From: Shane Lontis Date: Thu, 20 Feb 2020 06:16:21 +0000 (+1000) Subject: Add ECDH to fips provider X-Git-Tag: openssl-3.0.0-alpha1~281 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1c725f463edf0a5b33a2a93e9a43a9ab682af7db;p=oweals%2Fopenssl.git Add ECDH to fips provider Note: This PR has not attempted to move the curves into the provider dispatch table. Mappings between the curve name / nid have been added to the inbuilt curve table. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/11133) --- diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index 5951615ec2..c558ab983e 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -20,6 +20,7 @@ #include #include #include "internal/nelem.h" +#include "e_os.h" /* strcasecmp required by windows */ typedef struct { int field_type, /* either NID_X9_62_prime_field or @@ -2816,6 +2817,7 @@ static const struct { #endif /* OPENSSL_NO_SM2 */ typedef struct _ec_list_element_st { + const char *name; int nid; const EC_CURVE_DATA *data; const EC_METHOD *(*meth) (void); @@ -2826,15 +2828,15 @@ typedef struct _ec_list_element_st { static const ec_list_element curve_list[] = { /* prime field curves */ /* secg curves */ -# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 - {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, - "NIST/SECG curve over a 224 bit prime field"}, + {"secp224r1", NID_secp224r1, &_EC_NIST_PRIME_224.h, +# if !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) + EC_GFp_nistp224_method, # else - {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, - "NIST/SECG curve over a 224 bit prime field"}, + 0, # endif + "NIST/SECG curve over a 224 bit prime field"}, /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ - {NID_secp384r1, &_EC_NIST_PRIME_384.h, + {"secp384r1", NID_secp384r1, &_EC_NIST_PRIME_384.h, # if defined(S390X_EC_ASM) EC_GFp_s390x_nistp384_method, # else @@ -2842,7 +2844,7 @@ static const ec_list_element curve_list[] = { # endif "NIST/SECG curve over a 384 bit prime field"}, - {NID_secp521r1, &_EC_NIST_PRIME_521.h, + {"secp521r1", NID_secp521r1, &_EC_NIST_PRIME_521.h, # if defined(S390X_EC_ASM) EC_GFp_s390x_nistp521_method, # elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) @@ -2853,9 +2855,9 @@ static const ec_list_element curve_list[] = { "NIST/SECG curve over a 521 bit prime field"}, /* X9.62 curves */ - {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, + {"prime192v1", NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, "NIST/X9.62/SECG curve over a 192 bit prime field"}, - {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, + {"prime256v1", NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, # if defined(ECP_NISTZ256_ASM) EC_GFp_nistz256_method, # elif defined(S390X_EC_ASM) @@ -2870,25 +2872,25 @@ static const ec_list_element curve_list[] = { # ifndef OPENSSL_NO_EC2M /* characteristic two field curves */ /* NIST/SECG curves */ - {NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, + {"sect163k1", NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field"}, - {NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, + {"sect163r2", NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, "NIST/SECG curve over a 163 bit binary field"}, - {NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, + {"sect233k1", NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"}, - {NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, + {"sect233r1", NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"}, - {NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, + {"sect283k1", NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, "NIST/SECG curve over a 283 bit binary field"}, - {NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, + {"sect283r1", NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, "NIST/SECG curve over a 283 bit binary field"}, - {NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, + {"sect409k1", NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, "NIST/SECG curve over a 409 bit binary field"}, - {NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, + {"sect409r1", NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, "NIST/SECG curve over a 409 bit binary field"}, - {NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, + {"sect571k1", NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, "NIST/SECG curve over a 571 bit binary field"}, - {NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, + {"sect571r1", NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, "NIST/SECG curve over a 571 bit binary field"}, # endif }; @@ -2898,43 +2900,43 @@ static const ec_list_element curve_list[] = { static const ec_list_element curve_list[] = { /* prime field curves */ /* secg curves */ - {NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, + {"secp112r1", NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field"}, - {NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, + {"secp112r2", NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, "SECG curve over a 112 bit prime field"}, - {NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, + {"secp128r1", NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, "SECG curve over a 128 bit prime field"}, - {NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, + {"secp128r2", NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, "SECG curve over a 128 bit prime field"}, - {NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, + {"secp160k1", NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, "SECG