kris
/
boringssl
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2257 Commits
12 Branches
38 MiB
 
 
 
 
 
 
Tree: 926f2194df
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '926f2194df'
${ noResults }
boringssl/crypto/ec/ec_asn1.c

587 lines
16 KiB
Raw Blame History 

  1. /* Written by Nils Larsch for the OpenSSL project. */

  2. /* ====================================================================

  3.  * Copyright (c) 2000-2003 The OpenSSL Project.  All rights reserved.

  4.  *

  5.  * Redistribution and use in source and binary forms, with or without

  6.  * modification, are permitted provided that the following conditions

  7.  * are met:

  8.  *

  9.  * 1. Redistributions of source code must retain the above copyright

  10.  *    notice, this list of conditions and the following disclaimer. 

  11.  *

  12.  * 2. Redistributions in binary form must reproduce the above copyright

  13.  *    notice, this list of conditions and the following disclaimer in

  14.  *    the documentation and/or other materials provided with the

  15.  *    distribution.

  16.  *

  17.  * 3. All advertising materials mentioning features or use of this

  18.  *    software must display the following acknowledgment:

  19.  *    "This product includes software developed by the OpenSSL Project

  20.  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"

  21.  *

  22.  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

  23.  *    endorse or promote products derived from this software without

  24.  *    prior written permission. For written permission, please contact

  25.  *    licensing@OpenSSL.org.

  26.  *

  27.  * 5. Products derived from this software may not be called "OpenSSL"

  28.  *    nor may "OpenSSL" appear in their names without prior written

  29.  *    permission of the OpenSSL Project.

  30.  *

  31.  * 6. Redistributions of any form whatsoever must retain the following

  32.  *    acknowledgment:

  33.  *    "This product includes software developed by the OpenSSL Project

  34.  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"

  35.  *

  36.  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

  37.  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  38.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

  39.  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

  40.  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

  41.  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

  42.  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

  43.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  44.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

  45.  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

  46.  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

  47.  * OF THE POSSIBILITY OF SUCH DAMAGE.

  48.  * ====================================================================

  49.  *

  50.  * This product includes cryptographic software written by Eric Young

  51.  * (eay@cryptsoft.com).  This product includes software written by Tim

  52.  * Hudson (tjh@cryptsoft.com). */

  53. 

  54. #include <openssl/ec.h>

  55. 

  56. #include <string.h>

  57. 

  58. #include <openssl/asn1.h>

  59. #include <openssl/asn1t.h>

  60. #include <openssl/bn.h>

  61. #include <openssl/err.h>

  62. #include <openssl/mem.h>

  63. #include <openssl/obj.h>

  64. 

  65. #include "internal.h"

  66. 

  67. 

  68. typedef struct x9_62_fieldid_st {

  69.   ASN1_OBJECT *fieldType;

  70.   union {

  71.     char *ptr;

  72.     /* NID_X9_62_prime_field */

  73.     ASN1_INTEGER *prime;

  74.     /* anything else */

  75.     ASN1_TYPE *other;

  76.   } p;

  77. } X9_62_FIELDID;

  78. 

  79. ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);

  80. 

  81. ASN1_ADB(X9_62_FIELDID) = {

  82.   ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),

  83. } ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);

  84. 

  85. ASN1_SEQUENCE(X9_62_FIELDID) = {

  86.   ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),

  87.   ASN1_ADB_OBJECT(X9_62_FIELDID)

  88. } ASN1_SEQUENCE_END(X9_62_FIELDID);

  89. 

  90. typedef struct x9_62_curve_st {

  91.   ASN1_OCTET_STRING *a;

  92.   ASN1_OCTET_STRING *b;

  93.   ASN1_BIT_STRING *seed;

  94. } X9_62_CURVE;

  95. 

  96. ASN1_SEQUENCE(X9_62_CURVE) = {

  97.   ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),

  98.   ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),

  99.   ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)

  100. } ASN1_SEQUENCE_END(X9_62_CURVE);

  101. 

