[thirdparty/openssl.git] / crypto / ec / ec_kmeth.c

/*
 * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <string.h>
#include <openssl/ec.h>
#include <openssl/engine.h>
#include <openssl/err.h>
#include "ec_lcl.h"


static const EC_KEY_METHOD openssl_ec_key_method = {
    "OpenSSL EC_KEY method",
    0,
    0,0,0,0,0,0,
    ossl_ec_key_gen,
    ossl_ecdh_compute_key,
    ossl_ecdsa_sign,
    ossl_ecdsa_sign_setup,
    ossl_ecdsa_sign_sig,
    ossl_ecdsa_verify,
    ossl_ecdsa_verify_sig
};

static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;

const EC_KEY_METHOD *EC_KEY_OpenSSL(void)
{
    return &openssl_ec_key_method;
}

const EC_KEY_METHOD *EC_KEY_get_default_method(void)
{
    return default_ec_key_meth;
}

void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
{
    if (meth == NULL)
        default_ec_key_meth = &openssl_ec_key_method;
    else
        default_ec_key_meth = meth;
}

const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
{
    return key->meth;
}

int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
{
    void (*finish)(EC_KEY *key) = key->meth->finish;

    if (finish != NULL)
        finish(key);

#ifndef OPENSSL_NO_ENGINE
    ENGINE_finish(key->engine);
    key->engine = NULL;
#endif

    key->meth = meth;
    if (meth->init != NULL)
        return meth->init(key);
    return 1;
}

EC_KEY *EC_KEY_new_method(ENGINE *engine)
{
    EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));

    if (ret == NULL) {
        ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        return NULL;
    }

    ret->references = 1;
    ret->lock = CRYPTO_THREAD_lock_new();
    if (ret->lock == NULL) {
        ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
        OPENSSL_free(ret);
        return NULL;
    }

    ret->meth = EC_KEY_get_default_method();
#ifndef OPENSSL_NO_ENGINE
    if (engine != NULL) {
        if (!ENGINE_init(engine)) {
            ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
            goto err;
        }
        ret->engine = engine;
    } else
        ret->engine = ENGINE_get_default_EC();
    if (ret->engine != NULL) {
        ret->meth = ENGINE_get_EC(ret->engine);
        if (ret->meth == NULL) {
            ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
            goto err;
        }
    }
#endif

    ret->version = 1;
    ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;

    if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
        goto err;
    }

    if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
        ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_INIT_FAIL);
        goto err;
    }
    return ret;

err:
    EC_KEY_free(ret);
    return NULL;
}

int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
                     const EC_KEY *eckey,
                     void *(*KDF) (const void *in, size_t inlen, void *out,
                                   size_t *outlen))
{
    unsigned char *sec = NULL;
    size_t seclen;
    if (eckey->meth->compute_key == NULL) {
        ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
        return 0;
    }
    if (outlen > INT_MAX) {
        ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_INVALID_OUTPUT_LENGTH);
        return 0;
    }
    if (!eckey->meth->compute_key(&sec, &seclen, pub_key, eckey))
        return 0;
    if (KDF != NULL) {
        KDF(sec, seclen, out, &outlen);
    } else {
        if (outlen > seclen)
            outlen = seclen;
        memcpy(out, sec, outlen);
    }
    OPENSSL_clear_free(sec, seclen);
    return outlen;
}

EC_KEY_METHOD *EC_KEY_METHOD_new(const EC_KEY_METHOD *meth)
{
    EC_KEY_METHOD *ret = OPENSSL_zalloc(sizeof(*meth));

    if (ret == NULL)
        return NULL;
    if (meth != NULL)
        *ret = *meth;
    ret->flags |= EC_KEY_METHOD_DYNAMIC;
    return ret;
}

void EC_KEY_METHOD_free(EC_KEY_METHOD *meth)
{
    if (meth->flags & EC_KEY_METHOD_DYNAMIC)
        OPENSSL_free(meth);
}

void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
                            int (*init)(EC_KEY *key),
                            void (*finish)(EC_KEY *key),
                            int (*copy)(EC_KEY *dest, const EC_KEY *src),
                            int (*set_group)(EC_KEY *key, const EC_GROUP *grp),
                            int (*set_private)(EC_KEY *key,
                                               const BIGNUM *priv_key),
                            int (*set_public)(EC_KEY *key,
                                              const EC_POINT *pub_key))
{
    meth->init = init;
    meth->finish = finish;
    meth->copy = copy;
    meth->set_group = set_group;
    meth->set_private = set_private;
    meth->set_public = set_public;
}

