Commit 04daec86 authored by Bodo Möller's avatar Bodo Möller
Browse files

New 64-bit optimized implementation EC_GFp_nistp224_method(). 

This will only be compiled in if explicitly requested
(#ifdef EC_NISTP224_64_GCC_128).

Submitted by: Emilia Kasper (Google)
parent d3bb63fc

CHANGES

+12 −0
Original line number Diff line number Diff line
@@ -107,6 +107,18 @@ 
  

 Changes between 1.0.0a and 1.0.1  [xx XXX xxxx]



  *) Add EC_GFp_nistp224_method(), a 64-bit optimized implementation for

     elliptic curve NIST-P224 with constant-time single point multiplication on

     typical inputs.  EC_GROUP_new_by_curve_name() will automatically use this

     (while EC_GROUP_new_curve_GFp() currently won't and prefers the more

     flexible implementations).



     The implementation requires support for the nonstandard type __uint128_t,

     and so is disabled by default.  To include this in your build of OpenSSL,

     use -DEC_NISTP224_64_GCC_128 on the Configure (or config) command line,

     and run "make depend" (or "make update").

     [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]



  *) Permit abbreviated handshakes when renegotiating using the function

     SSL_renegotiate_abbreviated().

     [Robin Seggelmann <seggelmann@fh-muenster.de>]

crypto/ec/Makefile

+3 −2
Original line number Diff line number Diff line
@@ -19,11 +19,11 @@ APPS= 
LIB=$(TOP)/libcrypto.a

LIBSRC=	ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c\

	ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c\

	ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c

	ec2_smpl.c ec2_mult.c ec_ameth.c ec_pmeth.c eck_prn.c ecp_nistp224.c



LIBOBJ=	ec_lib.o ecp_smpl.o ecp_mont.o ecp_nist.o ec_cvt.o ec_mult.o\

	ec_err.o ec_curve.o ec_check.o ec_print.o ec_asn1.o ec_key.o\

	ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o

	ec2_smpl.o ec2_mult.o ec_ameth.o ec_pmeth.o eck_prn.o ecp_nistp224.o



SRC= $(LIBSRC)
@@ -221,6 +221,7 @@ ecp_nist.o: ../../include/openssl/obj_mac.h ../../include/openssl/opensslconf.h 
ecp_nist.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h

ecp_nist.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h

ecp_nist.o: ../../include/openssl/symhacks.h ec_lcl.h ecp_nist.c

ecp_nistp224.o: ecp_nistp224.c

ecp_smpl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h

ecp_smpl.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h

ecp_smpl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h

crypto/ec/ec.h

+13 −0
Original line number Diff line number Diff line
@@ -151,6 +151,12 @@ const EC_METHOD *EC_GFp_mont_method(void); 
 */

const EC_METHOD *EC_GFp_nist_method(void);



#ifdef EC_NISTP224_64_GCC_128

/** Returns 64-bit optimized methods for nistp224

 *  \return  EC_METHOD object

 */

const EC_METHOD *EC_GFp_nistp224_method(void);

#endif



/********************************************************************/ 

/*           EC_METHOD for curves over GF(2^m)                      */
@@ -926,6 +932,7 @@ void ERR_load_EC_strings(void); 
/* Error codes for the EC functions. */



/* Function codes. */

#define EC_F_BN_TO_FELEM				 224

#define EC_F_COMPUTE_WNAF				 143

#define EC_F_D2I_ECPARAMETERS				 144

#define EC_F_D2I_ECPKPARAMETERS				 145
@@ -968,6 +975,9 @@ void ERR_load_EC_strings(void); 
#define EC_F_EC_GFP_MONT_FIELD_SQR			 132

#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE		 189

#define EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP		 135

#define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE		 225

#define EC_F_EC_GFP_NISTP224_POINTS_MUL			 228

#define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226

#define EC_F_EC_GFP_NIST_FIELD_MUL			 200

#define EC_F_EC_GFP_NIST_FIELD_SQR			 201

#define EC_F_EC_GFP_NIST_GROUP_SET_CURVE		 202
@@ -1040,6 +1050,7 @@ void ERR_load_EC_strings(void); 
#define EC_F_I2D_ECPKPARAMETERS				 191

