| GCC Code Coverage Report | |||||||||||||||||||||
|
|||||||||||||||||||||
| Line | Branch | Exec | Source |
1 |
/* $OpenBSD: ec_asn1.c,v 1.24 2017/05/26 16:32:14 jsing Exp $ */ |
||
2 |
/* |
||
3 |
* Written by Nils Larsch for the OpenSSL project. |
||
4 |
*/ |
||
5 |
/* ==================================================================== |
||
6 |
* Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved. |
||
7 |
* |
||
8 |
* Redistribution and use in source and binary forms, with or without |
||
9 |
* modification, are permitted provided that the following conditions |
||
10 |
* are met: |
||
11 |
* |
||
12 |
* 1. Redistributions of source code must retain the above copyright |
||
13 |
* notice, this list of conditions and the following disclaimer. |
||
14 |
* |
||
15 |
* 2. Redistributions in binary form must reproduce the above copyright |
||
16 |
* notice, this list of conditions and the following disclaimer in |
||
17 |
* the documentation and/or other materials provided with the |
||
18 |
* distribution. |
||
19 |
* |
||
20 |
* 3. All advertising materials mentioning features or use of this |
||
21 |
* software must display the following acknowledgment: |
||
22 |
* "This product includes software developed by the OpenSSL Project |
||
23 |
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
||
24 |
* |
||
25 |
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
||
26 |
* endorse or promote products derived from this software without |
||
27 |
* prior written permission. For written permission, please contact |
||
28 |
* licensing@OpenSSL.org. |
||
29 |
* |
||
30 |
* 5. Products derived from this software may not be called "OpenSSL" |
||
31 |
* nor may "OpenSSL" appear in their names without prior written |
||
32 |
* permission of the OpenSSL Project. |
||
33 |
* |
||
34 |
* 6. Redistributions of any form whatsoever must retain the following |
||
35 |
* acknowledgment: |
||
36 |
* "This product includes software developed by the OpenSSL Project |
||
37 |
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
||
38 |
* |
||
39 |
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
||
40 |
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
||
41 |
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
||
42 |
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
||
43 |
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
||
44 |
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
||
45 |
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
||
46 |
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
||
47 |
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
||
48 |
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
||
49 |
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
||
50 |
* OF THE POSSIBILITY OF SUCH DAMAGE. |
||
51 |
* ==================================================================== |
||
52 |
* |
||
53 |
* This product includes cryptographic software written by Eric Young |
||
54 |
* (eay@cryptsoft.com). This product includes software written by Tim |
||
55 |
* Hudson (tjh@cryptsoft.com). |
||
56 |
* |
||
57 |
*/ |
||
58 |
|||
59 |
#include <string.h> |
||
60 |
|||
61 |
#include <openssl/opensslconf.h> |
||
62 |
|||
63 |
#include "ec_lcl.h" |
||
64 |
#include <openssl/err.h> |
||
65 |
#include <openssl/asn1t.h> |
||
66 |
#include <openssl/objects.h> |
||
67 |
|||
68 |
int |
||
69 |
EC_GROUP_get_basis_type(const EC_GROUP * group) |
||
70 |
{ |
||
71 |
int i = 0; |
||
72 |
|||
73 |
✗✓ | 1176 |
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != |
74 |
NID_X9_62_characteristic_two_field) |
||
75 |
/* everything else is currently not supported */ |
||
76 |
return 0; |
||
77 |
|||
78 |
✓✓ | 4004 |
while (group->poly[i] != 0) |
79 |
1708 |
i++; |
|
80 |
|||
81 |
✓✓ | 588 |
if (i == 4) |
82 |
266 |
return NID_X9_62_ppBasis; |
|
83 |
✓✗ | 322 |
else if (i == 2) |
84 |
322 |
return NID_X9_62_tpBasis; |
|
85 |
else |
||
86 |
/* everything else is currently not supported */ |
||
87 |
return 0; |
||
88 |
588 |
} |
|
89 |
#ifndef OPENSSL_NO_EC2M |
||
90 |
int |
||
91 |
EC_GROUP_get_trinomial_basis(const EC_GROUP * group, unsigned int *k) |
||
92 |
{ |
||
93 |
✗✓ | 552 |
if (group == NULL) |
94 |
return 0; |
||
95 |
|||
96 |
✗✓ | 552 |
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != |
97 |
NID_X9_62_characteristic_two_field |
||
98 |
✓✗✓✗ ✓✗ |
1104 |
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0))) { |
99 |
ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
||
100 |
return 0; |
||
101 |
} |
||
102 |
✓✗ | 276 |
if (k) |
103 |
276 |
*k = group->poly[1]; |
|
104 |
|||
105 |
276 |
return 1; |
|
106 |
276 |
} |
|
107 |
int |
||
108 |
EC_GROUP_get_pentanomial_basis(const EC_GROUP * group, unsigned int *k1, |
||
109 |
unsigned int *k2, unsigned int *k3) |
||
110 |
{ |
||
111 |
✗✓ | 456 |
if (group == NULL) |
112 |
return 0; |
||
113 |
|||
114 |
✗✓ | 456 |
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != |
115 |
NID_X9_62_characteristic_two_field |
||
116 |
✓✗✓✗ ✓✗✓✗ ✓✗ |
1368 |
|| !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0))) { |
117 |
ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
||
118 |
return 0; |
||
119 |
} |
||
120 |
✓✗ | 228 |
if (k1) |
121 |
228 |
*k1 = group->poly[3]; |
|
122 |
✓✗ | 228 |
if (k2) |
123 |
228 |
*k2 = group->poly[2]; |
|
124 |
✓✗ | 228 |
if (k3) |
125 |
228 |
*k3 = group->poly[1]; |
|
126 |
|||
127 |
228 |
return 1; |
|
128 |
228 |
} |
|
129 |
#endif |
||
130 |
|||
131 |
|||
132 |
/* some structures needed for the asn1 encoding */ |
||
133 |
typedef struct x9_62_pentanomial_st { |
||
134 |
long k1; |
||
135 |
long k2; |
||
136 |
long k3; |
||
137 |
} X9_62_PENTANOMIAL; |
||
138 |
|||
139 |
typedef struct x9_62_characteristic_two_st { |
||
140 |
long m; |
||
141 |
ASN1_OBJECT *type; |
||
142 |
union { |
||
143 |
char *ptr; |
||
144 |
/* NID_X9_62_onBasis */ |
||
145 |
ASN1_NULL *onBasis; |
||
146 |
/* NID_X9_62_tpBasis */ |
||
147 |
ASN1_INTEGER *tpBasis; |
||
148 |
/* NID_X9_62_ppBasis */ |
||
149 |
X9_62_PENTANOMIAL *ppBasis; |
||
150 |
/* anything else */ |
||
151 |
ASN1_TYPE *other; |
||
152 |
} p; |
||
153 |
} X9_62_CHARACTERISTIC_TWO; |
||
154 |
|||
155 |
typedef struct x9_62_fieldid_st { |
||
156 |
ASN1_OBJECT *fieldType; |
||
157 |
union { |
||
158 |
char *ptr; |
||
159 |
/* NID_X9_62_prime_field */ |
||
160 |
ASN1_INTEGER *prime; |
||
161 |
/* NID_X9_62_characteristic_two_field */ |
||
162 |
X9_62_CHARACTERISTIC_TWO *char_two; |
||
163 |
/* anything else */ |
||
164 |
ASN1_TYPE *other; |
||
165 |
} p; |
||
166 |
} X9_62_FIELDID; |
||
167 |
|||
168 |
typedef struct x9_62_curve_st { |
||
169 |
ASN1_OCTET_STRING *a; |
||
170 |
ASN1_OCTET_STRING *b; |
||
171 |
ASN1_BIT_STRING *seed; |
||
172 |
} X9_62_CURVE; |
||
173 |
|||
174 |
typedef struct ec_parameters_st { |
||
175 |
long version; |
||
176 |
X9_62_FIELDID *fieldID; |
||
177 |
X9_62_CURVE *curve; |
||
178 |
ASN1_OCTET_STRING *base; |
||
179 |
ASN1_INTEGER *order; |
||
180 |
ASN1_INTEGER *cofactor; |
||
181 |
} ECPARAMETERS; |
||
182 |
|||
183 |
struct ecpk_parameters_st { |
||
