EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) { EVP_PKEY *ret; if ((a == NULL) || (*a == NULL)) { if ((ret=EVP_PKEY_new()) == NULL) { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); return(NULL); } } else ret= *a; ret->save_type=type; ret->type=EVP_PKEY_type(type); switch (ret->type) { #ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL, (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; } break; #endif #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL, (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ { ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); goto err; } break; #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: if ((ret->pkey.ec = d2i_ECPrivateKey(NULL, (const unsigned char **)pp, length)) == NULL) { ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); goto err; } break; #endif default: ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); goto err; /* break; */ } if (a != NULL) (*a)=ret; return(ret); err: if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret); return(NULL); }
static int eckey_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p = NULL; const void *pval; int ptype, pklen; EC_KEY *eckey = NULL; const X509_ALGOR *palg; if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) return 0; X509_ALGOR_get0(NULL, &ptype, &pval, palg); eckey = eckey_type2param(ptype, pval); if (!eckey) goto ecliberr; /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR); goto ecerr; } EVP_PKEY_assign_EC_KEY(pkey, eckey); return 1; ecliberr: ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); ecerr: EC_KEY_free(eckey); return 0; }
int test_d2i_ECPrivateKey(void) { int len, ret = 0; uint8_t *out = NULL, *outp; const uint8_t *inp; EC_KEY *key = NULL; BIGNUM *x = NULL, *y = NULL; const EC_POINT *public; char *x_hex = NULL, *y_hex = NULL; inp = kECKeyWithoutPublic; key = d2i_ECPrivateKey(NULL, &inp, sizeof(kECKeyWithoutPublic)); if (key == NULL || inp != kECKeyWithoutPublic + sizeof(kECKeyWithoutPublic)) { fprintf(stderr, "Failed to parse private key.\n"); BIO_print_errors_fp(stderr); goto out; } len = i2d_ECPrivateKey(key, NULL); out = malloc(len); outp = out; if (len != i2d_ECPrivateKey(key, &outp)) { fprintf(stderr, "Failed to serialize private key.\n"); BIO_print_errors_fp(stderr); goto out; } if (0 != memcmp(out, kECKeyWithoutPublic, len)) { fprintf(stderr, "Serialisation of key doesn't match original.\n"); goto out; } public = EC_KEY_get0_public_key(key);
bool CKey::SetPrivKey(const CPrivKey& vchPrivKey) { const unsigned char* pbegin = &vchPrivKey[0]; if (!d2i_ECPrivateKey(&pkey, &pbegin, vchPrivKey.size())) return false; fSet = true; return true; }
static int ecdsa_private_key_import(hx509_context context, const AlgorithmIdentifier *keyai, const void *data, size_t len, hx509_key_format_t format, hx509_private_key private_key) { const unsigned char *p = data; EC_KEY **pkey = NULL; EC_KEY *key; if (keyai->parameters) { EC_GROUP *group; int groupnid; int ret; ret = parse_ECParameters(context, keyai->parameters, &groupnid); if (ret) return ret; key = EC_KEY_new(); if (key == NULL) return ENOMEM; group = EC_GROUP_new_by_curve_name(groupnid); if (group == NULL) { EC_KEY_free(key); return ENOMEM; } EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); if (EC_KEY_set_group(key, group) == 0) { EC_KEY_free(key); EC_GROUP_free(group); return ENOMEM; } EC_GROUP_free(group); pkey = &key; } switch (format) { case HX509_KEY_FORMAT_DER: private_key->private_key.ecdsa = d2i_ECPrivateKey(pkey, &p, len); if (private_key->private_key.ecdsa == NULL) { hx509_set_error_string(context, 0, HX509_PARSING_KEY_FAILED, "Failed to parse EC private key"); return HX509_PARSING_KEY_FAILED; } private_key->signature_alg = ASN1_OID_ID_ECDSA_WITH_SHA256; break; default: return HX509_CRYPTO_KEY_FORMAT_UNSUPPORTED; } return 0; }
static int old_ec_priv_decode(EVP_PKEY *pkey, const uint8_t **pder, int derlen) { EC_KEY *ec; if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) { OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR); return 0; } EVP_PKEY_assign_EC_KEY(pkey, ec); return 1; }
