/* Retrieve EC point from key into ec * return nonzero on error */ static int pkcs11_get_point_key(EC_KEY *ec, PKCS11_KEY *key) { CK_BYTE *point; size_t point_len = 0; const unsigned char *a; ASN1_OCTET_STRING *os; int rv = -1; if (key == NULL || key_getattr_alloc(key, CKA_EC_POINT, &point, &point_len)) return -1; /* PKCS#11-compliant modules should return ASN1_OCTET_STRING */ a = point; os = d2i_ASN1_OCTET_STRING(NULL, &a, (long)point_len); if (os) { a = os->data; rv = o2i_ECPublicKey(&ec, &a, os->length) == NULL; ASN1_STRING_free(os); } if (rv) { /* Workaround for broken PKCS#11 modules */ a = point; rv = o2i_ECPublicKey(&ec, &a, (long)point_len) == NULL; } OPENSSL_free(point); return rv; }
static EC_KEY *pkcs11_get_ec(PKCS11_KEY *key) { EC_KEY *ec, *found_params = NULL, *found_point = NULL; CK_BYTE *params, *point; size_t params_len = 0, point_len = 0; PKCS11_KEY *pubkey; ec = EC_KEY_new(); if (ec == NULL) return NULL; /* For OpenSSL req we need at least the * EC_KEY_get0_group(ec_key)) to return the group. * Continue even if it fails, as the sign operation does not need * it if the PKCS#11 module or the hardware can figure this out */ if (!key_getattr_alloc(key, CKA_EC_PARAMS, ¶ms, ¶ms_len)) { const unsigned char *a = params; /* Convert to OpenSSL parmas */ found_params = d2i_ECParameters(&ec, &a, (long)params_len); OPENSSL_free(params); } /* Now retrieve the point */ pubkey = key->isPrivate ? pkcs11_find_key_from_key(key) : key; if (pubkey == NULL) return ec; if (!key_getattr_alloc(pubkey, CKA_EC_POINT, &point, &point_len)) { const unsigned char *a; ASN1_OCTET_STRING *os; /* PKCS#11-compliant modules should return ASN1_OCTET_STRING */ a = point; os = d2i_ASN1_OCTET_STRING(NULL, &a, (long)point_len); if (os) { a = os->data; found_point = o2i_ECPublicKey(&ec, &a, os->length); ASN1_STRING_free(os); } if (found_point == NULL) { /* Workaround for broken PKCS#11 modules */ a = point; found_point = o2i_ECPublicKey(&ec, &a, point_len); } OPENSSL_free(point); } /* A public keys requires both the params and the point to be present */ if (!key->isPrivate && (found_params == NULL || found_point == NULL)) { EC_KEY_free(ec); return NULL; } return ec; }
static isc_result_t opensslecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) { isc_result_t ret; EVP_PKEY *pkey; EC_KEY *eckey = NULL; isc_region_t r; int group_nid; unsigned int len; const unsigned char *cp; unsigned char buf[DNS_KEY_ECDSA384SIZE + 1]; REQUIRE(key->key_alg == DST_ALG_ECDSA256 || key->key_alg == DST_ALG_ECDSA384); if (key->key_alg == DST_ALG_ECDSA256) { len = DNS_KEY_ECDSA256SIZE; group_nid = NID_X9_62_prime256v1; } else { len = DNS_KEY_ECDSA384SIZE; group_nid = NID_secp384r1; } isc_buffer_remainingregion(data, &r); if (r.length == 0) return (ISC_R_SUCCESS); if (r.length < len) return (DST_R_INVALIDPUBLICKEY); eckey = EC_KEY_new_by_curve_name(group_nid); if (eckey == NULL) return (dst__openssl_toresult(DST_R_OPENSSLFAILURE)); buf[0] = POINT_CONVERSION_UNCOMPRESSED; memmove(buf + 1, r.base, len); cp = buf; if (o2i_ECPublicKey(&eckey, (const unsigned char **) &cp, (long) len + 1) == NULL) DST_RET (dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); if (EC_KEY_check_key(eckey) != 1) DST_RET (dst__openssl_toresult(DST_R_INVALIDPUBLICKEY)); pkey = EVP_PKEY_new(); if (pkey == NULL) DST_RET (ISC_R_NOMEMORY); if (!EVP_PKEY_set1_EC_KEY(pkey, eckey)) { EVP_PKEY_free(pkey); DST_RET (dst__openssl_toresult(ISC_R_FAILURE)); } isc_buffer_forward(data, len); key->keydata.pkey = pkey; key->key_size = len * 4; ret = ISC_R_SUCCESS; err: if (eckey != NULL) EC_KEY_free(eckey); return (ret); }
int main(int argc, const char **argv) { EC_KEY *pub; char workbuf[BUFSIZE]; const unsigned char *workbuf_p; size_t len, i; if (argv[1] == NULL) { fprintf(stderr, "usage: %s [base64key]\n", argv[0]); return EXIT_FAILURE; } memset(workbuf, '\0', sizeof workbuf); pub = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); EC_KEY_set_conv_form(pub, POINT_CONVERSION_COMPRESSED); len = base64_decode(argv[1], workbuf, BUFSIZE); workbuf_p = (unsigned char *) workbuf; o2i_ECPublicKey(&pub, &workbuf_p, len); if (!EC_KEY_check_key(pub)) { fprintf(stderr, "Key data provided on commandline is inconsistent.\n"); return EXIT_FAILURE; } printf("Public key (reassembled):\n"); EC_KEY_print_fp(stdout, pub, 4); return EXIT_SUCCESS; }
static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const unsigned char *p = NULL; void *pval; int ptype, pklen; EC_KEY *eckey = NULL; X509_ALGOR *palg; if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) return 0; X509_ALGOR_get0(NULL, &ptype, &pval, palg); eckey = eckey_type2param(ptype, pval); if (!eckey) { ECerr(EC_F_ECKEY_PUB_DECODE, ERR_R_EC_LIB); return 0; } /* We have parameters now set public key */ if (!o2i_ECPublicKey(&eckey, &p, pklen)) { ECerr(EC_F_ECKEY_PUB_DECODE, EC_R_DECODE_ERROR); goto ecerr; } EVP_PKEY_assign_EC_KEY(pkey, eckey); return 1; ecerr: if (eckey) EC_KEY_free(eckey); return 0; }
bool CBEcdsaVerify(uint8_t * signature, uint8_t sigLen, uint8_t * hash, uint8_t * pubKey, uint8_t keyLen){ EC_KEY * key = EC_KEY_new_by_curve_name(NID_secp256k1); o2i_ECPublicKey(&key, (const unsigned char **)&pubKey, keyLen); int res = ECDSA_verify(0, hash, 32, signature, sigLen, key); EC_KEY_free(key); return res == 1; }
static void benchmark_verify_openssl(void* arg) { int i; benchmark_verify_t* data = (benchmark_verify_t*)arg; for (i = 0; i < 20000; i++) { data->sig[data->siglen - 1] ^= (i & 0xFF); data->sig[data->siglen - 2] ^= ((i >> 8) & 0xFF); data->sig[data->siglen - 3] ^= ((i >> 16) & 0xFF); { EC_KEY *pkey = EC_KEY_new(); const unsigned char *pubkey = &data->pubkey[0]; int result; CHECK(pkey != NULL); result = EC_KEY_set_group(pkey, data->ec_group); CHECK(result); result = (o2i_ECPublicKey(&pkey, &pubkey, data->pubkeylen)) != NULL; CHECK(result); result = ECDSA_verify(0, &data->msg[0], sizeof(data->msg), &data->sig[0], data->siglen, pkey) == (i == 0); CHECK(result); EC_KEY_free(pkey); } data->sig[data->siglen - 1] ^= (i & 0xFF); data->sig[data->siglen - 2] ^= ((i >> 8) & 0xFF); data->sig[data->siglen - 3] ^= ((i >> 16) & 0xFF); } }