#define EC_F_I2D_ECPRIVATEKEY				 192

#define EC_F_I2O_ECPUBLICKEY				 151

#define EC_F_NISTP224_PRE_COMP_NEW			 227

#define EC_F_O2I_ECPUBLICKEY				 152

#define EC_F_OLD_EC_PRIV_DECODE				 222

#define EC_F_PKEY_EC_CTRL				 197
@@ -1052,6 +1063,7 @@ void ERR_load_EC_strings(void); 
/* Reason codes. */

#define EC_R_ASN1_ERROR					 115

#define EC_R_ASN1_UNKNOWN_FIELD				 116

#define EC_R_BIGNUM_OUT_OF_RANGE			 144

#define EC_R_BUFFER_TOO_SMALL				 100

#define EC_R_D2I_ECPKPARAMETERS_FAILURE			 117

#define EC_R_DECODE_ERROR				 142
@@ -1092,6 +1104,7 @@ void ERR_load_EC_strings(void); 
#define EC_R_UNKNOWN_GROUP				 129

#define EC_R_UNKNOWN_ORDER				 114

#define EC_R_UNSUPPORTED_FIELD				 131

#define EC_R_WRONG_CURVE_PARAMETERS			 145

#define EC_R_WRONG_ORDER				 130



#ifdef  __cplusplus

crypto/ec/ec_curve.c

+98 −77
Original line number Diff line number Diff line
@@ -3,7 +3,7 @@ 
 * Written by Nils Larsch for the OpenSSL project.

 */

/* ====================================================================

 * Copyright (c) 1998-2004 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1998-2010 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions
@@ -1820,93 +1820,101 @@ static const struct { EC_CURVE_DATA h; unsigned char data[0+24*6]; } 
typedef struct _ec_list_element_st {

	int	nid;

	const EC_CURVE_DATA *data;

	const EC_METHOD *(*meth)(void);

	const char *comment;

	} ec_list_element;



static const ec_list_element curve_list[] = {

	/* prime field curves */

	/* secg curves */

	{ NID_secp112r1, &_EC_SECG_PRIME_112R1.h, "SECG/WTLS curve over a 112 bit prime field"},

	{ NID_secp112r2, &_EC_SECG_PRIME_112R2.h, "SECG curve over a 112 bit prime field"},

	{ NID_secp128r1, &_EC_SECG_PRIME_128R1.h, "SECG curve over a 128 bit prime field"},

	{ NID_secp128r2, &_EC_SECG_PRIME_128R2.h, "SECG curve over a 128 bit prime field"},

	{ NID_secp160k1, &_EC_SECG_PRIME_160K1.h, "SECG curve over a 160 bit prime field"},

	{ NID_secp160r1, &_EC_SECG_PRIME_160R1.h, "SECG curve over a 160 bit prime field"},

	{ NID_secp160r2, &_EC_SECG_PRIME_160R2.h, "SECG/WTLS curve over a 160 bit prime field"},

	{ NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field" },

	{ NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, "SECG curve over a 112 bit prime field" },

	{ NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, "SECG curve over a 128 bit prime field" },

	{ NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, "SECG curve over a 128 bit prime field" },

	{ NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, "SECG curve over a 160 bit prime field" },

	{ NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, "SECG curve over a 160 bit prime field" },

	{ NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field" },

	/* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */

	{ NID_secp192k1, &_EC_SECG_PRIME_192K1.h, "SECG curve over a 192 bit prime field"},

	{ NID_secp224k1, &_EC_SECG_PRIME_224K1.h, "SECG curve over a 224 bit prime field"},

	{ NID_secp224r1, &_EC_NIST_PRIME_224.h,   "NIST/SECG curve over a 224 bit prime field"},

	{ NID_secp256k1, &_EC_SECG_PRIME_256K1.h, "SECG curve over a 256 bit prime field"},

	{ NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, "SECG curve over a 192 bit prime field" },

	{ NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, "SECG curve over a 224 bit prime field" },

#ifdef EC_NISTP224_64_GCC_128

        { NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, "NIST/SECG curve over a 224 bit prime field,\n"

	  "\t\t64-bit optimized implementation." },

#else

	{ NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, "NIST/SECG curve over a 224 bit prime field" },

#endif

	{ NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, "SECG curve over a 256 bit prime field" },

	/* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */

	{ NID_secp384r1, &_EC_NIST_PRIME_384.h, "NIST/SECG curve over a 384 bit prime field"},

	{ NID_secp521r1, &_EC_NIST_PRIME_521.h, "NIST/SECG curve over a 521 bit prime field"},

