From: Bodo Möller Date: Fri, 8 Mar 2002 11:10:40 +0000 (+0000) Subject: EC curve stuff X-Git-Tag: OpenSSL_0_9_6d~20^2~87 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=4882171df5ba7cb8735b685478a008df25eef47a;p=oweals%2Fopenssl.git EC curve stuff Submitted by: Nils Larsch --- diff --git a/apps/ecdsaparam.c b/apps/ecdsaparam.c index 4b171c4f67..199a363644 100644 --- a/apps/ecdsaparam.c +++ b/apps/ecdsaparam.c @@ -149,6 +149,21 @@ * -X9_62_239v2 - use the X9_62 239v2 example curve over a 239 bit prime field * -X9_62_239v3 - use the X9_62 239v3 example curve over a 239 bit prime field * -X9_62_256v1 - use the X9_62 239v1 example curve over a 256 bit prime field + * -SECG_PRIME_112R1 - use the SECG 112r1 recommeded curve over a 112 bit prime field + * -SECG_PRIME_112R2 - use the SECG 112r2 recommeded curve over a 112 bit prime field + * -SECG_PRIME_128R1 - use the SECG 128r1 recommeded curve over a 128 bit prime field + * -SECG_PRIME_128R2 - use the SECG 128r2 recommeded curve over a 128 bit prime field + * -SECG_PRIME_160K1 - use the SECG 160k1 recommeded curve over a 160 bit prime field + * -SECG_PRIME_160R1 - use the SECG 160r1 recommeded curve over a 160 bit prime field + * -SECG_PRIME_160R2 - use the SECG 160r2 recommeded curve over a 160 bit prime field + * -SECG_PRIME_192K1 - use the SECG 192k1 recommeded curve over a 192 bit prime field + * -SECG_PRIME_192R1 - use the SECG 192r1 recommeded curve over a 192 bit prime field + * -SECG_PRIME_224K1 - use the SECG 224k1 recommeded curve over a 224 bit prime field + * -SECG_PRIME_224R1 - use the SECG 224r1 recommeded curve over a 224 bit prime field + * -SECG_PRIME_256K1 - use the SECG 256k1 recommeded curve over a 256 bit prime field + * -SECG_PRIME_256R1 - use the SECG 256r1 recommeded curve over a 256 bit prime field + * -SECG_PRIME_384R1 - use the SECG 384r1 recommeded curve over a 384 bit prime field + * -SECG_PRIME_521R1 - use the SECG 521r1 recommeded curve over a 521 bit prime field */ int MAIN(int, char **); @@ -304,28 +319,43 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] [bits] outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -C Output C code\n"); - BIO_printf(bio_err," -noout no output\n"); - BIO_printf(bio_err," -rand files to use for random number input\n"); - BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); - BIO_printf(bio_err," -named_curve use the curve oid instead of the parameters\n"); - BIO_printf(bio_err," -NIST_192 use the NIST recommeded curve parameters over a 192 bit prime field\n"); - BIO_printf(bio_err," -NIST_224 use the NIST recommeded curve parameters over a 224 bit prime field\n"); - BIO_printf(bio_err," -NIST_256 use the NIST recommeded curve parameters over a 256 bit prime field\n"); - BIO_printf(bio_err," -NIST_384 use the NIST recommeded curve parameters over a 384 bit prime field\n"); - BIO_printf(bio_err," -NIST_521 use the NIST recommeded curve parameters over a 521 bit prime field\n"); - BIO_printf(bio_err," -X9_62_192v1 use the X9_62 192v1 example curve over a 192 bit prime field\n"); - BIO_printf(bio_err," -X9_62_192v2 use the X9_62 192v2 example curve over a 192 bit prime field\n"); - BIO_printf(bio_err," -X9_62_192v3 use the X9_62 192v3 example curve over a 192 bit prime field\n"); - BIO_printf(bio_err," -X9_62_239v1 use the X9_62 239v1 example curve over a 239 bit prime field\n"); - BIO_printf(bio_err," -X9_62_239v2 use the X9_62 239v2 example curve over a 239 bit prime field\n"); - BIO_printf(bio_err," -X9_62_239v3 use the X9_62 239v3 example curve over a 239 bit prime field\n"); - BIO_printf(bio_err," -X9_62_256v1 use the X9_62 239v1 example curve over a 256 bit prime field\n"); + BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); + BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); + BIO_printf(bio_err," -in arg input file\n"); + BIO_printf(bio_err," -out arg output file\n"); + BIO_printf(bio_err," -text print the key in text\n"); + BIO_printf(bio_err," -C Output C code\n"); + BIO_printf(bio_err," -noout no output\n"); + BIO_printf(bio_err," -rand files to use for random number input\n"); + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); + BIO_printf(bio_err," -named_curve use the curve oid instead of the