1 /* crypto/ec/ec_asn1.c */ 2 /* 3 * Written by Nils Larsch for the OpenSSL project. 4 */ 5 /* ==================================================================== 6 * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in 17 * the documentation and/or other materials provided with the 18 * distribution. 19 * 20 * 3. All advertising materials mentioning features or use of this 21 * software must display the following acknowledgment: 22 * "This product includes software developed by the OpenSSL Project 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24 * 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26 * endorse or promote products derived from this software without 27 * prior written permission. For written permission, please contact 28 * licensing@OpenSSL.org. 29 * 30 * 5. Products derived from this software may not be called "OpenSSL" 31 * nor may "OpenSSL" appear in their names without prior written 32 * permission of the OpenSSL Project. 33 * 34 * 6. Redistributions of any form whatsoever must retain the following 35 * acknowledgment: 36 * "This product includes software developed by the OpenSSL Project 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50 * OF THE POSSIBILITY OF SUCH DAMAGE. 51 * ==================================================================== 52 * 53 * This product includes cryptographic software written by Eric Young 54 * (eay@cryptsoft.com). This product includes software written by Tim 55 * Hudson (tjh@cryptsoft.com). 56 * 57 */ 58 59 #include <string.h> 60 #include "ec_lcl.h" 61 #include <openssl/err.h> 62 #include <openssl/asn1t.h> 63 #include <openssl/objects.h> 64 65 66 int EC_GROUP_get_basis_type(const EC_GROUP *group) 67 { 68 int i=0; 69 70 if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != 71 NID_X9_62_characteristic_two_field) 72 /* everything else is currently not supported */ 73 return 0; 74 75 while (group->poly[i] != 0) 76 i++; 77 78 if (i == 4) 79 return NID_X9_62_ppBasis; 80 else if (i == 2) 81 return NID_X9_62_tpBasis; 82 else 83 /* everything else is currently not supported */ 84 return 0; 85 } 86 87 int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k) 88 { 89 if (group == NULL) 90 return 0; 91 92 if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve 93 || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0))) 94 { 95 ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 96 return 0; 97 } 98 99 if (k) 100 *k = group->poly[1]; 101 102 return 1; 103 } 104 105 int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, 106 unsigned int *k2, unsigned int *k3) 107 { 108 if (group == NULL) 109 return 0; 110 111 if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve 112 || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) 113 { 114 ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); 115 return 0; 116 } 117 118 if (k1) 119 *k1 = group->poly[3]; 120 if (k2) 121 *k2 = group->poly[2]; 122 if (k3) 123 *k3 = group->poly[1]; 124 125 return 1; 126 } 127 128 129 130 /* some structures needed for the asn1 encoding */ 131 typedef struct x9_62_pentanomial_st { 132 long k1; 133 long k2; 134 long k3; 135 } X9_62_PENTANOMIAL; 136 137 typedef struct x9_62_characteristic_two_st { 138 long m; 139 ASN1_OBJECT *type; 140 union { 141 char *ptr; 142 /* NID_X9_62_onBasis */ 143 ASN1_NULL *onBasis; 144 /* NID_X9_62_tpBasis */ 145 ASN1_INTEGER *tpBasis; 146 /* NID_X9_62_ppBasis */ 147 X9_62_PENTANOMIAL *ppBasis; 148 /* anything else */ 149 ASN1_TYPE *other; 150 } p; 151 } X9_62_CHARACTERISTIC_TWO; 152 153 typedef struct x9_62_fieldid_st { 154 ASN1_OBJECT *fieldType; 155 union { 156 char *ptr; 157 /* NID_X9_62_prime_field */ 158 ASN1_INTEGER *prime; 159 /* NID_X9_62_characteristic_two_field */ 160 X9_62_CHARACTERISTIC_TWO *char_two; 161 /* anything else */ 162 ASN1_TYPE *other; 163 } p; 164 } X9_62_FIELDID; 165 166 typedef struct x9_62_curve_st { 167 ASN1_OCTET_STRING *a; 168 ASN1_OCTET_STRING *b; 169 ASN1_BIT_STRING *seed; 170 } X9_62_CURVE; 171 172 typedef struct ec_parameters_st { 173 long version; 174 X9_62_FIELDID *fieldID; 175 X9_62_CURVE *curve; 176 ASN1_OCTET_STRING *base; 177 ASN1_INTEGER *order; 178 ASN1_INTEGER *cofactor; 179 } ECPARAMETERS; 180 181 struct ecpk_parameters_st { 182 int type; 183 union { 184 ASN1_OBJECT *named_curve; 185 ECPARAMETERS *parameters; 186 ASN1_NULL *implicitlyCA; 187 } value; 188 }/* ECPKPARAMETERS */; 189 190 /* SEC1 ECPrivateKey */ 191 typedef struct ec_privatekey_st { 192 long version; 193 ASN1_OCTET_STRING *privateKey; 194 ECPKPARAMETERS *parameters; 195 ASN1_BIT_STRING *publicKey; 196 } EC_PRIVATEKEY; 197 198 /* the