1 /* 2 * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved 4 * 5 * Licensed under the Apache License 2.0 (the "License"). You may not use 6 * this file except in compliance with the License. You can obtain a copy 7 * in the file LICENSE in the source distribution or at 8 * https://www.openssl.org/source/license.html 9 */ 10 11 /* 12 * ECDSA low level APIs are deprecated for public use, but still ok for 13 * internal use. 14 */ 15 #include "internal/deprecated.h" 16 17 #include <limits.h> 18 19 #include <openssl/err.h> 20 #include <openssl/obj_mac.h> 21 #include "ec_local.h" 22 23 const EC_METHOD *EC_GFp_nist_method(void) 24 { 25 static const EC_METHOD ret = { 26 EC_FLAGS_DEFAULT_OCT, 27 NID_X9_62_prime_field, 28 ossl_ec_GFp_simple_group_init, 29 ossl_ec_GFp_simple_group_finish, 30 ossl_ec_GFp_simple_group_clear_finish, 31 ossl_ec_GFp_nist_group_copy, 32 ossl_ec_GFp_nist_group_set_curve, 33 ossl_ec_GFp_simple_group_get_curve, 34 ossl_ec_GFp_simple_group_get_degree, 35 ossl_ec_group_simple_order_bits, 36 ossl_ec_GFp_simple_group_check_discriminant, 37 ossl_ec_GFp_simple_point_init, 38 ossl_ec_GFp_simple_point_finish, 39 ossl_ec_GFp_simple_point_clear_finish, 40 ossl_ec_GFp_simple_point_copy, 41 ossl_ec_GFp_simple_point_set_to_infinity, 42 ossl_ec_GFp_simple_point_set_affine_coordinates, 43 ossl_ec_GFp_simple_point_get_affine_coordinates, 44 0, 0, 0, 45 ossl_ec_GFp_simple_add, 46 ossl_ec_GFp_simple_dbl, 47 ossl_ec_GFp_simple_invert, 48 ossl_ec_GFp_simple_is_at_infinity, 49 ossl_ec_GFp_simple_is_on_curve, 50 ossl_ec_GFp_simple_cmp, 51 ossl_ec_GFp_simple_make_affine, 52 ossl_ec_GFp_simple_points_make_affine, 53 0 /* mul */ , 54 0 /* precompute_mult */ , 55 0 /* have_precompute_mult */ , 56 ossl_ec_GFp_nist_field_mul, 57 ossl_ec_GFp_nist_field_sqr, 58 0 /* field_div */ , 59 ossl_ec_GFp_simple_field_inv, 60 0 /* field_encode */ , 61 0 /* field_decode */ , 62 0, /* field_set_to_one */ 63 ossl_ec_key_simple_priv2oct, 64 ossl_ec_key_simple_oct2priv, 65 0, /* set private */ 66 ossl_ec_key_simple_generate_key, 67 ossl_ec_key_simple_check_key, 68 ossl_ec_key_simple_generate_public_key, 69 0, /* keycopy */ 70 0, /* keyfinish */ 71 ossl_ecdh_simple_compute_key, 72 ossl_ecdsa_simple_sign_setup, 73 ossl_ecdsa_simple_sign_sig, 74 ossl_ecdsa_simple_verify_sig, 75 0, /* field_inverse_mod_ord */ 76 ossl_ec_GFp_simple_blind_coordinates, 77 ossl_ec_GFp_simple_ladder_pre, 78 ossl_ec_GFp_simple_ladder_step, 79 ossl_ec_GFp_simple_ladder_post 80 }; 81 82 return &ret; 83 } 84 85 int ossl_ec_GFp_nist_group_copy(EC_GROUP *dest, const EC_GROUP *src) 86 { 87 dest->field_mod_func = src->field_mod_func; 88 89 return ossl_ec_GFp_simple_group_copy(dest, src); 90 } 91 92 int ossl_ec_GFp_nist_group_set_curve(EC_GROUP *group, const BIGNUM *p, 93 const BIGNUM *a, const BIGNUM *b, 94 BN_CTX *ctx) 95 { 96 int ret = 0; 97 BN_CTX *new_ctx = NULL; 98 99 if (ctx == NULL) 100 if ((ctx = new_ctx = BN_CTX_new_ex(group->libctx)) == NULL) 101 return 0; 102 103 BN_CTX_start(ctx); 104 105 if (BN_ucmp(BN_get0_nist_prime_192(), p) == 0) 106 group->field_mod_func = BN_nist_mod_192; 107 else if (BN_ucmp(BN_get0_nist_prime_224(), p) == 0) 108 group->field_mod_func = BN_nist_mod_224; 109 else if (BN_ucmp(BN_get0_nist_prime_256(), p) == 0) 110 group->field_mod_func = BN_nist_mod_256; 111 else if (BN_ucmp(BN_get0_nist_prime_384(), p) == 0) 112 group->field_mod_func = BN_nist_mod_384; 113 else if (BN_ucmp(BN_get0_nist_prime_521(), p) == 0) 114 group->field_mod_func = BN_nist_mod_521; 115 else { 116 ERR_raise(ERR_LIB_EC, EC_R_NOT_A_NIST_PRIME); 117 goto err; 118 } 119 120 ret = ossl_ec_GFp_simple_group_set_curve(group, p, a, b, ctx); 121 122 err: 123 BN_CTX_end(ctx); 124 BN_CTX_free(new_ctx); 125 return ret; 126 } 127 128 int ossl_ec_GFp_nist_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, 129 const BIGNUM *b, BN_CTX *ctx) 130 { 131 int ret = 0; 132 BN_CTX *ctx_new = NULL; 133 134 if (!group || !r || !a || !b) { 135 ERR_raise(ERR_LIB_EC, ERR_R_PASSED_NULL_PARAMETER); 136 goto err; 137 } 138 if (!ctx) 139 if ((ctx_new = ctx = BN_CTX_new_ex(group->libctx)) == NULL) 140 goto err; 141 142 if (!BN_mul(r, a, b, ctx)) 143 goto err; 144 if (!group->field_mod_func(r, r, group->field, ctx)) 145 goto err; 146 147 ret = 1; 148 err: 149 BN_CTX_free(ctx_new); 150 return ret; 151 } 152 153 int ossl_ec_GFp_nist_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, 154 BN_CTX *ctx) 155 { 156 int ret = 0; 157 BN_CTX *ctx_new = NULL; 158 159 if (!group || !r || !a) { 160 ERR_raise(ERR_LIB_EC, EC_R_PASSED_NULL_PARAMETER); 161 goto err; 162 } 163 if (!ctx) 164 if ((ctx_new = ctx = BN_CTX_new_ex(group->libctx)) == NULL) 165 goto err; 166 167 if (!BN_sqr(r, a, ctx)) 168 goto err; 169 if (!group->field_mod_func(r, r, group->field, ctx)) 170 goto err; 171 172 ret = 1; 173 err: 174 BN_CTX_free(ctx_new); 175 return ret; 176 } 177