void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
                              int (*keygen)(EC_KEY *key))
{
    meth->keygen = keygen;
}

void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
                                   int (*ckey)(unsigned char **psec,
                                               size_t *pseclen,
                                               const EC_POINT *pub_key,
                                               const EC_KEY *ecdh))
{
    meth->compute_key = ckey;
}

void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
                            int (*sign)(int type, const unsigned char *dgst,
                                        int dlen, unsigned char *sig,
                                        unsigned int *siglen,
                                        const BIGNUM *kinv, const BIGNUM *r,
                                        EC_KEY *eckey),
                            int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
                                              BIGNUM **kinvp, BIGNUM **rp),
                            ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
                                                   int dgst_len,
                                                   const BIGNUM *in_kinv,
                                                   const BIGNUM *in_r,
                                                   EC_KEY *eckey))
{
    meth->sign = sign;
    meth->sign_setup = sign_setup;
    meth->sign_sig = sign_sig;
}

void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
                              int (*verify)(int type, const unsigned
                                            char *dgst, int dgst_len,
                                            const unsigned char *sigbuf,
                                            int sig_len, EC_KEY *eckey),
                              int (*verify_sig)(const unsigned char *dgst,
                                                int dgst_len,
                                                const ECDSA_SIG *sig,
                                                EC_KEY *eckey))
{
    meth->verify = verify;
    meth->verify_sig = verify_sig;
}

void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth,
                            int (**pinit)(EC_KEY *key),
                            void (**pfinish)(EC_KEY *key),
                            int (**pcopy)(EC_KEY *dest, const EC_KEY *src),
                            int (**pset_group)(EC_KEY *key,
                                               const EC_GROUP *grp),
                            int (**pset_private)(EC_KEY *key,
                                                 const BIGNUM *priv_key),
                            int (**pset_public)(EC_KEY *key,
                                                const EC_POINT *pub_key))
{
    if (pinit != NULL)
        *pinit = meth->init;
    if (pfinish != NULL)
        *pfinish = meth->finish;
    if (pcopy != NULL)
        *pcopy = meth->copy;
    if (pset_group != NULL)
        *pset_group = meth->set_group;
    if (pset_private != NULL)
        *pset_private = meth->set_private;
    if (pset_public != NULL)
        *pset_public = meth->set_public;
}

void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth,
                              int (**pkeygen)(EC_KEY *key))
{
    if (pkeygen != NULL)
        *pkeygen = meth->keygen;
}

void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth,
                                   int (**pck)(unsigned char **pout,
                                               size_t *poutlen,
                                               const EC_POINT *pub_key,
                                               const EC_KEY *ecdh))
{
    if (pck != NULL)
        *pck = meth->compute_key;
}

void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth,
                            int (**psign)(int type, const unsigned char *dgst,
                                          int dlen, unsigned char *sig,
                                          unsigned int *siglen,
                                          const BIGNUM *kinv, const BIGNUM *r,
                                          EC_KEY *eckey),
                            int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
                                                BIGNUM **kinvp, BIGNUM **rp),
                            ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
                                                     int dgst_len,
                                                     const BIGNUM *in_kinv,
                                                     const BIGNUM *in_r,
                                                     EC_KEY *eckey))
{
    if (psign != NULL)
        *psign = meth->sign;
    if (psign_setup != NULL)
        *psign_setup = meth->sign_setup;
    if (psign_sig != NULL)
        *psign_sig = meth->sign_sig;
}

