EC_KEY_METHOD *PKCS11_get_ec_key_method(void)
{
int (*orig_sign)(int type, const unsigned char *dgst,
int dlen, unsigned char *sig,
unsigned int *siglen,
const BIGNUM *kinv, const BIGNUM *r,
EC_KEY *eckey) = NULL;
int (*orig_sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
BIGNUM **kinvp, BIGNUM **rp) = NULL;
ECDSA_SIG *(*orig_sign_sig)(const unsigned char *dgst,
int dgst_len,
const BIGNUM *in_kinv,
const BIGNUM *in_r,
EC_KEY *eckey) = NULL;
alloc_ec_key_ex_index();
if (ops == NULL) {
ops = EC_KEY_METHOD_new((EC_KEY_METHOD *)EC_KEY_OpenSSL());
EC_KEY_METHOD_get_sign(ops, &orig_sign,
&orig_sign_setup, &orig_sign_sig);
EC_KEY_METHOD_set_sign(ops, orig_sign,
pkcs11_ecdsa_sign_setup,
pkcs11_ecdsa_do_sign);
EC_KEY_METHOD_set_compute_key(ops, pkcs11_ec_ckey);
}
return ops;
}
const EC_KEY_METHOD * HSM_PKCS11_get_ecdsa_method ( void ) {
static EC_KEY_METHOD * r_pnt = NULL;
#ifdef ENABLE_ECDSA
if (!r_pnt) {
#if OPENSSL_VERSION_NUMBER < 0x1010000fL
// ECDSA METHOD - it is required since OpenSSL is
// actually missing the duplication of the METHOD
/*
static ECDSA_METHOD ret = {
"PKCS#11 ECDSA method", // const char *name;
HSM_PKCS11_ecdsa_sign, // ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, const BIGNUM *inv,
// const BIGNUM *rp, EC_KEY *eckey);
HSM_PKCS11_ecdsa_sign_setup, // int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r);
NULL, // int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
// EC_KEY *eckey);
0, // int flags;
NULL // char *app_data;
};
*/
if ((r_pnt = ECDSA_METHOD_new(ECDSA_get_default_method())) == NULL)
return NULL;
ECDSA_METHOD_set_name(r_pnt, "LibPKI PKCS#11 ECDSA");
ECDSA_METHOD_set_sign(r_pnt, HSM_PKCS11_ecdsa_sign);
// ECDSA_METHOD_set_sign_setup(r_pnt, HSM_PKCS11_ecdsa_sign_setup);
// ECDSA_METHOD_set_verify(&ret, NULL);
#else
if ((r_pnt = EC_KEY_METHOD_new(EC_KEY_get_default_method())) == NULL)
return NULL;
// Sets the sign method
EC_KEY_METHOD_set_sign(r_pnt,
HSM_PKCS11_ecdsa_sign, //int (*sign)(int type, const unsigned char *dgst,
// int dlen, unsigned char *sig,
// unsigned int *siglen,
// const BIGNUM *kinv, const BIGNUM *r,
// EC_KEY *eckey)
NULL, //int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
// BIGNUM **kinvp, BIGNUM **rp)
NULL //ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
// int dgst_len,
// const BIGNUM *in_kinv,
// const BIGNUM *in_r,
// EC_KEY *eckey)
);
#endif
}
#endif
return r_pnt;
}
EC_KEY_METHOD *PKCS11_get_ec_key_method(void)
{
static EC_KEY_METHOD *ops = NULL;
int (*orig_sign)(int, const unsigned char *, int, unsigned char *,
unsigned int *, const BIGNUM *, const BIGNUM *, EC_KEY *) = NULL;
alloc_ec_ex_index();
if (ops == NULL) {
ops = EC_KEY_METHOD_new((EC_KEY_METHOD *)EC_KEY_OpenSSL());
EC_KEY_METHOD_get_sign(ops, &orig_sign, NULL, NULL);
EC_KEY_METHOD_set_sign(ops, orig_sign, NULL, pkcs11_ecdsa_sign_sig);
EC_KEY_METHOD_get_compute_key(ops, &ossl_ecdh_compute_key);
EC_KEY_METHOD_set_compute_key(ops, pkcs11_ec_ckey);
}
return ops;
}