  102. typedef struct ec_parameters_st {

  103.   long version;

  104.   X9_62_FIELDID *fieldID;

  105.   X9_62_CURVE *curve;

  106.   ASN1_OCTET_STRING *base;

  107.   ASN1_INTEGER *order;

  108.   ASN1_INTEGER *cofactor;

  109. } ECPARAMETERS;

  110. 

  111. DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS);

  112. 

  113. ASN1_SEQUENCE(ECPARAMETERS) = {

  114.     ASN1_SIMPLE(ECPARAMETERS, version, LONG),

  115.     ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),

  116.     ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),

  117.     ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),

  118.     ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),

  119.     ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)

  120. } ASN1_SEQUENCE_END(ECPARAMETERS);

  121. 

  122. IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS);

  123. 

  124. typedef struct ecpk_parameters_st {

  125.   int type;

  126.   union {

  127.     ASN1_OBJECT *named_curve;

  128.     ECPARAMETERS *parameters;

  129.   } value;

  130. } ECPKPARAMETERS;

  131. 

  132. /* SEC1 ECPrivateKey */

  133. typedef struct ec_privatekey_st {

  134.   long version;

  135.   ASN1_OCTET_STRING *privateKey;

  136.   ECPKPARAMETERS *parameters;

  137.   ASN1_BIT_STRING *publicKey;

  138. } EC_PRIVATEKEY;

  139. 

  140. DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS);

  141. DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS);

  142. 

  143. ASN1_CHOICE(ECPKPARAMETERS) = {

  144.     ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),

  145.     ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),

  146. } ASN1_CHOICE_END(ECPKPARAMETERS);

  147. 

  148. IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS);

  149. 

  150. DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY);

  151. DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY);

  152. 

  153. ASN1_SEQUENCE(EC_PRIVATEKEY) = {

  154.     ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),

  155.     ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),

  156.     ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),

  157.     ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1),

  158. } ASN1_SEQUENCE_END(EC_PRIVATEKEY);

  159. 

  160. IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY);

  161. 

  162. 

  163. ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,

  164.                                            ECPKPARAMETERS *params) {

  165.   int ok = 0, nid;

  166.   ECPKPARAMETERS *ret = params;

  167. 

  168.   if (ret == NULL) {

  169.     ret = ECPKPARAMETERS_new();

  170.     if (ret == NULL) {

  171.       OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  172.       return NULL;

  173.     }

  174.   } else {

  175.     ASN1_OBJECT_free(ret->value.named_curve);

  176.   }

  177. 

  178.   /* use the ASN.1 OID to describe the the elliptic curve parameters. */

  179.   nid = EC_GROUP_get_curve_name(group);

  180.   if (nid) {

  181.     ret->type = 0;

  182.     ret->value.named_curve = (ASN1_OBJECT*) OBJ_nid2obj(nid);

  183.     ok = ret->value.named_curve != NULL;

  184.   }

  185. 

  186.   if (!ok) {

  187.     ECPKPARAMETERS_free(ret);

  188.     return NULL;

  189.   }

  190. 

  191.   return ret;

  192. }

  193. 

  194. EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) {

  195.   EC_GROUP *ret = NULL;

  196.   int nid = NID_undef;

  197. 

  198.   if (params == NULL) {

  199.     OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);

  200.     return NULL;

  201.   }

  202. 

  203.   if (params->type == 0) {

  204.     nid = OBJ_obj2nid(params->value.named_curve);

  205.   } else if (params->type == 1) {

  206.     /* We don't support arbitary curves so we attempt to recognise it from the

  207.      * group order. */

  208.     const ECPARAMETERS *ecparams = params->value.parameters;

  209.     unsigned i;

  210.     const struct built_in_curve *curve;

  211. 