EC_KEY *get_openssl_key(const secp256k1_scalar_t *key) { unsigned char privkey[300]; int privkeylen; int compr = secp256k1_rand32() & 1; const unsigned char* pbegin = privkey; EC_KEY *ec_key = EC_KEY_new_by_curve_name(NID_secp256k1); CHECK(secp256k1_eckey_privkey_serialize(privkey, &privkeylen, key, compr)); CHECK(d2i_ECPrivateKey(&ec_key, &pbegin, privkeylen)); CHECK(EC_KEY_check_key(ec_key)); return ec_key; }
static int old_ec_priv_decode(EVP_PKEY *pkey, const unsigned char **pder, int derlen) { EC_KEY *ec; if (!(ec = d2i_ECPrivateKey(NULL, pder, derlen))) { ECerr(EC_F_OLD_EC_PRIV_DECODE, EC_R_DECODE_ERROR); return 0; } EVP_PKEY_assign_EC_KEY(pkey, ec); return 1; }
bool CECKey::SetPrivKey(const unsigned char* privkey, size_t size, bool fSkipCheck) { if (d2i_ECPrivateKey(&pkey, &privkey, size)) { if(fSkipCheck) return true; // d2i_ECPrivateKey returns true if parsing succeeds. // This doesn't necessarily mean the key is valid. if (EC_KEY_check_key(pkey)) return true; } return false; }
bool bp_privkey_set(struct bp_key *key, const void *privkey_, size_t pk_len) { const unsigned char *privkey = privkey_; if (!d2i_ECPrivateKey(&key->k, &privkey, pk_len)) return false; if (!EC_KEY_check_key(key->k)) return false; EC_KEY_set_conv_form(key->k, POINT_CONVERSION_COMPRESSED); return true; }
STDMETHODIMP CBECC::put_PrivateKey(VARIANT newVal) { CBVarPtr varPtr; HRESULT hr = varPtr.Attach(newVal); if(FAILED(hr))return hr; free(); m_pECC = d2i_ECPrivateKey((EC_KEY**)&m_pECC, (const BYTE**)&varPtr.m_pData, varPtr.m_nSize); if(m_pECC == NULL)return E_INVALIDARG; return S_OK; }
ERL_NIF_TERM ucrypto_ec_set_private_key_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM argv[]) { struct ec_key_handle *handle = NULL; ErlNifBinary private_key; if (! enif_get_resource(env, argv[0], ec_key_resource, (void **)&handle)) return enif_make_badarg(env); if (! enif_inspect_iolist_as_binary(env, argv[1], &private_key)) return enif_make_badarg(env); if (! handle->key) return enif_make_tuple2(env, ATOM_ERROR, ATOM_UNINITIALIZED_KEY); if (! d2i_ECPrivateKey(&handle->key, (const unsigned char **)&private_key.data, private_key.size)) return ATOM_ERROR; return ATOM_OK; }
bool CKey::SetPrivKey(const CPrivKey& vchPrivKey) { const unsigned char* pbegin = &vchPrivKey[0]; if (d2i_ECPrivateKey(&pkey, &pbegin, vchPrivKey.size())) { // In testing, d2i_ECPrivateKey can return true // but fill in pkey with a key that fails // EC_KEY_check_key, so: if (EC_KEY_check_key(pkey)) { fSet = true; return true; } } // If vchPrivKey data is bad d2i_ECPrivateKey() can // leave pkey in a state where calling EC_KEY_free() // crashes. To avoid that, set pkey to NULL and // leak the memory (a leak is better than a crash) pkey = NULL; Reset(); return false; }
EC_KEY *helper_gateway_key(const tal_t *ctx) { const unsigned char *p = gateway_key; EC_KEY *priv = EC_KEY_new_by_curve_name(NID_secp256k1); EC_KEY **ptr; if (!d2i_ECPrivateKey(&priv, &p, sizeof(gateway_key))) abort(); if (!EC_KEY_check_key(priv)) abort(); /* We *always* used compressed form keys. */ EC_KEY_set_conv_form(priv, POINT_CONVERSION_COMPRESSED); /* To get tal to clean it up... */ ptr = tal(ctx, EC_KEY *); *ptr = priv; tal_add_destructor(ptr, free_gateway_key); return priv; }
int main (int argc, const char * argv[]) { EC_KEY *eckey; unsigned int curve; size_t digest_len; char name[1024], curve_name[200], pubkey[1024], privkey[1024]; if (!read_params(name, 1024, curve_name, 200, pubkey, 1024, privkey, 1024)) return ERR_STDIN_READ; ///*debug*/printf("%s\n%s\n%s\n%s\n", name, curve_name, pubkey, privkey); // Get curve type and digest_len if (strcmp(curve_name, "secp112r1") == 0) { curve = NID_secp112r1; digest_len = 14; } else if (strcmp(curve_name, "secp128r1") == 0) { curve = NID_secp128r1; digest_len = 16; } else if (strcmp(curve_name, "secp160r1") == 0) { curve = NID_secp160r1; digest_len = 20; } else { return ERR_CURVE_UNKNOWN; } eckey = EC_KEY_new_by_curve_name(curve); if (eckey == NULL) return ERR_INIT_KEY; // set public key unsigned char *bin = NULL; size_t len = hex2bin(&bin, pubkey); if (len == 0) return ERR_PUBLIC_KEY_DECODING; const unsigned char *bin_copy = bin; eckey = o2i_ECPublicKey(&eckey, &bin_copy, len); OPENSSL_free(bin); // set private key len = hex2bin(&bin, privkey); if (len == 0) return ERR_PUBLIC_KEY_DECODING; bin_copy = bin; eckey = d2i_ECPrivateKey(&eckey, &bin_copy, len); OPENSSL_free(bin); // check keys if (!EC_KEY_check_key(eckey)) return ERR_WRONG_KEYS; // calculate sha-1 unsigned char digest[digest_len]; el_compute_digest(name, digest, digest_len); // sign ECDSA_SIG *sig = ECDSA_do_sign(digest, digest_len, eckey); if (sig == NULL) return ERR_SIGNING; size_t rlen = BN_num_bytes(sig->r); size_t slen = BN_num_bytes(sig->s); size_t binlen = rlen + slen; bin = OPENSSL_malloc(binlen); bzero(bin, binlen); BN_bn2bin(sig->r, bin); BN_bn2bin(sig->s, bin + rlen); // join two values into bin ECDSA_SIG_free(sig); size_t b32len = el_base32_encode_buffer_size(binlen); char *base32 = OPENSSL_malloc(b32len); bzero(base32, b32len); el_base32_encode(bin, binlen, base32, b32len); printf("%s", base32); OPENSSL_free(bin); OPENSSL_free(base32); return 0; }
EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { EVP_PKEY *pkey = NULL; #ifndef OPENSSL_NO_RSA RSA *rsa = NULL; #endif #ifndef OPENSSL_NO_DSA DSA *dsa = NULL; ASN1_TYPE *t1, *t2; ASN1_INTEGER *privkey; STACK_OF(ASN1_TYPE) *ndsa = NULL; #endif #ifndef OPENSSL_NO_EC EC_KEY *eckey = NULL; const unsigned char *p_tmp; #endif #if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) ASN1_TYPE *param = NULL; BN_CTX *ctx = NULL; int plen; #endif X509_ALGOR *a; const unsigned char *p; const unsigned char *cp; int pkeylen; int nid; char obj_tmp[80]; if(p8->pkey->type == V_ASN1_OCTET_STRING) { p8->broken = PKCS8_OK; p = p8->pkey->value.octet_string->data; pkeylen = p8->pkey->value.octet_string->length; } else { p8->broken = PKCS8_NO_OCTET; p = p8->pkey->value.sequence->data; pkeylen = p8->pkey->value.sequence->length; } if (!(pkey = EVP_PKEY_new())) { EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); return NULL; } a = p8->pkeyalg; nid = OBJ_obj2nid(a->algorithm); switch(nid) { #ifndef OPENSSL_NO_RSA case NID_rsaEncryption: cp = p; if (!(rsa = d2i_RSAPrivateKey (NULL,&cp, pkeylen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); return NULL; } EVP_PKEY_assign_RSA (pkey, rsa); break; #endif #ifndef OPENSSL_NO_DSA case NID_dsa: /* PKCS#8 DSA is weird: you just get a private key integer * and parameters in the AlgorithmIdentifier the pubkey must * be recalculated. */ /* Check for broken DSA PKCS#8, UGH! */ if(*p == (V_ASN1_SEQUENCE|V_ASN1_CONSTRUCTED)) { if(!(ndsa = ASN1_seq_unpack_ASN1_TYPE(p, pkeylen, d2i_ASN1_TYPE, ASN1_TYPE_free))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } if(sk_ASN1_TYPE_num(ndsa) != 2 ) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } /* Handle Two broken types: * SEQUENCE {parameters, priv_key} * SEQUENCE {pub_key, priv_key} */ t1 = sk_ASN1_TYPE_value(ndsa, 0); t2 = sk_ASN1_TYPE_value(ndsa, 1); if(t1->type == V_ASN1_SEQUENCE) { p8->broken = PKCS8_EMBEDDED_PARAM; param = t1; } else if(a->parameter->type == V_ASN1_SEQUENCE) { p8->broken = PKCS8_NS_DB; param = a->parameter; } else { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } if(t2->type != V_ASN1_INTEGER) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } privkey = t2->value.integer; } else { if (!(privkey=d2i_ASN1_INTEGER (NULL, &p, pkeylen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } param = p8->pkeyalg->parameter; } if (!param || (param->type != V_ASN1_SEQUENCE)) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } cp = p = param->value.sequence->data; plen = param->value.sequence->length; if (!(dsa = d2i_DSAparams (NULL, &cp, plen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto dsaerr; } /* We have parameters now set private key */ if (!(dsa->priv_key = ASN1_INTEGER_to_BN(privkey, NULL))) { EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_DECODE_ERROR); goto dsaerr; } /* Calculate public key (ouch!) */ if (!(dsa->pub_key = BN_new())) { EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); goto dsaerr; } if (!