2
0

ec_ameth.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660
  1. /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  2. * project 2006.
  3. */
  4. /* ====================================================================
  5. * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
  6. *
  7. * Redistribution and use in source and binary forms, with or without
  8. * modification, are permitted provided that the following conditions
  9. * are met:
  10. *
  11. * 1. Redistributions of source code must retain the above copyright
  12. * notice, this list of conditions and the following disclaimer.
  13. *
  14. * 2. Redistributions in binary form must reproduce the above copyright
  15. * notice, this list of conditions and the following disclaimer in
  16. * the documentation and/or other materials provided with the
  17. * distribution.
  18. *
  19. * 3. All advertising materials mentioning features or use of this
  20. * software must display the following acknowledgment:
  21. * "This product includes software developed by the OpenSSL Project
  22. * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  23. *
  24. * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  25. * endorse or promote products derived from this software without
  26. * prior written permission. For written permission, please contact
  27. * licensing@OpenSSL.org.
  28. *
  29. * 5. Products derived from this software may not be called "OpenSSL"
  30. * nor may "OpenSSL" appear in their names without prior written
  31. * permission of the OpenSSL Project.
  32. *
  33. * 6. Redistributions of any form whatsoever must retain the following
  34. * acknowledgment:
  35. * "This product includes software developed by the OpenSSL Project
  36. * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  37. *
  38. * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  39. * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  40. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  41. * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
  42. * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  43. * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  44. * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  45. * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  46. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  47. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  48. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  49. * OF THE POSSIBILITY OF SUCH DAMAGE.
  50. * ====================================================================
  51. *
  52. * This product includes cryptographic software written by Eric Young
  53. * (eay@cryptsoft.com). This product includes software written by Tim
  54. * Hudson (tjh@cryptsoft.com).
  55. *
  56. */
  57. #include <stdio.h>
  58. #include "cryptlib.h"
  59. #include <openssl/x509.h>
  60. #include <openssl/ec.h>
  61. #include <openssl/bn.h>
  62. #ifndef OPENSSL_NO_CMS
  63. #include <openssl/cms.h>
  64. #endif
  65. #include "asn1_locl.h"
  66. static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key)
  67. {
  68. const EC_GROUP *group;
  69. int nid;
  70. if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL)
  71. {
  72. ECerr(EC_F_ECKEY_PARAM2TYPE, EC_R_MISSING_PARAMETERS);
  73. return 0;
  74. }
  75. if (EC_GROUP_get_asn1_flag(group)
  76. && (nid = EC_GROUP_get_curve_name(group)))
  77. /* we have a 'named curve' => just set the OID */
  78. {
  79. *ppval = OBJ_nid2obj(nid);
  80. *pptype = V_ASN1_OBJECT;
  81. }
  82. else /* explicit parameters */
  83. {
  84. ASN1_STRING *pstr = NULL;
  85. pstr = ASN1_STRING_new();
  86. if (!pstr)
  87. return 0;
