EC_KEY: add EC_KEY_decoded_from_explicit_params()
The function returns 1 when the encoding of a decoded EC key used
explicit encoding of the curve parameters.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12909)
Tomas Mraz
3 years ago
136 | 136 | ASN1_INTEGER *cofactor; |
137 | 137 | } /* ECPARAMETERS */ ; |
138 | 138 | |
139 | typedef enum { | |
140 | ECPKPARAMETERS_TYPE_NAMED = 0, | |
141 | ECPKPARAMETERS_TYPE_EXPLICIT, | |
142 | ECPKPARAMETERS_TYPE_IMPLICIT | |
143 | } ecpk_parameters_type_t; | |
144 | ||
139 | 145 | struct ecpk_parameters_st { |
140 | 146 | int type; |
141 | 147 | union { |
534 | 540 | return NULL; |
535 | 541 | } |
536 | 542 | } else { |
537 | if (ret->type == 0) | |
543 | if (ret->type == ECPKPARAMETERS_TYPE_NAMED) | |
538 | 544 | ASN1_OBJECT_free(ret->value.named_curve); |
539 | else if (ret->type == 1 && ret->value.parameters) | |
545 | else if (ret->type == ECPKPARAMETERS_TYPE_EXPLICIT | |
546 | && ret->value.parameters != NULL) | |
540 | 547 | ECPARAMETERS_free(ret->value.parameters); |
541 | 548 | } |
542 | 549 | |
553 | 560 | ECerr(EC_F_EC_GROUP_GET_ECPKPARAMETERS, EC_R_MISSING_OID); |
554 | 561 | ok = 0; |
555 | 562 | } else { |
556 | ret->type = 0; | |
563 | ret->type = ECPKPARAMETERS_TYPE_NAMED; | |
557 | 564 | ret->value.named_curve = asn1obj; |
558 | 565 | } |
559 | 566 | } else |
561 | 568 | ok = 0; |
562 | 569 | } else { |
563 | 570 | /* use the ECPARAMETERS structure */ |
564 | ret->type = 1; | |
571 | ret->type = ECPKPARAMETERS_TYPE_EXPLICIT; | |
565 | 572 | if ((ret->value.parameters = |
566 | 573 | EC_GROUP_get_ecparameters(group, NULL)) == NULL) |
567 | 574 | ok = 0; |
900 | 907 | return NULL; |
901 | 908 | } |
902 | 909 | |
903 | if (params->type == 0) { /* the curve is given by an OID */ | |
910 | if (params->type == ECPKPARAMETERS_TYPE_NAMED) { | |
911 | /* the curve is given by an OID */ | |
904 | 912 | tmp = OBJ_obj2nid(params->value.named_curve); |
905 | 913 | if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL) { |
906 | 914 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, |
908 | 916 | return NULL; |
909 | 917 | } |
910 | 918 | EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_NAMED_CURVE); |
911 | } else if (params->type == 1) { /* the parameters are given by a | |
912 | * ECPARAMETERS structure */ | |
919 | } else if (params->type == ECPKPARAMETERS_TYPE_EXPLICIT) { | |
920 | /* the parameters are given by an ECPARAMETERS structure */ | |
913 | 921 | ret = EC_GROUP_new_from_ecparameters(params->value.parameters); |
914 | 922 | if (!ret) { |
915 | 923 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, ERR_R_EC_LIB); |
916 | 924 | return NULL; |
917 | 925 | } |
918 | 926 | EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_EXPLICIT_CURVE); |
919 | } else if (params->type == 2) { /* implicitlyCA */ | |
927 | } else if (params->type == ECPKPARAMETERS_TYPE_IMPLICIT) { | |
928 | /* implicit parameters inherited from CA - unsupported */ | |
920 | 929 | return NULL; |
921 | 930 | } else { |
922 | 931 | ECerr(EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS, EC_R_ASN1_ERROR); |
946 | 955 | return NULL; |
947 | 956 | } |
948 | 957 | |
958 | if (params->type == ECPKPARAMETERS_TYPE_EXPLICIT) | |
959 | group->decoded_from_explicit_params = 1; | |
960 | ||
949 | 961 | if (a) { |
950 | 962 | EC_GROUP_free(*a); |
951 | 963 | *a = group; |
997 | 1009 | if (priv_key->parameters) { |
998 | 1010 | EC_GROUP_free(ret->group); |
999 | 1011 | ret->group = EC_GROUP_new_from_ecpkparameters(priv_key->parameters); |
1012 | if (ret->group != NULL | |
1013 | && priv_key->parameters->type == ECPKPARAMETERS_TYPE_EXPLICIT) | |
1014 | ret->group->decoded_from_explicit_params = 1; | |
1000 | 1015 | } |
1001 | 1016 | |
1002 | 1017 | if (ret->group == NULL) { |
563 | 563 | key->flags &= ~flags; |
564 | 564 | } |
565 | 565 | |
566 | int EC_KEY_decoded_from_explicit_params(const EC_KEY *key) | |
567 | { | |