OpenSSL ASN.1 definitions */ 199 ASN1_SEQUENCE(X9_62_PENTANOMIAL) = { 200 ASN1_SIMPLE(X9_62_PENTANOMIAL, k1, LONG), 201 ASN1_SIMPLE(X9_62_PENTANOMIAL, k2, LONG), 202 ASN1_SIMPLE(X9_62_PENTANOMIAL, k3, LONG) 203 } ASN1_SEQUENCE_END(X9_62_PENTANOMIAL) 204 205 DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) 206 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_PENTANOMIAL) 207 208 ASN1_ADB_TEMPLATE(char_two_def) = ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.other, ASN1_ANY); 209 210 ASN1_ADB(X9_62_CHARACTERISTIC_TWO) = { 211 ADB_ENTRY(NID_X9_62_onBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.onBasis, ASN1_NULL)), 212 ADB_ENTRY(NID_X9_62_tpBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.tpBasis, ASN1_INTEGER)), 213 ADB_ENTRY(NID_X9_62_ppBasis, ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, p.ppBasis, X9_62_PENTANOMIAL)) 214 } ASN1_ADB_END(X9_62_CHARACTERISTIC_TWO, 0, type, 0, &char_two_def_tt, NULL); 215 216 ASN1_SEQUENCE(X9_62_CHARACTERISTIC_TWO) = { 217 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, m, LONG), 218 ASN1_SIMPLE(X9_62_CHARACTERISTIC_TWO, type, ASN1_OBJECT), 219 ASN1_ADB_OBJECT(X9_62_CHARACTERISTIC_TWO) 220 } ASN1_SEQUENCE_END(X9_62_CHARACTERISTIC_TWO) 221 222 DECLARE_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) 223 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(X9_62_CHARACTERISTIC_TWO) 224 225 ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY); 226 227 ASN1_ADB(X9_62_FIELDID) = { 228 ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)), 229 ADB_ENTRY(NID_X9_62_characteristic_two_field, ASN1_SIMPLE(X9_62_FIELDID, p.char_two, X9_62_CHARACTERISTIC_TWO)) 230 } ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL); 231 232 ASN1_SEQUENCE(X9_62_FIELDID) = { 233 ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT), 234 ASN1_ADB_OBJECT(X9_62_FIELDID) 235 } ASN1_SEQUENCE_END(X9_62_FIELDID) 236 237 ASN1_SEQUENCE(X9_62_CURVE) = { 238 ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING), 239 ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING), 240 ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING) 241 } ASN1_SEQUENCE_END(X9_62_CURVE) 242 243 ASN1_SEQUENCE(ECPARAMETERS) = { 244 ASN1_SIMPLE(ECPARAMETERS, version, LONG), 245 ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID), 246 ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE), 247 ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING), 248 ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER), 249 ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER) 250 } ASN1_SEQUENCE_END(ECPARAMETERS) 251 252 DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS) 253 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS) 254 255 ASN1_CHOICE(ECPKPARAMETERS) = { 256 ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT), 257 ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS), 258 ASN1_SIMPLE(ECPKPARAMETERS, value.implicitlyCA, ASN1_NULL) 259 } ASN1_CHOICE_END(ECPKPARAMETERS) 260 261 DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS) 262 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS) 263 IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS) 264 265 ASN1_SEQUENCE(EC_PRIVATEKEY) = { 266 ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG), 267 ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING), 268 ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0), 269 ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) 270 } ASN1_SEQUENCE_END(EC_PRIVATEKEY) 271 272 DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) 273 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY) 274 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY) 275 276 /* some declarations of internal function */ 277 278 /* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */ 279 static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *); 280 /* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */ 281 static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *); 282 /* ec_asn1_parameters2group() creates a EC_GROUP object from a 283 * ECPARAMETERS object */ 284 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *); 285 /* ec_asn1_group2parameters() creates a ECPARAMETERS object from a 286 * EC_GROUP object */ 287 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *,ECPARAMETERS *); 288 /* ec_asn1_pkparameters2group() creates a EC_GROUP object from a 289 * ECPKPARAMETERS object */ 290 static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *); 291 /* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a 292 * EC_GROUP object */ 293 