parameters\n"); + BIO_printf(bio_err," -NIST_192 use the NIST recommeded curve parameters over a 192 bit prime field\n"); + BIO_printf(bio_err," -NIST_224 use the NIST recommeded curve parameters over a 224 bit prime field\n"); + BIO_printf(bio_err," -NIST_256 use the NIST recommeded curve parameters over a 256 bit prime field\n"); + BIO_printf(bio_err," -NIST_384 use the NIST recommeded curve parameters over a 384 bit prime field\n"); + BIO_printf(bio_err," -NIST_521 use the NIST recommeded curve parameters over a 521 bit prime field\n"); + BIO_printf(bio_err," -X9_62_192v1 use the X9_62 192v1 example curve over a 192 bit prime field\n"); + BIO_printf(bio_err," -X9_62_192v2 use the X9_62 192v2 example curve over a 192 bit prime field\n"); + BIO_printf(bio_err," -X9_62_192v3 use the X9_62 192v3 example curve over a 192 bit prime field\n"); + BIO_printf(bio_err," -X9_62_239v1 use the X9_62 239v1 example curve over a 239 bit prime field\n"); + BIO_printf(bio_err," -X9_62_239v2 use the X9_62 239v2 example curve over a 239 bit prime field\n"); + BIO_printf(bio_err," -X9_62_239v3 use the X9_62 239v3 example curve over a 239 bit prime field\n"); + BIO_printf(bio_err," -X9_62_256v1 use the X9_62 239v1 example curve over a 256 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_112R1 use the SECG 112r1 recommeded curve over a 112 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_112R2 use the SECG 112r2 recommeded curve over a 112 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_128R1 use the SECG 128r1 recommeded curve over a 128 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_128R2 use the SECG 128r2 recommeded curve over a 128 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_160K1 use the SECG 160k1 recommeded curve over a 160 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_160R1 use the SECG 160r1 recommeded curve over a 160 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_160R2 use the SECG 160r2 recommeded curve over a 160 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_192K1 use the SECG 192k1 recommeded curve over a 192 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_192R1 use the SECG 192r1 recommeded curve over a 192 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_224K1 use the SECG 224k1 recommeded curve over a 224 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_224R1 use the SECG 224r1 recommeded curve over a 224 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_256K1 use the SECG 256k1 recommeded curve over a 256 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_256R1 use the SECG 256r1 recommeded curve over a 256 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_384R1 use the SECG 384r1 recommeded curve over a 384 bit prime field\n"); + BIO_printf(bio_err," -SECG_PRIME_521R1 use the SECG 521r1 recommeded curve over a 521 bit prime field\n"); goto end; } @@ -505,29 +535,37 @@ bad: */ printf("ECDSA *get_ecdsa%d(void)\n\t{\n",bits_p); + printf("\tint ok=0;\n"); printf("\tECDSA *ecdsa=NULL;\n"); printf("\tEC_POINT *point=NULL;\n"); printf("\tBIGNUM *tmp_1=NULL,*tmp_2=NULL,*tmp_3=NULL;\n\n"); printf("\tif ((ecdsa=ECDSA_new()) == NULL)\n"); printf("\t\treturn(NULL);\n\n"); printf("\t/* generate EC_GROUP structure */\n"); - printf("\ttmp_1 = BN_bin2bn(ecdsa%d_p, sizeof(ecdsa%d_p), NULL);\n", bits_p, bits_p); - printf("\ttmp_2 = BN_bin2bn(ecdsa%d_a, sizeof(ecdsa%d_a), NULL);\n", bits_p, bits_p); - printf("\ttmp_3 = BN_bin2bn(ecdsa%d_b, sizeof(ecdsa%d_b), NULL);\n", bits_p, bits_p); - printf("\tecdsa->group = EC_GROUP_new_curve_GFp(tmp_1, tmp_2, tmp_3, NULL);\n\n"); + printf("\tif ((tmp_1 = BN_bin2bn(ecdsa%d_p, sizeof(ecdsa%d_p), NULL)) == NULL) goto err;\n", bits_p, bits_p); + printf("\tif ((tmp_2 = BN_bin2bn(ecdsa%d_a, sizeof(ecdsa%d_a), NULL)) == NULL) goto err;\n", bits_p, bits_p); + printf("\tif ((tmp_3 = BN_bin2bn(ecdsa%d_b, sizeof(ecdsa%d_b), NULL)) == NULL) goto err;\n", bits_p, bits_p); + printf("\tif ((ecdsa->group = EC_GROUP_new_curve_GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL) goto err;\n\n"); printf("\t/* build generator */\n"); - printf("\tBN_bin2bn(ecdsa%d_x, sizeof(ecdsa%d_x), tmp_1);\n", bits_p, bits_p); - printf("\tBN_bin2bn(ecdsa%d_y, sizeof(ecdsa%d_y), tmp_2);\n", bits_p, bits_p); - printf("\tif ((point = EC_POINT_new(ecdsa->group)) == NULL)\n"); - printf("\t\t{\n\t\tECDSA_free(ecdsa); BN_free(tmp_1); BN_free(tmp_2); BN_free(tmp_3);\n"); - printf("\t\treturn(NULL);\n\t\t}\n"); - printf("\tEC_POINT_set_affine_coordinates_GFp(ecdsa->group, point, tmp_1, tmp_2, NULL);\n"); + printf("\tif (!BN_bin2bn(ecdsa%d_x, sizeof(ecdsa%d_x), tmp_1)) goto err;\n", bits_p, bits_p); + printf("\tif (!BN_bin2bn(ecdsa%d_y, sizeof(ecdsa%d_y), tmp_2)) goto err;\n", bits_p, bits_p); + printf("\tif ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err;\n"); + printf("\tif (!EC_POINT_set_affine_coordinates_GFp(ecdsa->group, point, tmp_1, tmp_2, NULL)) goto err;\n"); printf("\t/* set generator, order and cofactor */\n"); - printf("\tBN_bin2bn(ecdsa%d_o, sizeof(ecdsa%d_o), tmp_1);\n", bits_p, bits_p); - printf("\tBN_bin2bn(ecdsa%d_c, sizeof(ecdsa%d_c), tmp_2);\n", bits_p, bits_p); - printf("\tEC_GROUP_set_generator(ecdsa->group, point, tmp_1, tmp_2);\n"); - printf("\tBN_free(tmp_1); BN_free(tmp_2); BN_free(tmp_3);\n"); - printf("\tEC_POINT_free(point);\n\n"); + printf("\tif (!BN_bin2bn(ecdsa%d_o, sizeof(ecdsa%d_o), tmp_1)) goto err;\n", bits_p, bits_p); + printf("\tif (!BN_bin2bn(ecdsa%d_c, sizeof(ecdsa%d_c), tmp_2)) goto err;\n", bits_p, bits_p); + printf("\tif (!EC_GROUP_set_generator(ecdsa->group, point, tmp_1, tmp_2)) goto err;\n"); + printf("\n\tok=1;\n"); + printf("err:\n"); + printf("\tif (tmp_1) BN_free(tmp_1);\n"); + printf("\tif (tmp_2) BN_free(tmp_2);\n"); + printf("\tif (tmp_3) BN_free(tmp_3);\n"); + printf("\tif (point) EC_POINT_free(point);\n"); + printf("\tif (!ok)\n"); + printf("\t\t{\n"); + printf("\t\tECDSA_free(ecdsa);\n"); + printf("\t\tecdsa = NULL;\n"); + printf("\t\t}\n"); printf("\treturn(ecdsa);\n\t}\n"); } diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index ff644450a4..f169e26252 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -519,7 +519,8 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x) unsigned char *buffer=NULL; int buf_len; int reason=ERR_R_EC_LIB, i, ret=0; - BIGNUM *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL, *tmp_4=NULL; + BIGNUM *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL, *tmp_4=NULL, + *tmp_5=NULL, *tmp_6=NULL; BN_CTX *ctx=NULL; EC_POINT *point=NULL; @@ -530,13 +531,16 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x) goto err; } if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL || - (tmp_3 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL) + (tmp_3 = BN_new()) == NULL || (tmp_5 = BN_new()) == NULL || + (tmp_6 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL) { reason = ERR_R_MALLOC_FAILURE; goto err; } if (!EC_GROUP_get_curve_GFp(x->group, tmp_1, tmp_2, tmp_3, ctx)) goto err; if ((point = EC_GROUP_get0_generator(x->group)) == NULL) goto err; + if (!EC_GROUP_get_order(x->group, tmp_5, ctx)) goto err; + if (!EC_GROUP_get_cofactor(x->group, tmp_6, ctx)) goto err; buf_len = EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) { @@ -565,13 +569,17 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x) if (!print(bp, "Prime p:", tmp_1, buffer, 4)) goto err; if (!print(bp, "Curve a:", tmp_2, buffer, 4)) goto err; if (!print(bp, "Curve b:", tmp_3, buffer, 4)) goto err; - if (!print(bp, "Generator ( compressed ) :", tmp_4, buffer, 4)) goto err; + if (!print(bp, "Generator (compressed):", tmp_4, buffer, 4)) goto err; + if (!print(bp, "Order:", tmp_5, buffer, 4)) goto err; + if (!print(bp, "Cofactor:", tmp_6, buffer, 4)) goto err; ret=1; err: if (tmp_1) BN_free(tmp_1); if (tmp_2) BN_free(tmp_2); if (tmp_3) BN_free(tmp_3); if (tmp_4) BN_free(tmp_4); + if (tmp_5) BN_free(tmp_5); + if (tmp_6) BN_free(tmp_6); if (ctx) BN_CTX_free(ctx); if (buffer) OPENSSL_free(buffer); ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT, reason); diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index 518cbfbc78..8e1f038c3d 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -153,7 +153,7 @@ "D6031998D1B3BBFEBF59CC9BBFF9AEE1",\ "5EEEFCA380D02919DC2C6558BB6D8A5D",\ "7B6AA5D85E572983E6FB32A7CDEBC140",0,\ - "3FFFFFFF 7FFFFFFF BE002472 0613B5A3",4 + "3FFFFFFF7FFFFFFFBE0024720613B5A3",4 #define _EC_GROUP_SECG_PRIME_160K1 \ "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",\ "0",\