void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
                              int (**pverify)(int type, const unsigned
                                              char *dgst, int dgst_len,
                                              const unsigned char *sigbuf,
                                              int sig_len, EC_KEY *eckey),
                              int (**pverify_sig)(const unsigned char *dgst,
                                                  int dgst_len,
                                                  const ECDSA_SIG *sig,
                                                  EC_KEY *eckey))
{
    if (pverify != NULL)
        *pverify = meth->verify;
    if (pverify_sig != NULL)
        *pverify_sig = meth->verify_sig;
}
Commit	Line	Data
28572b57	1	/*
4f22f405	2	* Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
28572b57	3	*
4f22f405 RS	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
28572b57 DSH	8	*/
28572b57 DSH	9
e2285d87	10	#include <string.h>
28572b57	11	#include <openssl/ec.h>
3c27208f	12	#include <openssl/engine.h>
28572b57 DSH	13	#include <openssl/err.h>
	14	#include "ec_lcl.h"
	15
	16
	17	static const EC_KEY_METHOD openssl_ec_key_method = {
	18	"OpenSSL EC_KEY method",
5a6a1029	19	0,
3475bc96	20	0,0,0,0,0,0,
a22a7e70	21	ossl_ec_key_gen,
8c6ef786	22	ossl_ecdh_compute_key,
a200a817	23	ossl_ecdsa_sign,
8c6ef786 DSH	24	ossl_ecdsa_sign_setup,
8c6ef786 DSH	25	ossl_ecdsa_sign_sig,
a200a817	26	ossl_ecdsa_verify,
8c6ef786	27	ossl_ecdsa_verify_sig
28572b57 DSH	28	};
28572b57 DSH	29
a0ffedaf	30	static const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
28572b57 DSH	31
	32	const EC_KEY_METHOD *EC_KEY_OpenSSL(void)
	33	{
	34	return &openssl_ec_key_method;
	35	}
	36
	37	const EC_KEY_METHOD *EC_KEY_get_default_method(void)
	38	{
	39	return default_ec_key_meth;
	40	}
	41
	42	void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
	43	{
	44	if (meth == NULL)
	45	default_ec_key_meth = &openssl_ec_key_method;
	46	else
	47	default_ec_key_meth = meth;
	48	}
	49
3aef36ff RS	50	const EC_KEY_METHOD EC_KEY_get_method(const EC_KEY key)
	51	{
	52	return key->meth;
	53	}
	54
	55	int EC_KEY_set_method(EC_KEY key, const EC_KEY_METHOD meth)
	56	{
	57	void (finish)(EC_KEY key) = key->meth->finish;
	58
	59	if (finish != NULL)
	60	finish(key);
	61
	62	#ifndef OPENSSL_NO_ENGINE
7c96dbcd RS	63	ENGINE_finish(key->engine);
7c96dbcd RS	64	key->engine = NULL;
3aef36ff RS	65	#endif
	66
	67	key->meth = meth;
	68	if (meth->init != NULL)
	69	return meth->init(key);
	70	return 1;
	71	}
	72
28572b57 DSH	73	EC_KEY EC_KEY_new_method(ENGINE engine)
	74	{
	75	EC_KEY ret = OPENSSL_zalloc(sizeof(ret));
	76
	77	if (ret == NULL) {
	78	ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
9b398ef2	79	return NULL;
28572b57	80	}
3aef36ff	81
11ed851d	82	ret->references = 1;
9b398ef2 AG	83	ret->lock = CRYPTO_THREAD_lock_new();
	84	if (ret->lock == NULL) {
	85	ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
9b398ef2 AG	86	OPENSSL_free(ret);
	87	return NULL;
	88	}
	89
28572b57 DSH	90	ret->meth = EC_KEY_get_default_method();
28572b57 DSH	91	#ifndef OPENSSL_NO_ENGINE
91e7bcc2	92	if (engine != NULL) {
28572b57 DSH	93	if (!ENGINE_init(engine)) {
28572b57 DSH	94	ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
11ed851d	95	goto err;
28572b57 DSH	96	}