static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *, 294 ECPKPARAMETERS *); 295 296 297 /* the function definitions */ 298 299 static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field) 300 { 301 int ok=0, nid; 302 BIGNUM *tmp = NULL; 303 304 if (group == NULL || field == NULL) 305 return 0; 306 307 /* clear the old values (if necessary) */ 308 if (field->fieldType != NULL) 309 ASN1_OBJECT_free(field->fieldType); 310 if (field->p.other != NULL) 311 ASN1_TYPE_free(field->p.other); 312 313 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); 314 /* set OID for the field */ 315 if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) 316 { 317 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB); 318 goto err; 319 } 320 321 if (nid == NID_X9_62_prime_field) 322 { 323 if ((tmp = BN_new()) == NULL) 324 { 325 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); 326 goto err; 327 } 328 /* the parameters are specified by the prime number p */ 329 if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) 330 { 331 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB); 332 goto err; 333 } 334 /* set the prime number */ 335 field->p.prime = BN_to_ASN1_INTEGER(tmp,NULL); 336 if (field->p.prime == NULL) 337 { 338 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_ASN1_LIB); 339 goto err; 340 } 341 } 342 else /* nid == NID_X9_62_characteristic_two_field */ 343 { 344 int field_type; 345 X9_62_CHARACTERISTIC_TWO *char_two; 346 347 field->p.char_two = X9_62_CHARACTERISTIC_TWO_new(); 348 char_two = field->p.char_two; 349 350 if (char_two == NULL) 351 { 352 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); 353 goto err; 354 } 355 356 char_two->m = (long)EC_GROUP_get_degree(group); 357 358 field_type = EC_GROUP_get_basis_type(group); 359 360 if (field_type == 0) 361 { 362 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_EC_LIB); 363 goto err; 364 } 365 /* set base type OID */ 366 if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) 367 { 368 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_OBJ_LIB); 369 goto err; 370 } 371 372 if (field_type == NID_X9_62_tpBasis) 373 { 374 unsigned int k; 375 376 if (!EC_GROUP_get_trinomial_basis(group, &k)) 377 goto err; 378 379 char_two->p.tpBasis = ASN1_INTEGER_new(); 380 if (!char_two->p.tpBasis) 381 { 382 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); 383 goto err; 384 } 385 if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k)) 386 { 387 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, 388 ERR_R_ASN1_LIB); 389 goto err; 390 } 391 } 392 else if (field_type == NID_X9_62_ppBasis) 393 { 394 unsigned int k1, k2, k3; 395 396 if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3)) 397 goto err; 398 399 char_two->p.ppBasis = X9_62_PENTANOMIAL_new(); 400 if (!char_two->p.ppBasis) 401 { 402 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); 403 goto err; 404 } 405 406 /* set k? values */ 407 char_two->p.ppBasis->k1 = (long)k1; 408 char_two->p.ppBasis->k2 = (long)k2; 409 char_two->p.ppBasis->k3 = (long)k3; 410 } 411 else /* field_type == NID_X9_62_onBasis */ 412 { 413 /* for ONB the parameters are (asn1) NULL */ 414 char_two->p.onBasis = ASN1_NULL_new(); 415 if (!char_two->p.onBasis) 416 { 417 ECerr(EC_F_EC_ASN1_GROUP2FIELDID, ERR_R_MALLOC_FAILURE); 418 goto err; 419 } 420 } 421 } 422 423 ok = 1; 424 425 err : if (tmp) 426 BN_free(tmp); 427 return(ok); 428 } 429 430 static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve) 431 { 432 int ok=0, nid; 433 BIGNUM *tmp_1=NULL, *tmp_2=NULL; 434 unsigned char *buffer_1=NULL, *buffer_2=NULL, 435 *a_buf=NULL, *b_buf=NULL; 436 size_t len_1, len_2; 437 unsigned char char_zero = 0; 438 439 if (!group || !curve || !curve->a || !curve->b) 440 return 0; 441 442 if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) 443 { 444 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE); 445 goto err; 446 } 447 448 nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); 449 450 /* get a and b */ 451 if (nid == NID_X9_62_prime_field) 452 { 453 if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) 454 { 455 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB); 456 goto err; 457 } 458 } 459 else /* nid == NID_X9_62_characteristic_two_field */ 460 { 461 if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) 462 { 463 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_EC_LIB); 464 goto err; 465 } 466 } 467 468 len_1 = (size_t)BN_num_bytes(tmp_1); 469 len_2 = (size_t)BN_num_bytes(tmp_2); 470 471 if (len_1 == 0) 472 { 473 /* len_1 == 0 => a == 0 */ 474 a_buf = &char_zero; 475 len_1 = 1; 476 } 