  88. pstr->length = i2d_ECParameters(ec_key, &pstr->data);
  89. if (pstr->length < 0)
  90. {
  91. ASN1_STRING_free(pstr);
  92. ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);
  93. return 0;
  94. }
  95. *ppval = pstr;
  96. *pptype = V_ASN1_SEQUENCE;
  97. }
  98. return 1;
  99. }
  100. static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey)
  101. {
  102. EC_KEY *ec_key = pkey->pkey.ec;
  103. void *pval = NULL;
  104. int ptype;
  105. unsigned char *penc = NULL, *p;
  106. int penclen;
  107. if (!eckey_param2type(&ptype, &pval, ec_key))
  108. {
  109. ECerr(EC_F_ECKEY_PUB_ENCODE, ERR_R_EC_LIB);
  110. return 0;
  111. }
  112. penclen = i2o_ECPublicKey(ec_key, NULL);
  113. if (penclen <= 0)
  114. goto err;
  115. penc = OPENSSL_malloc(penclen);
  116. if (!penc)
  117. goto err;
  118. p = penc;
  119. penclen = i2o_ECPublicKey(ec_key, &p);
  120. if (penclen <= 0)
  121. goto err;
  122. if (X509_PUBKEY_set0_param(pk, OBJ_nid2obj(EVP_PKEY_EC),
  123. ptype, pval, penc, penclen))
  124. return 1;
  125. err:
  126. if (ptype == V_ASN1_OBJECT)
  127. ASN1_OBJECT_free(pval);
  128. else
  129. ASN1_STRING_free(pval);
  130. if (penc)
  131. OPENSSL_free(penc);
  132. return 0;
  133. }
  134. static EC_KEY *eckey_type2param(int ptype, void *pval)
  135. {
  136. EC_KEY *eckey = NULL;
  137. if (ptype == V_ASN1_SEQUENCE)
  138. {
  139. ASN1_STRING *pstr = pval;
  140. const unsigned char *pm = NULL;
  141. int pmlen;
  142. pm = pstr->data;
  143. pmlen = pstr->length;
  144. if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen)))
  145. {
  146. ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
  147. goto ecerr;
  148. }
  149. }
  150. else if (ptype == V_ASN1_OBJECT)
  151. {
  152. ASN1_OBJECT *poid = pval;
  153. EC_GROUP *group;
  154. /* type == V_ASN1_OBJECT => the parameters are given
  155. * by an asn1 OID
  156. */
  157. if ((eckey = EC_KEY_new()) == NULL)
  158. {
  159. ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
  160. goto ecerr;
  161. }
  162. group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(poid));
  163. if (group == NULL)
  164. goto ecerr;
  165. EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
  166. if (EC_KEY_set_group(eckey, group) == 0)
  167. goto ecerr;
  168. EC_GROUP_free(group);
  169. }
  170. else
  171. {
  172. ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR);
  173. goto ecerr;
  174. }
  175. return eckey;
  176. ecerr:
  177. if (eckey)
  178. EC_KEY_free(eckey);
  179. return NULL;
  180. }
  181. static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
  182. {
  183. const unsigned char *p = NULL;
  184. void *pval;
  185. int ptype, pklen;
  186. EC_KEY *eckey = NULL;
  187. X509_ALGOR *palg;
  188. if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey))
  189. return 0;
  190. X509_ALGOR_get0(NULL, &ptype, &pval, palg);
  191. eckey = eckey_type2param(ptype, pval);
  192. if (!eckey)
  193. {
  194. ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB);
  195. return 0;
  196. }
  197. /* We have parameters now set public key */
  198. if (!o2i_ECPublicKey(&eckey, &p, pklen))
  199. {
  200. ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR);
  201. goto ecerr;
  202. }
  203. EVP_PKEY_assign_EC_KEY(pkey, eckey);
  204. return 1;
  205. ecerr:
  206. if (eckey)
  207. EC_KEY_free(eckey);
  208. return 0;
  209. }
  210. static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
  211. {
  212. int r;
  213. const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec);
  214. const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec),
  215. *pb = EC_KEY_get0_public_key(b->pkey.ec);
  216. r = EC_POINT_cmp(group, pa, pb, NULL);
  217. if (r == 0)