184 |
int type; |
||
185 |
union { |
||
186 |
ASN1_OBJECT *named_curve; |
||
187 |
ECPARAMETERS *parameters; |
||
188 |
ASN1_NULL *implicitlyCA; |
||
189 |
} value; |
||
190 |
} /* ECPKPARAMETERS */ ; |
||
191 |
|||
192 |
/* SEC1 ECPrivateKey */ |
||
193 |
typedef struct ec_privatekey_st { |
||
194 |
long version; |
||
195 |
ASN1_OCTET_STRING *privateKey; |
||
196 |
ECPKPARAMETERS *parameters; |
||
197 |
ASN1_BIT_STRING *publicKey; |
||
198 |
} EC_PRIVATEKEY; |
||
199 |
|||
200 |
/* the OpenSSL ASN.1 definitions */ |
||
201 |
static const ASN1_TEMPLATE X9_62_PENTANOMIAL_seq_tt[] = { |
||
202 |
{ |
||
203 |
.flags = 0, |
||
204 |
.tag = 0, |
||
205 |
.offset = offsetof(X9_62_PENTANOMIAL, k1), |
||
206 |
.field_name = "k1", |
||
207 |
.item = &LONG_it, |
||
208 |
}, |
||
209 |
{ |
||
210 |
.flags = 0, |
||
211 |
.tag = 0, |
||
212 |
.offset = offsetof(X9_62_PENTANOMIAL, k2), |
||
213 |
.field_name = "k2", |
||
214 |
.item = &LONG_it, |
||
215 |
}, |
||
216 |
{ |
||
217 |
.flags = 0, |
||
218 |
.tag = 0, |
||
219 |
.offset = offsetof(X9_62_PENTANOMIAL, k3), |
||
220 |
.field_name = "k3", |
||
221 |
.item = &LONG_it, |
||
222 |
}, |
||
223 |
}; |
||
224 |
|||
225 |
const ASN1_ITEM X9_62_PENTANOMIAL_it = { |
||
226 |
.itype = ASN1_ITYPE_SEQUENCE, |
||
227 |
.utype = V_ASN1_SEQUENCE, |
||
228 |
.templates = X9_62_PENTANOMIAL_seq_tt, |
||
229 |
.tcount = sizeof(X9_62_PENTANOMIAL_seq_tt) / sizeof(ASN1_TEMPLATE), |
||
230 |
.funcs = NULL, |
||
231 |
.size = sizeof(X9_62_PENTANOMIAL), |
||
232 |
.sname = "X9_62_PENTANOMIAL", |
||
233 |
}; |
||
234 |
|||
235 |
X9_62_PENTANOMIAL *X9_62_PENTANOMIAL_new(void); |
||
236 |
void X9_62_PENTANOMIAL_free(X9_62_PENTANOMIAL *a); |
||
237 |
|||
238 |
X9_62_PENTANOMIAL * |
||
239 |
X9_62_PENTANOMIAL_new(void) |
||
240 |
{ |
||
241 |
456 |
return (X9_62_PENTANOMIAL*)ASN1_item_new(&X9_62_PENTANOMIAL_it); |
|
242 |
} |
||
243 |
|||
244 |
void |
||
245 |
X9_62_PENTANOMIAL_free(X9_62_PENTANOMIAL *a) |
||
246 |
{ |
||
247 |
ASN1_item_free((ASN1_VALUE *)a, &X9_62_PENTANOMIAL_it); |
||
248 |
} |
||
249 |
|||
250 |
static const ASN1_TEMPLATE char_two_def_tt = { |
||
251 |
.flags = 0, |
||
252 |
.tag = 0, |
||
253 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.other), |
||
254 |
.field_name = "p.other", |
||
255 |
.item = &ASN1_ANY_it, |
||
256 |
}; |
||
257 |
|||
258 |
static const ASN1_ADB_TABLE X9_62_CHARACTERISTIC_TWO_adbtbl[] = { |
||
259 |
{ |
||
260 |
.value = NID_X9_62_onBasis, |
||
261 |
.tt = { |
||
262 |
.flags = 0, |
||
263 |
.tag = 0, |
||
264 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.onBasis), |
||
265 |
.field_name = "p.onBasis", |
||
266 |
.item = &ASN1_NULL_it, |
||
267 |
}, |
||
268 |
|||
269 |
}, |
||
270 |
{ |
||
271 |
.value = NID_X9_62_tpBasis, |
||
272 |
.tt = { |
||
273 |
.flags = 0, |
||
274 |
.tag = 0, |
||
275 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.tpBasis), |
||
276 |
.field_name = "p.tpBasis", |
||
277 |
.item = &ASN1_INTEGER_it, |
||
278 |
}, |
||
279 |
|||
280 |
}, |
||
281 |
{ |
||
282 |
.value = NID_X9_62_ppBasis, |
||
283 |
.tt = { |
||
284 |
.flags = 0, |
||
285 |
.tag = 0, |
||
286 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, p.ppBasis), |
||
287 |
.field_name = "p.ppBasis", |
||
288 |
.item = &X9_62_PENTANOMIAL_it, |
||
289 |
}, |
||
290 |
|||
291 |
}, |
||
292 |
}; |
||
293 |
|||
294 |
static const ASN1_ADB X9_62_CHARACTERISTIC_TWO_adb = { |
||
295 |
.flags = 0, |
||
296 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, type), |
||
297 |
.app_items = 0, |
||
298 |
.tbl = X9_62_CHARACTERISTIC_TWO_adbtbl, |
||
299 |
.tblcount = sizeof(X9_62_CHARACTERISTIC_TWO_adbtbl) / sizeof(ASN1_ADB_TABLE), |
||
300 |
.default_tt = &char_two_def_tt, |
||
301 |
.null_tt = NULL, |
||
302 |
}; |
||
303 |
|||
304 |
static const ASN1_TEMPLATE X9_62_CHARACTERISTIC_TWO_seq_tt[] = { |
||
305 |
{ |
||
306 |
.flags = 0, |
||
307 |
.tag = 0, |
||
308 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, m), |
||
309 |
.field_name = "m", |
||
310 |
.item = &LONG_it, |
||
311 |
}, |
||
312 |
{ |
||
313 |
.flags = 0, |
||
314 |
.tag = 0, |
||
315 |
.offset = offsetof(X9_62_CHARACTERISTIC_TWO, type), |
||
316 |
.field_name = "type", |
||
317 |
.item = &ASN1_OBJECT_it, |
||
318 |
}, |
||
319 |
{ |
||
320 |
.flags = ASN1_TFLG_ADB_OID, |
||
321 |
.tag = -1, |
||
322 |
.offset = 0, |
||
323 |
.field_name = "X9_62_CHARACTERISTIC_TWO", |
||
324 |
.item = (const ASN1_ITEM *)&X9_62_CHARACTERISTIC_TWO_adb, |
||
325 |
}, |
||
326 |
}; |
||
327 |
|||
328 |
const ASN1_ITEM X9_62_CHARACTERISTIC_TWO_it = { |
||
329 |
.itype = ASN1_ITYPE_SEQUENCE, |
||
330 |
.utype = V_ASN1_SEQUENCE, |
||
331 |
.templates = X9_62_CHARACTERISTIC_TWO_seq_tt, |
||
332 |
.tcount = sizeof(X9_62_CHARACTERISTIC_TWO_seq_tt) / sizeof(ASN1_TEMPLATE), |
||
333 |
.funcs = NULL, |
||
334 |
.size = sizeof(X9_62_CHARACTERISTIC_TWO), |
||
335 |
.sname = "X9_62_CHARACTERISTIC_TWO", |
||
336 |
}; |
||
337 |
X9_62_CHARACTERISTIC_TWO *X9_62_CHARACTERISTIC_TWO_new(void); |
||
338 |
void X9_62_CHARACTERISTIC_TWO_free(X9_62_CHARACTERISTIC_TWO *a); |
||
339 |
|||
340 |
X9_62_CHARACTERISTIC_TWO * |
||
341 |
X9_62_CHARACTERISTIC_TWO_new(void) |
||
342 |
{ |
||
343 |
1008 |
return (X9_62_CHARACTERISTIC_TWO*)ASN1_item_new(&X9_62_CHARACTERISTIC_TWO_it); |
|
344 |
} |
||
345 |
|||
346 |
void |
||
347 |
X9_62_CHARACTERISTIC_TWO_free(X9_62_CHARACTERISTIC_TWO *a) |
||
348 |
{ |
||
349 |
ASN1_item_free((ASN1_VALUE *)a, &X9_62_CHARACTERISTIC_TWO_it); |
||
350 |
} |
||
351 |
static const ASN1_TEMPLATE fieldID_def_tt = { |
||
352 |
.flags = 0, |
||
353 |
.tag = 0, |
||
354 |
.offset = offsetof(X9_62_FIELDID, p.other), |
||
355 |
.field_name = "p.other", |
||
356 |
.item = &ASN1_ANY_it, |
||
357 |
}; |
||
358 |
|||
359 |
static const ASN1_ADB_TABLE X9_62_FIELDID_adbtbl[] = { |
||
360 |
{ |
||
361 |
.value = NID_X9_62_prime_field, |
||
362 |
.tt = { |
||
363 |
.flags = 0, |
||
364 |
.tag = 0, |
||
365 |
.offset = offsetof(X9_62_FIELDID, p.prime), |
||
366 |
.field_name = "p.prime", |
||
367 |
.item = &ASN1_INTEGER_it, |
||
368 |
}, |
||
369 |
|||
370 |
}, |
||
371 |
{ |
||
372 |
.value = NID_X9_62_characteristic_two_field, |
||
373 |
.tt = { |
||
374 |
.flags = 0, |
||
375 |
.tag = 0, |
||
376 |
.offset = offsetof(X9_62_FIELDID, p.char_two), |
||
377 |
.field_name = "p.char_two", |
||
378 |
.item = &X9_62_CHARACTERISTIC_TWO_it, |
||
379 |
}, |
||
380 |
|||
381 |
}, |
||
382 |
}; |
||
383 |
|||
384 |
static const ASN1_ADB X9_62_FIELDID_adb = { |
||
385 |
.flags = 0, |
||
386 |
.offset = offsetof(X9_62_FIELDID, fieldType), |
||
387 |
.app_items = 0, |
||
388 |
.tbl = X9_62_FIELDID_adbtbl, |
||
389 |
.tblcount = sizeof(X9_62_FIELDID_adbtbl) / sizeof(ASN1_ADB_TABLE), |
||
390 |
.default_tt = &fieldID_def_tt, |
||
391 |
.null_tt = NULL, |
||
392 |
}; |
||
393 |
|||
394 |
static const ASN1_TEMPLATE X9_62_FIELDID_seq_tt[] = { |
||
395 |
{ |
||
396 |
.flags = 0, |
||
397 |
.tag = 0, |
||
398 |
.offset = offsetof(X9_62_FIELDID, fieldType), |
||
399 |
.field_name = "fieldType", |
||
400 |
.item = &ASN1_OBJECT_it, |
||
401 |
}, |
||
402 |