477 else 478 { 479 if ((buffer_1 = OPENSSL_malloc(len_1)) == NULL) 480 { 481 ECerr(EC_F_EC_ASN1_GROUP2CURVE, 482 ERR_R_MALLOC_FAILURE); 483 goto err; 484 } 485 if ( (len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) 486 { 487 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB); 488 goto err; 489 } 490 a_buf = buffer_1; 491 } 492 493 if (len_2 == 0) 494 { 495 /* len_2 == 0 => b == 0 */ 496 b_buf = &char_zero; 497 len_2 = 1; 498 } 499 else 500 { 501 if ((buffer_2 = OPENSSL_malloc(len_2)) == NULL) 502 { 503 ECerr(EC_F_EC_ASN1_GROUP2CURVE, 504 ERR_R_MALLOC_FAILURE); 505 goto err; 506 } 507 if ( (len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) 508 { 509 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_BN_LIB); 510 goto err; 511 } 512 b_buf = buffer_2; 513 } 514 515 /* set a and b */ 516 if (!M_ASN1_OCTET_STRING_set(curve->a, a_buf, len_1) || 517 !M_ASN1_OCTET_STRING_set(curve->b, b_buf, len_2)) 518 { 519 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB); 520 goto err; 521 } 522 523 /* set the seed (optional) */ 524 if (group->seed) 525 { 526 if (!curve->seed) 527 if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) 528 { 529 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE); 530 goto err; 531 } 532 curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 533 curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT; 534 if (!ASN1_BIT_STRING_set(curve->seed, group->seed, 535 (int)group->seed_len)) 536 { 537 ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_ASN1_LIB); 538 goto err; 539 } 540 } 541 else 542 { 543 if (curve->seed) 544 { 545 ASN1_BIT_STRING_free(curve->seed); 546 curve->seed = NULL; 547 } 548 } 549 550 ok = 1; 551 552 err: if (buffer_1) 553 OPENSSL_free(buffer_1); 554 if (buffer_2) 555 OPENSSL_free(buffer_2); 556 if (tmp_1) 557 BN_free(tmp_1); 558 if (tmp_2) 559 BN_free(tmp_2); 560 return(ok); 561 } 562 563 static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group, 564 ECPARAMETERS *param) 565 { 566 int ok=0; 567 size_t len=0; 568 ECPARAMETERS *ret=NULL; 569 BIGNUM *tmp=NULL; 570 unsigned char *buffer=NULL; 571 const EC_POINT *point=NULL; 572 point_conversion_form_t form; 573 574 if ((tmp = BN_new()) == NULL) 575 { 576 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); 577 goto err; 578 } 579 580 if (param == NULL) 581 { 582 if ((ret = ECPARAMETERS_new()) == NULL) 583 { 584 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, 585 ERR_R_MALLOC_FAILURE); 586 goto err; 587 } 588 } 589 else 590 ret = param; 591 592 /* set the version (always one) */ 593 ret->version = (long)0x1; 594 595 /* set the fieldID */ 596 if (!ec_asn1_group2fieldid(group, ret->fieldID)) 597 { 598 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); 599 goto err; 600 } 601 602 /* set the curve */ 603 if (!ec_asn1_group2curve(group, ret->curve)) 604 { 605 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); 606 goto err; 607 } 608 609 /* set the base point */ 610 if ((point = EC_GROUP_get0_generator(group)) == NULL) 611 { 612 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, EC_R_UNDEFINED_GENERATOR); 613 goto err; 614 } 615 616 form = EC_GROUP_get_point_conversion_form(group); 617 618 len = EC_POINT_point2oct(group, point, form, NULL, len, NULL); 619 if (len == 0) 620 { 621 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); 622 goto err; 623 } 624 if ((buffer = OPENSSL_malloc(len)) == NULL) 625 { 626 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); 627 goto err; 628 } 629 if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) 630 { 631 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); 632 goto err; 633 } 634 if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) 635 { 636 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE); 637 goto err; 638 } 639 if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) 640 { 641 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB); 642 goto err; 643 } 644 645 /* set the order */ 646 if (!EC_GROUP_get_order(group, tmp, NULL)) 647 { 648 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB); 649 goto err; 650 } 651 ret->order = BN_to_ASN1_INTEGER(tmp, ret->order); 652 if (ret->order == NULL) 653 { 654 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB); 655 goto err; 656 } 657 658 /* set the cofactor (optional) */ 659 if (EC_GROUP_get_cofactor(group, tmp, NULL)) 660 { 661 ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor); 662 if (ret->cofactor == NULL) 663 { 664 ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB); 665 goto err; 666 } 667 } 668 669 ok = 1; 670 671 err : if(!ok) 672 { 673 