568 | if (key == NULL || key->group == NULL) | |
569 | return -1; | |
570 | return key->group->decoded_from_explicit_params; | |
571 | } | |
572 | ||
566 | 573 | size_t EC_KEY_key2buf(const EC_KEY *key, point_conversion_form_t form, |
567 | 574 | unsigned char **pbuf, BN_CTX *ctx) |
568 | 575 | { |
210 | 210 | |
211 | 211 | dest->asn1_flag = src->asn1_flag; |
212 | 212 | dest->asn1_form = src->asn1_form; |
213 | dest->decoded_from_explicit_params = src->decoded_from_explicit_params; | |
213 | 214 | |
214 | 215 | if (src->seed) { |
215 | 216 | OPENSSL_free(dest->seed); |
208 | 208 | BIGNUM *order, *cofactor; |
209 | 209 | int curve_name; /* optional NID for named curve */ |
210 | 210 | int asn1_flag; /* flag to control the asn1 encoding */ |
211 | int decoded_from_explicit_params; /* set if decoded from explicit | |
212 | * curve parameters encoding */ | |
211 | 213 | point_conversion_form_t asn1_form; |
212 | 214 | unsigned char *seed; /* optional seed for parameters (appears in |
213 | 215 | * ASN1) */ |
8 | 8 | EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, |
9 | 9 | EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, |
10 | 10 | EC_KEY_get_conv_form, |
11 | EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, EC_KEY_precompute_mult, | |
11 | EC_KEY_set_conv_form, EC_KEY_set_asn1_flag, | |
12 | EC_KEY_decoded_from_explicit_params, EC_KEY_precompute_mult, | |
12 | 13 | EC_KEY_generate_key, EC_KEY_check_key, EC_KEY_set_public_key_affine_coordinates, |
13 | 14 | EC_KEY_oct2key, EC_KEY_key2buf, EC_KEY_oct2priv, EC_KEY_priv2oct, |
14 | 15 | EC_KEY_priv2buf - Functions for creating, destroying and manipulating |
37 | 38 | point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key); |
38 | 39 | void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform); |
39 | 40 | void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag); |
41 | int EC_KEY_decoded_from_explicit_params(const EC_KEY *key); | |
40 | 42 | int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx); |
41 | 43 | int EC_KEY_generate_key(EC_KEY *key); |
42 | 44 | int EC_KEY_check_key(const EC_KEY *key); |
117 | 119 | (if set). Refer to L<EC_GROUP_copy(3)> for further information on the |
118 | 120 | asn1_flag. |
119 | 121 | |
122 | EC_KEY_decoded_from_explicit_params() returns 1 if the group of the I<key> was | |
123 | decoded from data with explicitly encoded group parameters, -1 if the I<key> | |
124 | is NULL or the group parameters are missing, and 0 otherwise. | |
125 | ||
120 | 126 | EC_KEY_precompute_mult() stores multiples of the underlying EC_GROUP generator |
121 | 127 | for faster point multiplication. See also L<EC_POINT_add(3)>. |
122 | 128 |
827 | 827 | void EC_KEY_set_flags(EC_KEY *key, int flags); |
828 | 828 | |
829 | 829 | void EC_KEY_clear_flags(EC_KEY *key, int flags); |
830 | ||
831 | int EC_KEY_decoded_from_explicit_params(const EC_KEY *key); | |
830 | 832 | |
831 | 833 | /** Creates a new EC_KEY object using a named curve as underlying |
832 | 834 | * EC_GROUP object. |
182 | 182 | return ret; |
183 | 183 | } |
184 | 184 | |
185 | /* | |
186 | * Tests behavior of the decoded_from_explicit_params flag and API | |
187 | */ | |
188 | static int decoded_flag_test(void) | |
189 | { | |
190 | EC_GROUP *grp; | |
191 | EC_GROUP *grp_copy = NULL; | |
192 | ECPARAMETERS *ecparams = NULL; | |
193 | ECPKPARAMETERS *ecpkparams = NULL; | |
194 | EC_KEY *key = NULL; | |
195 | unsigned char *encodedparams = NULL; | |
196 | const unsigned char *encp; | |
197 | int encodedlen; | |
198 | int testresult = 0; | |
199 | ||
200 | /* Test EC_GROUP_new not setting the flag */ | |
201 | grp = EC_GROUP_new(EC_GFp_simple_method()); | |
202 | if (!TEST_ptr(grp) | |
203 | || !TEST_int_eq(grp->decoded_from_explicit_params, 0)) | |
204 | goto err; | |
205 | EC_GROUP_free(grp); | |
206 | ||
207 | /* Test EC_GROUP_new_by_curve_name not setting the flag */ | |
208 | grp = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1); | |
