diff options
author | Adam Langley <agl@google.com> | 2015-05-12 19:09:47 -0700 |
---|---|---|
committer | Adam Langley <agl@google.com> | 2015-05-12 19:11:05 -0700 |
commit | 430091c556d1086167da3320cbb60aa0079486e7 (patch) | |
tree | 6c319a1d4273c8272838548f773b9201cdb0a522 /src | |
parent | 62d05888d1cf178d900b54e7e035928abea512b1 (diff) | |
download | external_boringssl-430091c556d1086167da3320cbb60aa0079486e7.zip external_boringssl-430091c556d1086167da3320cbb60aa0079486e7.tar.gz external_boringssl-430091c556d1086167da3320cbb60aa0079486e7.tar.bz2 |
external/boringssl: support arbitrary elliptic curve groups.
This change exposes the functions needed to support arbitrary elliptic
curve groups for Android.
Change-Id: I66a3662d393deadd718e43d91420fecf050502c2
Diffstat (limited to 'src')
-rw-r--r-- | src/crypto/ec/ec.c | 40 | ||||
-rw-r--r-- | src/crypto/err/ec.errordata | 2 | ||||
-rw-r--r-- | src/include/openssl/ec.h | 16 |
3 files changed, 54 insertions, 4 deletions
diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c index 5426b8f..5e30730 100644 --- a/src/crypto/ec/ec.c +++ b/src/crypto/ec/ec.c @@ -265,8 +265,8 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) { return ret; } -static EC_GROUP *ec_group_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) { +EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, + const BIGNUM *b, BN_CTX *ctx) { const EC_METHOD *meth = EC_GFp_mont_method(); EC_GROUP *ret; @@ -276,7 +276,7 @@ static EC_GROUP *ec_group_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, } if (ret->meth->group_set_curve == 0) { - OPENSSL_PUT_ERROR(EC, ec_group_new_curve_GFp, + OPENSSL_PUT_ERROR(EC, EC_GROUP_new_curve_GFp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -287,6 +287,38 @@ static EC_GROUP *ec_group_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, return ret; } +int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, + const BIGNUM *order, const BIGNUM *cofactor) { + if (group->generator == NULL) { + group->generator = EC_POINT_new(group); + if (group->generator == NULL) { + return 0; + } + } + + if (!EC_POINT_copy(group->generator, generator)) { + return 0; + } + + if (order != NULL) { + if (!BN_copy(&group->order, order)) { + return 0; + } + } else { + BN_zero(&group->order); + } + + if (cofactor != NULL) { + if (!BN_copy(&group->cofactor, cofactor)) { + return 0; + } + } else { + BN_zero(&group->cofactor); + } + + return 1; +} + static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { EC_GROUP *group = NULL; EC_POINT *P = NULL; @@ -322,7 +354,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { goto err; } } else { - if ((group = ec_group_new_curve_GFp(p, a, b, ctx)) == NULL) { + if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } diff --git a/src/crypto/err/ec.errordata b/src/crypto/err/ec.errordata index 3b815c8..252f7ab 100644 --- a/src/crypto/err/ec.errordata +++ b/src/crypto/err/ec.errordata @@ -3,9 +3,11 @@ EC,function,100,EC_GROUP_copy EC,function,101,EC_GROUP_get_curve_GFp EC,function,102,EC_GROUP_get_degree EC,function,103,EC_GROUP_new_by_curve_name +EC,function,166,EC_GROUP_new_curve_GFp EC,function,104,EC_KEY_check_key EC,function,105,EC_KEY_copy EC,function,106,EC_KEY_generate_key +EC,function,165,EC_KEY_new_by_curve_name EC,function,107,EC_KEY_new_method EC,function,108,EC_KEY_set_public_key_affine_coordinates EC,function,109,EC_POINT_add diff --git a/src/include/openssl/ec.h b/src/include/openssl/ec.h index 633b11b..617cb19 100644 --- a/src/include/openssl/ec.h +++ b/src/include/openssl/ec.h @@ -286,6 +286,21 @@ OPENSSL_EXPORT int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, /* Deprecated functions. */ +/* EC_GROUP_new_curve_GFp creates a new, arbitrary elliptic curve group based + * on the equation y² = x³ + a·x + b. It returns the new group or NULL on + * error. */ +OPENSSL_EXPORT EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, + const BIGNUM *a, + const BIGNUM *b, BN_CTX *ctx); + +/* EC_GROUP_set_generator sets the generator for |group| to |generator|, which + * must have the given order and cofactor. This should only be used with + * |EC_GROUP| objects returned by |EC_GROUP_new_curve_GFp|. */ +OPENSSL_EXPORT int EC_GROUP_set_generator(EC_GROUP *group, + const EC_POINT *generator, + const BIGNUM *order, + const BIGNUM *cofactor); + /* EC_GROUP_set_asn1_flag does nothing. */ OPENSSL_EXPORT void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); @@ -381,6 +396,7 @@ OPENSSL_EXPORT void EC_GROUP_set_point_conversion_form( #define EC_F_ec_group_copy 163 #define EC_F_nistp256_pre_comp_new 164 #define EC_F_EC_KEY_new_by_curve_name 165 +#define EC_F_EC_GROUP_new_curve_GFp 166 #define EC_R_BUFFER_TOO_SMALL 100 #define EC_R_COORDINATES_OUT_OF_RANGE 101 #define EC_R_D2I_ECPKPARAMETERS_FAILURE 102 |