if (ret && !param) 674 ECPARAMETERS_free(ret); 675 ret = NULL; 676 } 677 if (tmp) 678 BN_free(tmp); 679 if (buffer) 680 OPENSSL_free(buffer); 681 return(ret); 682 } 683 684 ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, 685 ECPKPARAMETERS *params) 686 { 687 int ok = 1, tmp; 688 ECPKPARAMETERS *ret = params; 689 690 if (ret == NULL) 691 { 692 if ((ret = ECPKPARAMETERS_new()) == NULL) 693 { 694 ECerr(EC_F_EC_ASN1_GROUP2PKPARAMETERS, 695 ERR_R_MALLOC_FAILURE); 696 return NULL; 697 } 698 } 699 else 700 { 701 if (ret->type == 0 && ret->value.named_curve) 702 ASN1_OBJECT_free(ret->value.named_curve); 703 else if (ret->type == 1 && ret->value.parameters) 704 ECPARAMETERS_free(ret->value.parameters); 705 } 706 707 if (EC_GROUP_get_asn1_flag(group)) 708 { 709 /* use the asn1 OID to describe the 710 * the elliptic curve parameters 711 */ 712 tmp = EC_GROUP_get_curve_name(group); 713 if (tmp) 714 { 715 ret->type = 0; 716 if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL) 717 ok = 0; 718 } 719 else 720 /* we don't kmow the nid => ERROR */ 721 ok = 0; 722 } 723 else 724 { 725 /* use the ECPARAMETERS structure */ 726 ret->type = 1; 727 if ((ret->value.parameters = ec_asn1_group2parameters( 728 group, NULL)) == NULL) 729 ok = 0; 730 } 731 732 if (!ok) 733 { 734 ECPKPARAMETERS_free(ret); 735 return NULL; 736 } 737 return ret; 738 } 739 740 static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params) 741 { 742 int ok = 0, tmp; 743 EC_GROUP *ret = NULL; 744 BIGNUM *p = NULL, *a = NULL, *b = NULL; 745 EC_POINT *point=NULL; 746 long field_bits; 747 748 if (!params->fieldID || !params->fieldID->fieldType || 749 !params->fieldID->p.ptr) 750 { 751 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 752 goto err; 753 } 754 755 /* now extract the curve parameters a and b */ 756 if (!params->curve || !params->curve->a || 757 !params->curve->a->data || !params->curve->b || 758 !params->curve->b->data) 759 { 760 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 761 goto err; 762 } 763 a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL); 764 if (a == NULL) 765 { 766 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB); 767 goto err; 768 } 769 b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL); 770 if (b == NULL) 771 { 772 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_BN_LIB); 773 goto err; 774 } 775 776 /* get the field parameters */ 777 tmp = OBJ_obj2nid(params->fieldID->fieldType); 778 779 if (tmp == NID_X9_62_characteristic_two_field) 780 { 781 X9_62_CHARACTERISTIC_TWO *char_two; 782 783 char_two = params->fieldID->p.char_two; 784 785 field_bits = char_two->m; 786 if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) 787 { 788 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE); 789 goto err; 790 } 791 792 if ((p = BN_new()) == NULL) 793 { 794 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE); 795 goto err; 796 } 797 798 /* get the base type */ 799 tmp = OBJ_obj2nid(char_two->type); 800 801 if (tmp == NID_X9_62_tpBasis) 802 { 803 long tmp_long; 804 805 if (!char_two->p.tpBasis) 806 { 807 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 808 goto err; 809 } 810 811 tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis); 812 813 if (!(char_two->m > tmp_long && tmp_long > 0)) 814 { 815 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS); 816 goto err; 817 } 818 819 /* create the polynomial */ 820 if (!BN_set_bit(p, (int)char_two->m)) 821 goto err; 822 if (!BN_set_bit(p, (int)tmp_long)) 823 goto err; 824 if (!BN_set_bit(p, 0)) 825 goto err; 826 } 827 else if (tmp == NID_X9_62_ppBasis) 828 { 829 X9_62_PENTANOMIAL *penta; 830 831 penta = char_two->p.ppBasis; 832 if (!penta) 833 { 834 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 835 goto err; 836 } 837 838 if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0)) 839 { 840 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS); 841 goto err; 842 } 843 844 /* create the polynomial */ 845 if (!BN_set_bit(p, (int)char_two->m)) goto err; 846 if (!BN_set_bit(p, (int)penta->k1)) goto err; 847 if (!BN_set_bit(p, (int)penta->k2)) goto err; 848 if (!BN_set_bit(p, (int)penta->k3)) goto err; 849 if (!BN_set_bit(p, 0)) goto err; 850 } 851 else if (tmp == NID_X9_62_onBasis) 852 { 853 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_NOT_IMPLEMENTED); 854 goto err; 855 } 856 else /* error */ 857 { 858 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 859 goto err; 860 } 861 862 /* create the EC_GROUP structure */ 863 ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL); 864 } 865 else if (tmp == NID_X9_62_prime_field) 