ec_key.c 16.7 KB
Newer Older
1
/*
R
Rich Salz 已提交
2
 * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved.
3
 *
R
Rich Salz 已提交
4 5 6 7
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
8
 */
R
Rich Salz 已提交
9

B
Bodo Möller 已提交
10 11
/* ====================================================================
 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
12
 * Portions originally developed by SUN MICROSYSTEMS, INC., and
B
Bodo Möller 已提交
13 14
 * contributed to the OpenSSL project.
 */
15

D
David Woodhouse 已提交
16
#include <internal/cryptlib.h>
17
#include <string.h>
18 19
#include "ec_lcl.h"
#include <openssl/err.h>
R
Rich Salz 已提交
20
#include <openssl/engine.h>
21 22

EC_KEY *EC_KEY_new(void)
23
{
D
Dr. Stephen Henson 已提交
24
    return EC_KEY_new_method(NULL);
25
}
26

N
Nils Larsch 已提交
27
EC_KEY *EC_KEY_new_by_curve_name(int nid)
28 29 30 31 32 33 34 35 36
{
    EC_KEY *ret = EC_KEY_new();
    if (ret == NULL)
        return NULL;
    ret->group = EC_GROUP_new_by_curve_name(nid);
    if (ret->group == NULL) {
        EC_KEY_free(ret);
        return NULL;
    }
D
Dr. Stephen Henson 已提交
37 38
    if (ret->meth->set_group != NULL
        && ret->meth->set_group(ret, ret->group) == 0) {
D
Dr. Stephen Henson 已提交
39 40 41
        EC_KEY_free(ret);
        return NULL;
    }
42 43
    return ret;
}
44 45

void EC_KEY_free(EC_KEY *r)
46 47
{
    int i;
48

49 50
    if (r == NULL)
        return;
51

52
    CRYPTO_atomic_add(&r->references, -1, &i, r->lock);
R
Rich Salz 已提交
53
    REF_PRINT_COUNT("EC_KEY", r);
54 55
    if (i > 0)
        return;
R
Rich Salz 已提交
56
    REF_ASSERT_ISNT(i < 0);
57

D
Dr. Stephen Henson 已提交
58
    if (r->meth->finish != NULL)
59 60
        r->meth->finish(r);

D
Dr. Stephen Henson 已提交
61
#ifndef OPENSSL_NO_ENGINE
R
Rich Salz 已提交
62
    ENGINE_finish(r->engine);
D
Dr. Stephen Henson 已提交
63 64
#endif

65 66 67
    if (r->group && r->group->meth->keyfinish)
        r->group->meth->keyfinish(r);

68
    CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data);
69
    CRYPTO_THREAD_lock_free(r->lock);
R
Rich Salz 已提交
70 71
    EC_GROUP_free(r->group);
    EC_POINT_free(r->pub_key);
R
Rich Salz 已提交
72
    BN_clear_free(r->priv_key);
73

R
Rich Salz 已提交
74
    OPENSSL_clear_free((void *)r, sizeof(EC_KEY));
75
}
76

77
EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src)
78 79 80 81 82
{
    if (dest == NULL || src == NULL) {
        ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER);
        return NULL;
    }
D
Dr. Stephen Henson 已提交
83
    if (src->meth != dest->meth) {
D
Dr. Stephen Henson 已提交
84
        if (dest->meth->finish != NULL)
D
Dr. Stephen Henson 已提交
85
            dest->meth->finish(dest);
86 87
        if (dest->group && dest->group->meth->keyfinish)
            dest->group->meth->keyfinish(dest);
D
Dr. Stephen Henson 已提交
88
#ifndef OPENSSL_NO_ENGINE
R
Rich Salz 已提交
89
        if (ENGINE_finish(dest->engine) == 0)
D
Dr. Stephen Henson 已提交
90 91 92 93
            return 0;
        dest->engine = NULL;
#endif
    }
94
    /* copy the parameters */
D
Dr. Stephen Henson 已提交
95
    if (src->group != NULL) {
96 97
        const EC_METHOD *meth = EC_GROUP_method_of(src->group);
        /* clear the old group */
R
Rich Salz 已提交
98
        EC_GROUP_free(dest->group);
99 100 101 102 103
        dest->group = EC_GROUP_new(meth);
        if (dest->group == NULL)
            return NULL;
        if (!EC_GROUP_copy(dest->group, src->group))
            return NULL;
104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124

