diff options
38 files changed, 1273 insertions, 1076 deletions
@@ -3,7 +3,7 @@ * Written by Nils Larsch for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -89,6 +89,7 @@ int MAIN(int argc, char **argv) #endif int ret = 1; EC_KEY *eckey = NULL; + const EC_GROUP *group; int i, badops = 0; const EVP_CIPHER *enc = NULL; BIO *in = NULL, *out = NULL; @@ -328,14 +329,13 @@ bad: } } + group = EC_KEY_get0_group(eckey); + if (new_form) - { - EC_GROUP_set_point_conversion_form(eckey->group, form); - eckey->conv_form = form; - } + EC_KEY_set_conv_form(eckey, form); if (new_asn1_flag) - EC_GROUP_set_asn1_flag(eckey->group, asn1_flag); + EC_KEY_set_asn1_flag(eckey, asn1_flag); if (text) if (!EC_KEY_print(out, eckey, 0)) @@ -352,7 +352,7 @@ bad: if (outformat == FORMAT_ASN1) { if (param_out) - i = i2d_ECPKParameters_bio(out, eckey->group); + i = i2d_ECPKParameters_bio(out, group); else if (pubin || pubout) i = i2d_EC_PUBKEY_bio(out, eckey); else @@ -361,7 +361,7 @@ bad: else if (outformat == FORMAT_PEM) { if (param_out) - i = PEM_write_bio_ECPKParameters(out, eckey->group); + i = PEM_write_bio_ECPKParameters(out, group); else if (pubin || pubout) i = PEM_write_bio_EC_PUBKEY(out, eckey); else diff --git a/apps/ecparam.c b/apps/ecparam.c index b9786288d9..167fd1faaa 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -3,7 +3,7 @@ * Written by Nils Larsch for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -647,11 +647,11 @@ bad: assert(need_rand); - eckey->group = group; + if (EC_KEY_set_group(eckey, group) == 0) + goto end; if (!EC_KEY_generate_key(eckey)) { - eckey->group = NULL; EC_KEY_free(eckey); goto end; } @@ -664,11 +664,9 @@ bad: { BIO_printf(bio_err, "bad output format specified " "for outfile\n"); - eckey->group = NULL; EC_KEY_free(eckey); goto end; } - eckey->group = NULL; EC_KEY_free(eckey); } diff --git a/apps/req.c b/apps/req.c index db70dc2275..764ef2906f 100644 --- a/apps/req.c +++ b/apps/req.c @@ -344,6 +344,7 @@ int MAIN(int argc, char **argv) { X509 *xtmp=NULL; EVP_PKEY *dtmp; + EC_GROUP *group; pkey_type=TYPE_EC; p+=3; @@ -354,10 +355,10 @@ int MAIN(int argc, char **argv) } if ((ec_params = EC_KEY_new()) == NULL) goto end; - if ((ec_params->group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL)) == NULL) + group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL); + if (group == NULL) { - if (ec_params) - EC_KEY_free(ec_params); + EC_KEY_free(ec_params); ERR_clear_error(); (void)BIO_reset(in); if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL) @@ -369,7 +370,7 @@ int MAIN(int argc, char **argv) if ((dtmp=X509_get_pubkey(xtmp))==NULL) goto end; if (dtmp->type == EVP_PKEY_EC) - ec_params = ECParameters_dup(dtmp->pkey.eckey); + ec_params = EC_KEY_dup(dtmp->pkey.ec); EVP_PKEY_free(dtmp); X509_free(xtmp); if (ec_params == NULL) @@ -378,12 +379,16 @@ int MAIN(int argc, char **argv) goto end; } } + else + { + if (EC_KEY_set_group(ec_params, group) == 0) + goto end; + EC_GROUP_free(group); + } BIO_free(in); in=NULL; - - newkey = EC_GROUP_get_degree(ec_params->group); - + newkey = EC_GROUP_get_degree(EC_KEY_get0_group(ec_params)); } else #endif diff --git a/apps/s_server.c b/apps/s_server.c index ea19a50bff..59b6305e97 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -981,13 +981,6 @@ bad: { EC_KEY *ecdh=NULL; - ecdh = EC_KEY_new(); - if (ecdh == NULL) - { - BIO_printf(bio_err,"Could not create ECDH struct.\n"); - goto end; - } - if (named_curve) { int nid = OBJ_sn2nid(named_curve); @@ -998,9 +991,8 @@ bad: named_curve); goto end; } - - ecdh->group = EC_GROUP_new_by_curve_name(nid); - if (ecdh->group == NULL) + ecdh = EC_KEY_new_by_curve_name(nid); + if (ecdh == NULL) { BIO_printf(bio_err, "unable to create curve (%s)\n", named_curve); @@ -1008,15 +1000,15 @@ bad: } } - if (ecdh->group != NULL) + if (ecdh != NULL) { BIO_printf(bio_s_out,"Setting temp ECDH parameters\n"); } else { BIO_printf(bio_s_out,"Using default temp ECDH parameters\n"); - ecdh->group=EC_GROUP_new_by_curve_name(NID_sect163r2); - if (ecdh->group == NULL) + ecdh = EC_KEY_new_by_curve_name(NID_sect163r2); + if (ecdh == NULL) { BIO_printf(bio_err, "unable to create curve (sect163r2)\n"); goto end; diff --git a/apps/speed.c b/apps/speed.c index 2ecbb1e9c6..50a110df04 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -2040,7 +2040,7 @@ int MAIN(int argc, char **argv) int ret; if (!ecdsa_doit[j]) continue; /* Ignore Curve */ - ecdsa[j] = EC_KEY_new(); + ecdsa[j] = EC_KEY_new_by_curve_name(test_curves[j]); if (ecdsa[j] == NULL) { BIO_printf(bio_err,"ECDSA failure.