X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fasn1%2Fx_pubkey.c;h=01698dd21730b32cadfb86477950188918740f49;hb=5fa5eb71a4eb1e015228327eeae415e129ef2faf;hp=f6f2a0daca06fc2a79dcf1f0ed687bda9220dc03;hpb=690ecff7953193cc8e66b588216805f3014df778;p=oweals%2Fopenssl.git

diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index f6f2a0daca..01698dd217 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -85,7 +85,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 	X509_PUBKEY *pk;
 	X509_ALGOR *a;
 	ASN1_OBJECT *o;
-	unsigned char *s,*p;
+	unsigned char *s,*p = NULL;
 	int i;
 
 	if (x == NULL) return(0);
@@ -119,7 +119,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 		dsa->write_params=0;
 		ASN1_TYPE_free(a->parameter);
 		i=i2d_DSAparams(dsa,NULL);
-		p=(unsigned char *)OPENSSL_malloc(i);
+		if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
 		pp=p;
 		i2d_DSAparams(dsa,&pp);
 		a->parameter=ASN1_TYPE_new();
@@ -129,47 +129,58 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 		OPENSSL_free(p);
 		}
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	else if (pkey->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+	else if (pkey->type == EVP_PKEY_EC)
 		{
+		int nid=0;
 		unsigned char *pp;
-		ECDSA *ecdsa;
+		EC_KEY *eckey;
 		
-		ecdsa = pkey->pkey.ecdsa;
-		ecdsa->write_params=0;
+		eckey = pkey->pkey.eckey;
 		ASN1_TYPE_free(a->parameter);
-		if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0)
-			{
-			X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB);
-			goto err;
-			}
-		if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
-			{
-			X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
-			goto err;
-			}	
-		pp = p;
-		if (!i2d_ECDSAParameters(ecdsa, &pp))
-			{
-			X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB);
-			OPENSSL_free(p);
-			goto err;
-			}
+
 		if ((a->parameter = ASN1_TYPE_new()) == NULL)
 			{
 			X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
-			OPENSSL_free(p);
 			goto err;
 			}
-		a->parameter->type = V_ASN1_SEQUENCE;
-		if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
+
+		if (EC_GROUP_get_asn1_flag(eckey->group)
+                     && (nid = EC_GROUP_get_nid(eckey->group)))
 			{
-			X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
+			/* just set the OID */
+			a->parameter->type = V_ASN1_OBJECT;
+			a->parameter->value.object = OBJ_nid2obj(nid);
+			}
+		else /* explicit parameters */
+			{
+			if ((i = i2d_ECParameters(eckey, NULL)) == 0)
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
+				goto err;
+				}
+			if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
+				goto err;
+				}	
+			pp = p;
+			if (!i2d_ECParameters(eckey, &pp))
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
+				OPENSSL_free(p);
+				goto err;
+				}
+			a->parameter->type = V_ASN1_SEQUENCE;
+			if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
+				OPENSSL_free(p);
+				goto err;
+				}
+			ASN1_STRING_set(a->parameter->value.sequence, p, i);
 			OPENSSL_free(p);
-			goto err;
 			}
-		ASN1_STRING_set(a->parameter->value.sequence, p, i);
-		OPENSSL_free(p);
 		}
 #endif
 	else if (1)
@@ -179,7 +190,11 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 		}
 
 	if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
-	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err;
+	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
+		{
+		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
+		goto err;
+		}
 	p=s;
 	i2d_PublicKey(pkey,&p);
 	if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
@@ -262,32 +277,53 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 		ret->save_parameters=1;
 		}
 #endif
-#ifndef OPENSSL_NO_ECDSA
-	else if (ret->type == EVP_PKEY_ECDSA)
+#ifndef OPENSSL_NO_EC
+	else if (ret->type == EVP_PKEY_EC)
 		{
 		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
 			{
-			if ((ret->pkey.ecdsa= ECDSA_new()) == NULL)
+			/* type == V_ASN1_SEQUENCE => we have explicit parameters
+                         * (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
+			 */
+			if ((ret->pkey.eckey= EC_KEY_new()) == NULL)
 				{
-				X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
+				X509err(X509_F_X509_PUBKEY_GET, 
+					ERR_R_MALLOC_FAILURE);
 				goto err;
 				}
-			ret->pkey.ecdsa->write_params = 0;
 			cp = p = a->parameter->value.sequence->data;
 			j = a->parameter->value.sequence->length;
-			if (!d2i_ECDSAParameters(&ret->pkey.ecdsa, &cp, (long)j))
+			if (!d2i_ECParameters(&ret->pkey.eckey, &cp, (long)j))
 				{
-				X509err(X509_F_X509_PUBKEY_GET, ERR_R_ECDSA_LIB);
+				X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
 				goto err;
 				}
 			}
+		else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
+			{
+			/* type == V_ASN1_OBJECT => the parameters are given
+			 * by an asn1 OID
+			 */
+			EC_KEY *eckey;
+			if (ret->pkey.eckey == NULL)
+				ret->pkey.eckey = EC_KEY_new();
+			eckey = ret->pkey.eckey;
+			if (eckey->group)
+				EC_GROUP_free(eckey->group);
+			if ((eckey->group = EC_GROUP_new_by_nid(
+                             OBJ_obj2nid(a->parameter->value.object))) == NULL)
+				goto err;
+			EC_GROUP_set_asn1_flag(eckey->group, 
+						OPENSSL_EC_NAMED_CURVE);
+			}
+			/* the case implicitlyCA is currently not implemented */
 		ret->save_parameters = 1;
 		}
 #endif
 
 	p=key->public_key->data;
         j=key->public_key->length;
-        if ((ret = d2i_PublicKey(type, &ret, &p, (long)j)) == NULL)
+        if (!d2i_PublicKey(type, &ret, &p, (long)j))
 		{
 		X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
 		goto err;
@@ -418,38 +454,38 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
 	}
 #endif
 
-#ifndef OPENSSL_NO_ECDSA
-ECDSA *d2i_ECDSA_PUBKEY(ECDSA **a, unsigned char **pp, long length)
+#ifndef OPENSSL_NO_EC
+EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, unsigned char **pp, long length)
 	{
 	EVP_PKEY *pkey;
-	ECDSA *key;
+	EC_KEY *key;
 	unsigned char *q;
 	q = *pp;
 	pkey = d2i_PUBKEY(NULL, &q, length);
 	if (!pkey) return(NULL);
-	key = EVP_PKEY_get1_ECDSA(pkey);
+	key = EVP_PKEY_get1_EC_KEY(pkey);
 	EVP_PKEY_free(pkey);
 	if (!key)  return(NULL);
 	*pp = q;
 	if (a)
 		{
-		ECDSA_free(*a);
+		EC_KEY_free(*a);
 		*a = key;
 		}
 	return(key);
 	}
 
-int i2d_ECDSA_PUBKEY(ECDSA *a, unsigned char **pp)
+int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
 	{
 	EVP_PKEY *pktmp;
 	int ret;
 	if (!a)	return(0);
 	if ((pktmp = EVP_PKEY_new()) == NULL)
 		{
-		ASN1err(ASN1_F_I2D_ECDSA_PUBKEY, ERR_R_MALLOC_FAILURE);
+		ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
 		return(0);
 		}
-	EVP_PKEY_set1_ECDSA(pktmp, a);
+	EVP_PKEY_set1_EC_KEY(pktmp, a);
 	ret = i2d_PUBKEY(pktmp, pp);
 	EVP_PKEY_free(pktmp);
 	return(ret);