        /*  copy the public key */
        if (src->pub_key != NULL) {
            EC_POINT_free(dest->pub_key);
            dest->pub_key = EC_POINT_new(src->group);
            if (dest->pub_key == NULL)
                return NULL;
            if (!EC_POINT_copy(dest->pub_key, src->pub_key))
                return NULL;
        }
        /* copy the private key */
        if (src->priv_key != NULL) {
            if (dest->priv_key == NULL) {
                dest->priv_key = BN_new();
                if (dest->priv_key == NULL)
                    return NULL;
            }
            if (!BN_copy(dest->priv_key, src->priv_key))
                return NULL;
            if (src->group->meth->keycopy
                && src->group->meth->keycopy(dest, src) == 0)
125 126 127 128
                return NULL;
        }
    }

129

130 131 132 133 134
    /* copy the rest */
    dest->enc_flag = src->enc_flag;
    dest->conv_form = src->conv_form;
    dest->version = src->version;
    dest->flags = src->flags;
135 136 137
    if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_EC_KEY,
                            &dest->ex_data, &src->ex_data))
        return NULL;
138

D
Dr. Stephen Henson 已提交
139 140
    if (src->meth != dest->meth) {
#ifndef OPENSSL_NO_ENGINE
D
Dr. Stephen Henson 已提交
141 142
        if (src->engine != NULL && ENGINE_init(src->engine) == 0)
            return NULL;
D
Dr. Stephen Henson 已提交
143 144 145 146 147
        dest->engine = src->engine;
#endif
        dest->meth = src->meth;
    }

D
Dr. Stephen Henson 已提交
148 149
    if (src->meth->copy != NULL && src->meth->copy(dest, src) == 0)
        return NULL;
D
Dr. Stephen Henson 已提交
150

151 152
    return dest;
}
153

154
EC_KEY *EC_KEY_dup(EC_KEY *ec_key)
155
{
D
Dr. Stephen Henson 已提交
156
    EC_KEY *ret = EC_KEY_new_method(ec_key->engine);
157

158 159
    if (ret == NULL)
        return NULL;
160

161 162 163 164 165 166
    if (EC_KEY_copy(ret, ec_key) == NULL) {
        EC_KEY_free(ret);
        return NULL;
    }
    return ret;
}
167

B
Bodo Möller 已提交
168
int EC_KEY_up_ref(EC_KEY *r)
169
{
170 171 172 173
    int i;

    if (CRYPTO_atomic_add(&r->references, 1, &i, r->lock) <= 0)
        return 0;
R
Rich Salz 已提交
174 175 176

    REF_PRINT_COUNT("EC_KEY", r);
    REF_ASSERT_ISNT(i < 2);
177 178
    return ((i > 1) ? 1 : 0);
}
B
Bodo Möller 已提交
179

180
int EC_KEY_generate_key(EC_KEY *eckey)
181
{
D
Dr. Stephen Henson 已提交
182
    if (eckey == NULL || eckey->group == NULL) {
183 184 185
        ECerr(EC_F_EC_KEY_GENERATE_KEY, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }
D
Dr. Stephen Henson 已提交
186
    if (eckey->meth->keygen != NULL)
D
Dr. Stephen Henson 已提交
187 188 189 190 191 192
        return eckey->meth->keygen(eckey);
    ECerr(EC_F_EC_KEY_GENERATE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
    return 0;
}

int ossl_ec_key_gen(EC_KEY *eckey)
D
Dr. Stephen Henson 已提交
193
{
194
    OPENSSL_assert(eckey->group->meth->keygen != NULL);
D
Dr. Stephen Henson 已提交
195 196 197 198
    return eckey->group->meth->keygen(eckey);
}

int ec_key_simple_generate_key(EC_KEY *eckey)
D
Dr. Stephen Henson 已提交
199 200 201
{
    int ok = 0;
    BN_CTX *ctx = NULL;
202 203
    BIGNUM *priv_key = NULL;
    const BIGNUM *order = NULL;
D
Dr. Stephen Henson 已提交
204
    EC_POINT *pub_key = NULL;
205 206 207 208 209 210 211 212 213 214 215

    if ((ctx = BN_CTX_new()) == NULL)
        goto err;

    if (eckey->priv_key == NULL) {
        priv_key = BN_new();
        if (priv_key == NULL)
            goto err;
    } else
        priv_key = eckey->priv_key;

