Commit af28dd6c authored by Bodo Möller's avatar Bodo Möller
Browse files

Fix bugs and typos. 

Add some WTLS curves.
New function EC_GROUP_check() (this will probably
be implemented differently soon).

Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
parent e79ec456

CHANGES

+3 −2
Original line number Diff line number Diff line
@@ -19,8 +19,9 @@ 
       extracted before the specific public key.

     [Nils Larsch <nla@trustcenter.de>]



  *) Include some named elliptic curves, and add OIDs from X9.62 and SECG.

     The curves can be obtained from the new functions

  *) Include some named elliptic curves, and add OIDs from X9.62,

     SECG, and WAP/WTLS.  The curves can be obtained from the new

     functions

          EC_GROUP_new_by_nid()

          EC_GROUP_new_by_name()

     Also add a 'nid' field to EC_GROUP objects, which can be accessed

apps/ecdsaparam.c

+73 −41
Original line number Diff line number Diff line
@@ -133,15 +133,16 @@ 
 * -out arg		- output file - default stdout

 * -noout

 * -text

 * -check               - validate the ec parameters

 * -C

 * -noout

 * -genkey		- generate a private public keypair based on the supplied curve

 * -named_curve		- use the curve oid instead of the parameters

 * -NIST_192		- use the NIST recommeded curve parameters over a 192 bit prime field

 * -NIST_224		- use the NIST recommeded curve parameters over a 224 bit prime field

 * -NIST_256		- use the NIST recommeded curve parameters over a 256 bit prime field

 * -NIST_384		- use the NIST recommeded curve parameters over a 384 bit prime field

 * -NIST_521		- use the NIST recommeded curve parameters over a 521 bit prime field

 * -NIST_192		- use the NIST recommended curve parameters over a 192 bit prime field

 * -NIST_224		- use the NIST recommended curve parameters over a 224 bit prime field

 * -NIST_256		- use the NIST recommended curve parameters over a 256 bit prime field

 * -NIST_384		- use the NIST recommended curve parameters over a 384 bit prime field

 * -NIST_521		- use the NIST recommended curve parameters over a 521 bit prime field

 * -X9_62_192v1		- use the X9_62 192v1 example curve over a 192 bit prime field

 * -X9_62_192v2		- use the X9_62 192v2 example curve over a 192 bit prime field

 * -X9_62_192v3		- use the X9_62 192v3 example curve over a 192 bit prime field
@@ -149,21 +150,24 @@ 
 * -X9_62_239v2		- use the X9_62 239v2 example curve over a 239 bit prime field

 * -X9_62_239v3		- use the X9_62 239v3 example curve over a 239 bit prime field

 * -X9_62_256v1		- use the X9_62 239v1 example curve over a 256 bit prime field

 * -SECG_PRIME_112R1    - use the SECG 112r1 recommeded curve over a 112 bit prime field

 * -SECG_PRIME_112R2    - use the SECG 112r2 recommeded curve over a 112 bit prime field

 * -SECG_PRIME_128R1    - use the SECG 128r1 recommeded curve over a 128 bit prime field

 * -SECG_PRIME_128R2    - use the SECG 128r2 recommeded curve over a 128 bit prime field

 * -SECG_PRIME_160K1    - use the SECG 160k1 recommeded curve over a 160 bit prime field

 * -SECG_PRIME_160R1    - use the SECG 160r1 recommeded curve over a 160 bit prime field

 * -SECG_PRIME_160R2    - use the SECG 160r2 recommeded curve over a 160 bit prime field

 * -SECG_PRIME_192K1    - use the SECG 192k1 recommeded curve over a 192 bit prime field

 * -SECG_PRIME_192R1    - use the SECG 192r1 recommeded curve over a 192 bit prime field

 * -SECG_PRIME_224K1    - use the SECG 224k1 recommeded curve over a 224 bit prime field

 * -SECG_PRIME_224R1    - use the SECG 224r1 recommeded curve over a 224 bit prime field

 * -SECG_PRIME_256K1    - use the SECG 256k1 recommeded curve over a 256 bit prime field

 * -SECG_PRIME_256R1    - use the SECG 256r1 recommeded curve over a 256 bit prime field

 * -SECG_PRIME_384R1    - use the SECG 384r1 recommeded curve over a 384 bit prime field

 * -SECG_PRIME_521R1    - use the SECG 521r1 recommeded curve over a 521 bit prime field

 * -SECG_PRIME_112R1    - use the SECG 112r1 recommended curve over a 112 bit prime field