	97	ret->engine = engine;
	98	} else
7d711cbc	99	ret->engine = ENGINE_get_default_EC();
91e7bcc2	100	if (ret->engine != NULL) {
7d711cbc	101	ret->meth = ENGINE_get_EC(ret->engine);
91e7bcc2	102	if (ret->meth == NULL) {
28572b57	103	ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
11ed851d	104	goto err;
28572b57 DSH	105	}
	106	}
	107	#endif
	108
	109	ret->version = 1;
	110	ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
11ed851d F	111
	112	if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
	113	goto err;
	114	}
9b398ef2	115
91e7bcc2	116	if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
cb1d435c	117	ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_INIT_FAIL);
11ed851d	118	goto err;
0d6ff6d3 DSH	119	}
0d6ff6d3 DSH	120	return ret;
11ed851d F	121
	122	err:
	123	EC_KEY_free(ret);
	124	return NULL;
28572b57	125	}
a22a7e70 DSH	126
a22a7e70 DSH	127	int ECDH_compute_key(void out, size_t outlen, const EC_POINT pub_key,
2c61a5ec	128	const EC_KEY *eckey,
a22a7e70 DSH	129	void (KDF) (const void in, size_t inlen, void out,
	130	size_t *outlen))
	131	{
e2285d87 DSH	132	unsigned char *sec = NULL;
	133	size_t seclen;
	134	if (eckey->meth->compute_key == NULL) {
	135	ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
	136	return 0;
	137	}
	138	if (outlen > INT_MAX) {
	139	ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_INVALID_OUTPUT_LENGTH);
	140	return 0;
	141	}
	142	if (!eckey->meth->compute_key(&sec, &seclen, pub_key, eckey))
	143	return 0;
	144	if (KDF != NULL) {
	145	KDF(sec, seclen, out, &outlen);
	146	} else {
	147	if (outlen > seclen)
	148	outlen = seclen;
	149	memcpy(out, sec, outlen);
	150	}
	151	OPENSSL_clear_free(sec, seclen);
	152	return outlen;
a22a7e70	153	}
f8d7d2d6 DSH	154
	155	EC_KEY_METHOD EC_KEY_METHOD_new(const EC_KEY_METHOD meth)
	156	{
3aef36ff RS	157	EC_KEY_METHOD ret = OPENSSL_zalloc(sizeof(meth));
3aef36ff RS	158
f8d7d2d6 DSH	159	if (ret == NULL)
f8d7d2d6 DSH	160	return NULL;
91e7bcc2	161	if (meth != NULL)
f8d7d2d6 DSH	162	ret = meth;
	163	ret->flags \|= EC_KEY_METHOD_DYNAMIC;
	164	return ret;
	165	}
	166
	167	void EC_KEY_METHOD_free(EC_KEY_METHOD *meth)
	168	{
	169	if (meth->flags & EC_KEY_METHOD_DYNAMIC)
	170	OPENSSL_free(meth);
	171	}
	172
	173	void EC_KEY_METHOD_set_init(EC_KEY_METHOD *meth,
	174	int (init)(EC_KEY key),
	175	void (finish)(EC_KEY key),
	176	int (copy)(EC_KEY dest, const EC_KEY *src),
	177	int (set_group)(EC_KEY key, const EC_GROUP *grp),
	178	int (set_private)(EC_KEY key,
	179	const BIGNUM *priv_key),
	180	int (set_public)(EC_KEY key,
	181	const EC_POINT *pub_key))
	182	{
	183	meth->init = init;
	184	meth->finish = finish;
	185	meth->copy = copy;
	186	meth->set_group = set_group;
	187	meth->set_private = set_private;
	188	meth->set_public = set_public;
	189	}
	190
	191	void EC_KEY_METHOD_set_keygen(EC_KEY_METHOD *meth,
	192	int (keygen)(EC_KEY key))
	193	{
	194	meth->keygen = keygen;
	195	}
	196
	197	void EC_KEY_METHOD_set_compute_key(EC_KEY_METHOD *meth,
e2285d87 DSH	198	int (ckey)(unsigned char *psec,
e2285d87 DSH	199	size_t *pseclen,
f8d7d2d6	200	const EC_POINT *pub_key,
e2285d87	201	const EC_KEY *ecdh))
f8d7d2d6 DSH	202	{
	203	meth->compute_key = ckey;
	204	}
	205
	206	void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
	207	int (sign)(int type, const unsigned char dgst,