	{ NID_secp384r1, &_EC_NIST_PRIME_384.h, 0, "NIST/SECG curve over a 384 bit prime field" },

	{ NID_secp521r1, &_EC_NIST_PRIME_521.h, 0, "NIST/SECG curve over a 521 bit prime field" },

	/* X9.62 curves */

	{ NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, "NIST/X9.62/SECG curve over a 192 bit prime field"},

	{ NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, "X9.62 curve over a 192 bit prime field"},

	{ NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, "X9.62 curve over a 192 bit prime field"},

	{ NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, "X9.62 curve over a 239 bit prime field"},

	{ NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, "X9.62 curve over a 239 bit prime field"},

	{ NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, "X9.62 curve over a 239 bit prime field"},

	{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, "X9.62/SECG curve over a 256 bit prime field"},

	{ NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, "NIST/X9.62/SECG curve over a 192 bit prime field" },

	{ NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, "X9.62 curve over a 192 bit prime field" },

	{ NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, "X9.62 curve over a 192 bit prime field" },

	{ NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, "X9.62 curve over a 239 bit prime field" },

	{ NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, "X9.62 curve over a 239 bit prime field" },

	{ NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, "X9.62 curve over a 239 bit prime field" },

	{ NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, 0, "X9.62/SECG curve over a 256 bit prime field" },

	/* characteristic two field curves */

	/* NIST/SECG curves */

	{ NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, "SECG curve over a 113 bit binary field"},

	{ NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, "SECG curve over a 113 bit binary field"},

	{ NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, "SECG/WTLS curve over a 131 bit binary field"},

	{ NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, "SECG curve over a 131 bit binary field"},

	{ NID_sect163k1, &_EC_NIST_CHAR2_163K.h,  "NIST/SECG/WTLS curve over a 163 bit binary field" },

	{ NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, "SECG curve over a 163 bit binary field"},

	{ NID_sect163r2, &_EC_NIST_CHAR2_163B.h,  "NIST/SECG curve over a 163 bit binary field" },

	{ NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, "SECG curve over a 193 bit binary field"},

	{ NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, "SECG curve over a 193 bit binary field"},

	{ NID_sect233k1, &_EC_NIST_CHAR2_233K.h,  "NIST/SECG/WTLS curve over a 233 bit binary field" },

	{ NID_sect233r1, &_EC_NIST_CHAR2_233B.h,  "NIST/SECG/WTLS curve over a 233 bit binary field" },

	{ NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, "SECG curve over a 239 bit binary field"},

	{ NID_sect283k1, &_EC_NIST_CHAR2_283K.h,  "NIST/SECG curve over a 283 bit binary field" },

	{ NID_sect283r1, &_EC_NIST_CHAR2_283B.h,  "NIST/SECG curve over a 283 bit binary field" },

	{ NID_sect409k1, &_EC_NIST_CHAR2_409K.h,  "NIST/SECG curve over a 409 bit binary field" },

	{ NID_sect409r1, &_EC_NIST_CHAR2_409B.h,  "NIST/SECG curve over a 409 bit binary field" },

	{ NID_sect571k1, &_EC_NIST_CHAR2_571K.h,  "NIST/SECG curve over a 571 bit binary field" },

	{ NID_sect571r1, &_EC_NIST_CHAR2_571B.h,  "NIST/SECG curve over a 571 bit binary field" },

	{ NID_sect113r1, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field" },

	{ NID_sect113r2, &_EC_SECG_CHAR2_113R2.h, 0, "SECG curve over a 113 bit binary field" },

	{ NID_sect131r1, &_EC_SECG_CHAR2_131R1.h, 0, "SECG/WTLS curve over a 131 bit binary field" },

	{ NID_sect131r2, &_EC_SECG_CHAR2_131R2.h, 0, "SECG curve over a 131 bit binary field" },

	{ NID_sect163k1, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field" },

	{ NID_sect163r1, &_EC_SECG_CHAR2_163R1.h, 0, "SECG curve over a 163 bit binary field" },

	{ NID_sect163r2, &_EC_NIST_CHAR2_163B.h, 0, "NIST/SECG curve over a 163 bit binary field" },

	{ NID_sect193r1, &_EC_SECG_CHAR2_193R1.h, 0, "SECG curve over a 193 bit binary field" },

	{ NID_sect193r2, &_EC_SECG_CHAR2_193R2.h, 0, "SECG curve over a 193 bit binary field" },