 * -SECG_PRIME_112R2    - use the SECG 112r2 recommended curve over a 112 bit prime field

 * -SECG_PRIME_128R1    - use the SECG 128r1 recommended curve over a 128 bit prime field

 * -SECG_PRIME_128R2    - use the SECG 128r2 recommended curve over a 128 bit prime field

 * -SECG_PRIME_160K1    - use the SECG 160k1 recommended curve over a 160 bit prime field

 * -SECG_PRIME_160R1    - use the SECG 160r1 recommended curve over a 160 bit prime field

 * -SECG_PRIME_160R2    - use the SECG 160r2 recommended curve over a 160 bit prime field

 * -SECG_PRIME_192K1    - use the SECG 192k1 recommended curve over a 192 bit prime field

 * -SECG_PRIME_192R1    - use the SECG 192r1 recommended curve over a 192 bit prime field

 * -SECG_PRIME_224K1    - use the SECG 224k1 recommended curve over a 224 bit prime field

 * -SECG_PRIME_224R1    - use the SECG 224r1 recommended curve over a 224 bit prime field

 * -SECG_PRIME_256K1    - use the SECG 256k1 recommended curve over a 256 bit prime field

 * -SECG_PRIME_256R1    - use the SECG 256r1 recommended curve over a 256 bit prime field

 * -SECG_PRIME_384R1    - use the SECG 384r1 recommended curve over a 384 bit prime field

 * -SECG_PRIME_521R1    - use the SECG 521r1 recommended curve over a 521 bit prime field

 * -WTLS_6              - use the WAP/WTLS recommended curve number 6 over a 112 bit field

 * -WTLS_8              - use the WAP/WTLS recommended curve number 8 over a 112 bit field

 * -WTLS_9              - use the WAP/WTLS recommended curve number 9 over a 160 bit field

 */



int MAIN(int, char **);
@@ -177,6 +181,7 @@ int MAIN(int argc, char **argv) 
	int 	informat, outformat, noout = 0, C = 0, ret = 1;

	char 	*infile, *outfile, *prog, *inrand = NULL;

	int 	genkey = 0;

	int	check = 0;

	int 	need_rand = 0;

	char 	*engine=NULL;

	int	curve_type = EC_GROUP_NO_CURVE;
@@ -235,6 +240,8 @@ int MAIN(int argc, char **argv) 
			text = 1;

		else if (strcmp(*argv,"-C") == 0)

			C = 1;

		else if (strcmp(*argv,"-check") == 0)

			check = 1;

		else if (strcmp(*argv,"-genkey") == 0)

		{

			genkey = 1;
@@ -302,6 +309,12 @@ int MAIN(int argc, char **argv) 
			curve_type = EC_GROUP_SECG_PRIME_384R1;

		else if (strcmp(*argv, "-SECG_PRIME_521R1") == 0)

			curve_type = EC_GROUP_SECG_PRIME_521R1;

		else if (strcmp(*argv, "-WTLS_6") == 0)

			curve_type = EC_GROUP_WTLS_6;

		else if (strcmp(*argv, "-WTLS_8") == 0)

			curve_type = EC_GROUP_WTLS_8;

		else if (strcmp(*argv, "-WTLS_9") == 0)

			curve_type = EC_GROUP_WTLS_9;

		else if (strcmp(*argv, "-noout") == 0)

			noout=1;

		else
@@ -325,15 +338,16 @@ bad: 
		BIO_printf(bio_err," -out arg           output file\n");

		BIO_printf(bio_err," -text              print the key in text\n");

		BIO_printf(bio_err," -C                 Output C code\n");

		BIO_printf(bio_err," -check             validate the ec parameters\n");

		BIO_printf(bio_err," -noout             no output\n");

		BIO_printf(bio_err," -rand              files to use for random number input\n");

		BIO_printf(bio_err," -engine e          use engine e, possibly a hardware device.\n");

		BIO_printf(bio_err," -named_curve       use the curve oid instead of the parameters\n");

		BIO_printf(bio_err," -NIST_192          use the NIST recommeded curve parameters over a 192 bit prime field\n");

		BIO_printf(bio_err," -NIST_224          use the NIST recommeded curve parameters over a 224 bit prime field\n");

		BIO_printf(bio_err," -NIST_256          use the NIST recommeded curve parameters over a 256 bit prime field\n");

		BIO_printf(bio_err," -NIST_384          use the NIST recommeded curve parameters over a 384 bit prime field\n");