866 { 867 /* we have a curve over a prime field */ 868 /* extract the prime number */ 869 if (!params->fieldID->p.prime) 870 { 871 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 872 goto err; 873 } 874 p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL); 875 if (p == NULL) 876 { 877 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); 878 goto err; 879 } 880 881 if (BN_is_negative(p) || BN_is_zero(p)) 882 { 883 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD); 884 goto err; 885 } 886 887 field_bits = BN_num_bits(p); 888 if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) 889 { 890 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE); 891 goto err; 892 } 893 894 /* create the EC_GROUP structure */ 895 ret = EC_GROUP_new_curve_GFp(p, a, b, NULL); 896 } 897 else 898 { 899 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD); 900 goto err; 901 } 902 903 if (ret == NULL) 904 { 905 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB); 906 goto err; 907 } 908 909 /* extract seed (optional) */ 910 if (params->curve->seed != NULL) 911 { 912 if (ret->seed != NULL) 913 OPENSSL_free(ret->seed); 914 if (!(ret->seed = OPENSSL_malloc(params->curve->seed->length))) 915 { 916 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, 917 ERR_R_MALLOC_FAILURE); 918 goto err; 919 } 920 memcpy(ret->seed, params->curve->seed->data, 921 params->curve->seed->length); 922 ret->seed_len = params->curve->seed->length; 923 } 924 925 if (!params->order || !params->base || !params->base->data) 926 { 927 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR); 928 goto err; 929 } 930 931 if ((point = EC_POINT_new(ret)) == NULL) goto err; 932 933 /* set the point conversion form */ 934 EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t) 935 (params->base->data[0] & ~0x01)); 936 937 /* extract the ec point */ 938 if (!EC_POINT_oct2point(ret, point, params->base->data, 939 params->base->length, NULL)) 940 { 941 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB); 942 goto err; 943 } 944 945 /* extract the order */ 946 if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) 947 { 948 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); 949 goto err; 950 } 951 if (BN_is_negative(a) || BN_is_zero(a)) 952 { 953 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER); 954 goto err; 955 } 956 if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */ 957 { 958 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER); 959 goto err; 960 } 961 962 /* extract the cofactor (optional) */ 963 if (params->cofactor == NULL) 964 { 965 if (b) 966 { 967 BN_free(b); 968 b = NULL; 969 } 970 } 971 else 972 if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) 973 { 974 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB); 975 goto err; 976 } 977 /* set the generator, order and cofactor (if present) */ 978 if (!EC_GROUP_set_generator(ret, point, a, b)) 979 { 980 ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB); 981 goto err; 982 } 983 984 ok = 1; 985 986 err: if (!ok) 987 { 988 if (ret) 989 EC_GROUP_clear_free(ret); 990 ret = NULL; 991 } 992 993 if (p) 994 BN_free(p); 995 if (a) 996 BN_free(a); 997 if (b) 998 BN_free(b); 999 if (point) 1000 EC_POINT_free(point); 1001 return(ret); 1002 } 1003 1004 EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) 1005 { 1006 EC_GROUP *ret=NULL; 1007 int tmp=0; 1008 1009 if (params == NULL) 1010 { 1011 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, 1012 EC_R_MISSING_PARAMETERS); 1013 return NULL; 1014 } 1015 1016 if (params->type == 0) 1017 { /* the curve is given by an OID */ 1018 tmp = OBJ_obj2nid(params->value.named_curve); 1019 if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) 1020 { 1021 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, 1022 EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); 1023 return NULL; 1024 } 1025 EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE); 1026 } 1027 else if (params->type == 1) 1028 { /* the parameters are given by a ECPARAMETERS 1029 * structure */ 1030 ret = ec_asn1_parameters2group(params->value.parameters); 1031 if (!ret) 1032 { 1033 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, ERR_R_EC_LIB); 1034 return NULL; 1035 } 1036 EC_GROUP_set_asn1_flag(ret, 0x0); 1037 } 1038 else if (params->type == 2) 1039 { /* implicitlyCA */ 1040 return NULL; 1041 } 1042 else 1043 { 1044 ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR); 1045 return NULL; 1046 } 1047 1048 return ret; 1049 } 1050 1051 /* EC_GROUP <-> DER encoding of ECPKPARAMETERS */ 1052 1053 EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len) 