\n"); @@ -2049,100 +2049,89 @@ int MAIN(int argc, char **argv) } else { - ecdsa[j]->group = EC_GROUP_new_by_curve_name(test_curves[j]); - /* Could not obtain group information */ - if (ecdsa[j]->group == NULL) +#if 1 + EC_KEY_precompute_mult(ecdsa[j], NULL); +#endif + /* Perform ECDSA signature test */ + EC_KEY_generate_key(ecdsa[j]); + ret = ECDSA_sign(0, buf, 20, ecdsasig, + &ecdsasiglen, ecdsa[j]); + if (ret == 0) { - BIO_printf(bio_err,"ECDSA failure.Could not obtain group information\n"); + BIO_printf(bio_err,"ECDSA sign failure. No ECDSA sign will be done.\n"); ERR_print_errors(bio_err); rsa_count=1; } else { -#if 1 - EC_GROUP_precompute_mult(ecdsa[j]->group, NULL); -#endif - /* Perform ECDSA signature test */ - EC_KEY_generate_key(ecdsa[j]); - ret = ECDSA_sign(0, buf, 20, ecdsasig, - &ecdsasiglen, ecdsa[j]); - if (ret == 0) - { - BIO_printf(bio_err,"ECDSA sign failure. No ECDSA sign will be done.\n"); - ERR_print_errors(bio_err); - rsa_count=1; - } - else + pkey_print_message("sign","ecdsa", + ecdsa_c[j][0], + test_curves_bits[j], + ECDSA_SECONDS); + + Time_F(START); + for (count=0,run=1; COND(ecdsa_c[j][0]); + count++) { - pkey_print_message("sign","ecdsa", - ecdsa_c[j][0], - test_curves_bits[j], - ECDSA_SECONDS); - - Time_F(START); - for (count=0,run=1; COND(ecdsa_c[j][0]); - count++) + ret=ECDSA_sign(0, buf, 20, + ecdsasig, &ecdsasiglen, + ecdsa[j]); + if (ret == 0) { - ret=ECDSA_sign(0, buf, 20, - ecdsasig, &ecdsasiglen, - ecdsa[j]); - if (ret == 0) - { - BIO_printf(bio_err, "ECDSA sign failure\n"); - ERR_print_errors(bio_err); - count=1; - break; - } + BIO_printf(bio_err, "ECDSA sign failure\n"); + ERR_print_errors(bio_err); + count=1; + break; } - d=Time_F(STOP); - - BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : - "%ld %d bit ECDSA signs in %.2fs \n", - count, test_curves_bits[j], d); - ecdsa_results[j][0]=d/(double)count; - rsa_count=count; } + d=Time_F(STOP); - /* Perform ECDSA verification test */ - ret=ECDSA_verify(0, buf, 20, ecdsasig, - ecdsasiglen, ecdsa[j]); - if (ret != 1) - { - BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n"); - ERR_print_errors(bio_err); - ecdsa_doit[j] = 0; - } - else + BIO_printf(bio_err, mr ? "+R5:%ld:%d:%.2f\n" : + "%ld %d bit ECDSA signs in %.2fs \n", + count, test_curves_bits[j], d); + ecdsa_results[j][0]=d/(double)count; + rsa_count=count; + } + + /* Perform ECDSA verification test */ + ret=ECDSA_verify(0, buf, 20, ecdsasig, + ecdsasiglen, ecdsa[j]); + if (ret != 1) + { + BIO_printf(bio_err,"ECDSA verify failure. No ECDSA verify will be done.\n"); + ERR_print_errors(bio_err); + ecdsa_doit[j] = 0; + } + else + { + pkey_print_message("verify","ecdsa", + ecdsa_c[j][1], + test_curves_bits[j], + ECDSA_SECONDS); + Time_F(START); + for (count=0,run=1; COND(ecdsa_c[j][1]); count++) { - pkey_print_message("verify","ecdsa", - ecdsa_c[j][1], - test_curves_bits[j], - ECDSA_SECONDS); - Time_F(START); - for (count=0,run=1; COND(ecdsa_c[j][1]); count++) + ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); + if (ret != 1) { - ret=ECDSA_verify(0, buf, 20, ecdsasig, ecdsasiglen, ecdsa[j]); - if (ret != 1) - { - BIO_printf(bio_err, "ECDSA verify failure\n"); - ERR_print_errors(bio_err); - count=1; - break; - } + BIO_printf(bio_err, "ECDSA verify failure\n"); + ERR_print_errors(bio_err); + count=1; + break; } - d=Time_F(STOP); - BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n" - : "%ld %d bit ECDSA verify in %.2fs\n", - count, test_curves_bits[j], d); - ecdsa_results[j][1]=d/(double)count; } + d=Time_F(STOP); + BIO_printf(bio_err, mr? "+R6:%ld:%d:%.2f\n" + : "%ld %d bit ECDSA verify in %.2fs\n", + count, test_curves_bits[j], d); + ecdsa_results[j][1]=d/(double)count; + } - if (rsa_count <= 1) - { - /* if longer than 10s, don't do any more */ - for (j++; j<EC_NUM; j++) - ecdsa_doit[j]=0; - } + if (rsa_count <= 1) + { + /* if longer than 10s, don't do any more */ + for (j++; j<EC_NUM; j++) + ecdsa_doit[j]=0; } } } @@ -2158,8 +2147,8 @@ int MAIN(int argc, char **argv) for (j=0; j<EC_NUM; j++) { if (!ecdh_doit[j]) continue; - ecdh_a[j] = EC_KEY_new(); - ecdh_b[j] = EC_KEY_new(); + ecdh_a[j] = EC_KEY_new_by_curve_name(test_curves[j]); + ecdh_b[j] = EC_KEY_new_by_curve_name(test_curves[j]); if ((ecdh_a[j] == NULL) || (ecdh_b[j] == NULL)) { BIO_printf(bio_err,"ECDH failure.\n"); @@ -2168,90 +2157,79 @@ int MAIN(int argc, char **argv) } else { - ecdh_a[j]->group = EC_GROUP_new_by_curve_name(test_curves[j]); - if (ecdh_a[j]->group == NULL) + /* generate two ECDH key pairs */ + if (!EC_KEY_generate_key(ecdh_a[j]) || + !EC_KEY_generate_key(ecdh_b[j])) { - BIO_printf(bio_err,"ECDH failure.