{ |
||
403 |
.flags = ASN1_TFLG_ADB_OID, |
||
404 |
.tag = -1, |
||
405 |
.offset = 0, |
||
406 |
.field_name = "X9_62_FIELDID", |
||
407 |
.item = (const ASN1_ITEM *)&X9_62_FIELDID_adb, |
||
408 |
}, |
||
409 |
}; |
||
410 |
|||
411 |
const ASN1_ITEM X9_62_FIELDID_it = { |
||
412 |
.itype = ASN1_ITYPE_SEQUENCE, |
||
413 |
.utype = V_ASN1_SEQUENCE, |
||
414 |
.templates = X9_62_FIELDID_seq_tt, |
||
415 |
.tcount = sizeof(X9_62_FIELDID_seq_tt) / sizeof(ASN1_TEMPLATE), |
||
416 |
.funcs = NULL, |
||
417 |
.size = sizeof(X9_62_FIELDID), |
||
418 |
.sname = "X9_62_FIELDID", |
||
419 |
}; |
||
420 |
|||
421 |
static const ASN1_TEMPLATE X9_62_CURVE_seq_tt[] = { |
||
422 |
{ |
||
423 |
.flags = 0, |
||
424 |
.tag = 0, |
||
425 |
.offset = offsetof(X9_62_CURVE, a), |
||
426 |
.field_name = "a", |
||
427 |
.item = &ASN1_OCTET_STRING_it, |
||
428 |
}, |
||
429 |
{ |
||
430 |
.flags = 0, |
||
431 |
.tag = 0, |
||
432 |
.offset = offsetof(X9_62_CURVE, b), |
||
433 |
.field_name = "b", |
||
434 |
.item = &ASN1_OCTET_STRING_it, |
||
435 |
}, |
||
436 |
{ |
||
437 |
.flags = ASN1_TFLG_OPTIONAL, |
||
438 |
.tag = 0, |
||
439 |
.offset = offsetof(X9_62_CURVE, seed), |
||
440 |
.field_name = "seed", |
||
441 |
.item = &ASN1_BIT_STRING_it, |
||
442 |
}, |
||
443 |
}; |
||
444 |
|||
445 |
const ASN1_ITEM X9_62_CURVE_it = { |
||
446 |
.itype = ASN1_ITYPE_SEQUENCE, |
||
447 |
.utype = V_ASN1_SEQUENCE, |
||
448 |
.templates = X9_62_CURVE_seq_tt, |
||
449 |
.tcount = sizeof(X9_62_CURVE_seq_tt) / sizeof(ASN1_TEMPLATE), |
||
450 |
.funcs = NULL, |
||
451 |
.size = sizeof(X9_62_CURVE), |
||
452 |
.sname = "X9_62_CURVE", |
||
453 |
}; |
||
454 |
|||
455 |
static const ASN1_TEMPLATE ECPARAMETERS_seq_tt[] = { |
||
456 |
{ |
||
457 |
.flags = 0, |
||
458 |
.tag = 0, |
||
459 |
.offset = offsetof(ECPARAMETERS, version), |
||
460 |
.field_name = "version", |
||
461 |
.item = &LONG_it, |
||
462 |
}, |
||
463 |
{ |
||
464 |
.flags = 0, |
||
465 |
.tag = 0, |
||
466 |
.offset = offsetof(ECPARAMETERS, fieldID), |
||
467 |
.field_name = "fieldID", |
||
468 |
.item = &X9_62_FIELDID_it, |
||
469 |
}, |
||
470 |
{ |
||
471 |
.flags = 0, |
||
472 |
.tag = 0, |
||
473 |
.offset = offsetof(ECPARAMETERS, curve), |
||
474 |
.field_name = "curve", |
||
475 |
.item = &X9_62_CURVE_it, |
||
476 |
}, |
||
477 |
{ |
||
478 |
.flags = 0, |
||
479 |
.tag = 0, |
||
480 |
.offset = offsetof(ECPARAMETERS, base), |
||
481 |
.field_name = "base", |
||
482 |
.item = &ASN1_OCTET_STRING_it, |
||
483 |
}, |
||
484 |
{ |
||
485 |
.flags = 0, |
||
486 |
.tag = 0, |
||
487 |
.offset = offsetof(ECPARAMETERS, order), |
||
488 |
.field_name = "order", |
||
489 |
.item = &ASN1_INTEGER_it, |
||
490 |
}, |
||
491 |
{ |
||
492 |
.flags = ASN1_TFLG_OPTIONAL, |
||
493 |
.tag = 0, |
||
494 |
.offset = offsetof(ECPARAMETERS, cofactor), |
||
495 |
.field_name = "cofactor", |
||
496 |
.item = &ASN1_INTEGER_it, |
||
497 |
}, |
||
498 |
}; |
||
499 |
|||
500 |
const ASN1_ITEM ECPARAMETERS_it = { |
||
501 |
.itype = ASN1_ITYPE_SEQUENCE, |
||
502 |
.utype = V_ASN1_SEQUENCE, |
||
503 |
.templates = ECPARAMETERS_seq_tt, |
||
504 |
.tcount = sizeof(ECPARAMETERS_seq_tt) / sizeof(ASN1_TEMPLATE), |
||
505 |
.funcs = NULL, |
||
506 |
.size = sizeof(ECPARAMETERS), |
||
507 |
.sname = "ECPARAMETERS", |
||
508 |
}; |
||
509 |
ECPARAMETERS *ECPARAMETERS_new(void); |
||
510 |
void ECPARAMETERS_free(ECPARAMETERS *a); |
||
511 |
|||
512 |
ECPARAMETERS * |
||
513 |
ECPARAMETERS_new(void) |
||
514 |
{ |
||
515 |
2184 |
return (ECPARAMETERS*)ASN1_item_new(&ECPARAMETERS_it); |
|
516 |
} |
||
517 |
|||
518 |
void |
||
519 |
ECPARAMETERS_free(ECPARAMETERS *a) |
||
520 |
{ |
||
521 |
ASN1_item_free((ASN1_VALUE *)a, &ECPARAMETERS_it); |
||
522 |
} |
||
523 |
|||
524 |
static const ASN1_TEMPLATE ECPKPARAMETERS_ch_tt[] = { |
||
525 |
{ |
||
526 |
.flags = 0, |
||
527 |
.tag = 0, |
||
528 |
.offset = offsetof(ECPKPARAMETERS, value.named_curve), |
||
529 |
.field_name = "value.named_curve", |
||
530 |
.item = &ASN1_OBJECT_it, |
||
531 |
}, |
||
532 |
{ |
||
533 |
.flags = 0, |
||
534 |
.tag = 0, |
||
535 |
.offset = offsetof(ECPKPARAMETERS, value.parameters), |
||
536 |
.field_name = "value.parameters", |
||
537 |
.item = &ECPARAMETERS_it, |
||
538 |
}, |
||
539 |
{ |
||
540 |
.flags = 0, |
||
541 |
.tag = 0, |
||
542 |
.offset = offsetof(ECPKPARAMETERS, value.implicitlyCA), |
||
543 |
.field_name = "value.implicitlyCA", |
||
544 |
.item = &ASN1_NULL_it, |
||
545 |
}, |
||
546 |
}; |
||
547 |
|||
548 |
const ASN1_ITEM ECPKPARAMETERS_it = { |
||
549 |
.itype = ASN1_ITYPE_CHOICE, |
||
550 |
.utype = offsetof(ECPKPARAMETERS, type), |
||
551 |
.templates = ECPKPARAMETERS_ch_tt, |
||
552 |
.tcount = sizeof(ECPKPARAMETERS_ch_tt) / sizeof(ASN1_TEMPLATE), |
||
553 |
.funcs = NULL, |
||
554 |
.size = sizeof(ECPKPARAMETERS), |
||
555 |
.sname = "ECPKPARAMETERS", |
||
556 |
}; |
||
557 |
|||
558 |
ECPKPARAMETERS *ECPKPARAMETERS_new(void); |
||
559 |
void ECPKPARAMETERS_free(ECPKPARAMETERS *a); |
||
560 |
ECPKPARAMETERS *d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len); |
||
561 |
int i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out); |
||
562 |
|||
563 |
ECPKPARAMETERS * |
||
564 |
d2i_ECPKPARAMETERS(ECPKPARAMETERS **a, const unsigned char **in, long len) |
||
565 |
{ |
||
566 |
12 |
return (ECPKPARAMETERS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, |
|
567 |
&ECPKPARAMETERS_it); |
||
568 |
} |
||
569 |
|||
570 |
int |
||
571 |
i2d_ECPKPARAMETERS(const ECPKPARAMETERS *a, unsigned char **out) |
||
572 |
{ |
||
573 |
744 |
return ASN1_item_i2d((ASN1_VALUE *)a, out, &ECPKPARAMETERS_it); |
|
574 |
} |
||
575 |
|||
576 |
ECPKPARAMETERS * |
||
577 |
ECPKPARAMETERS_new(void) |
||
578 |
{ |
||
579 |
2188 |
return (ECPKPARAMETERS *)ASN1_item_new(&ECPKPARAMETERS_it); |
|
580 |
} |
||
581 |
|||
582 |
void |
||
583 |
ECPKPARAMETERS_free(ECPKPARAMETERS *a) |
||
584 |
{ |
||
585 |
756 |
ASN1_item_free((ASN1_VALUE *)a, &ECPKPARAMETERS_it); |
|
586 |
378 |
} |
|
587 |
|||
588 |
static const ASN1_TEMPLATE EC_PRIVATEKEY_seq_tt[] = { |
||
589 |
{ |
||
590 |
.flags = 0, |
||
591 |
.tag = 0, |
||
592 |
.offset = offsetof(EC_PRIVATEKEY, version), |
||
593 |
.field_name = "version", |
||
594 |
.item = &LONG_it, |
||
595 |
}, |
||
596 |
{ |
||
597 |
.flags = 0, |
||
598 |
.tag = 0, |
||
599 |
.offset = offsetof(EC_PRIVATEKEY, privateKey), |
||
600 |
.field_name = "privateKey", |
||
601 |
.item = &ASN1_OCTET_STRING_it, |
||
602 |
}, |
||
603 |
{ |
||
604 |
.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, |
||
605 |
.tag = 0, |
||
606 |
.offset = offsetof(EC_PRIVATEKEY, parameters), |
||
607 |
.field_name = "parameters", |
||
608 |
.item = &ECPKPARAMETERS_it, |
||
609 |
}, |
||
610 |
{ |
||
611 |
.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL, |
||
612 |
.tag = 1, |
||
613 |
.offset = offsetof(EC_PRIVATEKEY, publicKey), |
||
614 |
.field_name = "publicKey", |
||
615 |
.item = &ASN1_BIT_STRING_it, |
||
616 |
}, |
||
617 |
}; |
||
618 |
|||
619 |
const ASN1_ITEM EC_PRIVATEKEY_it = { |
||
620 |
.itype = ASN1_ITYPE_SEQUENCE, |
||
