2 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
5 /* ====================================================================
6 * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
34 * 6. Redistributions of any form whatsoever must retain the following
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
55 #include <openssl/ec.h>
56 #include <openssl/engine.h>
57 #include <openssl/err.h>
61 static const EC_KEY_METHOD openssl_ec_key_method
= {
62 "OpenSSL EC_KEY method",
66 ossl_ecdh_compute_key
,
68 ossl_ecdsa_sign_setup
,
74 static const EC_KEY_METHOD
*default_ec_key_meth
= &openssl_ec_key_method
;
76 const EC_KEY_METHOD
*EC_KEY_OpenSSL(void)
78 return &openssl_ec_key_method
;
81 const EC_KEY_METHOD
*EC_KEY_get_default_method(void)
83 return default_ec_key_meth
;
86 void EC_KEY_set_default_method(const EC_KEY_METHOD
*meth
)
89 default_ec_key_meth
= &openssl_ec_key_method
;
91 default_ec_key_meth
= meth
;
94 const EC_KEY_METHOD
*EC_KEY_get_method(const EC_KEY
*key
)
99 int EC_KEY_set_method(EC_KEY
*key
, const EC_KEY_METHOD
*meth
)
101 void (*finish
)(EC_KEY
*key
) = key
->meth
->finish
;
106 #ifndef OPENSSL_NO_ENGINE
107 ENGINE_finish(key
->engine
);
112 if (meth
->init
!= NULL
)
113 return meth
->init(key
);
117 EC_KEY
*EC_KEY_new_method(ENGINE
*engine
)
119 EC_KEY
*ret
= OPENSSL_zalloc(sizeof(*ret
));
122 ECerr(EC_F_EC_KEY_NEW_METHOD
, ERR_R_MALLOC_FAILURE
);
125 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY
, ret
, &ret
->ex_data
)) {
130 ret
->lock
= CRYPTO_THREAD_lock_new();
131 if (ret
->lock
== NULL
) {
132 ECerr(EC_F_EC_KEY_NEW_METHOD
, ERR_R_MALLOC_FAILURE
);
133 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY
, ret
, &ret
->ex_data
);
138 ret
->meth
= EC_KEY_get_default_method();
139 #ifndef OPENSSL_NO_ENGINE
140 if (engine
!= NULL
) {
141 if (!ENGINE_init(engine
)) {
142 ECerr(EC_F_EC_KEY_NEW_METHOD
, ERR_R_ENGINE_LIB
);
143 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY
, ret
, &ret
->ex_data
);
144 CRYPTO_THREAD_lock_free(ret
->lock
);
148 ret
->engine
= engine
;
150 ret
->engine
= ENGINE_get_default_EC();
151 if (ret
->engine
!= NULL
) {
152 ret
->meth
= ENGINE_get_EC(ret
->engine
);
153 if (ret
->meth
== NULL
) {
154 ECerr(EC_F_EC_KEY_NEW_METHOD
, ERR_R_ENGINE_LIB
);
155 ENGINE_finish(ret
->engine
);
156 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY
, ret
, &ret
->ex_data
);
157 CRYPTO_THREAD_lock_free(ret
->lock
);
165 ret
->conv_form
= POINT_CONVERSION_UNCOMPRESSED
;
168 if (ret
->meth
->init
!= NULL
&& ret
->meth
->init(ret
) == 0) {
175 int ECDH_compute_key(void *out
, size_t outlen
, const EC_POINT
*pub_key
,
177 void *(*KDF
) (const void *in
, size_t inlen
, void *out
,
180 unsigned char *sec
= NULL
;
182 if (eckey
->meth
->compute_key
== NULL
) {
183 ECerr(EC_F_ECDH_COMPUTE_KEY
, EC_R_OPERATION_NOT_SUPPORTED
);
186 if (outlen
> INT_MAX
) {
187 ECerr(EC_F_ECDH_COMPUTE_KEY
, EC_R_INVALID_OUTPUT_LENGTH
);
190 if (!eckey
->meth
->compute_key(&sec
, &seclen
, pub_key
, eckey
))
193 KDF(sec
, seclen
, out
, &outlen
);
197 memcpy(out
, sec
, outlen
);
199 OPENSSL_clear_free(sec
, seclen
);
203 EC_KEY_METHOD
*EC_KEY_METHOD_new(const EC_KEY_METHOD
*meth
)
205 EC_KEY_METHOD
*ret
= OPENSSL_zalloc(sizeof(*meth
));
211 ret
->flags
|= EC_KEY_METHOD_DYNAMIC
;
215 void EC_KEY_METHOD_free(EC_KEY_METHOD
*meth
)
217 if (meth
->flags
& EC_KEY_METHOD_DYNAMIC
)
221 void EC_KEY_METHOD_set_init(EC_KEY_METHOD