\n"); + BIO_printf(bio_err,"ECDH key generation failure.\n"); ERR_print_errors(bio_err); - rsa_count=1; + rsa_count=1; } else { - ecdh_b[j]->group = EC_GROUP_dup(ecdh_a[j]->group); - - /* generate two ECDH key pairs */ - if (!EC_KEY_generate_key(ecdh_a[j]) || - !EC_KEY_generate_key(ecdh_b[j])) + /* If field size is not more than 24 octets, then use SHA-1 hash of result; + * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt). + */ + int field_size, outlen; + void *(*kdf)(const void *in, size_t inlen, void *out, size_t *xoutlen); + field_size = EC_GROUP_get_degree(EC_KEY_get0_group(ecdh_a[j])); + if (field_size <= 24 * 8) { - BIO_printf(bio_err,"ECDH key generation failure.\n"); - ERR_print_errors(bio_err); - rsa_count=1; + outlen = KDF1_SHA1_len; + kdf = KDF1_SHA1; } else { - /* If field size is not more than 24 octets, then use SHA-1 hash of result; - * otherwise, use result (see section 4.8 of draft-ietf-tls-ecc-03.txt). - */ - int field_size, outlen; - void *(*kdf)(const void *in, size_t inlen, void *out, size_t *xoutlen); - field_size = EC_GROUP_get_degree(ecdh_a[j]->group); - if (field_size <= 24 * 8) - { - outlen = KDF1_SHA1_len; - kdf = KDF1_SHA1; - } - else - { - outlen = (field_size+7)/8; - kdf = NULL; - } - secret_size_a = ECDH_compute_key(secret_a, outlen, - ecdh_b[j]->pub_key, - ecdh_a[j], kdf); - secret_size_b = ECDH_compute_key(secret_b, outlen, - ecdh_a[j]->pub_key, - ecdh_b[j], kdf); - if (secret_size_a != secret_size_b) - ecdh_checks = 0; - else - ecdh_checks = 1; - - for (secret_idx = 0; - (secret_idx < secret_size_a) - && (ecdh_checks == 1); - secret_idx++) - { - if (secret_a[secret_idx] != secret_b[secret_idx]) - ecdh_checks = 0; - } + outlen = (field_size+7)/8; + kdf = NULL; + } + secret_size_a = ECDH_compute_key(secret_a, outlen, + EC_KEY_get0_public_key(ecdh_b[j]), + ecdh_a[j], kdf); + secret_size_b = ECDH_compute_key(secret_b, outlen, + EC_KEY_get0_public_key(ecdh_a[j]), + ecdh_b[j], kdf); + if (secret_size_a != secret_size_b) + ecdh_checks = 0; + else + ecdh_checks = 1; - if (ecdh_checks == 0) - { - BIO_printf(bio_err,"ECDH computations don't match.\n"); - ERR_print_errors(bio_err); - rsa_count=1; - } + for (secret_idx = 0; + (secret_idx < secret_size_a) + && (ecdh_checks == 1); + secret_idx++) + { + if (secret_a[secret_idx] != secret_b[secret_idx]) + ecdh_checks = 0; + } - pkey_print_message("","ecdh", - ecdh_c[j][0], - test_curves_bits[j], - ECDH_SECONDS); - Time_F(START); - for (count=0,run=1; COND(ecdh_c[j][0]); count++) - { - ECDH_compute_key(secret_a, outlen, - ecdh_b[j]->pub_key, - ecdh_a[j], kdf); - } - d=Time_F(STOP); - BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n", - count, test_curves_bits[j], d); - ecdh_results[j][0]=d/(double)count; - rsa_count=count; + if (ecdh_checks == 0) + { + BIO_printf(bio_err,"ECDH computations don't match.\n"); + ERR_print_errors(bio_err); + rsa_count=1; } + + pkey_print_message("","ecdh", + ecdh_c[j][0], + test_curves_bits[j], + ECDH_SECONDS); + Time_F(START); + for (count=0,run=1; COND(ecdh_c[j][0]); count++) + { + ECDH_compute_key(secret_a, outlen, + EC_KEY_get0_public_key(ecdh_b[j]), + ecdh_a[j], kdf); + } + d=Time_F(STOP); + BIO_printf(bio_err, mr ? "+R7:%ld:%d:%.2f\n" :"%ld %d-bit ECDH ops in %.2fs\n", + count, test_curves_bits[j], d); + ecdh_results[j][0]=d/(double)count; + rsa_count=count; } } + if (rsa_count <= 1) { /* if longer than 10s, don't do any more */ diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index 5f30585142..207ccda5ac 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -113,7 +113,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - if ((ret->pkey.eckey = d2i_ECPrivateKey(NULL, + if ((ret->pkey.ec = d2i_ECPrivateKey(NULL, (const unsigned char **)pp, length)) == NULL) { ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB); diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 8a05810eda..3694f51a8c 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -113,7 +113,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - if (!o2i_ECPublicKey(&(ret->pkey.eckey), + if (!o2i_ECPublicKey(&(ret->pkey.ec), (const unsigned char **)pp, length)) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index bbf2a0d2d6..0be52c5b76 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -89,7 +89,7 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) #ifndef OPENSSL_NO_EC if (a->type == EVP_PKEY_EC) { - return(i2d_ECPrivateKey(a->pkey.eckey, pp)); + return(i2d_ECPrivateKey(a->pkey.ec, pp)); } #endif diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c index 44f186442e..34286dbd35 100644 --- a/crypto/asn1/i2d_pu.c +++ b/crypto/asn1/i2d_pu.c @@ -85,7 +85,7 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - return(i2o_ECPublicKey(a->pkey.eckey, pp)); + return(i2o_ECPublicKey(a->pkey.ec, pp)); #endif default: ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c index 687a2bd6f5..7dd4ae3787 100644 --- a/crypto/asn1/t_pkey.c +++ b/crypto/asn1/t_pkey.c @@ -79,7 +79,7 @@ #include <openssl/ec.h> #endif -static int print(BIO *fp,const char *str,BIGNUM *num, +static int print(BIO *fp,const char *str, const BIGNUM *num, unsigned char *buf,int off); static int print_bin(BIO *fp, const char *str, const unsigned char *num, size_t len, int off); @@ -279,7 +279,7 @@ int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off) size_t buf_len=0, i; int ret=0, reason=ERR_R_BIO_LIB; BN_CTX *ctx=NULL; - EC_POINT *point=NULL; + const EC_POINT *point=NULL; BIGNUM *p=NULL, *a=NULL, *b=NULL, *gen=NULL, *order=NULL, *cofactor=NULL; const unsigned char *seed; @@ -481,24 +481,29 @@ int EC_KEY_print(BIO *bp, const EC_KEY *x, int off) int ret=0, reason=ERR_R_BIO_LIB; BIGNUM *pub_key=NULL, *order=NULL; BN_CTX *ctx=NULL; + const EC_GROUP *group; + const EC_POINT *public_key; + const BIGNUM *priv_key; - if (!x || !x->group) + if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) { reason = ERR_R_PASSED_NULL_PARAMETER; goto err; } - if ((pub_key = EC_POINT_point2bn(x->group, x->pub_key, - x->conv_form, NULL, ctx)) == NULL) + public_key = EC_KEY_get0_public_key(x); + if ((pub_key = EC_POINT_point2bn(group, public_key, + EC_KEY_get_conv_form(x), NULL, ctx)) == NULL) { reason = ERR_R_EC_LIB; goto err; } buf_len = (size_t)BN_num_bytes(pub_key); - if (x->priv_key) + priv_key = EC_KEY_get0_private_key(x); + if (priv_key != NULL) { - if ((i = (size_t)BN_num_bytes(x->priv_key)) > buf_len) + if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len) buf_len = i; } @@ -509,25 +514,25 @@ int EC_KEY_print(BIO *bp, const EC_KEY *x, int off) goto err; } - if (x->priv_key != NULL) + if (priv_key != NULL) { if (!BIO_indent(bp, off, 128)) goto err; if ((order = BN_new()) == NULL) goto err; - if (!EC_GROUP_get_order(x->group, order, NULL)) + if (!EC_GROUP_get_order(group, order, NULL)) goto err; if (BIO_printf(bp, "Private-Key: (%d bit)\n", BN_num_bits(order)) <= 0) goto err; } - if ((x->priv_key != NULL) && !print(bp, "priv:", x->priv_key, + if ((priv_key != NULL) && !print(bp, "priv:", priv_key, buffer, off)) goto err; if ((pub_key != NULL) && !print(bp, "pub: ", pub_key, buffer, off)) goto err; - if (!ECPKParameters_print(bp, x->group, off)) + if (!ECPKParameters_print(bp, group, off)) goto err; ret=1; err: @@ -545,7 +550,7 @@ err: } #endif /* OPENSSL_NO_EC */ -static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, +static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf, int off) { int n,i; @@ -770,8 +775,9 @@ int ECParameters_print(BIO *bp, const EC_KEY *x) { int reason=ERR_R_EC_LIB, ret=0; BIGNUM *order=NULL; + const EC_GROUP *group; - if (!x || !x->group) + if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL) { reason = ERR_R_PASSED_NULL_PARAMETER;; goto err; @@ -783,7 +789,7 @@ int ECParameters_print(BIO *bp, const EC_KEY *x) goto err; } - if (!EC_GROUP_get_order(x->group, order, NULL)) + if (!EC_GROUP_get_order(group, order, NULL)) { reason = ERR_R_EC_LIB; goto err; @@ -792,7 +798,7 @@ int ECParameters_print(BIO *bp, const EC_KEY *x) if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n", BN_num_bits(order)) <= 0) goto err; - if (!ECPKParameters_print(bp, x->group, 4)) + if (!ECPKParameters_print(bp, group, 4)) goto err; ret=1; err: diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index 4056cf6ea4..204ca105e3 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -166,7 +166,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long if (pkey->type == EVP_PKEY_EC) { BIO_printf(bp, "%12sEC Public Key: \n",""); - EC_KEY_print(bp, pkey->pkey.eckey, 16); + EC_KEY_print(bp, pkey->pkey.ec, 16); } else #endif diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index e84bae6438..23ab3b94e0 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -100,7 +100,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki) if (pkey->type == EVP_PKEY_EC) { BIO_printf(out, " EC Public