621 |
.utype = V_ASN1_SEQUENCE, |
||
622 |
.templates = EC_PRIVATEKEY_seq_tt, |
||
623 |
.tcount = sizeof(EC_PRIVATEKEY_seq_tt) / sizeof(ASN1_TEMPLATE), |
||
624 |
.funcs = NULL, |
||
625 |
.size = sizeof(EC_PRIVATEKEY), |
||
626 |
.sname = "EC_PRIVATEKEY", |
||
627 |
}; |
||
628 |
|||
629 |
EC_PRIVATEKEY *EC_PRIVATEKEY_new(void); |
||
630 |
void EC_PRIVATEKEY_free(EC_PRIVATEKEY *a); |
||
631 |
EC_PRIVATEKEY *d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len); |
||
632 |
int i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out); |
||
633 |
|||
634 |
EC_PRIVATEKEY * |
||
635 |
d2i_EC_PRIVATEKEY(EC_PRIVATEKEY **a, const unsigned char **in, long len) |
||
636 |
{ |
||
637 |
364 |
return (EC_PRIVATEKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, |
|
638 |
&EC_PRIVATEKEY_it); |
||
639 |
} |
||
640 |
|||
641 |
int |
||
642 |
i2d_EC_PRIVATEKEY(const EC_PRIVATEKEY *a, unsigned char **out) |
||
643 |
{ |
||
644 |
1460 |
return ASN1_item_i2d((ASN1_VALUE *)a, out, &EC_PRIVATEKEY_it); |
|
645 |
} |
||
646 |
|||
647 |
EC_PRIVATEKEY * |
||
648 |
EC_PRIVATEKEY_new(void) |
||
649 |
{ |
||
650 |
1824 |
return (EC_PRIVATEKEY *)ASN1_item_new(&EC_PRIVATEKEY_it); |
|
651 |
} |
||
652 |
|||
653 |
void |
||
654 |
EC_PRIVATEKEY_free(EC_PRIVATEKEY *a) |
||
655 |
{ |
||
656 |
1824 |
ASN1_item_free((ASN1_VALUE *)a, &EC_PRIVATEKEY_it); |
|
657 |
912 |
} |
|
658 |
/* some declarations of internal function */ |
||
659 |
|||
660 |
/* ec_asn1_group2field() sets the values in a X9_62_FIELDID object */ |
||
661 |
static int ec_asn1_group2fieldid(const EC_GROUP *, X9_62_FIELDID *); |
||
662 |
/* ec_asn1_group2curve() sets the values in a X9_62_CURVE object */ |
||
663 |
static int ec_asn1_group2curve(const EC_GROUP *, X9_62_CURVE *); |
||
664 |
/* ec_asn1_parameters2group() creates a EC_GROUP object from a |
||
665 |
* ECPARAMETERS object */ |
||
666 |
static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *); |
||
667 |
/* ec_asn1_group2parameters() creates a ECPARAMETERS object from a |
||
668 |
* EC_GROUP object */ |
||
669 |
static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *, ECPARAMETERS *); |
||
670 |
/* ec_asn1_pkparameters2group() creates a EC_GROUP object from a |
||
671 |
* ECPKPARAMETERS object */ |
||
672 |
static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *); |
||
673 |
/* ec_asn1_group2pkparameters() creates a ECPKPARAMETERS object from a |
||
674 |
* EC_GROUP object */ |
||
675 |
static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *, |
||
676 |
ECPKPARAMETERS *); |
||
677 |
|||
678 |
|||
679 |
/* the function definitions */ |
||
680 |
|||
681 |
static int |
||
682 |
ec_asn1_group2fieldid(const EC_GROUP * group, X9_62_FIELDID * field) |
||
683 |
{ |
||
684 |
int ok = 0, nid; |
||
685 |
BIGNUM *tmp = NULL; |
||
686 |
|||
687 |
✗✓ | 2184 |
if (group == NULL || field == NULL) |
688 |
return 0; |
||
689 |
|||
690 |
/* clear the old values (if necessary) */ |
||
691 |
✗✓ | 1092 |
if (field->fieldType != NULL) |
692 |
ASN1_OBJECT_free(field->fieldType); |
||
693 |
✗✓ | 1092 |
if (field->p.other != NULL) |
694 |
ASN1_TYPE_free(field->p.other); |
||
695 |
|||
696 |
1092 |
nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); |
|
697 |
/* set OID for the field */ |
||
698 |
✗✓ | 1092 |
if ((field->fieldType = OBJ_nid2obj(nid)) == NULL) { |
699 |
ECerror(ERR_R_OBJ_LIB); |
||
700 |
goto err; |
||
701 |
} |
||
702 |
✓✓ | 1092 |
if (nid == NID_X9_62_prime_field) { |
703 |
✗✓ | 588 |
if ((tmp = BN_new()) == NULL) { |
704 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
705 |
goto err; |
||
706 |
} |
||
707 |
/* the parameters are specified by the prime number p */ |
||
708 |
✗✓ | 588 |
if (!EC_GROUP_get_curve_GFp(group, tmp, NULL, NULL, NULL)) { |
709 |
ECerror(ERR_R_EC_LIB); |
||
710 |
goto err; |
||
711 |
} |
||
712 |
/* set the prime number */ |
||
713 |
588 |
field->p.prime = BN_to_ASN1_INTEGER(tmp, NULL); |
|
714 |
✗✓ | 588 |
if (field->p.prime == NULL) { |
715 |
ECerror(ERR_R_ASN1_LIB); |
||
716 |
goto err; |
||
717 |
} |
||
718 |
} else /* nid == NID_X9_62_characteristic_two_field */ |
||
719 |
#ifdef OPENSSL_NO_EC2M |
||
720 |
{ |
||
721 |
ECerror(EC_R_GF2M_NOT_SUPPORTED); |
||
722 |
goto err; |
||
723 |
} |
||
724 |
#else |
||
725 |
{ |
||
726 |
int field_type; |
||
727 |
X9_62_CHARACTERISTIC_TWO *char_two; |
||
728 |
|||
729 |
504 |
field->p.char_two = X9_62_CHARACTERISTIC_TWO_new(); |
|
730 |
char_two = field->p.char_two; |
||
731 |
|||
732 |
✗✓ | 504 |
if (char_two == NULL) { |
733 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
734 |
goto err; |
||
735 |
} |
||
736 |
504 |
char_two->m = (long) EC_GROUP_get_degree(group); |
|
737 |
|||
738 |
504 |
field_type = EC_GROUP_get_basis_type(group); |
|
739 |
|||
740 |
✗✓ | 504 |
if (field_type == 0) { |
741 |
ECerror(ERR_R_EC_LIB); |
||
742 |
goto err; |
||
743 |
} |
||
744 |
/* set base type OID */ |
||
745 |
✗✓ | 504 |
if ((char_two->type = OBJ_nid2obj(field_type)) == NULL) { |
746 |
ECerror(ERR_R_OBJ_LIB); |
||
747 |
goto err; |
||
748 |
} |
||
749 |
✓✓ | 504 |
if (field_type == NID_X9_62_tpBasis) { |
750 |
276 |
unsigned int k; |
|
751 |
|||
752 |
✗✓ | 276 |
if (!EC_GROUP_get_trinomial_basis(group, &k)) |
753 |
goto err; |
||
754 |
|||
755 |
276 |
char_two->p.tpBasis = ASN1_INTEGER_new(); |
|
756 |
✗✓ | 276 |
if (!char_two->p.tpBasis) { |
757 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
758 |
goto err; |
||
759 |
} |
||
760 |
✗✓ | 276 |
if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long) k)) { |
761 |
ECerror(ERR_R_ASN1_LIB); |
||
762 |
goto err; |
||
763 |
} |
||
764 |
✓✗✓✗ |
780 |
} else if (field_type == NID_X9_62_ppBasis) { |
765 |
228 |
unsigned int k1, k2, k3; |
|
766 |
|||
767 |
✗✓ | 228 |
if (!EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3)) |
768 |
goto err; |
||
769 |
|||
770 |
228 |
char_two->p.ppBasis = X9_62_PENTANOMIAL_new(); |
|
771 |
✗✓ | 228 |
if (!char_two->p.ppBasis) { |
772 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
773 |
goto err; |
||
774 |
} |
||
775 |
/* set k? values */ |
||
776 |
228 |
char_two->p.ppBasis->k1 = (long) k1; |
|
777 |
228 |
char_two->p.ppBasis->k2 = (long) k2; |
|
778 |
228 |
char_two->p.ppBasis->k3 = (long) k3; |
|
779 |
✓✗ | 456 |
} else { /* field_type == NID_X9_62_onBasis */ |
780 |
/* for ONB the parameters are (asn1) NULL */ |
||
781 |
char_two->p.onBasis = ASN1_NULL_new(); |
||
782 |
if (!char_two->p.onBasis) { |
||
783 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
784 |
goto err; |
||
785 |
} |
||
786 |
} |
||
787 |
✓✓✓ | 504 |
} |
788 |
#endif |
||
789 |
|||
790 |
1092 |
ok = 1; |
|
791 |
|||
792 |
err: |
||
793 |
1092 |
BN_free(tmp); |
|
794 |
1092 |
return (ok); |
|
795 |
1092 |
} |
|
796 |
|||
797 |
static int |
||
798 |
ec_asn1_group2curve(const EC_GROUP * group, X9_62_CURVE * curve) |
||
799 |
{ |
||
800 |
int ok = 0, nid; |
||
801 |
BIGNUM *tmp_1 = NULL, *tmp_2 = NULL; |
||
802 |
unsigned char *buffer_1 = NULL, *buffer_2 = NULL, *a_buf = NULL, |
||
803 |
*b_buf = NULL; |
||
804 |
size_t len_1, len_2; |
||
805 |
2184 |
unsigned char char_zero = 0; |
