EC_KEY_METHOD *PKCS11_get_ec_key_method(void) { int (*orig_sign)(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) = NULL; int (*orig_sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) = NULL; ECDSA_SIG *(*orig_sign_sig)(const unsigned char *dgst, int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) = NULL; alloc_ec_key_ex_index(); if (ops == NULL) { ops = EC_KEY_METHOD_new((EC_KEY_METHOD *)EC_KEY_OpenSSL()); EC_KEY_METHOD_get_sign(ops, &orig_sign, &orig_sign_setup, &orig_sign_sig); EC_KEY_METHOD_set_sign(ops, orig_sign, pkcs11_ecdsa_sign_setup, pkcs11_ecdsa_do_sign); EC_KEY_METHOD_set_compute_key(ops, pkcs11_ec_ckey); } return ops; }
const EC_KEY_METHOD * HSM_PKCS11_get_ecdsa_method ( void ) { static EC_KEY_METHOD * r_pnt = NULL; #ifdef ENABLE_ECDSA if (!r_pnt) { #if OPENSSL_VERSION_NUMBER < 0x1010000fL // ECDSA METHOD - it is required since OpenSSL is // actually missing the duplication of the METHOD /* static ECDSA_METHOD ret = { "PKCS#11 ECDSA method", // const char *name; HSM_PKCS11_ecdsa_sign, // ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, const BIGNUM *inv, // const BIGNUM *rp, EC_KEY *eckey); HSM_PKCS11_ecdsa_sign_setup, // int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r); NULL, // int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, // EC_KEY *eckey); 0, // int flags; NULL // char *app_data; }; */ if ((r_pnt = ECDSA_METHOD_new(ECDSA_get_default_method())) == NULL) return NULL; ECDSA_METHOD_set_name(r_pnt, "LibPKI PKCS#11 ECDSA"); ECDSA_METHOD_set_sign(r_pnt, HSM_PKCS11_ecdsa_sign); // ECDSA_METHOD_set_sign_setup(r_pnt, HSM_PKCS11_ecdsa_sign_setup); // ECDSA_METHOD_set_verify(&ret, NULL); #else if ((r_pnt = EC_KEY_METHOD_new(EC_KEY_get_default_method())) == NULL) return NULL; // Sets the sign method EC_KEY_METHOD_set_sign(r_pnt, HSM_PKCS11_ecdsa_sign, //int (*sign)(int type, const unsigned char *dgst, // int dlen, unsigned char *sig, // unsigned int *siglen, // const BIGNUM *kinv, const BIGNUM *r, // EC_KEY *eckey) NULL, //int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in, // BIGNUM **kinvp, BIGNUM **rp) NULL //ECDSA_SIG *(*sign_sig)(const unsigned char *dgst, // int dgst_len, // const BIGNUM *in_kinv, // const BIGNUM *in_r, // EC_KEY *eckey) ); #endif } #endif return r_pnt; }
EC_KEY_METHOD *PKCS11_get_ec_key_method(void) { static EC_KEY_METHOD *ops = NULL; int (*orig_sign)(int, const unsigned char *, int, unsigned char *, unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL; alloc_ec_ex_index(); if (ops == NULL) { ops = EC_KEY_METHOD_new((EC_KEY_METHOD *)EC_KEY_OpenSSL()); EC_KEY_METHOD_get_sign(ops, &orig_sign, NULL, NULL); EC_KEY_METHOD_set_sign(ops, orig_sign, NULL, pkcs11_ecdsa_sign_sig); EC_KEY_METHOD_get_compute_key(ops, &ossl_ecdh_compute_key); EC_KEY_METHOD_set_compute_key(ops, pkcs11_ec_ckey); } return ops; }