bool bp_pubkey_set(struct bp_key *key, const void *pubkey_, size_t pk_len) { const unsigned char *pubkey = pubkey_; if (!o2i_ECPublicKey(&key->k, &pubkey, pk_len)) return false; if (pk_len == 33) EC_KEY_set_conv_form(key->k, POINT_CONVERSION_COMPRESSED); return true; }
EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) { EVP_PKEY *ret; if ((a == NULL) || (*a == NULL)) { if ((ret = EVP_PKEY_new()) == NULL) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB); return (NULL); } } else ret = *a; if (!EVP_PKEY_set_type(ret, type)) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB); goto err; } switch (EVP_PKEY_id(ret)) { #ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; } break; #endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: /* TMP UGLY CAST */ if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; } break; #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; } break; #endif default: ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); goto err; /* break; */ } if (a != NULL) (*a) = ret; return (ret); err: if (a == NULL || *a != ret) EVP_PKEY_free(ret); return (NULL); }
bool CKey::SetPubKey(const CPubKey& vchPubKey) { const unsigned char* pbegin = &vchPubKey.vchPubKey[0]; if (!o2i_ECPublicKey(&pkey, &pbegin, vchPubKey.vchPubKey.size())) return false; fSet = true; if (vchPubKey.vchPubKey.size() == 33) SetCompressedPubKey(); return true; }
static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) { ASN1_OBJECT *aoid; int atype; void *aval; int rv = 0; EVP_PKEY *pkpeer = NULL; EC_KEY *ecpeer = NULL; const unsigned char *p; int plen; X509_ALGOR_get0(&aoid, &atype, &aval, alg); if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey) goto err; /* If absent parameters get group from main key */ if (atype == V_ASN1_UNDEF || atype == V_ASN1_NULL) { const EC_GROUP *grp; EVP_PKEY *pk; pk = EVP_PKEY_CTX_get0_pkey(pctx); if (!pk) goto err; grp = EC_KEY_get0_group(pk->pkey.ec); ecpeer = EC_KEY_new(); if (!ecpeer) goto err; if (!EC_KEY_set_group(ecpeer, grp)) goto err; } else { ecpeer = eckey_type2param(atype, aval); if (!ecpeer) goto err; } /* We have parameters now set public key */ plen = ASN1_STRING_length(pubkey); p = ASN1_STRING_data(pubkey); if (!p || !plen) goto err; if (!o2i_ECPublicKey(&ecpeer, &p, plen)) goto err; pkpeer = EVP_PKEY_new(); if (!pkpeer) goto err; EVP_PKEY_set1_EC_KEY(pkpeer, ecpeer); if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) rv = 1; err: if (ecpeer) EC_KEY_free(ecpeer); if (pkpeer) EVP_PKEY_free(pkpeer); return rv; }
bool elliptic_curve_key::set_public_key(const data_chunk& pubkey) { if (!initialize()) return false; const unsigned char* pubkey_bytes = pubkey.data(); if (!o2i_ECPublicKey(&key_, &pubkey_bytes, pubkey.size())) return false; if (pubkey.size() == 33) use_compressed(); return true; }
STDMETHODIMP CBECC::put_PublicKey(VARIANT newVal) { CBVarPtr varPtr; HRESULT hr = varPtr.Attach(newVal); if(FAILED(hr))return hr; m_pECC = o2i_ECPublicKey((EC_KEY**)&m_pECC, (const BYTE**)&varPtr.m_pData, varPtr.m_nSize); if(m_pECC == NULL)return E_INVALIDARG; return S_OK; }
