return get_payload_bn(state, translation, ctx, bn);
}
+static int get_payload_int(enum state state,
+ const struct translation_st *translation,
+ struct translation_ctx_st *ctx,
+ const int val)
+{
+ if (ctx->params->data_type != OSSL_PARAM_INTEGER)
+ return 0;
+ ctx->p1 = val;
+ ctx->p2 = NULL;
+
+ return default_fixup_args(state, translation, ctx);
+}
+
+static int get_ec_decoded_from_explicit_params(enum state state,
+ const struct translation_st *translation,
+ struct translation_ctx_st *ctx)
+{
+ int val = 0;
+ EVP_PKEY *pkey = ctx->p2;
+
+ switch (EVP_PKEY_base_id(pkey)) {
+#ifndef OPENSSL_NO_EC
+ case EVP_PKEY_EC:
+ val = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
+ break;
+#endif
+ default:
+ ERR_raise(ERR_LIB_EVP, EVP_R_UNSUPPORTED_KEY_TYPE);
+ return 0;
+ }
+
+ return get_payload_int(state, translation, ctx, val);
+}
+
static int get_rsa_payload_n(enum state state,
const struct translation_st *translation,
struct translation_ctx_st *ctx)
{ GET, -1, -1, -1, 0, NULL, NULL,
OSSL_PKEY_PARAM_RSA_COEFFICIENT9, OSSL_PARAM_UNSIGNED_INTEGER,
get_rsa_payload_c9 },
+
+ /* EC */
+ { GET, -1, -1, -1, 0, NULL, NULL,
+ OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, OSSL_PARAM_INTEGER,
+ get_ec_decoded_from_explicit_params },
};
static const struct translation_st *
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/objects.h>
+#include <openssl/core_names.h>
#include "internal/dane.h"
#include "crypto/x509.h"
#include "x509_local.h"
*/
static int check_curve(X509 *cert)
{
-#ifndef OPENSSL_NO_EC
EVP_PKEY *pkey = X509_get0_pubkey(cert);
/* Unsupported or malformed key */
return -1;
if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
- int ret;
+ int ret, val;
- ret = EC_KEY_decoded_from_explicit_params(EVP_PKEY_get0_EC_KEY(pkey));
- return ret < 0 ? ret : !ret;
+ ret = EVP_PKEY_get_int_param(pkey,
+ OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS,
+ &val);
+ return ret < 0 ? ret : !val;
}
-#endif
return 1;
}
I<cofactor> is an optional value.
I<order> multiplied by the I<cofactor> gives the number of points on the curve.
+=item "decoded-from-explicit" (B<OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS>) <integer>
+
+Gets a flag indicating wether the key or parameters were decoded from explicit
+curve parameters. Set to 1 if so or 0 if a named curve was used.
+
=item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer>
Enable Cofactor DH (ECC CDH) if this value is 1, otherwise it uses normal EC DH
#define OSSL_PKEY_PARAM_EC_PUB_Y "qy"
/* Elliptic Curve Explicit Domain Parameters */
-#define OSSL_PKEY_PARAM_EC_FIELD_TYPE "field-type"
-#define OSSL_PKEY_PARAM_EC_P "p"
-#define OSSL_PKEY_PARAM_EC_A "a"
-#define OSSL_PKEY_PARAM_EC_B "b"
-#define OSSL_PKEY_PARAM_EC_GENERATOR "generator"
-#define OSSL_PKEY_PARAM_EC_ORDER "order"
-#define OSSL_PKEY_PARAM_EC_COFACTOR "cofactor"
-#define OSSL_PKEY_PARAM_EC_SEED "seed"
-#define OSSL_PKEY_PARAM_EC_CHAR2_M "m"
-#define OSSL_PKEY_PARAM_EC_CHAR2_TYPE "basis-type"
-#define OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS "tp"
-#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K1 "k1"
-#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K2 "k2"
-#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K3 "k3"
+#define OSSL_PKEY_PARAM_EC_FIELD_TYPE "field-type"
+#define OSSL_PKEY_PARAM_EC_P "p"
+#define OSSL_PKEY_PARAM_EC_A "a"
+#define OSSL_PKEY_PARAM_EC_B "b"
+#define OSSL_PKEY_PARAM_EC_GENERATOR "generator"
+#define OSSL_PKEY_PARAM_EC_ORDER "order"
+#define OSSL_PKEY_PARAM_EC_COFACTOR "cofactor"
+#define OSSL_PKEY_PARAM_EC_SEED "seed"
+#define OSSL_PKEY_PARAM_EC_CHAR2_M "m"
+#define OSSL_PKEY_PARAM_EC_CHAR2_TYPE "basis-type"
+#define OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS "tp"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K1 "k1"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K2 "k2"
+#define OSSL_PKEY_PARAM_EC_CHAR2_PP_K3 "k3"
+#define OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS "decoded-from-explicit"
/* Elliptic Curve Key Parameters */
#define OSSL_PKEY_PARAM_USE_COFACTOR_FLAG "use-cofactor-flag"
goto err;
}
+ if ((p = OSSL_PARAM_locate(params,
+ OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS))
+ != NULL) {
+ int explicitparams = EC_KEY_decoded_from_explicit_params(eck);
+
+ if (explicitparams < 0
+ || !OSSL_PARAM_set_int(p, explicitparams))
+ goto err;
+ }
+
if (!sm2) {
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
&& !OSSL_PARAM_set_utf8_string(p, EC_DEFAULT_MD))
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
+ OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, NULL),
EC_IMEXPORTABLE_DOM_PARAMETERS,
EC2M_GETTABLE_DOM_PARAMS
EC_IMEXPORTABLE_PUBLIC_KEY,
OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_DEFAULT_DIGEST, NULL, 0),
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0),
+ OSSL_PARAM_int(OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS, NULL),
EC_IMEXPORTABLE_DOM_PARAMETERS,
EC_IMEXPORTABLE_PUBLIC_KEY,
OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0),
projects / thirdparty / openssl.git / commitdiff