	{ NID_sect233k1, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },

	{ NID_sect233r1, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },

	{ NID_sect239k1, &_EC_SECG_CHAR2_239K1.h, 0, "SECG curve over a 239 bit binary field" },

	{ NID_sect283k1, &_EC_NIST_CHAR2_283K.h, 0, "NIST/SECG curve over a 283 bit binary field" },

	{ NID_sect283r1, &_EC_NIST_CHAR2_283B.h, 0, "NIST/SECG curve over a 283 bit binary field" },

	{ NID_sect409k1, &_EC_NIST_CHAR2_409K.h, 0, "NIST/SECG curve over a 409 bit binary field" },

	{ NID_sect409r1, &_EC_NIST_CHAR2_409B.h, 0, "NIST/SECG curve over a 409 bit binary field" },

	{ NID_sect571k1, &_EC_NIST_CHAR2_571K.h, 0, "NIST/SECG curve over a 571 bit binary field" },

	{ NID_sect571r1, &_EC_NIST_CHAR2_571B.h, 0, "NIST/SECG curve over a 571 bit binary field" },

	/* X9.62 curves */

	{ NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"},

	{ NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, "X9.62 curve over a 163 bit binary field"},

	{ NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, "X9.62 curve over a 163 bit binary field"},

	{ NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, "X9.62 curve over a 176 bit binary field"},

	{ NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, "X9.62 curve over a 191 bit binary field"},

	{ NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, "X9.62 curve over a 191 bit binary field"},

	{ NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, "X9.62 curve over a 191 bit binary field"},

	{ NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, "X9.62 curve over a 208 bit binary field"},

	{ NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, "X9.62 curve over a 239 bit binary field"},

	{ NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, "X9.62 curve over a 239 bit binary field"},

	{ NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, "X9.62 curve over a 239 bit binary field"},

	{ NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, "X9.62 curve over a 272 bit binary field"},

	{ NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, "X9.62 curve over a 304 bit binary field"},

	{ NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, "X9.62 curve over a 359 bit binary field"},

	{ NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, "X9.62 curve over a 368 bit binary field"},

	{ NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, "X9.62 curve over a 431 bit binary field"},

	{ NID_X9_62_c2pnb163v1, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field" },

	{ NID_X9_62_c2pnb163v2, &_EC_X9_62_CHAR2_163V2.h, 0, "X9.62 curve over a 163 bit binary field" },

	{ NID_X9_62_c2pnb163v3, &_EC_X9_62_CHAR2_163V3.h, 0, "X9.62 curve over a 163 bit binary field" },

	{ NID_X9_62_c2pnb176v1, &_EC_X9_62_CHAR2_176V1.h, 0, "X9.62 curve over a 176 bit binary field" },

	{ NID_X9_62_c2tnb191v1, &_EC_X9_62_CHAR2_191V1.h, 0, "X9.62 curve over a 191 bit binary field" },

	{ NID_X9_62_c2tnb191v2, &_EC_X9_62_CHAR2_191V2.h, 0, "X9.62 curve over a 191 bit binary field" },

	{ NID_X9_62_c2tnb191v3, &_EC_X9_62_CHAR2_191V3.h, 0, "X9.62 curve over a 191 bit binary field" },

	{ NID_X9_62_c2pnb208w1, &_EC_X9_62_CHAR2_208W1.h, 0, "X9.62 curve over a 208 bit binary field" },

	{ NID_X9_62_c2tnb239v1, &_EC_X9_62_CHAR2_239V1.h, 0, "X9.62 curve over a 239 bit binary field" },

	{ NID_X9_62_c2tnb239v2, &_EC_X9_62_CHAR2_239V2.h, 0, "X9.62 curve over a 239 bit binary field" },

	{ NID_X9_62_c2tnb239v3, &_EC_X9_62_CHAR2_239V3.h, 0, "X9.62 curve over a 239 bit binary field" },

	{ NID_X9_62_c2pnb272w1, &_EC_X9_62_CHAR2_272W1.h, 0, "X9.62 curve over a 272 bit binary field" },

	{ NID_X9_62_c2pnb304w1, &_EC_X9_62_CHAR2_304W1.h, 0, "X9.62 curve over a 304 bit binary field" },

	{ NID_X9_62_c2tnb359v1, &_EC_X9_62_CHAR2_359V1.h, 0, "X9.62 curve over a 359 bit binary field" },