216 217
    order = EC_GROUP_get0_order(eckey->group);
    if (order == NULL)
218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240
        goto err;

    do
        if (!BN_rand_range(priv_key, order))
            goto err;
    while (BN_is_zero(priv_key)) ;

    if (eckey->pub_key == NULL) {
        pub_key = EC_POINT_new(eckey->group);
        if (pub_key == NULL)
            goto err;
    } else
        pub_key = eckey->pub_key;

    if (!EC_POINT_mul(eckey->group, pub_key, priv_key, NULL, NULL, ctx))
        goto err;

    eckey->priv_key = priv_key;
    eckey->pub_key = pub_key;

    ok = 1;

 err:
R
Rich Salz 已提交
241
    if (eckey->pub_key == NULL)
242
        EC_POINT_free(pub_key);
R
Rich Salz 已提交
243
    if (eckey->priv_key != priv_key)
244
        BN_free(priv_key);
R
Rich Salz 已提交
245
    BN_CTX_free(ctx);
D
Dr. Stephen Henson 已提交
246 247 248 249 250 251 252
    return ok;
}

int ec_key_simple_generate_public_key(EC_KEY *eckey)
{
    return EC_POINT_mul(eckey->group, eckey->pub_key, eckey->priv_key, NULL,
                        NULL, NULL);
253
}
254 255

int EC_KEY_check_key(const EC_KEY *eckey)
D
Dr. Stephen Henson 已提交
256 257 258 259 260 261 262 263 264 265 266 267 268 269 270
{
    if (eckey == NULL || eckey->group == NULL || eckey->pub_key == NULL) {
        ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }

    if (eckey->group->meth->keycheck == NULL) {
        ECerr(EC_F_EC_KEY_CHECK_KEY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return 0;
    }

    return eckey->group->meth->keycheck(eckey);
}

int ec_key_simple_check_key(const EC_KEY *eckey)
271 272 273 274 275 276
{
    int ok = 0;
    BN_CTX *ctx = NULL;
    const BIGNUM *order = NULL;
    EC_POINT *point = NULL;

D
Dr. Stephen Henson 已提交
277
    if (eckey == NULL || eckey->group == NULL || eckey->pub_key == NULL) {
D
Dr. Stephen Henson 已提交
278
        ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, ERR_R_PASSED_NULL_PARAMETER);
279 280 281 282
        return 0;
    }

    if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) {
D
Dr. Stephen Henson 已提交
283
        ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_POINT_AT_INFINITY);
284 285 286 287 288 289 290 291 292
        goto err;
    }

    if ((ctx = BN_CTX_new()) == NULL)
        goto err;
    if ((point = EC_POINT_new(eckey->group)) == NULL)
        goto err;