  212.     for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) {

  213.       curve = &OPENSSL_built_in_curves[i];

  214.       const unsigned param_len = curve->data->param_len;

  215.       if ((unsigned) ecparams->order->length == param_len &&

  216.           memcmp(ecparams->order->data, &curve->data->data[param_len * 5],

  217.                  param_len) == 0) {

  218.         nid = curve->nid;

  219.         break;

  220.       }

  221.     }

  222.   }

  223. 

  224.   if (nid == NID_undef) {

  225.     OPENSSL_PUT_ERROR(EC, EC_R_NON_NAMED_CURVE);

  226.     return NULL;

  227.   }

  228. 

  229.   ret = EC_GROUP_new_by_curve_name(nid);

  230.   if (ret == NULL) {

  231.     OPENSSL_PUT_ERROR(EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);

  232.     return NULL;

  233.   }

  234. 

  235.   return ret;

  236. }

  237. 

  238. static EC_GROUP *d2i_ECPKParameters(EC_GROUP **groupp, const uint8_t **inp,

  239.                                     long len) {

  240.   EC_GROUP *group = NULL;

  241.   ECPKPARAMETERS *params = NULL;

  242.   const uint8_t *in = *inp;

  243. 

  244.   params = d2i_ECPKPARAMETERS(NULL, &in, len);

  245.   if (params == NULL) {

  246.     OPENSSL_PUT_ERROR(EC, EC_R_D2I_ECPKPARAMETERS_FAILURE);

  247.     ECPKPARAMETERS_free(params);

  248.     return NULL;

  249.   }

  250. 

  251.   group = ec_asn1_pkparameters2group(params);

  252.   if (group == NULL) {

  253.     OPENSSL_PUT_ERROR(EC, EC_R_PKPARAMETERS2GROUP_FAILURE);

  254.     ECPKPARAMETERS_free(params);

  255.     return NULL;

  256.   }

  257. 

  258.   if (groupp) {

  259.     EC_GROUP_free(*groupp);

  260.     *groupp = group;

  261.   }

  262. 

  263.   ECPKPARAMETERS_free(params);

  264.   *inp = in;

  265.   return group;

  266. }

  267. 

  268. static int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) {

  269.   int ret = 0;

  270.   ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(group, NULL);

  271.   if (tmp == NULL) {

  272.     OPENSSL_PUT_ERROR(EC, EC_R_GROUP2PKPARAMETERS_FAILURE);

  273.     return 0;

  274.   }

  275.   ret = i2d_ECPKPARAMETERS(tmp, outp);

  276.   if (ret == 0) {

  277.     OPENSSL_PUT_ERROR(EC, EC_R_I2D_ECPKPARAMETERS_FAILURE);

  278.     ECPKPARAMETERS_free(tmp);

  279.     return 0;

  280.   }

  281.   ECPKPARAMETERS_free(tmp);

  282.   return ret;

  283. }

  284. 

  285. EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **inp, long len) {

  286.   int ok = 0;

  287.   EC_KEY *ret = NULL;

  288.   EC_PRIVATEKEY *priv_key = NULL;

  289. 

  290.   const uint8_t *in = *inp;

  291.   priv_key = d2i_EC_PRIVATEKEY(NULL, &in, len);

  292.   if (priv_key == NULL) {

  293.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  294.     return NULL;

  295.   }

  296. 

  297.   if (a == NULL || *a == NULL) {

  298.     ret = EC_KEY_new();

  299.     if (ret == NULL) {

  300.       OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  301.       goto err;

  302.     }

  303.   } else {

  304.     ret = *a;

  305.   }

  306. 

  307.   if (priv_key->parameters) {

  308.     EC_GROUP_free(ret->group);

  309.     ret->group = ec_asn1_pkparameters2group(priv_key->parameters);

  310.   }

  311. 

  312.   if (ret->group == NULL) {

  313.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  314.     goto err;

  315.   }

  316. 

  317.   ret->version = priv_key->version;

  318. 