1054 { 1055 EC_GROUP *group = NULL; 1056 ECPKPARAMETERS *params = NULL; 1057 1058 if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) 1059 { 1060 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_D2I_ECPKPARAMETERS_FAILURE); 1061 ECPKPARAMETERS_free(params); 1062 return NULL; 1063 } 1064 1065 if ((group = ec_asn1_pkparameters2group(params)) == NULL) 1066 { 1067 ECerr(EC_F_D2I_ECPKPARAMETERS, EC_R_PKPARAMETERS2GROUP_FAILURE); 1068 return NULL; 1069 } 1070 1071 1072 if (a && *a) 1073 EC_GROUP_clear_free(*a); 1074 if (a) 1075 *a = group; 1076 1077 ECPKPARAMETERS_free(params); 1078 return(group); 1079 } 1080 1081 int i2d_ECPKParameters(const EC_GROUP *a, unsigned char **out) 1082 { 1083 int ret=0; 1084 ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL); 1085 if (tmp == NULL) 1086 { 1087 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_GROUP2PKPARAMETERS_FAILURE); 1088 return 0; 1089 } 1090 if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) 1091 { 1092 ECerr(EC_F_I2D_ECPKPARAMETERS, EC_R_I2D_ECPKPARAMETERS_FAILURE); 1093 ECPKPARAMETERS_free(tmp); 1094 return 0; 1095 } 1096 ECPKPARAMETERS_free(tmp); 1097 return(ret); 1098 } 1099 1100 /* some EC_KEY functions */ 1101 1102 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len) 1103 { 1104 int ok=0; 1105 EC_KEY *ret=NULL; 1106 EC_PRIVATEKEY *priv_key=NULL; 1107 1108 if ((priv_key = EC_PRIVATEKEY_new()) == NULL) 1109 { 1110 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); 1111 return NULL; 1112 } 1113 1114 if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) 1115 { 1116 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); 1117 EC_PRIVATEKEY_free(priv_key); 1118 return NULL; 1119 } 1120 1121 if (a == NULL || *a == NULL) 1122 { 1123 if ((ret = EC_KEY_new()) == NULL) 1124 { 1125 ECerr(EC_F_D2I_ECPRIVATEKEY, 1126 ERR_R_MALLOC_FAILURE); 1127 goto err; 1128 } 1129 if (a) 1130 *a = ret; 1131 } 1132 else 1133 ret = *a; 1134 1135 if (priv_key->parameters) 1136 { 1137 if (ret->group) 1138 EC_GROUP_clear_free(ret->group); 1139 ret->group = ec_asn1_pkparameters2group(priv_key->parameters); 1140 } 1141 1142 if (ret->group == NULL) 1143 { 1144 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); 1145 goto err; 1146 } 1147 1148 ret->version = priv_key->version; 1149 1150 if (priv_key->privateKey) 1151 { 1152 ret->priv_key = BN_bin2bn( 1153 M_ASN1_STRING_data(priv_key->privateKey), 1154 M_ASN1_STRING_length(priv_key->privateKey), 1155 ret->priv_key); 1156 if (ret->priv_key == NULL) 1157 { 1158 ECerr(EC_F_D2I_ECPRIVATEKEY, 1159 ERR_R_BN_LIB); 1160 goto err; 1161 } 1162 } 1163 else 1164 { 1165 ECerr(EC_F_D2I_ECPRIVATEKEY, 1166 EC_R_MISSING_PRIVATE_KEY); 1167 goto err; 1168 } 1169 1170 if (priv_key->publicKey) 1171 { 1172 const unsigned char *pub_oct; 1173 size_t pub_oct_len; 1174 1175 if (ret->pub_key) 1176 EC_POINT_clear_free(ret->pub_key); 1177 ret->pub_key = EC_POINT_new(ret->group); 1178 if (ret->pub_key == NULL) 1179 { 1180 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); 1181 goto err; 1182 } 1183 pub_oct = M_ASN1_STRING_data(priv_key->publicKey); 1184 pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); 1185 /* save the point conversion form */ 1186 ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); 1187 if (!EC_POINT_oct2point(ret->group, ret->pub_key, 1188 pub_oct, pub_oct_len, NULL)) 1189 { 1190 ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB); 1191 goto err; 1192 } 1193 } 1194 1195 ok = 1; 1196 err: 1197 if (!ok) 1198 { 1199 if (ret) 1200 EC_KEY_free(ret); 1201 ret = NULL; 1202 } 1203 1204 if (priv_key) 1205 EC_PRIVATEKEY_free(priv_key); 1206 1207 return(ret); 1208 } 1209 1210 int i2d_ECPrivateKey(EC_KEY *a, unsigned char **out) 1211 { 1212 int ret=0, ok=0; 1213 unsigned char *buffer=NULL; 1214 size_t buf_len=0, tmp_len; 1215 EC_PRIVATEKEY *priv_key=NULL; 1216 1217 if (a == NULL || a->group == NULL || a->priv_key == NULL) 1218 { 1219 ECerr(EC_F_I2D_ECPRIVATEKEY, 1220 ERR_R_PASSED_NULL_PARAMETER); 1221 goto err; 1222 } 1223 1224 if ((priv_key = EC_PRIVATEKEY_new()) == NULL) 1225 { 1226 ECerr(EC_F_I2D_ECPRIVATEKEY, 1227 ERR_R_MALLOC_FAILURE); 1228 goto err; 1229 } 1230 1231 priv_key->version = a->version; 1232 1233 buf_len = (size_t)BN_num_bytes(a->priv_key); 1234 buffer = OPENSSL_malloc(buf_len); 1235 if (buffer == NULL) 1236 { 1237 ECerr(EC_F_I2D_ECPRIVATEKEY, 1238 ERR_R_MALLOC_FAILURE); 1239 goto err; 1240 } 1241 1242 if (!BN_bn2bin(a->priv_key, buffer)) 1243 { 1244 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_BN_LIB); 1245 goto err; 1246 } 1247 1248 if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) 1249 { 1250 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB); 1251 goto err; 1252 } 1253 1254 if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) 1255 { 1256 if ((priv_key->parameters = ec_asn1_group2pkparameters( 1257 a->group, priv_key->parameters)) == NULL) 1258 { 1259 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); 1260 goto err; 1261 } 1262 } 1263 1264 if (!