curve over a 160 bit prime field"}, - {NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, + {"secp160r1", NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, "SECG curve over a 160 bit prime field"}, - {NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, + {"secp160r2", NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field"}, /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */ - {NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, + {"secp192k1", NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, "SECG curve over a 192 bit prime field"}, - {NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, + {"secp224k1", NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, "SECG curve over a 224 bit prime field"}, # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 - {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + {"secp224r1", NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, "NIST/SECG curve over a 224 bit prime field"}, # else - {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, + {"secp224r1", NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, "NIST/SECG curve over a 224 bit prime field"}, # endif - {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, + {"secp256k1", NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field"}, /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ - {NID_secp384r1, &_EC_NIST_PRIME_384.h, + {"secp384r1", NID_secp384r1, &_EC_NIST_PRIME_384.h, # if defined(S390X_EC_ASM) EC_GFp_s390x_nistp384_method, # else 0, # endif "NIST/SECG curve over a 384 bit prime field"}, - {NID_secp521r1, &_EC_NIST_PRIME_521.h, + {"secp521r1", NID_secp521r1, &_EC_NIST_PRIME_521.h, # if defined(S390X_EC_ASM) EC_GFp_s390x_nistp521_method, # elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) @@ -2944,19 +2946,19 @@ static const ec_list_element curve_list[] = { # endif "NIST/SECG curve over a 521 bit prime field"}, /* X9.62 curves */ - {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, + {"prime192v1", NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, "NIST/X9.62/SECG curve over a 192 bit prime field"}, - {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, + {"prime192v2", NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, "X9.62 curve over a 192 bit prime field"}, - {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, + {"prime192v3", NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, "X9.62 curve over a 192 bit prime field"}, - {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, + {"prime239v1", NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, "X9.62 curve over a 239 bit prime field"}, - {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, + {"prime239v2", NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, "X9.62 curve over a 239 bit prime field"}, - {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, + {"prime239v3", NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, "X9.62 curve over a 239 bit prime field"}, - {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, + {"prime256v1", NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, # if defined(ECP_NISTZ256_ASM) EC_GFp_nistz256_method, # elif defined(S390X_EC_ASM) @@ -2970,144 +2972,144 @@ static const ec_list_element curve_list[] = { # ifndef OPENSSL_NO_EC2M /* characteristic two field curves */ /* NIST/SECG curves */ - {NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, + {"sect113r1", NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field"}, - {NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, + {"sect113r2", NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, "SECG curve over a 113 bit binary field"}, - {NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, + { "sect131r1", NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, "SECG/WTLS curve over a 131 bit binary field"}, - {NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, + { "sect131r2", NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, "SECG curve over a 131 bit binary field"}, - {NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, + {"sect163k1", NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field"}, - {NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, + {"sect163r1", NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, "SECG curve over a 163 bit binary field"}, - {NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, + {"sect163r2", NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, "NIST/SECG curve over a 163 bit binary field"}, - {NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, + {"sect193r1", NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, "SECG curve over a 193 bit binary field"}, - {NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, + {"sect193r2", NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, "SECG curve over a 193 bit binary field"}, - {NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, + {"sect233k1", NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"}, - {NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, + {"sect233r1", NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"}, - {NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, + {"sect239k1", NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, "SECG curve over a 239 bit binary field"}, - {NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, + {"sect283k1", NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, "NIST/SECG curve