set_public; 222 } 223 224 void 225 EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth, int (*keygen)(EC_KEY *key)) 226 { 227 meth->keygen = keygen; 228 } 229 230 void 231 EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth, 232 int (*ckey)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, 233 void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))) 234 { 235 meth->compute_key = ckey; 236 } 237 238 void 239 EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth, 240 int (*sign)(int type, const unsigned char *dgst, 241 int dlen, unsigned char *sig, unsigned int *siglen, 242 const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), 243 int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, 244 BIGNUM **kinvp, BIGNUM **rp), 245 ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, 246 int dgst_len, const BIGNUM *in_kinv, 247 const BIGNUM *in_r, EC_KEY *eckey)) 248 { 249 meth->sign = sign; 250 meth->sign_setup = sign_setup; 251 meth->sign_sig = sign_sig; 252 } 253 254 void 255 EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth, 256 int (*verify)(int type, const unsigned char *dgst, int dgst_len, 257 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), 258 int (*verify_sig)(const unsigned char *dgst, int dgst_len, 259 const ECDSA_SIG *sig, EC_KEY *eckey)) 260 { 261 meth->verify = verify; 262 meth->verify_sig = verify_sig; 263 } 264 265 266 void 267 EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth, 268 int (**pinit)(EC_KEY *key), 269 void (**pfinish)(EC_KEY *key), 270 int (**pcopy)(EC_KEY *dest, const EC_KEY *src), 271 int (**pset_group)(EC_KEY *key, const EC_GROUP *grp), 272 int (**pset_private)(EC_KEY *key, const BIGNUM *priv_key), 273 int (**pset_public)(EC_KEY *key, const EC_POINT *pub_key)) 274 { 275 if (pinit != NULL) 276 *pinit = meth->init; 277 if (pfinish != NULL) 278 *pfinish = meth->finish; 279 if (pcopy != NULL) 280 *pcopy = meth->copy; 281 if (pset_group != NULL) 282 *pset_group = meth->set_group; 283 if (pset_private != NULL) 284 *pset_private = meth->set_private; 285 if (pset_public != NULL) 286 *pset_public = meth->set_public; 287 } 288 289 void 290 EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth, 291 int (**pkeygen)(EC_KEY *key)) 292 { 293 if (pkeygen != NULL) 294 *pkeygen = meth->keygen; 295 } 296 297 void 298 EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth, 299 int (**pck)(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, 300 void *(*KDF) (const void *in, size_t inlen, void *out, size_t *outlen))) 301 { 302 if (pck != NULL) 303 *pck = meth->compute_key; 304 } 305 306 void 307 EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth, 308 int (**psign)(int type, const unsigned char *dgst, 309 int dlen, unsigned char *sig, unsigned int *siglen, 310 const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey), 311 int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, 312 BIGNUM **kinvp, BIGNUM **rp), 313 ECDSA_SIG *(**psign_sig)(const unsigned char *dgst, 314 int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, 315 EC_KEY *eckey)) 316 { 317 if (psign != NULL) 318 *psign = meth->sign; 319 if (psign_setup != NULL) 320 *psign_setup = meth->sign_setup; 321 if (psign_sig != NULL) 322 *psign_sig = meth->sign_sig; 323 } 324 325 void 326 EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth, 327 int (**pverify)(int type, const unsigned char *dgst, int dgst_len, 328 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey), 329 int (**pverify_sig)(const unsigned char *dgst, int dgst_len, 330 const ECDSA_SIG *sig, EC_KEY *eckey)) 331 { 332 if (pverify != NULL) 333 *pverify = meth->verify; 334 if (pverify_sig != NULL) 335 *pverify_sig = meth->verify_sig; 336 } 337