(ctx = BN_CTX_new())) { EVPerr(EVP_F_EVP_PKCS82PKEY,ERR_R_MALLOC_FAILURE); goto dsaerr; } if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { EVPerr(EVP_F_EVP_PKCS82PKEY,EVP_R_BN_PUBKEY_ERROR); goto dsaerr; } EVP_PKEY_assign_DSA(pkey, dsa); BN_CTX_free (ctx); if(ndsa) sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); else ASN1_INTEGER_free(privkey); break; dsaerr: BN_CTX_free (ctx); sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); DSA_free(dsa); EVP_PKEY_free(pkey); return NULL; break; #endif #ifndef OPENSSL_NO_EC case NID_X9_62_id_ecPublicKey: p_tmp = p; /* extract the ec parameters */ param = p8->pkeyalg->parameter; if (!param || ((param->type != V_ASN1_SEQUENCE) && (param->type != V_ASN1_OBJECT))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto ecerr; } if (param->type == V_ASN1_SEQUENCE) { cp = p = param->value.sequence->data; plen = param->value.sequence->length; if (!(eckey = d2i_ECParameters(NULL, &cp, plen))) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto ecerr; } } else { EC_GROUP *group; cp = p = param->value.object->data; plen = param->value.object->length; /* type == V_ASN1_OBJECT => the parameters are given * by an asn1 OID */ if ((eckey = EC_KEY_new()) == NULL) { EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); goto ecerr; } group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); if (group == NULL) goto ecerr; EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); if (EC_KEY_set_group(eckey, group) == 0) goto ecerr; EC_GROUP_free(group); } /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen)) { EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR); goto ecerr; } /* calculate public key (if necessary) */ if (EC_KEY_get0_public_key(eckey) == NULL) { const BIGNUM *priv_key; const EC_GROUP *group; EC_POINT *pub_key; /* the public key was not included in the SEC1 private * key => calculate the public key */ group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (pub_key == NULL) { EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { EC_POINT_free(pub_key); EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } priv_key = EC_KEY_get0_private_key(eckey); if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { EC_POINT_free(pub_key); EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } if (EC_KEY_set_public_key(eckey, pub_key) == 0) { EC_POINT_free(pub_key); EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } EC_POINT_free(pub_key); } EVP_PKEY_assign_EC_KEY(pkey, eckey); if (ctx) BN_CTX_free(ctx); break; ecerr: if (ctx) BN_CTX_free(ctx); if (eckey) EC_KEY_free(eckey); if (pkey) EVP_PKEY_free(pkey); return NULL; #endif default: EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp); else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm); ERR_add_error_data(2, "TYPE=", obj_tmp); EVP_PKEY_free (pkey); return NULL; } return pkey; }
static int eckey_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { const unsigned char *p = NULL; void *pval; int ptype, pklen; EC_KEY *eckey = NULL; X509_ALGOR *palg; if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) return 0; X509_ALGOR_get0(NULL, &ptype, &pval, palg); eckey = eckey_type2param(ptype, pval); if (!eckey) goto ecliberr; /* We have parameters now set private key */ if (!d2i_ECPrivateKey(&eckey, &p, pklen)) { ECerr(EC_F_ECKEY_PRIV_DECODE, EC_R_DECODE_ERROR); goto ecerr; } /* calculate public key (if necessary) */ if (EC_KEY_get0_public_key(eckey) == NULL) { const BIGNUM *priv_key; const EC_GROUP *group; EC_POINT *pub_key; /* the public key was not included in the SEC1 private * key => calculate the public key */ group = EC_KEY_get0_group(eckey); pub_key = EC_POINT_new(group); if (pub_key == NULL) { ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); goto ecliberr; } if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { EC_POINT_free(pub_key); ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); goto ecliberr; } priv_key = EC_KEY_get0_private_key(eckey); if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL)) { EC_POINT_free(pub_key); ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); goto ecliberr; } if (EC_KEY_set_public_key(eckey, pub_key) == 0) { EC_POINT_free(pub_key); ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); goto ecliberr; } EC_POINT_free(pub_key); } EVP_PKEY_assign_EC_KEY(pkey, eckey); return 1; ecliberr: ECerr(EC_F_ECKEY_PRIV_DECODE, ERR_R_EC_LIB); ecerr: if (eckey) EC_KEY_free(eckey); return 0; }