over a 283 bit binary field"}, - {NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, + {"sect283r1", NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, "NIST/SECG curve over a 283 bit binary field"}, - {NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, + {"sect409k1", NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, "NIST/SECG curve over a 409 bit binary field"}, - {NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, + {"sect409r1", NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, "NIST/SECG curve over a 409 bit binary field"}, - {NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, + {"sect571k1", NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, "NIST/SECG curve over a 571 bit binary field"}, - {NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, + {"sect571r1", NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, "NIST/SECG curve over a 571 bit binary field"}, /* X9.62 curves */ - {NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, + {"c2pnb163v1", NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field"}, - {NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, + {"c2pnb163v2", NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, "X9.62 curve over a 163 bit binary field"}, - {NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, + {"c2pnb163v3", NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, "X9.62 curve over a 163 bit binary field"}, - {NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, + {"c2pnb176v1", NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, "X9.62 curve over a 176 bit binary field"}, - {NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, + {"c2tnb191v1", NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, "X9.62 curve over a 191 bit binary field"}, - {NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, + {"c2tnb191v2", NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, "X9.62 curve over a 191 bit binary field"}, - {NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, + {"c2tnb191v3", NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, "X9.62 curve over a 191 bit binary field"}, - {NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, + {"c2pnb208w1", NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, "X9.62 curve over a 208 bit binary field"}, - {NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, + {"c2tnb239v1", NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, "X9.62 curve over a 239 bit binary field"}, - {NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, + {"c2tnb239v2", NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, "X9.62 curve over a 239 bit binary field"}, - {NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, + {"c2tnb239v3", NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, "X9.62 curve over a 239 bit binary field"}, - {NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, + {"c2pnb272w1", NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, "X9.62 curve over a 272 bit binary field"}, - {NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, + {"c2pnb304w1", NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, "X9.62 curve over a 304 bit binary field"}, - {NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, + {"c2tnb359v1", NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, "X9.62 curve over a 359 bit binary field"}, - {NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, + {"c2pnb368w1", NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, "X9.62 curve over a 368 bit binary field"}, - {NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, + {"c2tnb431r1", NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, "X9.62 curve over a 431 bit binary field"}, /* * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves * from X9.62] */ - {NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, + {"wap-wsg-idm-ecid-wtls1", NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, "WTLS curve over a 113 bit binary field"}, - {NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, + {"wap-wsg-idm-ecid-wtls3", NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field"}, - {NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, + {"wap-wsg-idm-ecid-wtls4", NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field"}, - {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, + {"wap-wsg-idm-ecid-wtls5", NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field"}, # endif - {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, + {"wap-wsg-idm-ecid-wtls6", NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field"}, - {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, + {"wap-wsg-idm-ecid-wtls7", NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field"}, - {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, + {"wap-wsg-idm-ecid-wtls8", NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, "WTLS curve over a 112 bit prime field"}, - {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, + {"wap-wsg-idm-ecid-wtls9", NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, "WTLS curve over a 160 bit prime field"}, # ifndef OPENSSL_NO_EC2M - {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, + {"wap-wsg-idm-ecid-wtls10", NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"}, - {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, + {"wap-wsg-idm-ecid-wtls11", NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field"}, # endif - {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, + {"wap-wsg-idm-ecid-wtls12", NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, "WTLS curve over a 224 bit prime field"}, # ifndef OPENSSL_NO_EC2M /* IPSec curves */ - {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, + {"Oakley-EC2N-3", NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n" "\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, - {NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, + {"Oakley-EC2N-4", NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n" "\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, # endif /* brainpool curves */ - {NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0, + {"brainpoolP160r1", NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0, "RFC 5639 curve over a 160 bit prime field"}, - {NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0, + {"brainpoolP160t1", NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0, "RFC 5639 curve over a 160 bit prime field"}, - {NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0, + {"brainpoolP192r1", NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0, "RFC 5639 curve over a 192 bit prime field"}, - {NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0, + {"brainpoolP192t1", NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0, "RFC 5639 curve over a 192 bit prime field"}, - {NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0, + {"brainpoolP224r1", NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0, "RFC 5639 curve over a 224 bit prime field"}, - {NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0, + {"brainpoolP224t1", NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0, "RFC 5639 curve over a 224 bit prime field"}, - {NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0, + {"brainpoolP256r1", NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0, "RFC 5639 curve over a 256 bit prime field"}, - {NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0, + {"brainpoolP256t1", NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0, "RFC 5639 curve over a 256 bit prime field"}, - {NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0, + {"brainpoolP320r1", NID_brainpoolP320r1, &_EC_brainpoolP320r1.h, 0, "RFC 5639 curve over a 320 bit prime field"}, - {NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0, + {"brainpoolP320t1", NID_brainpoolP320t1, &_EC_brainpoolP320t1.h, 0, "RFC 5639 curve over a 320 bit prime field"}, - {NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, + {"brainpoolP384r1", NID_brainpoolP384r1, &_EC_brainpoolP384r1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, - {NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, + {"brainpoolP384t1", NID_brainpoolP384t1, &_EC_brainpoolP384t1.h, 0, "RFC 5639 curve over a 384 bit prime field"}, - {NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, + {"brainpoolP512r1", NID_brainpoolP512r1, &_EC_brainpoolP512r1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, - {NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, + {"brainpoolP512t1", NID_brainpoolP512t1, &_EC_brainpoolP512t1.h, 0, "RFC 5639 curve over a 512 bit prime field"}, # ifndef OPENSSL_NO_SM2 - {NID_sm2, &_EC_sm2p256v1.h, 0, + {"SM2", NID_sm2, &_EC_sm2p256v1.h, 0, "SM2 curve over a 256 bit prime field"}, # endif }; @@ -3115,6 +3117,28 @@ static const ec_list_element curve_list[] = { #define curve_list_length OSSL_NELEM(curve_list) +const char *ec_curve_nid2name(int nid) +{ + int i; + + for (i = 0; i < (int)curve_list_length; i++) { + if (curve_list[i].nid == nid) + return curve_list[i].name; + } + return NULL; +} + +int ec_curve_name2nid(const char *name) +{ + int i; + + for (i = 0; i < (int)curve_list_length; i++) { + if (strcasecmp(curve_list[i].name, name) == 0) + return curve_list[i].nid; + } + return NID_undef; +} + static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, const ec_list_element curve) { diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index ae3e974231..3bbf8227c6 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -627,6 +627,11 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, } +OPENSSL_CTX *ec_key_get_libctx(const EC_KEY *key) +{ + return key->libctx; +} + const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key) { return key->group; diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index e66a501a0e..078d8b35fa 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -1261,8 +1261,3 @@ int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx) return group->meth->blind_coordinates(group, p, ctx); } - -OPENSSL_CTX *ec_key_get_libctx(const EC_KEY *eckey) -{ - return eckey->libctx; -} diff --git a/include/crypto/ec.h b/include/crypto/ec.h index 9ebf45d0f4..91540fd856 100644 --- a/include/crypto/ec.h +++ b/include/crypto/ec.h @@ -54,5 +54,7 @@ int ec_key_public_check(const EC_KEY *eckey, BN_CTX *ctx); int ec_key_private_check(const EC_KEY *eckey); int ec_key_pairwise_check(const EC_KEY *eckey, BN_CTX *ctx); OPENSSL_CTX *ec_key_get_libctx(const EC_KEY *eckey); +const char *ec_curve_nid2name(int nid); +int ec_curve_name2nid(const char *name); # endif /* OPENSSL_NO_EC */ #endif diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 7063bf5c3f..48394b27d5 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -794,6 +794,9 @@ static const OSSL_ALGORITHM fips_kdfs[] = { static const OSSL_ALGORITHM fips_keyexch[] = { #ifndef OPENSSL_NO_DH { "DH:dhKeyAgreement", "provider=fips,fips=yes", dh_keyexch_functions }, +#endif +#ifndef OPENSSL_NO_EC + { "ECDH:id-ecPublicKey", "provider=fips,fips=yes", ecdh_keyexch_functions }, #endif { NULL, NULL, NULL } }; @@ -818,6 +821,9 @@ static const OSSL_ALGORITHM fips_keymgmt[] = { { "DSA", "provider=fips,fips=yes", dsa_keymgmt_functions }, #endif { "RSA:rsaEncryption", "provider=fips,fips=yes", rsa_keymgmt_functions }, +#ifndef OPENSSL_NO_EC + { "EC:id-ecPublicKey", "provider=fips,fips=yes", ec_keymgmt_functions }, +#endif { NULL, NULL, NULL } }; diff --git a/providers/implementations/exchange/build.info b/providers/implementations/exchange/build.info index 82b688def3..3127f9a3e7 100644 --- a/providers/implementations/exchange/build.info +++ b/providers/implementations/exchange/build.info @@ -22,5 +22,6 @@ ENDIF IF[{- !