		BIO_printf(bio_err," -NIST_521          use the NIST recommeded curve parameters over a 521 bit prime field\n");

		BIO_printf(bio_err," -NIST_192          use the NIST recommended curve parameters over a 192 bit prime field\n");

		BIO_printf(bio_err," -NIST_224          use the NIST recommended curve parameters over a 224 bit prime field\n");

		BIO_printf(bio_err," -NIST_256          use the NIST recommended curve parameters over a 256 bit prime field\n");

		BIO_printf(bio_err," -NIST_384          use the NIST recommended curve parameters over a 384 bit prime field\n");

		BIO_printf(bio_err," -NIST_521          use the NIST recommended curve parameters over a 521 bit prime field\n");

		BIO_printf(bio_err," -X9_62_192v1       use the X9_62 192v1 example curve over a 192 bit prime field\n");

		BIO_printf(bio_err," -X9_62_192v2       use the X9_62 192v2 example curve over a 192 bit prime field\n");

		BIO_printf(bio_err," -X9_62_192v3       use the X9_62 192v3 example curve over a 192 bit prime field\n");
@@ -341,21 +355,24 @@ bad: 
		BIO_printf(bio_err," -X9_62_239v2       use the X9_62 239v2 example curve over a 239 bit prime field\n");

		BIO_printf(bio_err," -X9_62_239v3       use the X9_62 239v3 example curve over a 239 bit prime field\n");

		BIO_printf(bio_err," -X9_62_256v1       use the X9_62 239v1 example curve over a 256 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_112R1  use the SECG 112r1 recommeded curve over a 112 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_112R2  use the SECG 112r2 recommeded curve over a 112 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_128R1  use the SECG 128r1 recommeded curve over a 128 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_128R2  use the SECG 128r2 recommeded curve over a 128 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_160K1  use the SECG 160k1 recommeded curve over a 160 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_160R1  use the SECG 160r1 recommeded curve over a 160 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_160R2  use the SECG 160r2 recommeded curve over a 160 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_192K1  use the SECG 192k1 recommeded curve over a 192 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_192R1  use the SECG 192r1 recommeded curve over a 192 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_224K1  use the SECG 224k1 recommeded curve over a 224 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_224R1  use the SECG 224r1 recommeded curve over a 224 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_256K1  use the SECG 256k1 recommeded curve over a 256 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_256R1  use the SECG 256r1 recommeded curve over a 256 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_384R1  use the SECG 384r1 recommeded curve over a 384 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_521R1  use the SECG 521r1 recommeded curve over a 521 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_112R1  use the SECG 112r1 recommended curve over a 112 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_112R2  use the SECG 112r2 recommended curve over a 112 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_128R1  use the SECG 128r1 recommended curve over a 128 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_128R2  use the SECG 128r2 recommended curve over a 128 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_160K1  use the SECG 160k1 recommended curve over a 160 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_160R1  use the SECG 160r1 recommended curve over a 160 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_160R2  use the SECG 160r2 recommended curve over a 160 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_192K1  use the SECG 192k1 recommended curve over a 192 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_192R1  use the SECG 192r1 recommended curve over a 192 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_224K1  use the SECG 224k1 recommended curve over a 224 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_224R1  use the SECG 224r1 recommended curve over a 224 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_256K1  use the SECG 256k1 recommended curve over a 256 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_256R1  use the SECG 256r1 recommended curve over a 256 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_384R1  use the SECG 384r1 recommended curve over a 384 bit prime field\n");

		BIO_printf(bio_err," -SECG_PRIME_521R1  use the SECG 521r1 recommended curve over a 521 bit prime field\n");

		BIO_printf(bio_err," -WTLS_6            use the WAP/WTLS recommended curve number 6 over a 112 bit field\n");

		BIO_printf(bio_err," -WTLS_8            use the WAP/WTLS recommended curve number 8 over a 112 bit field\n");

		BIO_printf(bio_err," -WTLS_9            use the WAP/WTLS recommended curve number 9 over a 112 bit field\n");

		goto end;

	}
@@ -437,6 +454,21 @@ bad: 
		ECDSAParameters_print(out, ecdsa);

	}



	if (check)

	{

		if (ecdsa == NULL)

			BIO_printf(bio_err, "no elliptic curve parameters\n");

		BIO_printf(bio_err, "checking elliptic curve parameters: ");

		if (!EC_GROUP_check(ecdsa->group, NULL))

		{

			BIO_printf(bio_err, "failed\n");

			ERR_print_errors(bio_err);