    /* testing whether the pub_key is on the elliptic curve */
293
    if (EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx) <= 0) {
D
Dr. Stephen Henson 已提交
294
        ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE);
295 296 297 298 299
        goto err;
    }
    /* testing whether pub_key * order is the point at infinity */
    order = eckey->group->order;
    if (BN_is_zero(order)) {
D
Dr. Stephen Henson 已提交
300
        ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_INVALID_GROUP_ORDER);
301 302 303
        goto err;
    }
    if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) {
D
Dr. Stephen Henson 已提交
304
        ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, ERR_R_EC_LIB);
305 306 307
        goto err;
    }
    if (!EC_POINT_is_at_infinity(eckey->group, point)) {
D
Dr. Stephen Henson 已提交
308
        ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_WRONG_ORDER);
309 310 311 312 313 314
        goto err;
    }
    /*
     * in case the priv_key is present : check if generator * priv_key ==
     * pub_key
     */
D
Dr. Stephen Henson 已提交
315
    if (eckey->priv_key != NULL) {
316
        if (BN_cmp(eckey->priv_key, order) >= 0) {
D
Dr. Stephen Henson 已提交
317
            ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_WRONG_ORDER);
318 319 320 321
            goto err;
        }
        if (!EC_POINT_mul(eckey->group, point, eckey->priv_key,
                          NULL, NULL, ctx)) {
D
Dr. Stephen Henson 已提交
322
            ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, ERR_R_EC_LIB);
323 324 325
            goto err;
        }
        if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) {
D
Dr. Stephen Henson 已提交
326
            ECerr(EC_F_EC_KEY_SIMPLE_CHECK_KEY, EC_R_INVALID_PRIVATE_KEY);
327 328 329 330 331
            goto err;
        }
    }
    ok = 1;
 err:
R
Rich Salz 已提交
332
    BN_CTX_free(ctx);
R
Rich Salz 已提交
333
    EC_POINT_free(point);
D
Dr. Stephen Henson 已提交
334
    return ok;
335 336 337 338 339 340 341 342
}

int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x,
                                             BIGNUM *y)
{
    BN_CTX *ctx = NULL;
    BIGNUM *tx, *ty;
    EC_POINT *point = NULL;
343 344 345 346
    int ok = 0;
#ifndef OPENSSL_NO_EC2M
    int tmp_nid, is_char_two = 0;
#endif
347

D
Dr. Stephen Henson 已提交
348
    if (key == NULL || key->group == NULL || x == NULL || y == NULL) {
349 350 351 352 353
        ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
              ERR_R_PASSED_NULL_PARAMETER);
        return 0;
    }
    ctx = BN_CTX_new();
354
    if (ctx == NULL)
355
        return 0;
356

357
    BN_CTX_start(ctx);
358 359
    point = EC_POINT_new(key->group);

360
    if (point == NULL)
361 362
        goto err;

363 364
    tx = BN_CTX_get(ctx);
    ty = BN_CTX_get(ctx);
365 366
    if (ty == NULL)
        goto err;
367 368

#ifndef OPENSSL_NO_EC2M
369 370 371 372 373 374 375 376 377 378 379 380 381
    tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(key->group));

    if (tmp_nid == NID_X9_62_characteristic_two_field)
        is_char_two = 1;

    if (is_char_two) {
        if (!EC_POINT_set_affine_coordinates_GF2m(key->group, point,
                                                  x, y, ctx))
            goto err;
        if (!EC_POINT_get_affine_coordinates_GF2m(key->group, point,
                                                  tx, ty, ctx))
            goto err;
    } else
382
#endif
383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411
    {
        if (!EC_POINT_set_affine_coordinates_GFp(key->group, point,
                                                 x, y, ctx))
            goto err;
        if (!EC_POINT_get_affine_coordinates_GFp(key->group, point,
                                                 tx, ty, ctx))
            goto err;
    }
    /*
     * Check if retrieved coordinates match originals and are less than field
     * order: if not values are out of range.
     */
    if (BN_cmp(x, tx) || BN_cmp(y, ty)
        || (BN_cmp(x, key->group->field) >= 0)
        || (BN_cmp(y, key->group->field) >= 0)) {
        ECerr(EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES,
              EC_R_COORDINATES_OUT_OF_RANGE);
        goto err;
    }

    if (!EC_KEY_set_public_key(key, point))
        goto err;

    if (EC_KEY_check_key(key) == 0)
        goto err;

    ok = 1;

 err:
412
    BN_CTX_end(ctx);
R
Rich Salz 已提交
413
    BN_CTX_free(ctx);
R
Rich Salz 已提交
414
    EC_POINT_free(point);
415 416 417
    return ok;