static int mech_step_accname(sasl_session_t *p, char *message, size_t len, char **out, size_t *out_len) { ecdsa_session_t *s = p->mechdata; myuser_t *mu; char *end; unsigned char pubkey_raw[BUFSIZE]; const unsigned char *pubkey_raw_p; metadata_t *md; int ret; memset(pubkey_raw, '\0', sizeof pubkey_raw); end = memchr(message, '\0', len); if (end == NULL) p->username = sstrndup(message, len); else { p->username = sstrndup(message, end-message); p->authzid = sstrndup(end+1, len-1-(end-message)); } mu = myuser_find_by_nick(p->username); if (mu == NULL) return ASASL_FAIL; md = metadata_find(mu, "private:pubkey"); if (md == NULL) { md = metadata_find(mu, "pubkey"); if (md == NULL) return ASASL_FAIL; } ret = base64_decode(md->value, (char *)pubkey_raw, BUFSIZE); if (ret == -1) return ASASL_FAIL; pubkey_raw_p = pubkey_raw; o2i_ECPublicKey(&s->pubkey, &pubkey_raw_p, ret); #ifndef DEBUG_STATIC_CHALLENGE_VECTOR RAND_pseudo_bytes(s->challenge, CHALLENGE_LENGTH); #else memset(s->challenge, 'A', CHALLENGE_LENGTH); #endif *out = smalloc(400); memcpy(*out, s->challenge, CHALLENGE_LENGTH); *out_len = CHALLENGE_LENGTH; s->step = ECDSA_ST_RESPONSE; return ASASL_MORE; }
public_key::public_key( const public_key_data& dat ) { const char* front = &dat.data[0]; if( *front == 0 ){} else { my->_key = EC_KEY_new_by_curve_name( NID_secp256k1 ); my->_key = o2i_ECPublicKey( &my->_key, (const unsigned char**)&front, sizeof(public_key_data) ); if( !my->_key ) { FC_THROW_EXCEPTION( exception, "error decoding public key", ("s", ERR_error_string( ERR_get_error(), nullptr) ) ); } } }
bool CCryptKey::SetPubKey(const CPubKey& vchPubKey) { const unsigned char* pbegin = &vchPubKey.vchPubKey[0]; if (o2i_ECPublicKey(&pkey, &pbegin, vchPubKey.vchPubKey.size())) { fSet = true; if (vchPubKey.vchPubKey.size() == 33) SetCompressedPubKey(); return true; } pkey = NULL; Reset(); return false; }
static int mech_step_accname(sasl_session_t *p, char *message, int len, char **out, int *out_len) { ecdsa_session_t *s = p->mechdata; myuser_t *mu; char *username; unsigned char pubkey_raw[BUFSIZE]; const unsigned char *pubkey_raw_p; metadata_t *md; int ret; memset(pubkey_raw, '\0', sizeof pubkey_raw); username = mowgli_alloc(len + 5); memcpy(username, message, len); username[len] = '\0'; p->username = sstrdup(username); mowgli_free(username); mu = myuser_find_by_nick(p->username); if (mu == NULL) return ASASL_FAIL; md = metadata_find(mu, "pubkey"); if (md == NULL) return ASASL_FAIL; ret = base64_decode(md->value, (char *)pubkey_raw, BUFSIZE); if (ret == -1) return ASASL_FAIL; pubkey_raw_p = pubkey_raw; o2i_ECPublicKey(&s->pubkey, &pubkey_raw_p, ret); #ifndef DEBUG_STATIC_CHALLENGE_VECTOR RAND_pseudo_bytes(s->challenge, CHALLENGE_LENGTH); #else memset(s->challenge, 'A', CHALLENGE_LENGTH); #endif *out = malloc(400); memcpy(*out, s->challenge, CHALLENGE_LENGTH); *out_len = CHALLENGE_LENGTH; s->step = ECDSA_ST_RESPONSE; return ASASL_MORE; }
ERL_NIF_TERM ucrypto_ec_set_public_key_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM argv[]) { struct ec_key_handle *handle = NULL; ErlNifBinary public_key; if (! enif_get_resource(env, argv[0], ec_key_resource, (void **)&handle)) return enif_make_badarg(env); if (! enif_inspect_iolist_as_binary(env, argv[1], &public_key)) return enif_make_badarg(env); if (! handle->key) return enif_make_tuple2(env, ATOM_ERROR, ATOM_UNINITIALIZED_KEY); if (! o2i_ECPublicKey(&handle->key, (const unsigned char **)&public_key.data, public_key.size)) return ATOM_ERROR; return ATOM_OK; }