  319.   if (priv_key->privateKey) {

  320.     ret->priv_key =

  321.         BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey),

  322.                   M_ASN1_STRING_length(priv_key->privateKey), ret->priv_key);

  323.     if (ret->priv_key == NULL) {

  324.       OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);

  325.       goto err;

  326.     }

  327.   } else {

  328.     OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PRIVATE_KEY);

  329.     goto err;

  330.   }

  331. 

  332.   if (BN_cmp(ret->priv_key, EC_GROUP_get0_order(ret->group)) >= 0) {

  333.     OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER);

  334.     goto err;

  335.   }

  336. 

  337.   EC_POINT_free(ret->pub_key);

  338.   ret->pub_key = EC_POINT_new(ret->group);

  339.   if (ret->pub_key == NULL) {

  340.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  341.     goto err;

  342.   }

  343. 

  344.   if (priv_key->publicKey) {

  345.     const uint8_t *pub_oct;

  346.     int pub_oct_len;

  347. 

  348.     pub_oct = M_ASN1_STRING_data(priv_key->publicKey);

  349.     pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);

  350.     /* The first byte (the point conversion form) must be present. */

  351.     if (pub_oct_len <= 0) {

  352.       OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL);

  353.       goto err;

  354.     }

  355.     /* Save the point conversion form. */

  356.     ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01);

  357.     if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len,

  358.                             NULL)) {

  359.       OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  360.       goto err;

  361.     }

  362.   } else {

  363.     if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL,

  364.                       NULL)) {

  365.       OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  366.       goto err;

  367.     }

  368.     /* Remember the original private-key-only encoding. */

  369.     ret->enc_flag |= EC_PKEY_NO_PUBKEY;

  370.   }

  371. 

  372.   if (a) {

  373.     *a = ret;

  374.   }

  375.   *inp = in;

  376.   ok = 1;

  377. 

  378. err:

  379.   if (!ok) {

  380.     if (a == NULL || *a != ret) {

  381.       EC_KEY_free(ret);

  382.     }

  383.     ret = NULL;

  384.   }

  385. 

  386.   EC_PRIVATEKEY_free(priv_key);

  387. 

  388.   return ret;

  389. }

  390. 

  391. int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) {

  392.   int ret = 0, ok = 0;

  393.   uint8_t *buffer = NULL;

  394.   size_t buf_len = 0, tmp_len;

  395.   EC_PRIVATEKEY *priv_key = NULL;

  396. 

  397.   if (key == NULL || key->group == NULL || key->priv_key == NULL) {

  398.     OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);

  399.     goto err;

  400.   }

  401. 

  402.   priv_key = EC_PRIVATEKEY_new();

  403.   if (priv_key == NULL) {

  404.     OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  405.     goto err;

  406.   }

  407. 

  408.   priv_key->version = key->version;

  409. 

  410.   buf_len = BN_num_bytes(&key->group->order);

  411.   buffer = OPENSSL_malloc(buf_len);

  412.   if (buffer == NULL) {

  413.     OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  414.     goto err;

  415.   }

  416. 

  417.   if (!BN_bn2bin_padded(buffer, buf_len, key->priv_key)) {

  418.     OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);

  419.     goto err;

  420.   }

  421. 

  422.   if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {

  423.     OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB);

  424.     goto err;

  425.   }

  426. 

  427.   /* TODO(fork): replace this flexibility with key sensible default? */

  428.   if (!(key->enc_flag & EC_PKEY_NO_PARAMETERS)) {

  429.     if ((priv_key->parameters = ec_asn1_group2pkparameters(

  430.              key->group, priv_key->parameters)) == NULL) {

  431.       OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  432.       goto err;

  433.     }

  434.   }

  435. 

  436.   /* TODO(fork): replace this flexibility with key sensible default? */

  437.   if (!(key->enc_flag & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) {

  438.     priv_key->publicKey = M_ASN1_BIT_STRING_new();

  439.     if (priv_key->publicKey == NULL) {

  440.       OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  441.       goto err;

  442.     }

  443. 