}
418

N
Nils Larsch 已提交
419
const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key)
420 421 422
{
    return key->group;
}
N
Nils Larsch 已提交
423 424

int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group)
425
{
D
Dr. Stephen Henson 已提交
426
    if (key->meth->set_group != NULL && key->meth->set_group(key, group) == 0)
D
Dr. Stephen Henson 已提交
427
        return 0;
R
Rich Salz 已提交
428
    EC_GROUP_free(key->group);
429 430 431
    key->group = EC_GROUP_dup(group);
    return (key->group == NULL) ? 0 : 1;
}
N
Nils Larsch 已提交
432 433

const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key)
434 435 436
{
    return key->priv_key;
}
N
Nils Larsch 已提交
437 438

int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
439
{
440 441
    if (key->group == NULL || key->group->meth == NULL)
        return 0;
442 443
    if (key->group->meth->set_private != NULL
        && key->group->meth->set_private(key, priv_key) == 0)
444
        return 0;
D
Dr. Stephen Henson 已提交
445 446
    if (key->meth->set_private != NULL
        && key->meth->set_private(key, priv_key) == 0)
D
Dr. Stephen Henson 已提交
447
        return 0;
R
Rich Salz 已提交
448
    BN_clear_free(key->priv_key);
449 450 451
    key->priv_key = BN_dup(priv_key);
    return (key->priv_key == NULL) ? 0 : 1;
}
N
Nils Larsch 已提交
452 453

const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key)
454 455 456
{
    return key->pub_key;
}
N
Nils Larsch 已提交
457 458

int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key)
459
{
D
Dr. Stephen Henson 已提交
460 461
    if (key->meth->set_public != NULL
        && key->meth->set_public(key, pub_key) == 0)
D
Dr. Stephen Henson 已提交
462
        return 0;
R
Rich Salz 已提交
463
    EC_POINT_free(key->pub_key);
464 465 466
    key->pub_key = EC_POINT_dup(pub_key, key->group);
    return (key->pub_key == NULL) ? 0 : 1;
}
N
Nils Larsch 已提交
467 468

unsigned int EC_KEY_get_enc_flags(const EC_KEY *key)
469 470 471
{
    return key->enc_flag;
}
N
Nils Larsch 已提交
472 473

void EC_KEY_set_enc_flags(EC_KEY *key, unsigned int flags)
474 475 476
{
    key->enc_flag = flags;
}
N
Nils Larsch 已提交
477 478

point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key)
479 480 481
{
    return key->conv_form;
}
N
Nils Larsch 已提交
482 483

void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
484 485 486 487 488
{
    key->conv_form = cform;
    if (key->group != NULL)
        EC_GROUP_set_point_conversion_form(key->group, cform);
}
N
Nils Larsch 已提交
489 490

void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)
491 492 493 494
{
    if (key->group != NULL)
        EC_GROUP_set_asn1_flag(key->group, flag);
}
N
Nils Larsch 已提交
495 496

int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx)
497 498 499 500 501
{
    if (key->group == NULL)
        return 0;
    return EC_GROUP_precompute_mult(key->group, ctx);
}
502 503

int EC_KEY_get_flags(const EC_KEY *key)
504 505 506
{
    return key->flags;
}
507 508

void EC_KEY_set_flags(EC_KEY *key, int flags)
509 510 511
{
    key->flags |= flags;
}
512 513

void EC_KEY_clear_flags(EC_KEY *key, int flags)
514 515 516
{
    key->flags &= ~flags;
}
D
Dr. Stephen Henson 已提交
517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534

size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form,
                        unsigned char **pbuf, BN_CTX *ctx)
{
    if (key == NULL || key->pub_key == NULL || key->group == NULL)
        return 0;
    return EC_POINT_point2buf(key->group, key->pub_key, form, pbuf, ctx);
}

int EC_KEY_oct2key(EC_KEY *key, const unsigned char *buf, size_t len,
                   BN_CTX *ctx)
{
    if (key == NULL || key->group == NULL)
        return 0;
    if (key->pub_key == NULL)
        key->pub_key = EC_POINT_new(key->group);
    if (key->pub_key == NULL)
        return 0;
535 536 537 538 539 540 541 542 543 544 545 546
    if (EC_POINT_oct2point(key->group, key->pub_key, buf, len, ctx) == 0)
        return 0;
    /*
     * Save the point conversion form.
     * For non-custom curves the first octet of the buffer (excluding
     * the last significant bit) contains the point conversion form.
     * EC_POINT_oct2point() has already performed sanity checking of
     * the buffer so we know it is valid.
     */
    if ((key->group->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0)
        key->conv_form = (point_conversion_form_t)(buf[0] & ~0x01);
    return 1;
D
Dr. Stephen Henson 已提交
547
}
548