  218. return 1;
  219. if (r == 1)
  220. return 0;
  221. return -2;
  222. }
  223. static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
  224. {
  225. const unsigned char *p = NULL;
  226. void *pval;
  227. int ptype, pklen;
  228. EC_KEY *eckey = NULL;
  229. X509_ALGOR *palg;
  230. if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8))
  231. return 0;
  232. X509_ALGOR_get0(NULL, &ptype, &pval, palg);
  233. eckey = eckey_type2param(ptype, pval);
  234. if (!eckey)
  235. goto ecliberr;
  236. /* We have parameters now set private key */
  237. if (!d2i_ECPrivateKey(&eckey, &p, pklen))
  238. {
  239. ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR);
  240. goto ecerr;
  241. }
  242. /* calculate public key (if necessary) */
  243. if (EC_KEY_get0_public_key(eckey) == NULL)
  244. {
  245. const BIGNUM *priv_key;
  246. const EC_GROUP *group;
  247. EC_POINT *pub_key;
  248. /* the public key was not included in the SEC1 private
  249. * key => calculate the public key */
  250. group = EC_KEY_get0_group(eckey);
  251. pub_key = EC_POINT_new(group);
  252. if (pub_key == NULL)
  253. {
  254. ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
  255. goto ecliberr;
  256. }
  257. if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group)))
  258. {
  259. EC_POINT_free(pub_key);
  260. ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
  261. goto ecliberr;
  262. }
  263. priv_key = EC_KEY_get0_private_key(eckey);
  264. if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL))
  265. {
  266. EC_POINT_free(pub_key);
  267. ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
  268. goto ecliberr;
  269. }
  270. if (EC_KEY_set_public_key(eckey, pub_key) == 0)
  271. {
  272. EC_POINT_free(pub_key);
  273. ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
  274. goto ecliberr;
  275. }
  276. EC_POINT_free(pub_key);
  277. }
  278. EVP_PKEY_assign_EC_KEY(pkey, eckey);
  279. return 1;
  280. ecliberr:
  281. ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB);
  282. ecerr:
  283. if (eckey)
  284. EC_KEY_free(eckey);
  285. return 0;
  286. }
  287. static int eckey_priv_encode(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pkey)
  288. {
  289. EC_KEY *ec_key;
  290. unsigned char *ep, *p;
  291. int eplen, ptype;
  292. void *pval;
  293. unsigned int tmp_flags, old_flags;
  294. ec_key = pkey->pkey.ec;
  295. if (!eckey_param2type(&ptype, &pval, ec_key))
  296. {
  297. ECerr(EC_F_ECKEY_PRIV_ENCODE, EC_R_DECODE_ERROR);
  298. return 0;
  299. }
  300. /* set the private key */
  301. /* do not include the parameters in the SEC1 private key
  302. * see PKCS#11 12.11 */
  303. old_flags = EC_KEY_get_enc_flags(ec_key);
  304. tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS;
  305. EC_KEY_set_enc_flags(ec_key, tmp_flags);
  306. eplen = i2d_ECPrivateKey(ec_key, NULL);
  307. if (!eplen)
  308. {
  309. EC_KEY_set_enc_flags(ec_key, old_flags);
  310. ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
  311. return 0;
  312. }
  313. ep = (unsigned char *) OPENSSL_malloc(eplen);
  314. if (!ep)
  315. {
  316. EC_KEY_set_enc_flags(ec_key, old_flags);
  317. ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_MALLOC_FAILURE);
  318. return 0;
  319. }
  320. p = ep;
  321. if (!i2d_ECPrivateKey(ec_key, &p))
  322. {
  323. EC_KEY_set_enc_flags(ec_key, old_flags);
  324. OPENSSL_free(ep);
  325. ECerr(EC_F_ECKEY_PRIV_ENCODE, ERR_R_EC_LIB);
  326. }
  327. /* restore old encoding flags */
  328. EC_KEY_set_enc_flags(ec_key, old_flags);
  329. if (!PKCS8_pkey_set0(p8, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), 0,
  330. ptype, pval, ep, eplen))
  331. return 0;
  332. return 1;