EVP_PKEY* sldns_ecdsa2pkey_raw(unsigned char* key, size_t keylen, uint8_t algo) { unsigned char buf[256+2]; /* sufficient for 2*384/8+1 */ const unsigned char* pp = buf; EVP_PKEY *evp_key; EC_KEY *ec; /* check length, which uncompressed must be 2 bignums */ if(algo == LDNS_ECDSAP256SHA256) { if(keylen != 2*256/8) return NULL; ec = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); } else if(algo == LDNS_ECDSAP384SHA384) { if(keylen != 2*384/8) return NULL; ec = EC_KEY_new_by_curve_name(NID_secp384r1); } else ec = NULL; if(!ec) return NULL; if(keylen+1 > sizeof(buf)) { /* sanity check */ EC_KEY_free(ec); return NULL; } /* prepend the 0x02 (from docs) (or actually 0x04 from implementation * of openssl) for uncompressed data */ buf[0] = POINT_CONVERSION_UNCOMPRESSED; memmove(buf+1, key, keylen); if(!o2i_ECPublicKey(&ec, &pp, (int)keylen+1)) { EC_KEY_free(ec); return NULL; } evp_key = EVP_PKEY_new(); if(!evp_key) { EC_KEY_free(ec); return NULL; } if (!EVP_PKEY_assign_EC_KEY(evp_key, ec)) { EVP_PKEY_free(evp_key); EC_KEY_free(ec); return NULL; } return evp_key; }
el_context_t el_create_context(el_curve_t curve, const uint8_t *publicKeyData, int publicKeyLength) { EC_KEY *key = NULL; int digestLength = 0; switch (curve) { case el_curve_secp112r1: key = EC_KEY_new_by_curve_name(NID_secp112r1); digestLength = 14; break; case el_curve_secp128r1: key = EC_KEY_new_by_curve_name(NID_secp128r1); digestLength = 16; break; case el_curve_secp160r1: key = EC_KEY_new_by_curve_name(NID_secp160r1); digestLength = 20; break; } if (!key) return NULL; key = o2i_ECPublicKey(&key, &publicKeyData, publicKeyLength); if (!key) return NULL; if (!EC_KEY_check_key(key)) { EC_KEY_free(key); return NULL; } el_context_t ctxt = malloc(sizeof(struct el_context)); ctxt->ecKey = key; ctxt->curve = curve; ctxt->digestLength = digestLength; return ctxt; }
static int eckey_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) { const uint8_t *p = NULL; void *pval; int ptype, pklen; EC_KEY *eckey = NULL; X509_ALGOR *palg; if (!X509_PUBKEY_get0_param(NULL, &p, &pklen, &palg, pubkey)) { return 0; } X509_ALGOR_get0(NULL, &ptype, &pval, palg); if (ptype != V_ASN1_OBJECT) { OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } eckey = EC_KEY_new_by_curve_name(OBJ_obj2nid((ASN1_OBJECT *)pval)); if (eckey == NULL) { OPENSSL_PUT_ERROR(EVP, ERR_R_EC_LIB); return 0; } /* We have parameters now set public key */ if (!o2i_ECPublicKey(&eckey, &p, pklen)) { OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); goto err; } EVP_PKEY_assign_EC_KEY(pkey, eckey); return 1; err: if (eckey) { EC_KEY_free(eckey); } return 0; }