	208	int dlen, unsigned char *sig,
	209	unsigned int *siglen,
	210	const BIGNUM kinv, const BIGNUM r,
	211	EC_KEY *eckey),
	212	int (sign_setup)(EC_KEY eckey, BN_CTX *ctx_in,
	213	BIGNUM kinvp, BIGNUM rp),
	214	ECDSA_SIG (sign_sig)(const unsigned char *dgst,
	215	int dgst_len,
	216	const BIGNUM *in_kinv,
	217	const BIGNUM *in_r,
	218	EC_KEY *eckey))
	219	{
	220	meth->sign = sign;
	221	meth->sign_setup = sign_setup;
	222	meth->sign_sig = sign_sig;
	223	}
	224
	225	void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
	226	int (*verify)(int type, const unsigned
	227	char *dgst, int dgst_len,
	228	const unsigned char *sigbuf,
	229	int sig_len, EC_KEY *eckey),
	230	int (verify_sig)(const unsigned char dgst,
	231	int dgst_len,
	232	const ECDSA_SIG *sig,
	233	EC_KEY *eckey))
	234	{
	235	meth->verify = verify;
	236	meth->verify_sig = verify_sig;
	237	}
	238
4e9b720e	239	void EC_KEY_METHOD_get_init(const EC_KEY_METHOD *meth,
f8d7d2d6 DSH	240	int (*pinit)(EC_KEY key),
	241	void (*pfinish)(EC_KEY key),
	242	int (*pcopy)(EC_KEY dest, const EC_KEY *src),
	243	int (*pset_group)(EC_KEY key,
	244	const EC_GROUP *grp),
	245	int (*pset_private)(EC_KEY key,
	246	const BIGNUM *priv_key),
	247	int (*pset_public)(EC_KEY key,
	248	const EC_POINT *pub_key))
	249	{
	250	if (pinit != NULL)
	251	*pinit = meth->init;
	252	if (pfinish != NULL)
	253	*pfinish = meth->finish;
	254	if (pcopy != NULL)
	255	*pcopy = meth->copy;
	256	if (pset_group != NULL)
	257	*pset_group = meth->set_group;
	258	if (pset_private != NULL)
	259	*pset_private = meth->set_private;
	260	if (pset_public != NULL)
	261	*pset_public = meth->set_public;
	262	}
	263
4e9b720e	264	void EC_KEY_METHOD_get_keygen(const EC_KEY_METHOD *meth,
f8d7d2d6 DSH	265	int (*pkeygen)(EC_KEY key))
	266	{
	267	if (pkeygen != NULL)
	268	*pkeygen = meth->keygen;
	269	}
	270
4e9b720e	271	void EC_KEY_METHOD_get_compute_key(const EC_KEY_METHOD *meth,
e2285d87 DSH	272	int (pck)(unsigned char pout,
e2285d87 DSH	273	size_t *poutlen,
f8d7d2d6	274	const EC_POINT *pub_key,
e2285d87	275	const EC_KEY *ecdh))
f8d7d2d6 DSH	276	{
	277	if (pck != NULL)
	278	*pck = meth->compute_key;
	279	}
	280
4e9b720e	281	void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth,
f8d7d2d6 DSH	282	int (*psign)(int type, const unsigned char dgst,
	283	int dlen, unsigned char *sig,
	284	unsigned int *siglen,
	285	const BIGNUM kinv, const BIGNUM r,
	286	EC_KEY *eckey),
	287	int (*psign_setup)(EC_KEY eckey, BN_CTX *ctx_in,
	288	BIGNUM kinvp, BIGNUM rp),
	289	ECDSA_SIG (psign_sig)(const unsigned char dgst,
	290	int dgst_len,
	291	const BIGNUM *in_kinv,
	292	const BIGNUM *in_r,
	293	EC_KEY *eckey))
	294	{
	295	if (psign != NULL)
	296	*psign = meth->sign;
	297	if (psign_setup != NULL)
	298	*psign_setup = meth->sign_setup;
	299	if (psign_sig != NULL)
	300	*psign_sig = meth->sign_sig;
	301	}
	302
4e9b720e	303	void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
f8d7d2d6 DSH	304	int (**pverify)(int type, const unsigned
	305	char *dgst, int dgst_len,
	306	const unsigned char *sigbuf,
	307	int sig_len, EC_KEY *eckey),
	308	int (*pverify_sig)(const unsigned char dgst,
	309	int dgst_len,
	310	const ECDSA_SIG *sig,
	311	EC_KEY *eckey))
	312	{
	313	if (pverify != NULL)
	314	*pverify = meth->verify;
	315	if (pverify_sig != NULL)
	316	*pverify_sig = meth->verify_sig;
	317	}