	{ NID_X9_62_c2pnb368w1, &_EC_X9_62_CHAR2_368W1.h, 0, "X9.62 curve over a 368 bit binary field" },

	{ NID_X9_62_c2tnb431r1, &_EC_X9_62_CHAR2_431R1.h, 0, "X9.62 curve over a 431 bit binary field" },

	/* the WAP/WTLS curves

	 * [unlike SECG, spec has its own OIDs for curves from X9.62] */

	{ NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, "WTLS curve over a 113 bit binary field"},

	{ NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h,   "NIST/SECG/WTLS curve over a 163 bit binary field"},

	{ NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h,  "SECG curve over a 113 bit binary field"},

	{ NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, "X9.62 curve over a 163 bit binary field"},

	{ NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h,  "SECG/WTLS curve over a 112 bit prime field"},

	{ NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h,  "SECG/WTLS curve over a 160 bit prime field"},

	{ NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, "WTLS curve over a 112 bit prime field"},

	{ NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, "WTLS curve over a 160 bit prime field" },

	{ NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, "NIST/SECG/WTLS curve over a 233 bit binary field"},

	{ NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, "NIST/SECG/WTLS curve over a 233 bit binary field"},

	{ NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, "WTLS curvs over a 224 bit prime field"},

	{ NID_wap_wsg_idm_ecid_wtls1, &_EC_WTLS_1.h, 0, "WTLS curve over a 113 bit binary field" },

	{ NID_wap_wsg_idm_ecid_wtls3, &_EC_NIST_CHAR2_163K.h, 0, "NIST/SECG/WTLS curve over a 163 bit binary field" },

	{ NID_wap_wsg_idm_ecid_wtls4, &_EC_SECG_CHAR2_113R1.h, 0, "SECG curve over a 113 bit binary field" },

	{ NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, "X9.62 curve over a 163 bit binary field" },

	{ NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, "SECG/WTLS curve over a 112 bit prime field" },

	{ NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, "SECG/WTLS curve over a 160 bit prime field" },

	{ NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, "WTLS curve over a 112 bit prime field" },

	{ NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, "WTLS curve over a 160 bit prime field" },

	{ NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },

	{ NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, "NIST/SECG/WTLS curve over a 233 bit binary field" },

	{ NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, "WTLS curvs over a 224 bit prime field" },

	/* IPSec curves */

	{ NID_ipsec3, &_EC_IPSEC_155_ID3.h, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"},

	{ NID_ipsec4, &_EC_IPSEC_185_ID4.h, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n""\tNot suitable for ECDSA.\n\tQuestionable extension field!"},

	{ NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, "\n\tIPSec/IKE/Oakley curve #3 over a 155 bit binary field.\n"

	  "\tNot suitable for ECDSA.\n\tQuestionable extension field!" },

	{ NID_ipsec4, &_EC_IPSEC_185_ID4.h, 0, "\n\tIPSec/IKE/Oakley curve #4 over a 185 bit binary field.\n"

	  "\tNot suitable for ECDSA.\n\tQuestionable extension field!" },

};



#define curve_list_length (sizeof(curve_list)/sizeof(ec_list_element))



static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data)

static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)

	{

	EC_GROUP *group=NULL;

	EC_POINT *P=NULL;
@@ -1914,6 +1922,8 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) 
	BIGNUM	 *p=NULL, *a=NULL, *b=NULL, *x=NULL, *y=NULL, *order=NULL;

	int	 ok=0;

	int	 seed_len,param_len;

	const EC_METHOD *meth;

	const EC_CURVE_DATA *data;

	const unsigned char *params;



	if ((ctx = BN_CTX_new()) == NULL)
@@ -1922,6 +1932,7 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) 
		goto err;

		}



	data = curve.data;

	seed_len  = data->seed_len;

	param_len = data->param_len;

	params	  = (const unsigned char *)(data+1);	/* skip header */
@@ -1935,7 +1946,17 @@ static EC_GROUP *ec_group_new_from_data(const EC_CURVE_DATA *data) 
		goto err;

		}



	if (data->field_type == NID_X9_62_prime_field)

	if (curve.meth != 0)

		{

		meth = curve.meth();

		if (((group = EC_GROUP_new(meth)) == NULL) ||

			(!(group->meth->group_set_curve(group, p, a, b, ctx))))

			{

			ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);

			goto err;

			}

		}

	else if (data->field_type == NID_X9_62_prime_field)