int main (int argc, const char * argv[]) { EC_KEY *eckey; unsigned int curve; size_t digest_len; char name[1024], curve_name[200], pubkey[1024], privkey[1024]; if (!read_params(name, 1024, curve_name, 200, pubkey, 1024, privkey, 1024)) return ERR_STDIN_READ; ///*debug*/printf("%s\n%s\n%s\n%s\n", name, curve_name, pubkey, privkey); // Get curve type and digest_len if (strcmp(curve_name, "secp112r1") == 0) { curve = NID_secp112r1; digest_len = 14; } else if (strcmp(curve_name, "secp128r1") == 0) { curve = NID_secp128r1; digest_len = 16; } else if (strcmp(curve_name, "secp160r1") == 0) { curve = NID_secp160r1; digest_len = 20; } else { return ERR_CURVE_UNKNOWN; } eckey = EC_KEY_new_by_curve_name(curve); if (eckey == NULL) return ERR_INIT_KEY; // set public key unsigned char *bin = NULL; size_t len = hex2bin(&bin, pubkey); if (len == 0) return ERR_PUBLIC_KEY_DECODING; const unsigned char *bin_copy = bin; eckey = o2i_ECPublicKey(&eckey, &bin_copy, len); OPENSSL_free(bin); // set private key len = hex2bin(&bin, privkey); if (len == 0) return ERR_PUBLIC_KEY_DECODING; bin_copy = bin; eckey = d2i_ECPrivateKey(&eckey, &bin_copy, len); OPENSSL_free(bin); // check keys if (!EC_KEY_check_key(eckey)) return ERR_WRONG_KEYS; // calculate sha-1 unsigned char digest[digest_len]; el_compute_digest(name, digest, digest_len); // sign ECDSA_SIG *sig = ECDSA_do_sign(digest, digest_len, eckey); if (sig == NULL) return ERR_SIGNING; size_t rlen = BN_num_bytes(sig->r); size_t slen = BN_num_bytes(sig->s); size_t binlen = rlen + slen; bin = OPENSSL_malloc(binlen); bzero(bin, binlen); BN_bn2bin(sig->r, bin); BN_bn2bin(sig->s, bin + rlen); // join two values into bin ECDSA_SIG_free(sig); size_t b32len = el_base32_encode_buffer_size(binlen); char *base32 = OPENSSL_malloc(b32len); bzero(base32, b32len); el_base32_encode(bin, binlen, base32, b32len); printf("%s", base32); OPENSSL_free(bin); OPENSSL_free(base32); return 0; }
static int ecdsa_verify_signature(hx509_context context, const struct signature_alg *sig_alg, const Certificate *signer, const AlgorithmIdentifier *alg, const heim_octet_string *data, const heim_octet_string *sig) { const AlgorithmIdentifier *digest_alg; const SubjectPublicKeyInfo *spi; heim_octet_string digest; int ret; EC_KEY *key = NULL; int groupnid; EC_GROUP *group; const unsigned char *p; long len; digest_alg = sig_alg->digest_alg; ret = _hx509_create_signature(context, NULL, digest_alg, data, NULL, &digest); if (ret) return ret; /* set up EC KEY */ spi = &signer->tbsCertificate.subjectPublicKeyInfo; if (der_heim_oid_cmp(&spi->algorithm.algorithm, ASN1_OID_ID_ECPUBLICKEY) != 0) return HX509_CRYPTO_SIG_INVALID_FORMAT; /* * Find the group id */ ret = parse_ECParameters(context, spi->algorithm.parameters, &groupnid); if (ret) { der_free_octet_string(&digest); return ret; } /* * Create group, key, parse key */ key = EC_KEY_new(); group = EC_GROUP_new_by_curve_name(groupnid); EC_KEY_set_group(key, group); EC_GROUP_free(group); p = spi->subjectPublicKey.data; len = spi->subjectPublicKey.length / 8; if (o2i_ECPublicKey(&key, &p, len) == NULL) { EC_KEY_free(key); return HX509_CRYPTO_SIG_INVALID_FORMAT; } ret = ECDSA_verify(-1, digest.data, digest.length, sig->data, sig->length, key); der_free_octet_string(&digest); EC_KEY_free(key); if (ret != 1) { ret = HX509_CRYPTO_SIG_INVALID_FORMAT; return ret; } return 0; }