(a->enc_flag & EC_PKEY_NO_PUBKEY)) 1265 { 1266 priv_key->publicKey = M_ASN1_BIT_STRING_new(); 1267 if (priv_key->publicKey == NULL) 1268 { 1269 ECerr(EC_F_I2D_ECPRIVATEKEY, 1270 ERR_R_MALLOC_FAILURE); 1271 goto err; 1272 } 1273 1274 tmp_len = EC_POINT_point2oct(a->group, a->pub_key, 1275 a->conv_form, NULL, 0, NULL); 1276 1277 if (tmp_len > buf_len) 1278 { 1279 unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_len); 1280 if (!tmp_buffer) 1281 { 1282 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE); 1283 goto err; 1284 } 1285 buffer = tmp_buffer; 1286 buf_len = tmp_len; 1287 } 1288 1289 if (!EC_POINT_point2oct(a->group, a->pub_key, 1290 a->conv_form, buffer, buf_len, NULL)) 1291 { 1292 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); 1293 goto err; 1294 } 1295 1296 priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 1297 priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; 1298 if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, 1299 buf_len)) 1300 { 1301 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_ASN1_LIB); 1302 goto err; 1303 } 1304 } 1305 1306 if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) 1307 { 1308 ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_EC_LIB); 1309 goto err; 1310 } 1311 ok=1; 1312 err: 1313 if (buffer) 1314 OPENSSL_free(buffer); 1315 if (priv_key) 1316 EC_PRIVATEKEY_free(priv_key); 1317 return(ok?ret:0); 1318 } 1319 1320 int i2d_ECParameters(EC_KEY *a, unsigned char **out) 1321 { 1322 if (a == NULL) 1323 { 1324 ECerr(EC_F_I2D_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); 1325 return 0; 1326 } 1327 return i2d_ECPKParameters(a->group, out); 1328 } 1329 1330 EC_KEY *d2i_ECParameters(EC_KEY **a, const unsigned char **in, long len) 1331 { 1332 EC_KEY *ret; 1333 1334 if (in == NULL || *in == NULL) 1335 { 1336 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_PASSED_NULL_PARAMETER); 1337 return NULL; 1338 } 1339 1340 if (a == NULL || *a == NULL) 1341 { 1342 if ((ret = EC_KEY_new()) == NULL) 1343 { 1344 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_MALLOC_FAILURE); 1345 return NULL; 1346 } 1347 if (a) 1348 *a = ret; 1349 } 1350 else 1351 ret = *a; 1352 1353 if (!d2i_ECPKParameters(&ret->group, in, len)) 1354 { 1355 ECerr(EC_F_D2I_ECPARAMETERS, ERR_R_EC_LIB); 1356 return NULL; 1357 } 1358 1359 return ret; 1360 } 1361 1362 EC_KEY *o2i_ECPublicKey(EC_KEY **a, const unsigned char **in, long len) 1363 { 1364 EC_KEY *ret=NULL; 1365 1366 if (a == NULL || (*a) == NULL || (*a)->group == NULL) 1367 { 1368 /* sorry, but a EC_GROUP-structur is necessary 1369 * to set the public key */ 1370 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER); 1371 return 0; 1372 } 1373 ret = *a; 1374 if (ret->pub_key == NULL && 1375 (ret->pub_key = EC_POINT_new(ret->group)) == NULL) 1376 { 1377 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_MALLOC_FAILURE); 1378 return 0; 1379 } 1380 if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) 1381 { 1382 ECerr(EC_F_O2I_ECPUBLICKEY, ERR_R_EC_LIB); 1383 return 0; 1384 } 1385 /* save the point conversion form */ 1386 ret->conv_form = (point_conversion_form_t)(*in[0] & ~0x01); 1387 *in += len; 1388 return ret; 1389 } 1390 1391 int i2o_ECPublicKey(EC_KEY *a, unsigned char **out) 1392 { 1393 size_t buf_len=0; 1394 int new_buffer = 0; 1395 1396 if (a == NULL) 1397 { 1398 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_PASSED_NULL_PARAMETER); 1399 return 0; 1400 } 1401 1402 buf_len = EC_POINT_point2oct(a->group, a->pub_key, 1403 a->conv_form, NULL, 0, NULL); 1404 1405 if (out == NULL || buf_len == 0) 1406 /* out == NULL => just return the length of the octet string */ 1407 return buf_len; 1408 1409 if (*out == NULL) 1410 { 1411 if ((*out = OPENSSL_malloc(buf_len)) == NULL) 1412 { 1413 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_MALLOC_FAILURE); 1414 return 0; 1415 } 1416 new_buffer = 1; 1417 } 1418 if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form, 1419 *out, buf_len, NULL)) 1420 { 1421 ECerr(EC_F_I2O_ECPUBLICKEY, ERR_R_EC_LIB); 1422 OPENSSL_free(*out); 1423 *out = NULL; 1424 return 0; 1425 } 1426 if (!new_buffer) 1427 *out += buf_len; 1428 return buf_len; 1429 } 1430