|
806 |
|||
807 |
✓✗✓✗ ✗✓ |
3276 |
if (!group || !curve || !curve->a || !curve->b) |
808 |
return 0; |
||
809 |
|||
810 |
✓✗✗✓ |
2184 |
if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL) { |
811 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
812 |
goto err; |
||
813 |
} |
||
814 |
1092 |
nid = EC_METHOD_get_field_type(EC_GROUP_method_of(group)); |
|
815 |
|||
816 |
/* get a and b */ |
||
817 |
✓✓ | 1092 |
if (nid == NID_X9_62_prime_field) { |
818 |
✗✓ | 588 |
if (!EC_GROUP_get_curve_GFp(group, NULL, tmp_1, tmp_2, NULL)) { |
819 |
ECerror(ERR_R_EC_LIB); |
||
820 |
goto err; |
||
821 |
} |
||
822 |
} |
||
823 |
#ifndef OPENSSL_NO_EC2M |
||
824 |
else { /* nid == NID_X9_62_characteristic_two_field */ |
||
825 |
✗✓ | 504 |
if (!EC_GROUP_get_curve_GF2m(group, NULL, tmp_1, tmp_2, NULL)) { |
826 |
ECerror(ERR_R_EC_LIB); |
||
827 |
goto err; |
||
828 |
} |
||
829 |
} |
||
830 |
#endif |
||
831 |
1092 |
len_1 = (size_t) BN_num_bytes(tmp_1); |
|
832 |
1092 |
len_2 = (size_t) BN_num_bytes(tmp_2); |
|
833 |
|||
834 |
✓✓ | 1092 |
if (len_1 == 0) { |
835 |
/* len_1 == 0 => a == 0 */ |
||
836 |
a_buf = &char_zero; |
||
837 |
len_1 = 1; |
||
838 |
180 |
} else { |
|
839 |
✗✓ | 912 |
if ((buffer_1 = malloc(len_1)) == NULL) { |
840 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
841 |
goto err; |
||
842 |
} |
||
843 |
✗✓ | 912 |
if ((len_1 = BN_bn2bin(tmp_1, buffer_1)) == 0) { |
844 |
ECerror(ERR_R_BN_LIB); |
||
845 |
goto err; |
||
846 |
} |
||
847 |
a_buf = buffer_1; |
||
848 |
} |
||
849 |
|||
850 |
✗✓ | 1092 |
if (len_2 == 0) { |
851 |
/* len_2 == 0 => b == 0 */ |
||
852 |
b_buf = &char_zero; |
||
853 |
len_2 = 1; |
||
854 |
} else { |
||
855 |
✗✓ | 1092 |
if ((buffer_2 = malloc(len_2)) == NULL) { |
856 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
857 |
goto err; |
||
858 |
} |
||
859 |
✗✓ | 1092 |
if ((len_2 = BN_bn2bin(tmp_2, buffer_2)) == 0) { |
860 |
ECerror(ERR_R_BN_LIB); |
||
861 |
goto err; |
||
862 |
} |
||
863 |
b_buf = buffer_2; |
||
864 |
} |
||
865 |
|||
866 |
/* set a and b */ |
||
867 |
✓✗✗✓ |
2184 |
if (!ASN1_STRING_set(curve->a, a_buf, len_1) || |
868 |
1092 |
!ASN1_STRING_set(curve->b, b_buf, len_2)) { |
|
869 |
ECerror(ERR_R_ASN1_LIB); |
||
870 |
goto err; |
||
871 |
} |
||
872 |
/* set the seed (optional) */ |
||
873 |
✓✓ | 1092 |
if (group->seed) { |
874 |
✓✗ | 504 |
if (!curve->seed) |
875 |
✗✓ | 504 |
if ((curve->seed = ASN1_BIT_STRING_new()) == NULL) { |
876 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
877 |
goto err; |
||
878 |
} |
||
879 |
504 |
curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); |
|
880 |
504 |
curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT; |
|
881 |
✗✓ | 1008 |
if (!ASN1_BIT_STRING_set(curve->seed, group->seed, |
882 |
504 |
(int) group->seed_len)) { |
|
883 |
ECerror(ERR_R_ASN1_LIB); |
||
884 |
goto err; |
||
885 |
} |
||
886 |
} else { |
||
887 |
✗✓ | 588 |
if (curve->seed) { |
888 |
ASN1_BIT_STRING_free(curve->seed); |
||
889 |
curve->seed = NULL; |
||
890 |
} |
||
891 |
} |
||
892 |
|||
893 |
1092 |
ok = 1; |
|
894 |
|||
895 |
err: |
||
896 |
1092 |
free(buffer_1); |
|
897 |
1092 |
free(buffer_2); |
|
898 |
1092 |
BN_free(tmp_1); |
|
899 |
1092 |
BN_free(tmp_2); |
|
900 |
1092 |
return (ok); |
|
901 |
1092 |
} |
|
902 |
|||
903 |
static ECPARAMETERS * |
||
904 |
ec_asn1_group2parameters(const EC_GROUP * group, ECPARAMETERS * param) |
||
905 |
{ |
||
906 |
int ok = 0; |
||
907 |
size_t len = 0; |
||
908 |
ECPARAMETERS *ret = NULL; |
||
909 |
BIGNUM *tmp = NULL; |
||
910 |
unsigned char *buffer = NULL; |
||
911 |
const EC_POINT *point = NULL; |
||
912 |
point_conversion_form_t form; |
||
913 |
|||
914 |
✗✓ | 2184 |
if ((tmp = BN_new()) == NULL) { |
915 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
916 |
goto err; |
||
917 |
} |
||
918 |
✓✗ | 1092 |
if (param == NULL) { |
919 |
✗✓ | 1092 |
if ((ret = ECPARAMETERS_new()) == NULL) { |
920 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
921 |
goto err; |
||
922 |
} |
||
923 |
} else |
||
924 |
ret = param; |
||
925 |
|||
926 |
/* set the version (always one) */ |
||
927 |
1092 |
ret->version = (long) 0x1; |
|
928 |
|||
929 |
/* set the fieldID */ |
||
930 |
✗✓ | 1092 |
if (!ec_asn1_group2fieldid(group, ret->fieldID)) { |
931 |
ECerror(ERR_R_EC_LIB); |
||
932 |
goto err; |
||
933 |
} |
||
934 |
/* set the curve */ |
||
935 |
✗✓ | 1092 |
if (!ec_asn1_group2curve(group, ret->curve)) { |
936 |
ECerror(ERR_R_EC_LIB); |
||
937 |
goto err; |
||
938 |
} |
||
939 |
/* set the base point */ |
||
940 |
✗✓ | 1092 |
if ((point = EC_GROUP_get0_generator(group)) == NULL) { |
941 |
ECerror(EC_R_UNDEFINED_GENERATOR); |
||
942 |
goto err; |
||
943 |
} |
||
944 |
1092 |
form = EC_GROUP_get_point_conversion_form(group); |
|
945 |
|||
946 |
1092 |
len = EC_POINT_point2oct(group, point, form, NULL, len, NULL); |
|
947 |
✗✓ | 1092 |
if (len == 0) { |
948 |
ECerror(ERR_R_EC_LIB); |
||
949 |
goto err; |
||
950 |
} |
||
951 |
✗✓ | 1092 |
if ((buffer = malloc(len)) == NULL) { |
952 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
953 |
goto err; |
||
954 |
} |
||
955 |
✗✓ | 1092 |
if (!EC_POINT_point2oct(group, point, form, buffer, len, NULL)) { |
956 |
ECerror(ERR_R_EC_LIB); |
||
957 |
goto err; |
||
958 |
} |
||
959 |
✗✓✗✗ |
1092 |
if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL) { |
960 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
961 |
goto err; |
||
962 |
} |
||
963 |
✗✓ | 1092 |
if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) { |
964 |
ECerror(ERR_R_ASN1_LIB); |
||
965 |
goto err; |
||
966 |
} |
||
967 |
/* set the order */ |
||
968 |
✗✓ | 1092 |
if (!EC_GROUP_get_order(group, tmp, NULL)) { |
969 |
ECerror(ERR_R_EC_LIB); |
||
970 |
goto err; |
||
971 |
} |
||
972 |
1092 |
ret->order = BN_to_ASN1_INTEGER(tmp, ret->order); |
|
973 |
✗✓ | 1092 |
if (ret->order == NULL) { |
974 |
ECerror(ERR_R_ASN1_LIB); |
||
975 |
goto err; |
||
976 |
} |
||
977 |
/* set the cofactor (optional) */ |
||
978 |
✓✗ | 1092 |
if (EC_GROUP_get_cofactor(group, tmp, NULL)) { |
979 |
1092 |
ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor); |
|
980 |
✗✓ | 1092 |
if (ret->cofactor == NULL) { |
981 |
ECerror(ERR_R_ASN1_LIB); |
||
982 |
goto err; |
||
983 |
} |
||
984 |
} |
||
985 |
1092 |
ok = 1; |
|
986 |
|||
987 |
✗✓ | 1092 |
err: if (!ok) { |
988 |
if (ret && !param) |
||
989 |
ECPARAMETERS_free(ret); |
||
990 |
ret = NULL; |
||
991 |
} |
||
992 |
1092 |
BN_free(tmp); |
|
993 |
1092 |
free(buffer); |
|
994 |
1092 |
return (ret); |
|
995 |
} |
||
996 |
|||
997 |
ECPKPARAMETERS * |
||
998 |
ec_asn1_group2pkparameters(const EC_GROUP * group, ECPKPARAMETERS * params) |
||
999 |
{ |
||
1000 |
int ok = 1, tmp; |
||
1001 |
ECPKPARAMETERS *ret = params; |
||
1002 |
|||
1003 |
✓✗ | 2188 |
if (ret == NULL) { |
1004 |
✗✓ | 1094 |
if ((ret = ECPKPARAMETERS_new()) == NULL) { |
1005 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1006 |
return NULL; |
||
1007 |
} |
||
1008 |
} else { |
||
1009 |
if (ret->type == 0 && ret->value.named_curve) |
||
1010 |
ASN1_OBJECT_free(ret->value.named_curve); |
