[openssl-dev] [openssl.org #3676] [PATCH] Export ASN1 templates for DH and ECDH groups
Dr. Matthias St. Pierre via RT
rt at openssl.org
Wed Jan 28 09:42:02 UTC 2015
Add missing forward declarations and export declarations for DHparams
and EC[PK]PARAMETERS.
Add public functions to convert between EC_GROUP objects and EC[PK]PARAMETERS
objects: EC_GROUP_new_from_ec[pk]parameters(), EC_GROUP_get_ec[pk]parameters().
Signed-off-by: Dr. Matthias St. Pierre <msp at ncp-e.com>
---
crypto/ec/ec.h | 38 ++++++++++++++++++++++++++++++++++++++
crypto/ec/ec_asn1.c | 30 ++++++++++++++++++++++++++----
util/libeay.num | 10 ++++++++++
3 files changed, 74 insertions(+), 4 deletions(-)
This patch makes the ASN1 templates used internally by OpenSSL for
serializing DH and ECDH group parameters publicly available for reuse.
For example, if one wants to save a set of [EC]DH Groups together with
application defined data (like, group-name, group-id) to a file, it is
much easier to define a small set of ASN1 rules extending the existing
ones and let OpenSSL do the serialization, than having to fiddle around
with i2d_DHparams(), i2d_ECParameters(), etc., to embed the curve data
as a blob into an opaque ASN1 octet string.
diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h
index 98edfdf..97ccee8 100644
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -128,6 +128,9 @@ typedef struct ec_group_st
typedef struct ec_point_st EC_POINT;
+typedef struct ecpk_parameters_st ECPKPARAMETERS;
+typedef struct ec_parameters_st ECPARAMETERS;
+
/********************************************************************/
/* EC_METHODs for curves over GF(p) */
/********************************************************************/
@@ -393,6 +396,38 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
*/
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
+/** Creates a new EC_GROUP object from an ECPARAMETERS object
+ * \param params pointer to the ECPARAMETERS object
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params);
+
+/** Creates an ECPARAMETERS object for the the given EC_GROUP object.
+ * \param group pointer to the EC_GROUP object
+ * \param params pointer to an existing ECPARAMETERS object or NULL
+ * \return pointer to the new ECPARAMETERS object or NULL
+ * if an error occurred.
+ */
+ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
+ ECPARAMETERS *params);
+
+/** Creates a new EC_GROUP object from an ECPKPARAMETERS object
+ * \param params pointer to an existing ECPKPARAMETERS object, or NULL
+ * \return newly created EC_GROUP object with specified curve, or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params);
+
+/** Creates an ECPKPARAMETERS object for the the given EC_GROUP object.
+ * \param group pointer to the EC_GROUP object
+ * \param params pointer to an existing ECPKPARAMETERS object or NULL
+ * \return pointer to the new ECPKPARAMETERS object or NULL
+ * if an error occurred.
+ */
+ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group,
+ ECPKPARAMETERS *params);
+
/********************************************************************/
/* handling of internal curves */
/********************************************************************/
@@ -702,6 +737,9 @@ int EC_GROUP_have_precompute_mult(const EC_GROUP *group);
/* ASN1 stuff */
/********************************************************************/
+DECLARE_ASN1_ITEM(ECPKPARAMETERS)
+DECLARE_ASN1_ITEM(ECPARAMETERS)
+
/*
* EC_GROUP_get_basis_type() returns the NID of the basis type used to
* represent the field elements
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 2924374..d84c6d2 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -306,6 +306,28 @@ static EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *);
static ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *,
ECPKPARAMETERS *);
+EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
+{
+ return ec_asn1_parameters2group(params);
+}
+
+ECPARAMETERS *EC_GROUP_get_ecparameters(const EC_GROUP *group,
+ ECPARAMETERS *params)
+{
+ return ec_asn1_group2parameters(group, params);
+}
+
+EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params)
+{
+ return ec_asn1_pkparameters2group(params);
+}
+
+ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group,
+ ECPKPARAMETERS *params)
+{
+ return ec_asn1_group2pkparameters(group, params);
+}
+
/* the function definitions */
static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
@@ -540,7 +562,7 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
}
static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
- ECPARAMETERS *param)
+ ECPARAMETERS *params)
{
int ok = 0;
size_t len = 0;
@@ -555,13 +577,13 @@ static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
goto err;
}
- if (param == NULL) {
+ if (params == NULL) {
if ((ret = ECPARAMETERS_new()) == NULL) {
ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
goto err;
}
} else
- ret = param;
+ ret = params;
/* set the version (always one) */
ret->version = (long)0x1;
@@ -631,7 +653,7 @@ static ECPARAMETERS *ec_asn1_group2parameters(const EC_GROUP *group,
ok = 1;
err:if (!ok) {
- if (ret && !param)
+ if (ret && !params)
ECPARAMETERS_free(ret);
ret = NULL;
}
diff --git a/util/libeay.num b/util/libeay.num
index 4a11d78..bf0adc5 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4412,3 +4412,13 @@ ECDSA_METHOD_get_app_data 4770 EXIST::FUNCTION:ECDSA
X509_VERIFY_PARAM_add1_host 4771 EXIST::FUNCTION:
EC_GROUP_get_mont_data 4772 EXIST::FUNCTION:EC
i2d_re_X509_tbs 4773 EXIST::FUNCTION:
+DHparams_it 4774 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:DH
+DHparams_it 4774 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:DH
+ECPARAMETERS_it 4775 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:EC
+ECPARAMETERS_it 4775 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:EC
+ECPKPARAMETERS_it 4776 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:EC
+ECPKPARAMETERS_it 4776 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:EC
+EC_GROUP_new_from_ecparameters 4777 EXIST::FUNCTION:EC
+EC_GROUP_get_ecparameters 4778 EXIST::FUNCTION:EC
+EC_GROUP_new_from_ecpkparameters 4779 EXIST::FUNCTION:EC
+EC_GROUP_get_ecpkparameters 4780 EXIST::FUNCTION:EC
--
2.0.5
More information about the openssl-dev
mailing list