		}

		else

			BIO_printf(bio_err, "ok\n");

			

	}

	

	if (C)

	{	/* TODO: characteristic two */

		int 	l, len, bits_p;

apps/speed.c

+4 −1
Original line number Diff line number Diff line
@@ -372,8 +372,11 @@ int MAIN(int argc, char **argv) 
	ENGINE *e = NULL;

	unsigned char *buf=NULL,*buf2=NULL;

	int mret=1;

	long count=0,save_count=0, rsa_count;

	long count=0,save_count=0;

	int i,j,k;

#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)

	long rsa_count;

#endif

#ifndef OPENSSL_NO_RSA

	unsigned rsa_num;

#endif

crypto/conf/conf_mod.c

+1 −1
Original line number Diff line number Diff line
@@ -165,7 +165,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname, 
int CONF_modules_load_file(const char *filename, const char *appname,

			   unsigned long flags)

	{

	char *file;

	char *file = NULL;

	CONF *conf = NULL;

	int ret = 0;

	conf = NCONF_new(NULL);

crypto/ec/ec.h

+13 −2
Original line number Diff line number Diff line 
/* crypto/ec/ec.h */

/* ====================================================================

 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.

 * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions
@@ -125,6 +125,8 @@ EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); 
int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);

int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);



/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */

int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);



/* EC_GROUP_new_GFp() calls EC_GROUP_new() and EC_GROUP_set_GFp()

 * after choosing an appropriate EC_METHOD */
@@ -163,6 +165,11 @@ EC_GROUP *EC_GROUP_new_by_name(int name); 
#define EC_GROUP_SECG_PRIME_256R1	NID_secp256r1

#define EC_GROUP_SECG_PRIME_384R1	NID_secp384r1

#define EC_GROUP_SECG_PRIME_521R1	NID_secp521r1

#define EC_GROUP_WTLS_6			NID_wap_wsg_idm_ecid_wtls6

#define EC_GROUP_WTLS_7			NID_secp160r1

#define EC_GROUP_WTLS_8			NID_wap_wsg_idm_ecid_wtls8

#define EC_GROUP_WTLS_9			NID_wap_wsg_idm_ecid_wtls9

#define EC_GROUP_WTLS_12		NID_secp224r1



EC_POINT *EC_POINT_new(const EC_GROUP *);

void EC_POINT_free(EC_POINT *);
@@ -220,6 +227,7 @@ void ERR_load_EC_strings(void); 
#define EC_F_EC_GFP_MONT_FIELD_ENCODE			 134

#define EC_F_EC_GFP_MONT_FIELD_MUL			 131

#define EC_F_EC_GFP_MONT_FIELD_SQR			 132

#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK			 151

#define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP		 100

#define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR		 101

#define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE			 102
@@ -229,6 +237,7 @@ void ERR_load_EC_strings(void); 
#define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105

#define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128

#define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129

#define EC_F_EC_GROUP_CHECK				 150

#define EC_F_EC_GROUP_COPY				 106

#define EC_F_EC_GROUP_GET0_GENERATOR			 139

#define EC_F_EC_GROUP_GET_COFACTOR			 140
@@ -266,6 +275,7 @@ void ERR_load_EC_strings(void); 


/* Reason codes. */

#define EC_R_BUFFER_TOO_SMALL				 100

#define EC_R_DISCRIMINANT_IS_ZERO			 118

#define EC_R_INCOMPATIBLE_OBJECTS			 101

#define EC_R_INVALID_ARGUMENT				 112

#define EC_R_INVALID_COMPRESSED_POINT			 110
@@ -273,13 +283,14 @@ void ERR_load_EC_strings(void); 
#define EC_R_INVALID_ENCODING				 102

#define EC_R_INVALID_FIELD				 103

#define EC_R_INVALID_FORM				 104

#define EC_R_MISSING_PARAMETERS				 115

#define EC_R_INVALID_GROUP_ORDER			 119

#define EC_R_NOT_INITIALIZED				 111

#define EC_R_NO_SUCH_EXTRA_DATA				 105

#define EC_R_POINT_AT_INFINITY				 106

#define EC_R_POINT_IS_NOT_ON_CURVE			 107

#define EC_R_SLOT_FULL					 108

#define EC_R_UNDEFINED_GENERATOR			 113

#define EC_R_UNDEFINED_ORDER				 122

#define EC_R_UNKNOWN_GROUP				 116

#define EC_R_UNKNOWN_NID				 117

#define EC_R_UNKNOWN_ORDER				 114