||
1011 |
else if (ret->type == 1 && ret->value.parameters) |
||
1012 |
ECPARAMETERS_free(ret->value.parameters); |
||
1013 |
} |
||
1014 |
|||
1015 |
✓✓ | 1094 |
if (EC_GROUP_get_asn1_flag(group)) { |
1016 |
/* |
||
1017 |
* use the asn1 OID to describe the elliptic curve |
||
1018 |
* parameters |
||
1019 |
*/ |
||
1020 |
2 |
tmp = EC_GROUP_get_curve_name(group); |
|
1021 |
✓✗ | 2 |
if (tmp) { |
1022 |
2 |
ret->type = 0; |
|
1023 |
✗✓ | 2 |
if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL) |
1024 |
ok = 0; |
||
1025 |
} else |
||
1026 |
/* we don't kmow the nid => ERROR */ |
||
1027 |
ok = 0; |
||
1028 |
} else { |
||
1029 |
/* use the ECPARAMETERS structure */ |
||
1030 |
1092 |
ret->type = 1; |
|
1031 |
✗✓ | 2184 |
if ((ret->value.parameters = ec_asn1_group2parameters( |
1032 |
1092 |
group, NULL)) == NULL) |
|
1033 |
ok = 0; |
||
1034 |
} |
||
1035 |
|||
1036 |
✗✓ | 1094 |
if (!ok) { |
1037 |
ECPKPARAMETERS_free(ret); |
||
1038 |
return NULL; |
||
1039 |
} |
||
1040 |
1094 |
return ret; |
|
1041 |
1094 |
} |
|
1042 |
|||
1043 |
static EC_GROUP * |
||
1044 |
ec_asn1_parameters2group(const ECPARAMETERS * params) |
||
1045 |
{ |
||
1046 |
int ok = 0, tmp; |
||
1047 |
EC_GROUP *ret = NULL; |
||
1048 |
BIGNUM *p = NULL, *a = NULL, *b = NULL; |
||
1049 |
EC_POINT *point = NULL; |
||
1050 |
long field_bits; |
||
1051 |
|||
1052 |
✓✗✓✗ ✗✓ |
744 |
if (!params->fieldID || !params->fieldID->fieldType || |
1053 |
186 |
!params->fieldID->p.ptr) { |
|
1054 |
ECerror(EC_R_ASN1_ERROR); |
||
1055 |
goto err; |
||
1056 |
} |
||
1057 |
/* now extract the curve parameters a and b */ |
||
1058 |
✓✗✓✗ ✗✓ |
558 |
if (!params->curve || !params->curve->a || |
1059 |
✓✗✓✗ |
372 |
!params->curve->a->data || !params->curve->b || |
1060 |
186 |
!params->curve->b->data) { |
|
1061 |
ECerror(EC_R_ASN1_ERROR); |
||
1062 |
goto err; |
||
1063 |
} |
||
1064 |
186 |
a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL); |
|
1065 |
✗✓ | 186 |
if (a == NULL) { |
1066 |
ECerror(ERR_R_BN_LIB); |
||
1067 |
goto err; |
||
1068 |
} |
||
1069 |
186 |
b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL); |
|
1070 |
✗✓ | 186 |
if (b == NULL) { |
1071 |
ECerror(ERR_R_BN_LIB); |
||
1072 |
goto err; |
||
1073 |
} |
||
1074 |
/* get the field parameters */ |
||
1075 |
186 |
tmp = OBJ_obj2nid(params->fieldID->fieldType); |
|
1076 |
✓✓ | 186 |
if (tmp == NID_X9_62_characteristic_two_field) |
1077 |
#ifdef OPENSSL_NO_EC2M |
||
1078 |
{ |
||
1079 |
ECerror(EC_R_GF2M_NOT_SUPPORTED); |
||
1080 |
goto err; |
||
1081 |
} |
||
1082 |
#else |
||
1083 |
{ |
||
1084 |
X9_62_CHARACTERISTIC_TWO *char_two; |
||
1085 |
|||
1086 |
84 |
char_two = params->fieldID->p.char_two; |
|
1087 |
|||
1088 |
84 |
field_bits = char_two->m; |
|
1089 |
✗✓ | 84 |
if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) { |
1090 |
ECerror(EC_R_FIELD_TOO_LARGE); |
||
1091 |
goto err; |
||
1092 |
} |
||
1093 |
✗✓ | 84 |
if ((p = BN_new()) == NULL) { |
1094 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1095 |
goto err; |
||
1096 |
} |
||
1097 |
/* get the base type */ |
||
1098 |
84 |
tmp = OBJ_obj2nid(char_two->type); |
|
1099 |
|||
1100 |
✓✓ | 84 |
if (tmp == NID_X9_62_tpBasis) { |
1101 |
long tmp_long; |
||
1102 |
|||
1103 |
✗✓ | 46 |
if (!char_two->p.tpBasis) { |
1104 |
ECerror(EC_R_ASN1_ERROR); |
||
1105 |
goto err; |
||
1106 |
} |
||
1107 |
46 |
tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis); |
|
1108 |
|||
1109 |
✗✓ | 46 |
if (!(char_two->m > tmp_long && tmp_long > 0)) { |
1110 |
ECerror(EC_R_INVALID_TRINOMIAL_BASIS); |
||
1111 |
goto err; |
||
1112 |
} |
||
1113 |
/* create the polynomial */ |
||
1114 |
✗✓ | 46 |
if (!BN_set_bit(p, (int) char_two->m)) |
1115 |
goto err; |
||
1116 |
✗✓ | 46 |
if (!BN_set_bit(p, (int) tmp_long)) |
1117 |
goto err; |
||
1118 |
✗✓ | 46 |
if (!BN_set_bit(p, 0)) |
1119 |
goto err; |
||
1120 |
✓✗✓✗ |
84 |
} else if (tmp == NID_X9_62_ppBasis) { |
1121 |
X9_62_PENTANOMIAL *penta; |
||
1122 |
|||
1123 |
38 |
penta = char_two->p.ppBasis; |
|
1124 |
✗✓ | 38 |
if (!penta) { |
1125 |
ECerror(EC_R_ASN1_ERROR); |
||
1126 |
goto err; |
||
1127 |
} |
||
1128 |
✓✗✓✗ ✓✗✗✓ |
152 |
if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0)) { |
1129 |
ECerror(EC_R_INVALID_PENTANOMIAL_BASIS); |
||
1130 |
goto err; |
||
1131 |
} |
||
1132 |
/* create the polynomial */ |
||
1133 |
✗✓ | 38 |
if (!BN_set_bit(p, (int) char_two->m)) |
1134 |
goto err; |
||
1135 |
✗✓ | 38 |
if (!BN_set_bit(p, (int) penta->k1)) |
1136 |
goto err; |
||
1137 |
✗✓ | 38 |
if (!BN_set_bit(p, (int) penta->k2)) |
1138 |
goto err; |
||
1139 |
✗✓ | 38 |
if (!BN_set_bit(p, (int) penta->k3)) |
1140 |
goto err; |
||
1141 |
✗✓ | 38 |
if (!BN_set_bit(p, 0)) |
1142 |
goto err; |
||
1143 |
✓✗✗✗ |
38 |
} else if (tmp == NID_X9_62_onBasis) { |
1144 |
ECerror(EC_R_NOT_IMPLEMENTED); |
||
1145 |
goto err; |
||
1146 |
} else { /* error */ |
||
1147 |
ECerror(EC_R_ASN1_ERROR); |
||
1148 |
goto err; |
||
1149 |
} |
||
1150 |
|||
1151 |
/* create the EC_GROUP structure */ |
||
1152 |
84 |
ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL); |
|
1153 |
✓✓✓ | 84 |
} |
1154 |
#endif |
||
1155 |
✓✗ | 102 |
else if (tmp == NID_X9_62_prime_field) { |
1156 |
/* we have a curve over a prime field */ |
||
1157 |
/* extract the prime number */ |
||
1158 |
✗✓ | 102 |
if (!params->fieldID->p.prime) { |
1159 |
ECerror(EC_R_ASN1_ERROR); |
||
1160 |
goto err; |
||
1161 |
} |
||
1162 |
102 |
p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL); |
|
1163 |
✗✓ | 102 |
if (p == NULL) { |
1164 |
ECerror(ERR_R_ASN1_LIB); |
||
1165 |
goto err; |
||
1166 |
} |
||
1167 |
✓✗✗✓ |
204 |
if (BN_is_negative(p) || BN_is_zero(p)) { |
1168 |
ECerror(EC_R_INVALID_FIELD); |
||
1169 |
goto err; |
||
1170 |
} |
||
1171 |
102 |
field_bits = BN_num_bits(p); |
|
1172 |
✗✓ | 102 |
if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) { |
1173 |
ECerror(EC_R_FIELD_TOO_LARGE); |
||
1174 |
goto err; |
||
1175 |
} |
||
1176 |
/* create the EC_GROUP structure */ |
||
1177 |
102 |
ret = EC_GROUP_new_curve_GFp(p, a, b, NULL); |
|
1178 |
} else { |
||
1179 |
ECerror(EC_R_INVALID_FIELD); |
||
1180 |
goto err; |
||
1181 |
} |
||
1182 |
|||
1183 |
✗✓ | 186 |
if (ret == NULL) { |
1184 |
ECerror(ERR_R_EC_LIB); |
||
1185 |
goto err; |
||
1186 |
} |
||
1187 |
/* extract seed (optional) */ |
||
1188 |
✓✓ | 186 |
if (params->curve->seed != NULL) { |
1189 |
88 |
free(ret->seed); |
|
1190 |
✗✓ | 88 |
if (!(ret->seed = malloc(params->curve->seed->length))) { |
1191 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1192 |
goto err; |
||
1193 |
} |
||
1194 |
176 |
memcpy(ret->seed, params->curve->seed->data, |
|
1195 |
88 |
params->curve->seed->length); |
|
1196 |
88 |
ret->seed_len = params->curve->seed->length; |
|
1197 |
88 |
} |
|
1198 |
✓✗✓✗ ✗✓ |
558 |
if (!params->order || !params->base || !params->base->data) { |
1199 |
ECerror(EC_R_ASN1_ERROR); |
||
1200 |
goto err; |
||
1201 |
} |
||
1202 |
✓✗ | 186 |
if ((point = EC_POINT_new(ret)) == NULL) |
1203 |
goto err; |
||
1204 |
|||
1205 |
/* set the point conversion form */ |
||
1206 |
186 |
EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t) |
|
1207 |
186 |
(params->base->data[0] & ~0x01)); |
|
1208 |
|||
1209 |
/* extract the ec point */ |
||
1210 |
✗✓ | 372 |
if (!EC_POINT_oct2point(ret, point, params->base->data, |
1211 |
186 |
params->base->length, NULL)) { |
|
1212 |
ECerror(ERR_R_EC_LIB); |
||
1213 |
goto err; |
||
1214 |
} |
||
1215 |
/* extract the order */ |
||
1216 |
✗✓ | 186 |
if ((a = ASN1_INTEGER_to_BN(params->order, a)) == NULL) { |
1217 |
ECerror(ERR_R_ASN1_LIB); |
||
1218 |
goto err; |
||
1219 |
} |
||
1220 |
✓✗✗✓ |
372 |
if (BN_is_negative(a) || BN_is_zero(a)) { |
1221 |
ECerror(EC_R_INVALID_GROUP_ORDER); |
||
1222 |
goto err; |
||
1223 |
} |
||
1224 |
✗✓ | 186 |
if (BN_num_bits(a) > (int) field_bits + 1) { /* Hasse bound */ |
1225 |
ECerror(EC_R_INVALID_GROUP_ORDER); |
||
1226 |
goto err; |
||
1227 |
} |
||
1228 |
/* extract the cofactor (optional) */ |
||
1229 |
✗✓ | 186 |
if (params->cofactor == NULL) { |
1230 |
BN_free(b); |
||
1231 |
b = NULL; |
||
1232 |
✗✓ | 186 |
} else if ((b = ASN1_INTEGER_to_BN(params->cofactor, b)) == NULL) { |
1233 |
ECerror(ERR_R_ASN1_LIB); |
||
1234 |
goto err; |
||
1235 |
} |
||
1236 |
/* set the generator, order and cofactor (if present) */ |
||
1237 |
✗✓ | 186 |
if (!EC_GROUP_set_generator(ret, point, a, b)) { |
1238 |
ECerror(ERR_R_EC_LIB); |
||
1239 |
goto err; |
||
1240 |
} |
||
1241 |
186 |
ok = 1; |
|
1242 |
|||
1243 |
✗✓ | 186 |
err: if (!ok) { |
1244 |
EC_GROUP_clear_free(ret); |
||
1245 |
ret = NULL; |
||
1246 |
} |
||
1247 |
186 |
BN_free(p); |
|
1248 |
186 |
BN_free(a); |
|
1249 |
186 |
BN_free(b); |
|
1250 |
186 |
EC_POINT_free(point); |
|
1251 |
186 |
return (ret); |
|
1252 |
186 |
} |
|
1253 |
|||
1254 |
EC_GROUP * |
||
1255 |
ec_asn1_pkparameters2group(const ECPKPARAMETERS * params) |
||
1256 |
{ |
||
1257 |
EC_GROUP *ret = NULL; |
||
1258 |
int tmp = 0; |
||
1259 |
|||
1260 |
✗✓ | 372 |
if (params == NULL) { |
1261 |
ECerror(EC_R_MISSING_PARAMETERS); |
||
1262 |
return NULL; |
||
1263 |
} |
||
1264 |
✗✓ | 186 |
if (params->type == 0) {/* the curve is given by an OID */ |
1265 |
tmp = OBJ_obj2nid(params->value.named_curve); |
||
1266 |
if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) { |
||
1267 |
ECerror(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); |
||
1268 |
return NULL; |
||
1269 |
} |
||
1270 |
EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE); |
||
1271 |
✓✗ | 186 |
} else if (params->type == 1) { /* the parameters are given by a |
1272 |
* ECPARAMETERS structure */ |
||
1273 |
186 |
ret = ec_asn1_parameters2group(params->value.parameters); |
|
1274 |
✗✓ | 186 |
if (!ret) { |
1275 |
ECerror(ERR_R_EC_LIB); |
||
1276 |
return NULL; |
||
1277 |
} |
||
1278 |
186 |
EC_GROUP_set_asn1_flag(ret, 0x0); |
|
1279 |
} else if (params->type == 2) { /* implicitlyCA */ |
||
1280 |
return NULL; |
||
1281 |
} else { |
||
1282 |
ECerror(EC_R_ASN1_ERROR); |
||
1283 |
return NULL; |
||
1284 |
} |
||
1285 |
|||
1286 |
186 |
return ret; |
|
1287 |
186 |
} |
|
1288 |
|||
1289 |
/* EC_GROUP <-> DER encoding of ECPKPARAMETERS */ |
||
1290 |
|||
1291 |
EC_GROUP * |
||
1292 |
d2i_ECPKParameters(EC_GROUP ** a, const unsigned char **in, long len) |
||
1293 |
{ |
||
1294 |
EC_GROUP *group = NULL; |
||
1295 |
ECPKPARAMETERS *params = NULL; |
||
1296 |
|||
1297 |
✗✓ | 12 |
if ((params = d2i_ECPKPARAMETERS(NULL, in, len)) == NULL) { |
1298 |
ECerror(EC_R_D2I_ECPKPARAMETERS_FAILURE); |
||
1299 |
goto err; |
||
1300 |
} |
||
1301 |
✗✓ | 6 |
if ((group = ec_asn1_pkparameters2group(params)) == NULL) { |
1302 |
ECerror(EC_R_PKPARAMETERS2GROUP_FAILURE); |
||
1303 |
goto err; |
||
1304 |
} |
||
1305 |
|||
1306 |
✓✗ | 6 |
if (a != NULL) { |
1307 |
6 |
EC_GROUP_clear_free(*a); |
|
1308 |
6 |
*a = group; |
|
1309 |
6 |
} |
|
1310 |
|||
1311 |
err: |
||
1312 |
6 |
ECPKPARAMETERS_free(params); |
|
1313 |
6 |
return (group); |
|
1314 |
} |
||
1315 |
|||
1316 |
int |
||
1317 |
i2d_ECPKParameters(const EC_GROUP * a, unsigned char **out) |
||
1318 |
{ |
||
1319 |
int ret = 0; |
||
1320 |
744 |
ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(a, NULL); |
|
1321 |
✗✓ | 372 |
if (tmp == NULL) { |
1322 |
ECerror(EC_R_GROUP2PKPARAMETERS_FAILURE); |
||
1323 |
return 0; |
||
1324 |
} |
||
1325 |
✗✓ | 372 |
if ((ret = i2d_ECPKPARAMETERS(tmp, out)) == 0) { |
1326 |
ECerror(EC_R_I2D_ECPKPARAMETERS_FAILURE); |
||
1327 |
ECPKPARAMETERS_free(tmp); |
||
1328 |
return 0; |
||
1329 |
} |
||
1330 |
372 |
ECPKPARAMETERS_free(tmp); |
|
1331 |
372 |
return (ret); |
|
1332 |
372 |
} |
|
1333 |
|||
1334 |
/* some EC_KEY functions */ |
||
1335 |
|||
1336 |
EC_KEY * |
||
1337 |
d2i_ECPrivateKey(EC_KEY ** a, const unsigned char **in, long len) |
||
1338 |
{ |
||
1339 |
EC_KEY *ret = NULL; |
||
1340 |
364 |
EC_PRIVATEKEY *priv_key = NULL; |
|
1341 |
|||
1342 |
✗✓ | 182 |
if ((priv_key = EC_PRIVATEKEY_new()) == NULL) { |
1343 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1344 |
return NULL; |
||
1345 |
} |
||
1346 |
✗✓ | 182 |
if ((priv_key = d2i_EC_PRIVATEKEY(&priv_key, in, len)) == NULL) { |
1347 |
ECerror(ERR_R_EC_LIB); |
||
1348 |
EC_PRIVATEKEY_free(priv_key); |
||
1349 |
return NULL; |
||
1350 |
} |
||
1351 |
✓✓✗✓ |
184 |
if (a == NULL || *a == NULL) { |
1352 |
✗✓ | 180 |
if ((ret = EC_KEY_new()) == NULL) { |
1353 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1354 |
goto err; |
||
1355 |
} |
||
1356 |
} else |
||
1357 |
ret = *a; |
||
1358 |
|||
1359 |
✓✓ | 182 |
if (priv_key->parameters) { |
1360 |
180 |
EC_GROUP_clear_free(ret->group); |
|
1361 |
180 |
ret->group = ec_asn1_pkparameters2group(priv_key->parameters); |
|
1362 |
180 |
} |
|
1363 |
✗✓ | 182 |
if (ret->group == NULL) { |
1364 |
ECerror(ERR_R_EC_LIB); |
||
1365 |
goto err; |
||
1366 |
} |
||
1367 |
182 |
ret->version = priv_key->version; |
|
1368 |
|||
1369 |
✓✗ | 182 |
if (priv_key->privateKey) { |
1370 |
182 |
ret->priv_key = BN_bin2bn( |
|
1371 |
182 |
ASN1_STRING_data(priv_key->privateKey), |
|
1372 |
182 |
ASN1_STRING_length(priv_key->privateKey), |
|
1373 |
182 |
ret->priv_key); |
|
1374 |
✗✓ | 182 |
if (ret->priv_key == NULL) { |
1375 |
ECerror(ERR_R_BN_LIB); |
||
1376 |
goto err; |
||
1377 |
} |
||
1378 |
} else { |
||
1379 |
ECerror(EC_R_MISSING_PRIVATE_KEY); |
||
1380 |
goto err; |
||
1381 |
} |
||
1382 |
|||
1383 |
✓✗ | 182 |
if (priv_key->publicKey) { |
1384 |
const unsigned char *pub_oct; |
||
1385 |
size_t pub_oct_len; |
||
1386 |
|||
1387 |
182 |
EC_POINT_clear_free(ret->pub_key); |
|
1388 |
182 |
ret->pub_key = EC_POINT_new(ret->group); |
|
1389 |
✗✓ | 182 |
if (ret->pub_key == NULL) { |
1390 |
ECerror(ERR_R_EC_LIB); |
||
1391 |
goto err; |
||
1392 |
} |
||
1393 |
|||
1394 |
182 |
pub_oct = ASN1_STRING_data(priv_key->publicKey); |
|
1395 |
182 |
pub_oct_len = ASN1_STRING_length(priv_key->publicKey); |
|
1396 |
✗✓ | 182 |
if (pub_oct == NULL || pub_oct_len <= 0) { |
1397 |
ECerror(EC_R_BUFFER_TOO_SMALL); |
||
1398 |
goto err; |
||
1399 |
} |
||
1400 |
|||
1401 |
/* save the point conversion form */ |
||
1402 |
182 |
ret->conv_form = (point_conversion_form_t) (pub_oct[0] & ~0x01); |
|
1403 |