$disabled{ec} -}] SOURCE[$ECX_GOAL]=ecx_exch.c DEFINE[$ECX_GOAL]=$ECDEF - SOURCE[$ECDH_GOAL]=ecdh_exch.c + SOURCE[../../libfips.a]=ecdh_exch.c + SOURCE[../../libnonfips.a]=ecdh_exch.c ENDIF diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c index bf353fa175..7293e0b9fe 100644 --- a/providers/implementations/exchange/ecdh_exch.c +++ b/providers/implementations/exchange/ecdh_exch.c @@ -458,6 +458,7 @@ int ecdh_plain_derive(void *vpecdhctx, unsigned char *secret, return ret; } +#ifndef FIPS_MODE static ossl_inline int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, size_t *psecretlen, size_t outlen) @@ -497,6 +498,7 @@ int ecdh_X9_63_kdf_derive(void *vpecdhctx, unsigned char *secret, OPENSSL_secure_clear_free(stmp, stmplen); return ret; } +#endif /* FIPS_MODE */ static int ecdh_derive(void *vpecdhctx, unsigned char *secret, @@ -507,8 +509,13 @@ int ecdh_derive(void *vpecdhctx, unsigned char *secret, switch (pecdhctx->kdf_type) { case PROV_ECDH_KDF_NONE: return ecdh_plain_derive(vpecdhctx, secret, psecretlen, outlen); +#ifndef FIPS_MODE case PROV_ECDH_KDF_X9_63: return ecdh_X9_63_kdf_derive(vpecdhctx, secret, psecretlen, outlen); + +#endif /* FIPS_MODE */ + default: + break; } return 0; diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 2db23cd489..43ccb5d0a9 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -23,6 +23,7 @@ #include "internal/param_build.h" #include "prov/implementations.h" #include "prov/providercommon.h" +#include "prov/provider_ctx.h" static OSSL_OP_keymgmt_new_fn ec_newdata; static OSSL_OP_keymgmt_free_fn ec_freedata; @@ -81,10 +82,11 @@ int params_to_domparams(EC_KEY *ec, const OSSL_PARAM params[]) if (!OSSL_PARAM_get_utf8_string(param_ec_name, &curve_name, 0) || curve_name == NULL - || (curve_nid = OBJ_sn2nid(curve_name)) == NID_undef) + || (curve_nid = ec_curve_name2nid(curve_name)) == NID_undef) goto err; - if ((ecg = EC_GROUP_new_by_curve_name(curve_nid)) == NULL) + if ((ecg = EC_GROUP_new_by_curve_name_ex(ec_key_get_libctx(ec), + curve_nid)) == NULL) goto err; } @@ -130,7 +132,7 @@ int domparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl) /* named curve */ const char *curve_name = NULL; - if ((curve_name = OBJ_nid2sn(curve_nid)) == NULL) + if ((curve_name = ec_curve_nid2name(curve_nid)) == NULL) return 0; if (!ossl_param_bld_push_utf8_string(tmpl, OSSL_PKEY_PARAM_EC_NAME, curve_name, 0)) @@ -152,6 +154,7 @@ static ossl_inline int params_to_key(EC_KEY *ec, const OSSL_PARAM params[], int include_private) { const OSSL_PARAM *param_priv_key, *param_pub_key; + BN_CTX *ctx = NULL; BIGNUM *priv_key = NULL; unsigned char *pub_key = NULL; size_t pub_key_len; @@ -168,6 +171,9 @@ int params_to_key(EC_KEY *ec, const OSSL_PARAM params[], int include_private) param_pub_key = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY); + ctx = BN_CTX_new_ex(ec_key_get_libctx(ec)); + if (ctx == NULL) + goto err; /* * We want to have at least a public key either way, so we end up * requiring it unconditionally. @@ -177,7 +183,7 @@ int params_to_key(EC_KEY *ec, const OSSL_PARAM params[], int include_private) (void **)&pub_key, 0, &pub_key_len) || (pub_point = EC_POINT_new(ecg)) == NULL || !EC_POINT_oct2point(ecg, pub_point, - pub_key, pub_key_len, NULL)) + pub_key, pub_key_len, ctx)) goto err; if (param_priv_key != NULL && include_private) { @@ -223,7 +229,7 @@ int params_to_key(EC_KEY *ec, const OSSL_PARAM params[], int include_private) fixed_top = bn_get_top(order) + 2; - if ((priv_key = BN_new()) == NULL) + if ((priv_key = BN_secure_new()) == NULL) goto err; if (bn_wexpand(priv_key, fixed_top) == NULL) goto err; @@ -243,6 +249,7 @@ int params_to_key(EC_KEY *ec, const OSSL_PARAM params[], int include_private) ok = 1; err: + BN_CTX_free(ctx); BN_clear_free(priv_key); OPENSSL_free(pub_key); EC_POINT_free(pub_point); @@ -411,7 +418,7 @@ int otherparams_to_params(const EC_KEY *ec, OSSL_PARAM_BLD *tmpl) static void *ec_newdata(void *provctx) { - return EC_KEY_new(); + return EC_KEY_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx)); } static diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t index 9b940aa5ec..7263f29290 100644 --- a/test/recipes/30-test_evp.t +++ b/test/recipes/30-test_evp.t @@ -31,9 +31,9 @@ my @configs = ( $defaultcnf ); # Only add the FIPS config if the FIPS module has been built push @configs, 'fips.cnf' unless $no_fips; -my @files = qw( evpciph.txt evpdigest.txt evppkey.txt); +my @files = qw( evpciph.txt evpdigest.txt evppkey.txt evppkey_ecc.txt); my @defltfiles = qw( evpencod.txt evpkdf.txt evppkey_kdf.txt evpmac.txt - evppbe.txt evppkey_ecc.txt evpcase.txt evpccmcavs.txt ); + evppbe.txt evpcase.txt evpccmcavs.txt ); my @ideafiles = qw( evpciph_idea.txt ); push @defltfiles, @ideafiles unless disabled("idea");