209 | if (!TEST_ptr(grp) | |
210 | || !TEST_int_eq(grp->decoded_from_explicit_params, 0)) | |
211 | goto err; | |
212 | ||
213 | /* Test EC_GROUP_new_from_ecparameters not setting the flag */ | |
214 | if (!TEST_ptr(ecparams = EC_GROUP_get_ecparameters(grp, NULL)) | |
215 | || !TEST_ptr(grp_copy = EC_GROUP_new_from_ecparameters(ecparams)) | |
216 | || !TEST_int_eq(grp_copy->decoded_from_explicit_params, 0)) | |
217 | goto err; | |
218 | EC_GROUP_free(grp_copy); | |
219 | grp_copy = NULL; | |
220 | ECPARAMETERS_free(ecparams); | |
221 | ecparams = NULL; | |
222 | ||
223 | /* Test EC_GROUP_new_from_ecpkparameters not setting the flag */ | |
224 | if (!TEST_int_eq(EC_GROUP_get_asn1_flag(grp), OPENSSL_EC_NAMED_CURVE) | |
225 | || !TEST_ptr(ecpkparams = EC_GROUP_get_ecpkparameters(grp, NULL)) | |
226 | || !TEST_ptr(grp_copy = EC_GROUP_new_from_ecpkparameters(ecpkparams)) | |
227 | || !TEST_int_eq(grp_copy->decoded_from_explicit_params, 0) | |
228 | || !TEST_ptr(key = EC_KEY_new()) | |
229 | /* Test EC_KEY_decoded_from_explicit_params on key without a group */ | |
230 | || !TEST_int_eq(EC_KEY_decoded_from_explicit_params(key), -1) | |
231 | || !TEST_int_eq(EC_KEY_set_group(key, grp_copy), 1) | |
232 | /* Test EC_KEY_decoded_from_explicit_params negative case */ | |
233 | || !TEST_int_eq(EC_KEY_decoded_from_explicit_params(key), 0)) | |
234 | goto err; | |
235 | EC_GROUP_free(grp_copy); | |
236 | grp_copy = NULL; | |
237 | ECPKPARAMETERS_free(ecpkparams); | |
238 | ecpkparams = NULL; | |
239 | ||
240 | /* Test d2i_ECPKParameters with named params not setting the flag */ | |
241 | if (!TEST_int_gt(encodedlen = i2d_ECPKParameters(grp, &encodedparams), 0) | |
242 | || !TEST_ptr(encp = encodedparams) | |
243 | || !TEST_ptr(grp_copy = d2i_ECPKParameters(NULL, &encp, encodedlen)) | |
244 | || !TEST_int_eq(grp_copy->decoded_from_explicit_params, 0)) | |
245 | goto err; | |
246 | EC_GROUP_free(grp_copy); | |
247 | grp_copy = NULL; | |
248 | OPENSSL_free(encodedparams); | |
249 | encodedparams = NULL; | |
250 | ||
251 | /* Asn1 flag stays set to explicit with EC_GROUP_new_from_ecpkparameters */ | |
252 | EC_GROUP_set_asn1_flag(grp, OPENSSL_EC_EXPLICIT_CURVE); | |
253 | if (!TEST_ptr(ecpkparams = EC_GROUP_get_ecpkparameters(grp, NULL)) | |
254 | || !TEST_ptr(grp_copy = EC_GROUP_new_from_ecpkparameters(ecpkparams)) | |
255 | || !TEST_int_eq(EC_GROUP_get_asn1_flag(grp_copy), OPENSSL_EC_EXPLICIT_CURVE) | |
256 | || !TEST_int_eq(grp_copy->decoded_from_explicit_params, 0)) | |
257 | goto err; | |
258 | EC_GROUP_free(grp_copy); | |
259 | grp_copy = NULL; | |
260 | ||
261 | /* Test d2i_ECPKParameters with explicit params setting the flag */ | |
262 | if (!TEST_int_gt(encodedlen = i2d_ECPKParameters(grp, &encodedparams), 0) | |
263 | || !TEST_ptr(encp = encodedparams) | |
264 | || !TEST_ptr(grp_copy = d2i_ECPKParameters(NULL, &encp, encodedlen)) | |
265 | || !TEST_int_eq(EC_GROUP_get_asn1_flag(grp_copy), OPENSSL_EC_EXPLICIT_CURVE) | |
266 | || !TEST_int_eq(grp_copy->decoded_from_explicit_params, 1) | |
267 | || !TEST_int_eq(EC_KEY_set_group(key, grp_copy), 1) | |
268 | /* Test EC_KEY_decoded_from_explicit_params positive case */ | |
269 | || !TEST_int_eq(EC_KEY_decoded_from_explicit_params(key), 1)) | |
270 | goto err; | |
271 | ||
272 | testresult = 1; | |
273 | ||
274 | err: | |
275 | EC_KEY_free(key); | |
276 | EC_GROUP_free(grp); | |
277 | EC_GROUP_free(grp_copy); | |
278 | ECPARAMETERS_free(ecparams); | |
279 | ECPKPARAMETERS_free(ecpkparams); | |
280 | OPENSSL_free(encodedparams); | |
281 | ||
282 | return testresult; | |
283 | } | |
284 | ||
185 | 285 | int setup_tests(void) |
186 | 286 | { |
187 | 287 | crv_len = EC_get_builtin_curves(NULL, 0); |
195 | 295 | ADD_TEST(field_tests_ec2_simple); |
196 | 296 | #endif |
197 | 297 | ADD_ALL_TESTS(field_tests_default, crv_len); |
298 | ADD_TEST(decoded_flag_test); | |
198 | 299 | return 1; |
199 | 300 | } |
200 | 301 |