  333. }
  334. static int int_ec_size(const EVP_PKEY *pkey)
  335. {
  336. return ECDSA_size(pkey->pkey.ec);
  337. }
  338. static int ec_bits(const EVP_PKEY *pkey)
  339. {
  340. BIGNUM *order = BN_new();
  341. const EC_GROUP *group;
  342. int ret;
  343. if (!order)
  344. {
  345. ERR_clear_error();
  346. return 0;
  347. }
  348. group = EC_KEY_get0_group(pkey->pkey.ec);
  349. if (!EC_GROUP_get_order(group, order, NULL))
  350. {
  351. ERR_clear_error();
  352. return 0;
  353. }
  354. ret = BN_num_bits(order);
  355. BN_free(order);
  356. return ret;
  357. }
  358. static int ec_missing_parameters(const EVP_PKEY *pkey)
  359. {
  360. if (EC_KEY_get0_group(pkey->pkey.ec) == NULL)
  361. return 1;
  362. return 0;
  363. }
  364. static int ec_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from)
  365. {
  366. EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec));
  367. if (group == NULL)
  368. return 0;
  369. if (EC_KEY_set_group(to->pkey.ec, group) == 0)
  370. return 0;
  371. EC_GROUP_free(group);
  372. return 1;
  373. }
  374. static int ec_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
  375. {
  376. const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec),
  377. *group_b = EC_KEY_get0_group(b->pkey.ec);
  378. if (EC_GROUP_cmp(group_a, group_b, NULL))
  379. return 0;
  380. else
  381. return 1;
  382. }
  383. static void int_ec_free(EVP_PKEY *pkey)
  384. {
  385. EC_KEY_free(pkey->pkey.ec);
  386. }
  387. static int do_EC_KEY_print(BIO *bp, const EC_KEY *x, int off, int ktype)
  388. {
  389. unsigned char *buffer=NULL;
  390. const char *ecstr;
  391. size_t buf_len=0, i;
  392. int ret=0, reason=ERR_R_BIO_LIB;
  393. BIGNUM *pub_key=NULL, *order=NULL;
  394. BN_CTX *ctx=NULL;
  395. const EC_GROUP *group;
  396. const EC_POINT *public_key;
  397. const BIGNUM *priv_key;
  398. if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL)
  399. {
  400. reason = ERR_R_PASSED_NULL_PARAMETER;
  401. goto err;
  402. }
  403. ctx = BN_CTX_new();
  404. if (ctx == NULL)
  405. {
  406. reason = ERR_R_MALLOC_FAILURE;
  407. goto err;
  408. }
  409. if (ktype > 0)
  410. {
  411. public_key = EC_KEY_get0_public_key(x);
  412. if ((pub_key = EC_POINT_point2bn(group, public_key,
  413. EC_KEY_get_conv_form(x), NULL, ctx)) == NULL)
  414. {
  415. reason = ERR_R_EC_LIB;
  416. goto err;
  417. }
  418. if (pub_key)
  419. buf_len = (size_t)BN_num_bytes(pub_key);
  420. }
  421. if (ktype == 2)
  422. {
  423. priv_key = EC_KEY_get0_private_key(x);
  424. if (priv_key && (i = (size_t)BN_num_bytes(priv_key)) > buf_len)
  425. buf_len = i;
  426. }
  427. else
  428. priv_key = NULL;
  429. if (ktype > 0)
  430. {
  431. buf_len += 10;
  432. if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
  433. {
  434. reason = ERR_R_MALLOC_FAILURE;
  435. goto err;
  436. }
  437. }
  438. if (ktype == 2)
  439. ecstr = "Private-Key";
  440. else if (ktype == 1)
  441. ecstr = "Public-Key";
  442. else
  443. ecstr = "ECDSA-Parameters";
  444. if (!BIO_indent(bp, off, 128))
  445. goto err;
  446. if ((order = BN_new()) == NULL)
  447. goto err;
  448. if (!EC_GROUP_get_order(group, order, NULL))
  449. goto err;
  450. if (BIO_printf(bp, "%s: (%d bit)\n", ecstr,
  451. BN_num_bits(order)) <= 0) goto err;
  452. if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key,
  453. buffer, off))
  454. goto err;
  455. if ((pub_key != NULL) && !ASN1_bn_print(bp, "pub: ", pub_key,
  456. buffer, off))
  457. goto err;
  458. if (!ECPKParameters_print(bp, group, off))
  459. goto err;
  460. ret=1;
  461. err:
  462. if (!ret)
  463. ECerr(EC_F_DO_EC_KEY_PRINT, reason);
  464. if (pub_key)
  465. BN_free(pub_key);