bool CECKey::SetPubKey(const unsigned char* pubkey, size_t size) { return o2i_ECPublicKey(&pkey, &pubkey, size) != NULL; }
bool CECKey::SetPubKey(const CPubKey &pubkey) { const unsigned char* pbegin = pubkey.begin(); return o2i_ECPublicKey(&pkey, &pbegin, pubkey.size()); }
/* * Get EC key material and stash pointer in ex_data * Note we get called twice, once for private key, and once for public * We need to get the EC_PARAMS and EC_POINT into both, * as lib11 dates from RSA only where all the pub key components * were also part of the private key. With EC the point * is not in the private key, and the params may or may not be. * */ static EVP_PKEY *pkcs11_get_evp_key_ec(PKCS11_KEY * key) { EVP_PKEY *pk; EC_KEY * ec = NULL; CK_RV ckrv; size_t ec_paramslen = 0; CK_BYTE * ec_params = NULL; size_t ec_pointlen = 0; CK_BYTE * ec_point = NULL; PKCS11_KEY * pubkey; ASN1_OCTET_STRING *os=NULL; pk = EVP_PKEY_new(); if (pk == NULL) return NULL; ec = EC_KEY_new(); if (ec == NULL) { EVP_PKEY_free(pk); return NULL; } EVP_PKEY_set1_EC_KEY(pk, ec); /* Also increments the ec ref count */ /* For Openssl req we need at least the * EC_KEY_get0_group(ec_key)) to return the group. * Even if it fails will continue as a sign only does not need * need this if the pkcs11 or card can figure this out. */ if (key_getattr_var(key, CKA_EC_PARAMS, NULL, &ec_paramslen) == CKR_OK && ec_paramslen > 0) { ec_params = OPENSSL_malloc(ec_paramslen); if (ec_params) { ckrv = key_getattr_var(key, CKA_EC_PARAMS, ec_params, &ec_paramslen); if (ckrv == CKR_OK) { const unsigned char * a = ec_params; /* convert to OpenSSL parmas */ d2i_ECParameters(&ec, &a, (long) ec_paramslen); } } } /* Now get the ec_point */ pubkey = key->isPrivate ? PKCS11_find_key_from_key(key) : key; if (pubkey) { ckrv = key_getattr_var(pubkey, CKA_EC_POINT, NULL, &ec_pointlen); if (ckrv == CKR_OK && ec_pointlen > 0) { ec_point = OPENSSL_malloc(ec_pointlen); if (ec_point) { ckrv = key_getattr_var(pubkey, CKA_EC_POINT, ec_point, &ec_pointlen); if (ckrv == CKR_OK) { /* PKCS#11 returns ASN1 octstring*/ const unsigned char * a; /* we have asn1 octet string, need to strip off 04 len */ a = ec_point; os = d2i_ASN1_OCTET_STRING(NULL, &a, (long) ec_pointlen); if (os) { a = os->data; o2i_ECPublicKey(&ec, &a, os->length); } /* EC_KEY_print_fp(stderr, ec, 5); */ } } } } /* If the key is not extractable, create a key object * that will use the card's functions to sign & decrypt */ if (os) ASN1_STRING_free(os); if (ec_point) OPENSSL_free(ec_point); if (ec_params) OPENSSL_free(ec_params); if (key->isPrivate) { #if OPENSSL_VERSION_NUMBER >= 0x10100000L EC_KEY_set_method(ec, PKCS11_get_ec_key_method()); #else ECDSA_set_method(ec, PKCS11_get_ecdsa_method()); /* TODO: Retrieve the ECDSA private key object attributes instead, * unless the key has the "sensitive" attribute set */ #endif } /* TODO: Extract the ECDSA private key instead, if the key * is marked as extractable (and not private?) */ #if OPENSSL_VERSION_NUMBER >= 0x10100002L EC_KEY_set_ex_data(ec,ec_key_ex_index, key); #else ECDSA_set_ex_data(ec, ecdsa_ex_index, key); #endif EC_KEY_free(ec); /* drops our reference to it */ return pk; }