From d0561b5c2da1404f542743054c2fa45affce7042 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Bodo=20M=C3=B6ller?= Date: Tue, 9 Apr 2002 12:01:21 +0000 Subject: [PATCH] fix ECDSA handling Submitted by: Nils Larsch --- crypto/asn1/d2i_pu.c | 2 +- crypto/asn1/i2d_pu.c | 2 +- crypto/asn1/t_pkey.c | 27 ++++++--- crypto/asn1/x_pubkey.c | 2 - crypto/ecdsa/ecdsa.h | 21 ++++++- crypto/ecdsa/ecdsatest.c | 17 ------ crypto/ecdsa/ecs_asn1.c | 125 +++++++++++++-------------------------- crypto/ecdsa/ecs_lib.c | 24 +++++++- crypto/ecdsa/ecs_locl.h | 1 - crypto/evp/evp_pkey.c | 4 +- 10 files changed, 105 insertions(+), 120 deletions(-) diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 81b5d0f820..f66d72fd7b 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -113,7 +113,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, #endif #ifndef OPENSSL_NO_ECDSA case EVP_PKEY_ECDSA: - if ((ret->pkey.ecdsa = d2i_ECDSAPublicKey(&(ret->pkey.ecdsa), + if ((ret->pkey.ecdsa = ECDSAPublicKey_set_octet_string(&(ret->pkey.ecdsa), (const unsigned char **)pp, length)) == NULL) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c index 2607734ebc..2fcc5554a7 100644 --- a/crypto/asn1/i2d_pu.c +++ b/crypto/asn1/i2d_pu.c @@ -85,7 +85,7 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) #endif #ifndef OPENSSL_NO_ECDSA case EVP_PKEY_ECDSA: - return(i2d_ECDSAPublicKey(a->pkey.ecdsa, pp)); + return(ECDSAPublicKey_get_octet_string(a->pkey.ecdsa, pp)); #endif default: ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index f169e26252..1b29fdc4a8 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -237,7 +237,8 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) unsigned char *buffer=NULL; int i, buf_len=0, ret=0, reason=ERR_R_BIO_LIB; BIGNUM *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL, - *tmp_4=NULL, *tmp_5=NULL; + *tmp_4=NULL, *tmp_5=NULL, *tmp_6=NULL, + *tmp_7=NULL; BN_CTX *ctx=NULL; EC_POINT *point=NULL; @@ -249,7 +250,8 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) goto err; } if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL || - (tmp_3 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL) + (tmp_3 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL || + (tmp_6 = BN_new()) == NULL || (tmp_7 = BN_new()) == NULL) { reason = ERR_R_MALLOC_FAILURE; goto err; @@ -264,7 +266,12 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) reason = ERR_R_EC_LIB; goto err; } - if ((buf_len = EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx)) == 0) + if (!EC_GROUP_get_order(x->group, tmp_6, NULL) || !EC_GROUP_get_cofactor(x->group, tmp_7, NULL)) + { + reason = ERR_R_EC_LIB; + goto err; + } + if ((buf_len = EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), NULL, 0, ctx)) == 0) { reason = ECDSA_R_UNEXPECTED_PARAMETER_LENGTH; goto err; @@ -274,14 +281,14 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) reason = ERR_R_MALLOC_FAILURE; goto err; } - if (!EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, + if (!EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), buffer, buf_len, ctx)) goto err; if ((tmp_4 = BN_bin2bn(buffer, buf_len, NULL)) == NULL) { reason = ERR_R_BN_LIB; goto err; } - if ((i = EC_POINT_point2oct(x->group, x->pub_key, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx)) == 0) + if ((i = EC_POINT_point2oct(x->group, x->pub_key, ECDSA_get_conversion_form(x), NULL, 0, ctx)) == 0) { reason = ECDSA_R_UNEXPECTED_PARAMETER_LENGTH; goto err; @@ -292,7 +299,7 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) buf_len = i; goto err; } - if (!EC_POINT_point2oct(x->group, x->pub_key, POINT_CONVERSION_COMPRESSED, + if (!EC_POINT_point2oct(x->group, x->pub_key, ECDSA_get_conversion_form(x), buffer, buf_len, ctx)) { reason = ERR_R_EC_LIB; @@ -330,6 +337,8 @@ int ECDSA_print(BIO *bp, const ECDSA *x, int off) if ((tmp_2 != NULL) && !print(bp, "A: ", tmp_2, buffer, off)) goto err; if ((tmp_3 != NULL) && !print(bp, "B: ", tmp_3, buffer, off)) goto err; if ((tmp_4 != NULL) && !print(bp, "Gen: ", tmp_4, buffer, off)) goto err; + if ((tmp_6 != NULL) && !print(bp, "Order: ", tmp_6, buffer, off)) goto err; + if ((tmp_7 != NULL) && !print(bp, "Cofactor: ", tmp_7, buffer, off)) goto err; ret=1; err: if (!ret) @@ -339,6 +348,8 @@ err: if (tmp_3) BN_free(tmp_3); if (tmp_4) BN_free(tmp_4); if (tmp_5) BN_free(tmp_5); + if (tmp_6) BN_free(tmp_6); + if (tmp_7) BN_free(tmp_7); if (ctx) BN_CTX_free(ctx); if (buffer != NULL) OPENSSL_free(buffer); return(ret); @@ -541,13 +552,13 @@ int ECDSAParameters_print(BIO *bp, const ECDSA *x) if ((point = EC_GROUP_get0_generator(x->group)) == NULL) goto err; if (!EC_GROUP_get_order(x->group, tmp_5, ctx)) goto err; if (!EC_GROUP_get_cofactor(x->group, tmp_6, ctx)) goto err; - buf_len = EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, NULL, 0, ctx); + buf_len = EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), NULL, 0, ctx); if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) { reason = ERR_R_MALLOC_FAILURE; goto err; } - if (!EC_POINT_point2oct(x->group, point, POINT_CONVERSION_COMPRESSED, buffer, buf_len, ctx)) + if (!EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), buffer, buf_len, ctx)) { reason = ERR_R_EC_LIB; goto err; diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index f6f2a0daca..9fea31a8a5 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -136,7 +136,6 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) ECDSA *ecdsa; ecdsa = pkey->pkey.ecdsa; - ecdsa->write_params=0; ASN1_TYPE_free(a->parameter); if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0) { @@ -272,7 +271,6 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); goto err; } - ret->pkey.ecdsa->write_params = 0; cp = p = a->parameter->value.sequence->data; j = a->parameter->value.sequence->length; if (!d2i_ECDSAParameters(&ret->pkey.ecdsa, &cp, (long)j)) diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 5250e15fee..9b2a17f02d 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -99,7 +99,7 @@ typedef struct ecdsa_method struct ecdsa_st { int version; - int write_params; + point_conversion_form_t conversion_form; EC_GROUP *group; @@ -164,6 +164,15 @@ int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off); void ECDSA_set_parameter_flags(ECDSA *, int); int ECDSA_get_parameter_flags(const ECDSA*); +/* The ECDSA_{set|get}_conversion_type() functions set/get the + * conversion form for ec-points (see ec.h) in a ECDSA-structure */ +void ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t); +point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *); +/* The ECDSA_{set|get}_default_conversion_form() functions set/get the + * default conversion form */ +void ECDSA_set_default_conversion_form(const point_conversion_form_t); +point_conversion_form_t ECDSA_get_default_conversion_form(void); + /* the basic de- and encode functions ( see ecs_asn1.c ) */ ECDSA *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len); int i2d_ECDSAParameters(ECDSA *a, unsigned char **out); @@ -171,8 +180,14 @@ int i2d_ECDSAParameters(ECDSA *a, unsigned char **out); ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len); int i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out); -ECDSA *d2i_ECDSAPublicKey(ECDSA **a, const unsigned char **in, long len); -int i2d_ECDSAPublicKey(ECDSA *a, unsigned char **out); +/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure. + * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero + * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */ +ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len); +/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding + * of the public key. If out != NULL then the function returns in *out + * a pointer to the octet string */ +int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out); #define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \ diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index 18b0ce18b3..cffc194928 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -390,23 +390,6 @@ int main(void) OPENSSL_free(buffer); buffer = NULL; - /* i2d_ - d2i_ECDSAPublicKey() */ - - BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPublicKey \n"); - buf_len = i2d_ECDSAPublicKey(ecdsa, NULL); - if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err; - pp = buffer; - if (!i2d_ECDSAPublicKey(ecdsa, &pp)) goto err; - pp = buffer; - if ((ret_ecdsa = d2i_ECDSAPublicKey(&ret_ecdsa , (const unsigned char**)&pp, - buf_len)) == NULL) goto err; - ECDSA_print(bio_err, ret_ecdsa, 0); - if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err; - OPENSSL_free(buffer); - buffer = NULL; - ECDSA_free(ret_ecdsa); - ret_ecdsa = NULL; - /* X509_PUBKEY_set() & X509_PUBKEY_get() */ BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set} : "); diff --git a/crypto/ecdsa/ecs_asn1.c b/crypto/ecdsa/ecs_asn1.c index 8c47a14da6..30e8bfb340 100644 --- a/crypto/ecdsa/ecs_asn1.c +++ b/crypto/ecdsa/ecs_asn1.c @@ -59,8 +59,6 @@ #include #include -static point_conversion_form_t POINT_CONVERSION_FORM = POINT_CONVERSION_COMPRESSED; - ASN1_SEQUENCE(ECDSA_SIG) = { ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM), ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM) @@ -122,19 +120,6 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPrivateKey) IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(ECDSAPrivateKey, ECDSAPrivateKey, ECDSAPrivateKey) IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPrivateKey, ecdsaPrivateKey) -ASN1_SEQUENCE(ecdsa_pub_internal) = { - ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING), - ASN1_SIMPLE(ECDSAPrivateKey, parameters, EC_PARAMETERS), -} ASN1_SEQUENCE_END_name(ECDSAPrivateKey, ecdsa_pub_internal) - -ASN1_CHOICE(ECDSAPublicKey) = { - ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING), - ASN1_EX_COMBINE(0, 0, ecdsa_pub_internal) -} ASN1_CHOICE_END_selector(ECDSAPrivateKey, ECDSAPublicKey, write_params) - -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPublicKey) -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPublicKey, ecdsaPublicKey) - X9_62_FIELDID *ECDSA_get_X9_62_FIELDID(const ECDSA *ecdsa, X9_62_FIELDID *field) { @@ -583,7 +568,6 @@ ECDSA *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len) if ((ret = ECDSA_ecparameters2ecdsa(priv_key->parameters, NULL)) == NULL) OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_FAILURE) ret->version = priv_key->version; - ret->write_params = priv_key->write_params; if (priv_key->priv_key) { if ((ret->priv_key = BN_dup(priv_key->priv_key)) == NULL) @@ -641,85 +625,58 @@ err: if (!ok) } -ECDSA *d2i_ECDSAPublicKey(ECDSA **a, const unsigned char **in, long len) +ECDSA *ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len) { - int reason=ERR_R_BN_LIB, ok=0, ecdsa_new=1; ECDSA *ret=NULL; - ECDSAPrivateKey *priv_key=NULL; - if (a && *a) + if (a == NULL || (*a) == NULL || (*a)->group == NULL) { - ecdsa_new = 0; - ret = *a; + /* sorry, but a EC_GROUP-structur is necessary + * to set the public key */ + ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ECDSA_R_MISSING_PARAMETERS); + return 0; } - else if ((ret = ECDSA_new()) == NULL) - OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE); - if ((priv_key = ECDSAPrivateKey_new()) == NULL) - OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE) - if ((priv_key = d2i_ecdsaPublicKey(&priv_key, in, len)) == NULL) - OPENSSL_ECDSA_ABORT(ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE) - if (priv_key->write_params == 0) + ret = *a; + if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { - if (ecdsa_new || !ret->group) - OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS) - if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) - OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE) - if (!EC_POINT_oct2point(ret->group, ret->pub_key, priv_key->pub_key->data, - priv_key->pub_key->length, NULL)) - OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB) - } - else if (priv_key->write_params == 1) - { - if ((ret = ECDSA_ecparameters2ecdsa(priv_key->parameters, ret)) == NULL) - OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_FAILURE) - if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) - OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB) - if (!EC_POINT_oct2point(ret->group, ret->pub_key, priv_key->pub_key->data, - priv_key->pub_key->length, NULL)) - OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB) - } - else OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_PARAMETER) - ret->write_params = 1; - ok = 1; -err : if (!ok) + ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE); + return 0; + } + if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL)) { - if (ret && ecdsa_new) ECDSA_free(ret); - ret = NULL; - ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, reason); + ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB); + return 0; } - if (priv_key) ECDSAPrivateKey_free(priv_key); - return(ret); + ECDSA_set_conversion_form(ret, (point_conversion_form_t)*in[0]); + return ret; } -int i2d_ECDSAPublicKey(ECDSA *a, unsigned char **out) +int ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out) { - int ret=0, reason=ERR_R_EC_LIB, ok=0; - unsigned char *buffer=NULL; - size_t buf_len=0; - ECDSAPrivateKey *priv_key=NULL; + size_t buf_len=0; if (a == NULL) - OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS) - if ((priv_key = ECDSAPrivateKey_new()) == NULL) - OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE) - if ((priv_key->parameters = ECDSA_get_EC_PARAMETERS(a, priv_key->parameters)) == NULL) - OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE) - priv_key->version = a->version; - priv_key->write_params = a->write_params; - buf_len = EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_FORM, NULL, 0, NULL); - if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) - OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE) - if (!EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_FORM, - buffer, buf_len, NULL)) goto err; - if (!M_ASN1_OCTET_STRING_set(priv_key->pub_key, buffer, buf_len)) - OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB) - if ((ret = i2d_ecdsaPublicKey(priv_key, out)) == 0) - OPENSSL_ECDSA_ABORT(ECDSA_R_I2D_ECDSA_PUBLICKEY) - ok = 1; - -err: if (!ok) - ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, reason); - if (buffer) OPENSSL_free(buffer); - if (priv_key) ECDSAPrivateKey_free(priv_key); - return(ok?ret:0); + { + ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ECDSA_R_MISSING_PARAMETERS); + return 0; + } + buf_len = EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a), NULL, 0, NULL); + if (out == NULL || buf_len == 0) + /* out == NULL => just return the length of the octet string */ + return buf_len; + if (*out == NULL) + if ((*out = OPENSSL_malloc(buf_len)) == NULL) + { + ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_MALLOC_FAILURE); + return 0; + } + if (!EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a), + *out, buf_len, NULL)) + { + ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_EC_LIB); + OPENSSL_free(*out); + *out = NULL; + return 0; + } + return buf_len; } diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index b161b6c2d2..7063d8a18f 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -177,7 +177,7 @@ ECDSA *ECDSA_new_method(ENGINE *engine) } ret->version = 1; - ret->write_params=1; + ret->conversion_form = ECDSA_get_default_conversion_form(); ret->group = NULL; ret->pub_key = NULL; @@ -310,3 +310,25 @@ int ECDSA_get_parameter_flags(const ECDSA *ecdsa) { return ecdsa->parameter_flags; } + +void ECDSA_set_conversion_form(ECDSA *ecdsa, const point_conversion_form_t form) +{ + if (ecdsa) ecdsa->conversion_form = form; +} + +point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *ecdsa) +{ + return ecdsa ? ecdsa->conversion_form : 0; +} + +static point_conversion_form_t default_conversion_form = POINT_CONVERSION_COMPRESSED; + +void ECDSA_set_default_conversion_form(const point_conversion_form_t form) +{ + default_conversion_form = form; +} + +point_conversion_form_t ECDSA_get_default_conversion_form(void) +{ + return default_conversion_form; +} diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h index 61b63668ca..3c353049e4 100644 --- a/crypto/ecdsa/ecs_locl.h +++ b/crypto/ecdsa/ecs_locl.h @@ -96,7 +96,6 @@ typedef struct ec_parameters { typedef struct ecdsa_priv_key_st { int version; - int write_params; EC_PARAMETERS *parameters; ASN1_OBJECT *named_curve; ASN1_OCTET_STRING *pub_key; diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 3577837fa9..1772647b16 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -585,11 +585,11 @@ static int ecdsa_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB); return 0; } - len = EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, POINT_CONVERSION_COMPRESSED, + len = EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, ECDSA_get_conversion_form(pkey->pkey.ecdsa), NULL, 0, NULL); p = OPENSSL_malloc(len); if (!len || !p || !EC_POINT_point2oct(pkey->pkey.ecdsa->group, point, - POINT_CONVERSION_COMPRESSED, p, len, NULL)) + ECDSA_get_conversion_form(pkey->pkey.ecdsa), p, len, NULL)) { EVPerr(EVP_F_ECDSA_PKEY2PKCS8, ERR_R_EC_LIB); OPENSSL_free(p); -- 2.25.1