diff options
Diffstat (limited to 'crypto/ec/ec.c')
| -rw-r--r-- | crypto/ec/ec.c | 76 |
1 files changed, 54 insertions, 22 deletions
diff --git a/crypto/ec/ec.c b/crypto/ec/ec.c index ca3ce373..8f3fa6e1 100644 --- a/crypto/ec/ec.c +++ b/crypto/ec/ec.c @@ -73,7 +73,7 @@ #include <openssl/bn.h> #include <openssl/err.h> #include <openssl/mem.h> -#include <openssl/obj.h> +#include <openssl/nid.h> #include "internal.h" #include "../internal.h" @@ -228,10 +228,25 @@ static const struct curve_data P521 = { #endif const struct built_in_curve OPENSSL_built_in_curves[] = { - {NID_secp521r1, &P521, 0}, - {NID_secp384r1, &P384, 0}, { - NID_X9_62_prime256v1, &P256, + NID_secp521r1, + /* 1.3.132.0.35 */ + {0x2b, 0x81, 0x04, 0x00, 0x23}, 5, + &P521, + NULL, + }, + { + NID_secp384r1, + /* 1.3.132.0.34 */ + {0x2b, 0x81, 0x04, 0x00, 0x22}, 5, + &P384, + NULL, + }, + { + NID_X9_62_prime256v1, + /* 1.2.840.10045.3.1.7 */ + {0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07}, 8, + &P256, #if defined(BORINGSSL_USE_INT128_CODE) #if !defined(OPENSSL_NO_ASM) && defined(OPENSSL_X86_64) && \ !defined(OPENSSL_SMALL) @@ -240,18 +255,21 @@ const struct built_in_curve OPENSSL_built_in_curves[] = { EC_GFp_nistp256_method, #endif #else - 0, + NULL, #endif }, { - NID_secp224r1, &P224, + NID_secp224r1, + /* 1.3.132.0.33 */ + {0x2b, 0x81, 0x04, 0x00, 0x21}, 5, + &P224, #if defined(BORINGSSL_USE_INT128_CODE) && !defined(OPENSSL_SMALL) EC_GFp_nistp224_method, #else - 0, + NULL, #endif }, - {NID_undef, 0, 0}, + {NID_undef, {0}, 0, NULL, NULL}, }; /* built_in_curve_scalar_field_monts contains Montgomery contexts for @@ -350,8 +368,8 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) { return ret; } -static EC_GROUP *ec_group_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) { +EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, + const BIGNUM *b, BN_CTX *ctx) { const EC_METHOD *meth = EC_GFp_mont_method(); EC_GROUP *ret; @@ -371,35 +389,49 @@ static EC_GROUP *ec_group_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, return ret; } +int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, + const BIGNUM *order, const BIGNUM *cofactor) { + if (group->curve_name != NID_undef || group->generator != NULL) { + /* |EC_GROUP_set_generator| may only be used with |EC_GROUP|s returned by + * |EC_GROUP_new_curve_GFp| and may only used once on each group. */ + return 0; + } + + group->generator = EC_POINT_new(group); + return group->generator != NULL && + EC_POINT_copy(group->generator, generator) && + BN_copy(&group->order, order) && + BN_copy(&group->cofactor, cofactor); +} + EC_GROUP *EC_GROUP_new_arbitrary(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, const BIGNUM *gx, const BIGNUM *gy, const BIGNUM *order, const BIGNUM *cofactor) { - EC_GROUP *ret = NULL; - BN_CTX *ctx; - - ctx = BN_CTX_new(); + BN_CTX *ctx = BN_CTX_new(); if (ctx == NULL) { - goto err; + return NULL; } - ret = ec_group_new_curve_GFp(p, a, b, ctx); + EC_POINT *generator = NULL; + EC_GROUP *ret = EC_GROUP_new_curve_GFp(p, a, b, ctx); if (ret == NULL) { goto err; } - ret->generator = EC_POINT_new(ret); - if (ret->generator == NULL || - !EC_POINT_set_affine_coordinates_GFp(ret, ret->generator, gx, gy, ctx) || - !BN_copy(&ret->order, order) || - !BN_copy(&ret->cofactor, cofactor)) { + generator = EC_POINT_new(ret); + if (generator == NULL || + !EC_POINT_set_affine_coordinates_GFp(ret, generator, gx, gy, ctx) || + !EC_GROUP_set_generator(ret, generator, order, cofactor)) { goto err; } + EC_POINT_free(generator); BN_CTX_free(ctx); return ret; err: + EC_POINT_free(generator); EC_GROUP_free(ret); BN_CTX_free(ctx); return NULL; @@ -438,7 +470,7 @@ static EC_GROUP *ec_group_new_from_data(unsigned built_in_index) { goto err; } } else { - if ((group = ec_group_new_curve_GFp(p, a, b, ctx)) == NULL) { + if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); goto err; } |