  466. if (order)
  467. BN_free(order);
  468. if (ctx)
  469. BN_CTX_free(ctx);
  470. if (buffer != NULL)
  471. OPENSSL_free(buffer);
  472. return(ret);
  473. }
  474. static int eckey_param_decode(EVP_PKEY *pkey,
  475. const unsigned char **pder, int derlen)
  476. {
  477. EC_KEY *eckey;
  478. if (!(eckey = d2i_ECParameters(NULL, pder, derlen)))
  479. {
  480. ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB);
  481. return 0;
  482. }
  483. EVP_PKEY_assign_EC_KEY(pkey, eckey);
  484. return 1;
  485. }
  486. static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder)
  487. {
  488. return i2d_ECParameters(pkey->pkey.ec, pder);
  489. }
  490. static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  491. ASN1_PCTX *ctx)
  492. {
  493. return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 0);
  494. }
  495. static int eckey_pub_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  496. ASN1_PCTX *ctx)
  497. {
  498. return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 1);
  499. }
  500. static int eckey_priv_print(BIO *bp, const EVP_PKEY *pkey, int indent,
  501. ASN1_PCTX *ctx)
  502. {
  503. return do_EC_KEY_print(bp, pkey->pkey.ec, indent, 2);
  504. }
  505. static int old_ec_priv_decode(EVP_PKEY *pkey,
  506. const unsigned char **pder, int derlen)
  507. {
  508. EC_KEY *ec;
  509. if (!(ec = d2i_ECPrivateKey (NULL, pder, derlen)))
  510. {
  511. ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR);
  512. return 0;
  513. }
  514. EVP_PKEY_assign_EC_KEY(pkey, ec);
  515. return 1;
  516. }
  517. static int old_ec_priv_encode(const EVP_PKEY *pkey, unsigned char **pder)
  518. {
  519. return i2d_ECPrivateKey(pkey->pkey.ec, pder);
  520. }
  521. static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
  522. {
  523. switch (op)
  524. {
  525. case ASN1_PKEY_CTRL_PKCS7_SIGN:
  526. if (arg1 == 0)
  527. {
  528. int snid, hnid;
  529. X509_ALGOR *alg1, *alg2;
  530. PKCS7_SIGNER_INFO_get0_algs(arg2, NULL, &alg1, &alg2);
  531. if (alg1 == NULL || alg1->algorithm == NULL)
  532. return -1;
  533. hnid = OBJ_obj2nid(alg1->algorithm);
  534. if (hnid == NID_undef)
  535. return -1;
  536. if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
  537. return -1;
  538. X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
  539. }
  540. return 1;
  541. #ifndef OPENSSL_NO_CMS
  542. case ASN1_PKEY_CTRL_CMS_SIGN:
  543. if (arg1 == 0)
  544. {
  545. int snid, hnid;
  546. X509_ALGOR *alg1, *alg2;
  547. CMS_SignerInfo_get0_algs(arg2, NULL, NULL,
  548. &alg1, &alg2);
  549. if (alg1 == NULL || alg1->algorithm == NULL)
  550. return -1;
  551. hnid = OBJ_obj2nid(alg1->algorithm);
  552. if (hnid == NID_undef)
  553. return -1;
  554. if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey)))
  555. return -1;
  556. X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0);
  557. }
  558. return 1;
  559. #endif
  560. case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
  561. *(int *)arg2 = NID_sha1;
  562. return 2;
  563. default:
  564. return -2;
  565. }
  566. }
  567. const EVP_PKEY_ASN1_METHOD eckey_asn1_meth =
  568. {
  569. EVP_PKEY_EC,
  570. EVP_PKEY_EC,
  571. 0,
  572. "EC",
  573. "OpenSSL EC algorithm",
  574. eckey_pub_decode,
  575. eckey_pub_encode,
  576. eckey_pub_cmp,
  577. eckey_pub_print,
  578. eckey_priv_decode,
  579. eckey_priv_encode,
  580. eckey_priv_print,
  581. int_ec_size,
  582. ec_bits,
  583. eckey_param_decode,
  584. eckey_param_encode,
  585. ec_missing_parameters,
  586. ec_copy_parameters,
  587. ec_cmp_parameters,
  588. eckey_param_print,
  589. 0,
  590. int_ec_free,
  591. ec_pkey_ctrl,
  592. old_ec_priv_decode,
  593. old_ec_priv_encode
  594. };