*meth
,
222 int (*init
)(EC_KEY
*key
),
223 void (*finish
)(EC_KEY
*key
),
224 int (*copy
)(EC_KEY
*dest
, const EC_KEY
*src
),
225 int (*set_group
)(EC_KEY
*key
, const EC_GROUP
*grp
),
226 int (*set_private
)(EC_KEY
*key
,
227 const BIGNUM
*priv_key
),
228 int (*set_public
)(EC_KEY
*key
,
229 const EC_POINT
*pub_key
))
232 meth
->finish
= finish
;
234 meth
->set_group
= set_group
;
235 meth
->set_private
= set_private
;
236 meth
->set_public
= set_public
;
239 void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD
*meth
,
240 int (*keygen
)(EC_KEY
*key
))
242 meth
->keygen
= keygen
;
245 void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD
*meth
,
246 int (*ckey
)(unsigned char **psec
,
248 const EC_POINT
*pub_key
,
251 meth
->compute_key
= ckey
;
254 void EC_KEY_METHOD_set_sign(EC_KEY_METHOD
*meth
,
255 int (*sign
)(int type
, const unsigned char *dgst
,
256 int dlen
, unsigned char *sig
,
257 unsigned int *siglen
,
258 const BIGNUM
*kinv
, const BIGNUM
*r
,
260 int (*sign_setup
)(EC_KEY
*eckey
, BN_CTX
*ctx_in
,
261 BIGNUM
**kinvp
, BIGNUM
**rp
),
262 ECDSA_SIG
*(*sign_sig
)(const unsigned char *dgst
,
264 const BIGNUM
*in_kinv
,
269 meth
->sign_setup
= sign_setup
;
270 meth
->sign_sig
= sign_sig
;
273 void EC_KEY_METHOD_set_verify(EC_KEY_METHOD
*meth
,
274 int (*verify
)(int type
, const unsigned
275 char *dgst
, int dgst_len
,
276 const unsigned char *sigbuf
,
277 int sig_len
, EC_KEY
*eckey
),
278 int (*verify_sig
)(const unsigned char *dgst
,
280 const ECDSA_SIG
*sig
,
283 meth
->verify
= verify
;
284 meth
->verify_sig
= verify_sig
;
287 void EC_KEY_METHOD_get_init(EC_KEY_METHOD
*meth
,
288 int (**pinit
)(EC_KEY
*key
),
289 void (**pfinish
)(EC_KEY
*key
),
290 int (**pcopy
)(EC_KEY
*dest
, const EC_KEY
*src
),
291 int (**pset_group
)(EC_KEY
*key
,
292 const EC_GROUP
*grp
),
293 int (**pset_private
)(EC_KEY
*key
,
294 const BIGNUM
*priv_key
),
295 int (**pset_public
)(EC_KEY
*key
,
296 const EC_POINT
*pub_key
))
301 *pfinish
= meth
->finish
;
304 if (pset_group
!= NULL
)
305 *pset_group
= meth
->set_group
;
306 if (pset_private
!= NULL
)
307 *pset_private
= meth
->set_private
;
308 if (pset_public
!= NULL
)
309 *pset_public
= meth
->set_public
;
312 void EC_KEY_METHOD_get_keygen(EC_KEY_METHOD
*meth
,
313 int (**pkeygen
)(EC_KEY
*key
))
316 *pkeygen
= meth
->keygen
;
319 void EC_KEY_METHOD_get_compute_key(EC_KEY_METHOD
*meth
,
320 int (**pck
)(unsigned char **pout
,
322 const EC_POINT
*pub_key
,
326 *pck
= meth
->compute_key
;
329 void EC_KEY_METHOD_get_sign(EC_KEY_METHOD
*meth
,
330 int (**psign
)(int type
, const unsigned char *dgst
,
331 int dlen
, unsigned char *sig
,
332 unsigned int *siglen
,
333 const BIGNUM
*kinv
, const BIGNUM
*r
,
335 int (**psign_setup
)(EC_KEY
*eckey
, BN_CTX
*ctx_in
,
336 BIGNUM
**kinvp
, BIGNUM
**rp
),
337 ECDSA_SIG
*(**psign_sig
)(const unsigned char *dgst
,
339 const BIGNUM
*in_kinv
,
345 if (psign_setup
!= NULL
)
346 *psign_setup
= meth
->sign_setup
;
347 if (psign_sig
!= NULL
)
348 *psign_sig
= meth
->sign_sig
;
351 void EC_KEY_METHOD_get_verify(EC_KEY_METHOD
*meth
,
352 int (**pverify
)(int type
, const unsigned
353 char *dgst
, int dgst_len
,
354 const unsigned char *sigbuf
,
355 int sig_len
, EC_KEY
*eckey
),
356 int (**pverify_sig
)(const unsigned char *dgst
,
358 const ECDSA_SIG
*sig
,
362 *pverify
= meth
->verify
;
363 if (pverify_sig
!= NULL
)
364 *pverify_sig
= meth
->verify_sig
;