  444.     tmp_len = EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, NULL,

  445.                                  0, NULL);

  446. 

  447.     if (tmp_len > buf_len) {

  448.       uint8_t *tmp_buffer = OPENSSL_realloc(buffer, tmp_len);

  449.       if (!tmp_buffer) {

  450.         OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  451.         goto err;

  452.       }

  453.       buffer = tmp_buffer;

  454.       buf_len = tmp_len;

  455.     }

  456. 

  457.     if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, buffer,

  458.                             buf_len, NULL)) {

  459.       OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  460.       goto err;

  461.     }

  462. 

  463.     priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);

  464.     priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;

  465.     if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {

  466.       OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB);

  467.       goto err;

  468.     }

  469.   }

  470. 

  471.   ret = i2d_EC_PRIVATEKEY(priv_key, outp);

  472.   if (ret == 0) {

  473.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  474.     goto err;

  475.   }

  476.   ok = 1;

  477. 

  478. err:

  479.   OPENSSL_free(buffer);

  480.   EC_PRIVATEKEY_free(priv_key);

  481.   return (ok ? ret : 0);

  482. }

  483. 

  484. int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) {

  485.   if (key == NULL) {

  486.     OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);

  487.     return 0;

  488.   }

  489.   return i2d_ECPKParameters(key->group, outp);

  490. }

  491. 

  492. EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) {

  493.   EC_KEY *ret;

  494. 

  495.   if (inp == NULL || *inp == NULL) {

  496.     OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);

  497.     return NULL;

  498.   }

  499. 

  500.   if (key == NULL || *key == NULL) {

  501.     ret = EC_KEY_new();

  502.     if (ret == NULL) {

  503.       OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  504.       return NULL;

  505.     }

  506.   } else {

  507.     ret = *key;

  508.   }

  509. 

  510.   if (!d2i_ECPKParameters(&ret->group, inp, len)) {

  511.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  512.     if (key == NULL || *key == NULL) {

  513.       EC_KEY_free(ret);

  514.     }

  515.     return NULL;

  516.   }

  517. 

  518.   if (key) {

  519.     *key = ret;

  520.   }

  521.   return ret;

  522. }

  523. 

  524. EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) {

  525.   EC_KEY *ret = NULL;

  526. 

  527.   if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) {

  528.     OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);

  529.     return 0;

  530.   }

  531.   ret = *keyp;

  532.   if (ret->pub_key == NULL &&

  533.       (ret->pub_key = EC_POINT_new(ret->group)) == NULL) {

  534.     OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  535.     return 0;

  536.   }

  537.   if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) {

  538.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  539.     return 0;

  540.   }

  541.   /* save the point conversion form */

  542.   ret->conv_form = (point_conversion_form_t)(*inp[0] & ~0x01);

  543.   *inp += len;

  544.   return ret;

  545. }

  546. 

  547. int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) {

  548.   size_t buf_len = 0;

  549.   int new_buffer = 0;

  550. 

  551.   if (key == NULL) {

  552.     OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);

  553.     return 0;

  554.   }

  555. 

  556.   buf_len = EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, NULL,

  557.                                0, NULL);

  558. 

  559.   if (outp == NULL || buf_len == 0) {

  560.     /* out == NULL => just return the length of the octet string */

  561.     return buf_len;

  562.   }

  563. 

  564.   if (*outp == NULL) {

  565.     *outp = OPENSSL_malloc(buf_len);

  566.     if (*outp == NULL) {

  567.       OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);

  568.       return 0;

  569.     }

  570.     new_buffer = 1;

  571.   }

  572.   if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp,

  573.                           buf_len, NULL)) {

  574.     OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);

  575.     if (new_buffer) {

  576.       OPENSSL_free(*outp);

  577.       *outp = NULL;

  578.     }

  579.     return 0;

  580.   }

  581. 

  582.   if (!new_buffer) {

  583.     *outp += buf_len;

  584.   }

  585.   return buf_len;

  586. }