Key:\n"); - EC_KEY_print(out, pkey->pkey.eckey,2); + EC_KEY_print(out, pkey->pkey.ec,2); } else #endif diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c index 4bf5c893e7..61f48d14d7 100644 --- a/crypto/asn1/t_x509.c +++ b/crypto/asn1/t_x509.c @@ -236,7 +236,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag) if (pkey->type == EVP_PKEY_EC) { BIO_printf(bp, "%12sEC Public Key:\n",""); - EC_KEY_print(bp, pkey->pkey.eckey, 16); + EC_KEY_print(bp, pkey->pkey.ec, 16); } else #endif diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index c371e4c4cd..50faa4af20 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -159,9 +159,10 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { int nid=0; unsigned char *pp; - EC_KEY *eckey; + EC_KEY *ec_key; + const EC_GROUP *group; - eckey = pkey->pkey.eckey; + ec_key = pkey->pkey.ec; ASN1_TYPE_free(a->parameter); if ((a->parameter = ASN1_TYPE_new()) == NULL) @@ -170,8 +171,9 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) goto err; } - if (EC_GROUP_get_asn1_flag(eckey->group) - && (nid = EC_GROUP_get_curve_name(eckey->group))) + group = EC_KEY_get0_group(ec_key); + if (EC_GROUP_get_asn1_flag(group) + && (nid = EC_GROUP_get_curve_name(group))) { /* just set the OID */ a->parameter->type = V_ASN1_OBJECT; @@ -179,7 +181,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } else /* explicit parameters */ { - if ((i = i2d_ECParameters(eckey, NULL)) == 0) + if ((i = i2d_ECParameters(ec_key, NULL)) == 0) { X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); goto err; @@ -190,7 +192,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) goto err; } pp = p; - if (!i2d_ECParameters(eckey, &pp)) + if (!i2d_ECParameters(ec_key, &pp)) { X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB); OPENSSL_free(p); @@ -313,7 +315,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) /* type == V_ASN1_SEQUENCE => we have explicit parameters * (e.g. parameters in the X9_62_EC_PARAMETERS-structure ) */ - if ((ret->pkey.eckey= EC_KEY_new()) == NULL) + if ((ret->pkey.ec= EC_KEY_new()) == NULL) { X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); @@ -321,7 +323,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) } cp = p = a->parameter->value.sequence->data; j = a->parameter->value.sequence->length; - if (!d2i_ECParameters(&ret->pkey.eckey, &cp, (long)j)) + if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j)) { X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB); goto err; @@ -332,17 +334,21 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key) /* type == V_ASN1_OBJECT => the parameters are given * by an asn1 OID */ - EC_KEY *eckey; - if (ret->pkey.eckey == NULL) - ret->pkey.eckey = EC_KEY_new(); - eckey = ret->pkey.eckey; - if (eckey->group) - EC_GROUP_free(eckey->group); - if ((eckey->group = EC_GROUP_new_by_curve_name( - OBJ_obj2nid(a->parameter->value.object))) == NULL) + EC_KEY *ec_key; + EC_GROUP *group; + + if (ret->pkey.ec == NULL) + ret->pkey.ec = EC_KEY_new(); + ec_key = ret->pkey.ec; + if (ec_key == NULL) + goto err; + group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); + if (group == NULL) + goto err; + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + if (EC_KEY_set_group(ec_key, group) == 0) goto err; - EC_GROUP_set_asn1_flag(eckey->group, - OPENSSL_EC_NAMED_CURVE); + EC_GROUP_free(group); } /* the case implicitlyCA is currently not implemented */ ret->save_parameters = 1; diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index c706669a7a..a19a075b0d 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -139,7 +139,7 @@ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *); int EC_METHOD_get_field_type(const EC_METHOD *); int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor); -EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); +const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *); int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *); int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *); @@ -292,36 +292,37 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); /* the EC_KEY stuff */ typedef struct ec_key_st EC_KEY; -typedef struct ec_key_meth_data_st { - int (*init)(EC_KEY *); - void (*finish)(EC_KEY *); - } EC_KEY_METH_DATA; - -struct ec_key_st { - int version; - - EC_GROUP *group; - - EC_POINT *pub_key; - BIGNUM *priv_key; - - unsigned int enc_flag; - point_conversion_form_t conv_form; - - int references; - - EC_KEY_METH_DATA *meth_data; - }/* EC_KEY */; /* some values for the encoding_flag */ #define EC_PKEY_NO_PARAMETERS 0x001 #define EC_PKEY_NO_PUBKEY 0x002 EC_KEY *EC_KEY_new(void); +EC_KEY *EC_KEY_new_by_curve_name(int nid); void EC_KEY_free(EC_KEY *); EC_KEY *EC_KEY_copy(EC_KEY *, const EC_KEY *); EC_KEY *EC_KEY_dup(const EC_KEY *); + int EC_KEY_up_ref(EC_KEY *); +const EC_GROUP *EC_KEY_get0_group(const EC_KEY *); +int EC_KEY_set_group(EC_KEY *, const EC_GROUP *); +const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *); +int EC_KEY_set_private_key(EC_KEY *, const BIGNUM *); +const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *); +int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *); +unsigned EC_KEY_get_enc_flags(const EC_KEY *); +void EC_KEY_set_enc_flags(EC_KEY *, unsigned int); +point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *); +void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t); +/* functions to set/get method specific data */ +void *EC_KEY_get_key_method_data(EC_KEY *, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +void EC_KEY_insert_key_method_data(EC_KEY *, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); +/* wrapper functions for the underlying EC_GROUP object */ +void EC_KEY_set_asn1_flag(EC_KEY *, int); +int EC_KEY_precompute_mult(EC_KEY *, BN_CTX *ctx); + /* EC_KEY_generate_key() creates a ec private (public) key */ int EC_KEY_generate_key(EC_KEY *); /* EC_KEY_check_key() */ diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 68aba4348b..66d9c8dd82 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -3,7 +3,7 @@ * Written by Nils Larsch for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -84,10 +84,23 @@ EC_KEY *EC_KEY_new(void) ret->enc_flag= 0; ret->conv_form = POINT_CONVERSION_UNCOMPRESSED; ret->references= 1; - ret->meth_data = NULL; + ret->method_data = NULL; return(ret); } +EC_KEY *EC_KEY_new_by_curve_name(int nid) + { + EC_KEY *ret = EC_KEY_new(); + if (ret == NULL) + return NULL; + ret->group = EC_GROUP_new_by_curve_name(nid); + if (ret->group == NULL) + { + EC_KEY_free(ret); + return NULL; + } + return ret; + } void EC_KEY_free(EC_KEY *r) { @@ -115,8 +128,7 @@ void EC_KEY_free(EC_KEY *r) if (r->priv_key != NULL) BN_clear_free(r->priv_key); - if (r->meth_data && r->meth_data->finish) - r->meth_data->finish(r); + EC_EX_DATA_free_all_data(&r->method_data); OPENSSL_cleanse((void *)r, sizeof(EC_KEY)); @@ -125,6 +137,8 @@ void EC_KEY_free(EC_KEY *r) EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { + EC_EXTRA_DATA *d; + if (dest == NULL || src == NULL) { ECerr(EC_F_EC_KEY_COPY, ERR_R_PASSED_NULL_PARAMETER); @@ -166,6 +180,19 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) if (!BN_copy(dest->priv_key, src->priv_key)) return NULL; } + /* copy method/extra data */ + EC_EX_DATA_free_all_data(&dest->method_data); + + for (d = src->method_data; d != NULL; d = d->next) + { + void *t = d->dup_func(d->data); + + if (t == NULL) + return 0; + if (!EC_EX_DATA_set_data(&dest->method_data, t, d->dup_func, d->free_func, d->clear_free_func)) + return 0; + } + /* copy the rest */ dest->enc_flag = src->enc_flag; dest->conv_form = src->conv_form; @@ -375,3 +402,94 @@ err: EC_POINT_free(point); return(ok); } + +const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key) + { + return key->group; + } + +int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group) + { + if (key->group != NULL) + EC_GROUP_free(key->group); + key->group = EC_GROUP_dup(group); + return (key->group == NULL) ? 0 : 1; + } + +const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key) + { + return key->priv_key; + } + +int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) + { + if (key->priv_key) + BN_clear_free(key->priv_key); + key->priv_key = BN_dup(priv_key); + return (key->priv_key == NULL) ? 0 : 1; + } + +const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key) + { + return key->pub_key; + } + +int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub_key) + { + if (key->pub_key != NULL) + EC_POINT_free(key->pub_key); + key->pub_key = EC_POINT_dup(pub_key, key->group); + return (key->pub_key == NULL) ? 