✗✓ | 182 |
if (!EC_POINT_oct2point(ret->group, ret->pub_key, |
1404 |
pub_oct, pub_oct_len, NULL)) { |
||
1405 |
ECerror(ERR_R_EC_LIB); |
||
1406 |
goto err; |
||
1407 |
} |
||
1408 |
✓✗✓ | 182 |
} |
1409 |
|||
1410 |
182 |
EC_PRIVATEKEY_free(priv_key); |
|
1411 |
✓✓ | 182 |
if (a != NULL) |
1412 |
2 |
*a = ret; |
|
1413 |
182 |
return (ret); |
|
1414 |
|||
1415 |
err: |
||
1416 |
if (a == NULL || *a != ret) |
||
1417 |
EC_KEY_free(ret); |
||
1418 |
if (priv_key) |
||
1419 |
EC_PRIVATEKEY_free(priv_key); |
||
1420 |
|||
1421 |
return (NULL); |
||
1422 |
182 |
} |
|
1423 |
|||
1424 |
int |
||
1425 |
i2d_ECPrivateKey(EC_KEY * a, unsigned char **out) |
||
1426 |
{ |
||
1427 |
int ret = 0, ok = 0; |
||
1428 |
unsigned char *buffer = NULL; |
||
1429 |
size_t buf_len = 0, tmp_len; |
||
1430 |
EC_PRIVATEKEY *priv_key = NULL; |
||
1431 |
|||
1432 |
✓✗✓✗ ✗✓ |
2920 |
if (a == NULL || a->group == NULL || a->priv_key == NULL) { |
1433 |
ECerror(ERR_R_PASSED_NULL_PARAMETER); |
||
1434 |
goto err; |
||
1435 |
} |
||
1436 |
✗✓ | 730 |
if ((priv_key = EC_PRIVATEKEY_new()) == NULL) { |
1437 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1438 |
goto err; |
||
1439 |
} |
||
1440 |
730 |
priv_key->version = a->version; |
|
1441 |
|||
1442 |
730 |
buf_len = (size_t) BN_num_bytes(a->priv_key); |
|
1443 |
730 |
buffer = malloc(buf_len); |
|
1444 |
✗✓ | 730 |
if (buffer == NULL) { |
1445 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1446 |
goto err; |
||
1447 |
} |
||
1448 |
✗✓ | 730 |
if (!BN_bn2bin(a->priv_key, buffer)) { |
1449 |
ECerror(ERR_R_BN_LIB); |
||
1450 |
goto err; |
||
1451 |
} |
||
1452 |
✗✓ | 730 |
if (!ASN1_STRING_set(priv_key->privateKey, buffer, buf_len)) { |
1453 |
ECerror(ERR_R_ASN1_LIB); |
||
1454 |
goto err; |
||
1455 |
} |
||
1456 |
✓✓ | 730 |
if (!(a->enc_flag & EC_PKEY_NO_PARAMETERS)) { |
1457 |
✗✓ | 1444 |
if ((priv_key->parameters = ec_asn1_group2pkparameters( |
1458 |
1444 |
a->group, priv_key->parameters)) == NULL) { |
|
1459 |
ECerror(ERR_R_EC_LIB); |
||
1460 |
goto err; |
||
1461 |
} |
||
1462 |
} |
||
1463 |
✓✗✓✗ |
1460 |
if (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key != NULL) { |
1464 |
730 |
priv_key->publicKey = ASN1_BIT_STRING_new(); |
|
1465 |
✗✓ | 730 |
if (priv_key->publicKey == NULL) { |
1466 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1467 |
goto err; |
||
1468 |
} |
||
1469 |
1460 |
tmp_len = EC_POINT_point2oct(a->group, a->pub_key, |
|
1470 |
730 |
a->conv_form, NULL, 0, NULL); |
|
1471 |
|||
1472 |
✓✗ | 730 |
if (tmp_len > buf_len) { |
1473 |
730 |
unsigned char *tmp_buffer = realloc(buffer, tmp_len); |
|
1474 |
✗✓ | 730 |
if (!tmp_buffer) { |
1475 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1476 |
goto err; |
||
1477 |
} |
||
1478 |
buffer = tmp_buffer; |
||
1479 |
buf_len = tmp_len; |
||
1480 |
✓✓✓ | 730 |
} |
1481 |
✗✓ | 1460 |
if (!EC_POINT_point2oct(a->group, a->pub_key, |
1482 |
730 |
a->conv_form, buffer, buf_len, NULL)) { |
|
1483 |
ECerror(ERR_R_EC_LIB); |
||
1484 |
goto err; |
||
1485 |
} |
||
1486 |
730 |
priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); |
|
1487 |
730 |
priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; |
|
1488 |
✗✓ | 1460 |
if (!ASN1_STRING_set(priv_key->publicKey, buffer, |
1489 |
730 |
buf_len)) { |
|
1490 |
ECerror(ERR_R_ASN1_LIB); |
||
1491 |
goto err; |
||
1492 |
} |
||
1493 |
} |
||
1494 |
✗✓ | 730 |
if ((ret = i2d_EC_PRIVATEKEY(priv_key, out)) == 0) { |
1495 |
ECerror(ERR_R_EC_LIB); |
||
1496 |
goto err; |
||
1497 |
} |
||
1498 |
730 |
ok = 1; |
|
1499 |
err: |
||
1500 |
730 |
free(buffer); |
|
1501 |
✓✗ | 730 |
if (priv_key) |
1502 |
730 |
EC_PRIVATEKEY_free(priv_key); |
|
1503 |
730 |
return (ok ? ret : 0); |
|
1504 |
730 |
} |
|
1505 |
|||
1506 |
int |
||
1507 |
i2d_ECParameters(EC_KEY * a, unsigned char **out) |
||
1508 |
{ |
||
1509 |
✗✓ | 24 |
if (a == NULL) { |
1510 |
ECerror(ERR_R_PASSED_NULL_PARAMETER); |
||
1511 |
return 0; |
||
1512 |
} |
||
1513 |
12 |
return i2d_ECPKParameters(a->group, out); |
|
1514 |
12 |
} |
|
1515 |
|||
1516 |
EC_KEY * |
||
1517 |
d2i_ECParameters(EC_KEY ** a, const unsigned char **in, long len) |
||
1518 |
{ |
||
1519 |
EC_KEY *ret; |
||
1520 |
|||
1521 |
✓✗✗✓ |
18 |
if (in == NULL || *in == NULL) { |
1522 |
ECerror(ERR_R_PASSED_NULL_PARAMETER); |
||
1523 |
return NULL; |
||
1524 |
} |
||
1525 |
✗✓✗✗ |
6 |
if (a == NULL || *a == NULL) { |
1526 |
✗✓ | 6 |
if ((ret = EC_KEY_new()) == NULL) { |
1527 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1528 |
return NULL; |
||
1529 |
} |
||
1530 |
} else |
||
1531 |
ret = *a; |
||
1532 |
|||
1533 |
✗✓ | 6 |
if (!d2i_ECPKParameters(&ret->group, in, len)) { |
1534 |
ECerror(ERR_R_EC_LIB); |
||
1535 |
if (a == NULL || *a != ret) |
||
1536 |
EC_KEY_free(ret); |
||
1537 |
return NULL; |
||
1538 |
} |
||
1539 |
|||
1540 |
✗✓ | 6 |
if (a != NULL) |
1541 |
*a = ret; |
||
1542 |
6 |
return ret; |
|
1543 |
6 |
} |
|
1544 |
|||
1545 |
EC_KEY * |
||
1546 |
o2i_ECPublicKey(EC_KEY ** a, const unsigned char **in, long len) |
||
1547 |
{ |
||
1548 |
EC_KEY *ret = NULL; |
||
1549 |
|||
1550 |
if (a == NULL || (*a) == NULL || (*a)->group == NULL) { |
||
1551 |
/* |
||
1552 |
* sorry, but a EC_GROUP-structur is necessary to set the |
||
1553 |
* public key |
||
1554 |
*/ |
||
1555 |
ECerror(ERR_R_PASSED_NULL_PARAMETER); |
||
1556 |
return 0; |
||
1557 |
} |
||
1558 |
ret = *a; |
||
1559 |
if (ret->pub_key == NULL && |
||
1560 |
(ret->pub_key = EC_POINT_new(ret->group)) == NULL) { |
||
1561 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1562 |
return 0; |
||
1563 |
} |
||
1564 |
if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) { |
||
1565 |
ECerror(ERR_R_EC_LIB); |
||
1566 |
return 0; |
||
1567 |
} |
||
1568 |
/* save the point conversion form */ |
||
1569 |
ret->conv_form = (point_conversion_form_t) (*in[0] & ~0x01); |
||
1570 |
*in += len; |
||
1571 |
return ret; |
||
1572 |
} |
||
1573 |
|||
1574 |
int |
||
1575 |
i2o_ECPublicKey(EC_KEY * a, unsigned char **out) |
||
1576 |
{ |
||
1577 |
size_t buf_len = 0; |
||
1578 |
int new_buffer = 0; |
||
1579 |
|||
1580 |
if (a == NULL) { |
||
1581 |
ECerror(ERR_R_PASSED_NULL_PARAMETER); |
||
1582 |
return 0; |
||
1583 |
} |
||
1584 |
buf_len = EC_POINT_point2oct(a->group, a->pub_key, |
||
1585 |
a->conv_form, NULL, 0, NULL); |
||
1586 |
|||
1587 |
if (out == NULL || buf_len == 0) |
||
1588 |
/* out == NULL => just return the length of the octet string */ |
||
1589 |
return buf_len; |
||
1590 |
|||
1591 |
if (*out == NULL) { |
||
1592 |
if ((*out = malloc(buf_len)) == NULL) { |
||
1593 |
ECerror(ERR_R_MALLOC_FAILURE); |
||
1594 |
return 0; |
||
1595 |
} |
||
1596 |
new_buffer = 1; |
||
1597 |
} |
||
1598 |
if (!EC_POINT_point2oct(a->group, a->pub_key, a->conv_form, |
||
1599 |
*out, buf_len, NULL)) { |
||
1600 |
ECerror(ERR_R_EC_LIB); |
||
1601 |
if (new_buffer) { |
||
1602 |
free(*out); |
||
1603 |
*out = NULL; |
||
1604 |
} |
||
1605 |
return 0; |
||
1606 |
} |
||
1607 |
if (!new_buffer) |
||
1608 |
*out += buf_len; |
||
1609 |
return buf_len; |
||
1610 |
} |
| Generated by: GCOVR (Version 3.3) |