549 550
size_t EC_KEY_priv2oct(const EC_KEY *eckey, 
                       unsigned char *buf, size_t len)
551 552 553
{
    if (eckey->group == NULL || eckey->group->meth == NULL)
        return 0;
D
Dr. Stephen Henson 已提交
554 555 556 557 558 559 560 561 562 563 564 565
    if (eckey->group->meth->priv2oct == NULL) {
        ECerr(EC_F_EC_KEY_PRIV2OCT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return 0;
    }

    return eckey->group->meth->priv2oct(eckey, buf, len);
}

size_t ec_key_simple_priv2oct(const EC_KEY *eckey,
                              unsigned char *buf, size_t len)
{
    size_t buf_len;
566

567
    buf_len = (EC_GROUP_order_bits(eckey->group) + 7) / 8;
568 569 570 571 572 573 574 575 576
    if (eckey->priv_key == NULL)
        return 0;
    if (buf == NULL)
        return buf_len;
    else if (len < buf_len)
        return 0;

    /* Octetstring may need leading zeros if BN is to short */

D
Dr. Stephen Henson 已提交
577
    if (BN_bn2binpad(eckey->priv_key, buf, buf_len) == -1) {
D
Dr. Stephen Henson 已提交
578
        ECerr(EC_F_EC_KEY_SIMPLE_PRIV2OCT, EC_R_BUFFER_TOO_SMALL);
579 580 581 582 583 584
        return 0;
    }

    return buf_len;
}

585
int EC_KEY_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len)
586 587 588
{
    if (eckey->group == NULL || eckey->group->meth == NULL)
        return 0;
D
Dr. Stephen Henson 已提交
589 590 591 592 593 594
    if (eckey->group->meth->oct2priv == NULL) {
        ECerr(EC_F_EC_KEY_OCT2PRIV, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
        return 0;
    }
    return eckey->group->meth->oct2priv(eckey, buf, len);
}
595

596
int ec_key_simple_oct2priv(EC_KEY *eckey, const unsigned char *buf, size_t len)
D
Dr. Stephen Henson 已提交
597
{
598 599 600
    if (eckey->priv_key == NULL)
        eckey->priv_key = BN_secure_new();
    if (eckey->priv_key == NULL) {
D
Dr. Stephen Henson 已提交
601
        ECerr(EC_F_EC_KEY_SIMPLE_OCT2PRIV, ERR_R_MALLOC_FAILURE);
602 603 604 605
        return 0;
    }
    eckey->priv_key = BN_bin2bn(buf, len, eckey->priv_key);
    if (eckey->priv_key == NULL) {
D
Dr. Stephen Henson 已提交
606
        ECerr(EC_F_EC_KEY_SIMPLE_OCT2PRIV, ERR_R_BN_LIB);
607 608 609 610
        return 0;
    }
    return 1;
}
D
Dr. Stephen Henson 已提交
611 612 613 614 615 616

size_t EC_KEY_priv2buf(const EC_KEY *eckey, unsigned char **pbuf)
{
    size_t len;
    unsigned char *buf;
    len = EC_KEY_priv2oct(eckey, NULL, 0);
617 618
    if (len == 0)
        return 0;
D
Dr. Stephen Henson 已提交
619 620 621 622 623 624 625 626 627 628 629
    buf = OPENSSL_malloc(len);
    if (buf == NULL)
        return 0;
    len = EC_KEY_priv2oct(eckey, buf, len);
    if (len == 0) {
        OPENSSL_free(buf);
        return 0;
    }
    *pbuf = buf;
    return len;
}
D
Dr. Stephen Henson 已提交
630 631 632 633 634 635 636 637

int EC_KEY_can_sign(const EC_KEY *eckey)
{
    if (eckey->group == NULL || eckey->group->meth == NULL
        || (eckey->group->meth->flags & EC_FLAGS_NO_SIGN))
        return 0;
    return 1;
}