		{

		if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL)

			{
@@ -2025,7 +2046,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid) 
	for (i=0; i<curve_list_length; i++)

		if (curve_list[i].nid == nid)

			{

			ret = ec_group_new_from_data(curve_list[i].data);

			ret = ec_group_new_from_data(curve_list[i]);

			break;

			}

crypto/ec/ec_err.c

+8 −1
Original line number Diff line number Diff line 
/* crypto/ec/ec_err.c */

/* ====================================================================

 * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1999-2010 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions
@@ -70,6 +70,7 @@ 


static ERR_STRING_DATA EC_str_functs[]=

	{

{ERR_FUNC(EC_F_BN_TO_FELEM),	"BN_TO_FELEM"},

{ERR_FUNC(EC_F_COMPUTE_WNAF),	"COMPUTE_WNAF"},

{ERR_FUNC(EC_F_D2I_ECPARAMETERS),	"d2i_ECParameters"},

{ERR_FUNC(EC_F_D2I_ECPKPARAMETERS),	"d2i_ECPKParameters"},
@@ -112,6 +113,9 @@ static ERR_STRING_DATA EC_str_functs[]= 
{ERR_FUNC(EC_F_EC_GFP_MONT_FIELD_SQR),	"ec_GFp_mont_field_sqr"},

{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE),	"ec_GFp_mont_group_set_curve"},

{ERR_FUNC(EC_F_EC_GFP_MONT_GROUP_SET_CURVE_GFP),	"EC_GFP_MONT_GROUP_SET_CURVE_GFP"},

{ERR_FUNC(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE),	"ec_GFp_nistp224_group_set_curve"},

{ERR_FUNC(EC_F_EC_GFP_NISTP224_POINTS_MUL),	"ec_GFp_nistp224_points_mul"},

{ERR_FUNC(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES),	"ec_GFp_nistp224_point_get_affine_coordinates"},

{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_MUL),	"ec_GFp_nist_field_mul"},

{ERR_FUNC(EC_F_EC_GFP_NIST_FIELD_SQR),	"ec_GFp_nist_field_sqr"},

{ERR_FUNC(EC_F_EC_GFP_NIST_GROUP_SET_CURVE),	"ec_GFp_nist_group_set_curve"},
@@ -184,6 +188,7 @@ static ERR_STRING_DATA EC_str_functs[]= 
{ERR_FUNC(EC_F_I2D_ECPKPARAMETERS),	"i2d_ECPKParameters"},

{ERR_FUNC(EC_F_I2D_ECPRIVATEKEY),	"i2d_ECPrivateKey"},

{ERR_FUNC(EC_F_I2O_ECPUBLICKEY),	"i2o_ECPublicKey"},

{ERR_FUNC(EC_F_NISTP224_PRE_COMP_NEW),	"NISTP224_PRE_COMP_NEW"},

{ERR_FUNC(EC_F_O2I_ECPUBLICKEY),	"o2i_ECPublicKey"},

{ERR_FUNC(EC_F_OLD_EC_PRIV_DECODE),	"OLD_EC_PRIV_DECODE"},

{ERR_FUNC(EC_F_PKEY_EC_CTRL),	"PKEY_EC_CTRL"},
@@ -199,6 +204,7 @@ static ERR_STRING_DATA EC_str_reasons[]= 
	{

{ERR_REASON(EC_R_ASN1_ERROR)             ,"asn1 error"},

{ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD)     ,"asn1 unknown field"},

{ERR_REASON(EC_R_BIGNUM_OUT_OF_RANGE)    ,"bignum out of range"},

{ERR_REASON(EC_R_BUFFER_TOO_SMALL)       ,"buffer too small"},

{ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"},

{ERR_REASON(EC_R_DECODE_ERROR)           ,"decode error"},
@@ -239,6 +245,7 @@ static ERR_STRING_DATA EC_str_reasons[]= 
{ERR_REASON(EC_R_UNKNOWN_GROUP)          ,"unknown group"},

{ERR_REASON(EC_R_UNKNOWN_ORDER)          ,"unknown order"},

{ERR_REASON(EC_R_UNSUPPORTED_FIELD)      ,"unsupported field"},

{ERR_REASON(EC_R_WRONG_CURVE_PARAMETERS) ,"wrong curve parameters"},

{ERR_REASON(EC_R_WRONG_ORDER)            ,"wrong order"},

{0,NULL}

	};