0 : 1; + } + +unsigned int EC_KEY_get_enc_flags(const EC_KEY *key) + { + return key->enc_flag; + } + +void EC_KEY_set_enc_flags(EC_KEY *key, unsigned int flags) + { + key->enc_flag = flags; + } + +point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key) + { + return key->conv_form; + } + +void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform) + { + key->conv_form = cform; + if (key->group != NULL) + EC_GROUP_set_point_conversion_form(key->group, cform); + } + +void *EC_KEY_get_key_method_data(EC_KEY *key, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) + { + return EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); + } + +void EC_KEY_insert_key_method_data(EC_KEY *key, void *data, + void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) + { + EC_EXTRA_DATA *ex_data; + CRYPTO_w_lock(CRYPTO_LOCK_EC); + ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); + if (ex_data == NULL) + EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func); + CRYPTO_w_unlock(CRYPTO_LOCK_EC); + } + +void EC_KEY_set_asn1_flag(EC_KEY *key, int flag) + { + if (key->group != NULL) + EC_GROUP_set_asn1_flag(key->group, flag); + } + +int EC_KEY_precompute_mult(EC_KEY *key, BN_CTX *ctx) + { + if (key->group == NULL) + return 0; + return EC_GROUP_precompute_mult(key->group, ctx); + } diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h index c878081942..fdd7aa2755 100644 --- a/crypto/ec/ec_lcl.h +++ b/crypto/ec/ec_lcl.h @@ -229,22 +229,37 @@ struct ec_group_st { int (*field_mod_func)(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); /* method-specific */ } /* EC_GROUP */; +struct ec_key_st { + int version; -/* Basically a 'mixin' for extra data, but available for EC_GROUPs only + EC_GROUP *group; + + EC_POINT *pub_key; + BIGNUM *priv_key; + + unsigned int enc_flag; + point_conversion_form_t conv_form; + + int references; + + EC_EXTRA_DATA *method_data; +} /* EC_KEY */; + +/* Basically a 'mixin' for extra data, but available for EC_GROUPs/EC_KEYs only * (with visibility limited to 'package' level for now). * We use the function pointers as index for retrieval; this obviates * global ex_data-style index tables. */ -int EC_GROUP_set_extra_data(EC_GROUP *, void *data, +int EC_EX_DATA_set_data(EC_EXTRA_DATA **, void *data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); -void *EC_GROUP_get_extra_data(const EC_GROUP *, +void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); -void EC_GROUP_free_extra_data(EC_GROUP*, +void EC_EX_DATA_free_data(EC_EXTRA_DATA **, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); -void EC_GROUP_clear_free_extra_data(EC_GROUP*, +void EC_EX_DATA_clear_free_data(EC_EXTRA_DATA **, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); -void EC_GROUP_free_all_extra_data(EC_GROUP *); -void EC_GROUP_clear_free_all_extra_data(EC_GROUP *); +void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **); +void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **); diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index ae9ee08660..6d3a562690 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -127,7 +127,7 @@ void EC_GROUP_free(EC_GROUP *group) if (group->meth->group_finish != 0) group->meth->group_finish(group); - EC_GROUP_free_all_extra_data(group); + EC_EX_DATA_free_all_data(&group->extra_data); if (group->generator != NULL) EC_POINT_free(group->generator); @@ -150,7 +150,7 @@ void EC_GROUP_clear_free(EC_GROUP *group) else if (group->meth != NULL && group->meth->group_finish != 0) group->meth->group_finish(group); - EC_GROUP_clear_free_all_extra_data(group); + EC_EX_DATA_clear_free_all_data(&group->extra_data); if (group->generator != NULL) EC_POINT_clear_free(group->generator); @@ -185,7 +185,7 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) if (dest == src) return 1; - EC_GROUP_free_all_extra_data(dest); + EC_EX_DATA_free_all_data(&dest->extra_data); for (d = src->extra_data; d != NULL; d = d->next) { @@ -193,7 +193,7 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src) if (t == NULL) return 0; - if (!EC_GROUP_set_extra_data(dest, t, d->dup_func, d->free_func, d->clear_free_func)) + if (!EC_EX_DATA_set_data(&dest->extra_data, t, d->dup_func, d->free_func, d->clear_free_func)) return 0; } @@ -310,7 +310,7 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIG } -EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) +const EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group) { return group->generator; } @@ -546,15 +546,15 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) /* this has 'package' visibility */ -int EC_GROUP_set_extra_data(EC_GROUP *group, void *data, +int EC_EX_DATA_set_data(EC_EXTRA_DATA **ex_data, void *data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { EC_EXTRA_DATA *d; - if (group == NULL) + if (ex_data == NULL) return 0; - for (d = group->extra_data; d != NULL; d = d->next) + for (d = *ex_data; d != NULL; d = d->next) { if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func) { @@ -576,22 +576,19 @@ int EC_GROUP_set_extra_data(EC_GROUP *group, void *data, d->free_func = free_func; d->clear_free_func = clear_free_func; - d->next = group->extra_data; - group->extra_data = d; + d->next = *ex_data; + *ex_data = d; return 1; } /* this has 'package' visibility */ -void *EC_GROUP_get_extra_data(const EC_GROUP *group, +void *EC_EX_DATA_get_data(const EC_EXTRA_DATA *ex_data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { - EC_EXTRA_DATA *d; - - if (group == NULL) - return NULL; + const EC_EXTRA_DATA *d; - for (d = group->extra_data; d != NULL; d = d->next) + for (d = ex_data; d != NULL; d = d->next) { if (d->dup_func == dup_func && d->free_func == free_func && d->clear_free_func == clear_free_func) return d->data; @@ -601,15 +598,15 @@ void *EC_GROUP_get_extra_data(const EC_GROUP *group, } /* this has 'package' visibility */ -void EC_GROUP_free_extra_data(EC_GROUP *group, +void EC_EX_DATA_free_data(EC_EXTRA_DATA **ex_data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { EC_EXTRA_DATA **p; - if (group == NULL) + if (ex_data == NULL) return; - for (p = &group->extra_data; *p != NULL; p = &((*p)->next)) + for (p = ex_data; *p != NULL; p = &((*p)->next)) { if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func) { @@ -625,15 +622,15 @@ void EC_GROUP_free_extra_data(EC_GROUP *group, } /* this has 'package' visibility */ -void EC_GROUP_clear_free_extra_data(EC_GROUP *group, +void EC_EX_DATA_clear_free_extra_data(EC_EXTRA_DATA **ex_data, void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) { EC_EXTRA_DATA **p; - if (group == NULL) + if (ex_data == NULL) return; - for (p = &group->extra_data; *p != NULL; p = &((*p)->next)) + for (p = ex_data; *p != NULL; p = &((*p)->next)) { if ((*p)->dup_func == dup_func && (*p)->free_func == free_func && (*p)->clear_free_func == clear_free_func) { @@ -649,14 +646,14 @@ void EC_GROUP_clear_free_extra_data(EC_GROUP *group, } /* this has 'package' visibility */ -void EC_GROUP_free_all_extra_data(EC_GROUP *group) +void EC_EX_DATA_free_all_data(EC_EXTRA_DATA **ex_data) { EC_EXTRA_DATA *d; - if (group == NULL) + if (ex_data == NULL) return; - d = group->extra_data; + d = *ex_data; while (d) { EC_EXTRA_DATA *next = d->next; @@ -666,18 +663,18 @@ void EC_GROUP_free_all_extra_data(EC_GROUP *group) d = next; } - group->extra_data = NULL; + *ex_data = NULL; } /* this has 'package' visibility */ -void EC_GROUP_clear_free_all_extra_data(EC_GROUP *group) +void EC_EX_DATA_clear_free_all_data(EC_EXTRA_DATA **ex_data) { EC_EXTRA_DATA *d; - if (group == NULL) + if (ex_data == NULL) return; - d = group->extra_data; + d = *ex_data; while (d) { EC_EXTRA_DATA *next = d->next; @@ -687,7 +684,7 @@ void EC_GROUP_clear_free_all_extra_data(EC_GROUP *group) d = next; } - group->extra_data = NULL; + *ex_data = NULL; } diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index 101f44a2e0..7320e31c5c 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -325,7 +325,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *ctx) { BN_CTX *new_ctx = NULL; - EC_POINT *generator = NULL; + const EC_POINT *generator = NULL; EC_POINT *tmp = NULL; size_t totalnum; size_t blocksize = 0, numblocks = 0; /* for wNAF splitting */ @@ -385,7 +385,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* look if we can use precomputed multiples of generator */ - pre_comp = EC_GROUP_get_extra_data(group, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); + pre_comp = EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); if (pre_comp && pre_comp->numblocks && (EC_POINT_cmp(group, generator, pre_comp->points[0], ctx) == 0)) { @@ -744,7 +744,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) int ret = 0; /* if there is an old EC_PRE_COMP object, throw it away */ - EC_GROUP_free_extra_data(group, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); + EC_EX_DATA_free_data(&group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free); if ((pre_comp = ec_pre_comp_new(group)) == NULL) return 0; @@ -872,7 +872,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) points = NULL; pre_comp->num = num; - if (!EC_GROUP_set_extra_data(group, pre_comp, + if (!EC_EX_DATA_set_data(&group->extra_data, pre_comp, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free)) goto err; pre_comp = NULL; @@ -902,7 +902,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) int ec_wNAF_have_precompute_mult(const EC_GROUP *group) { - if (EC_GROUP_get_extra_data(group, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL) + if (EC_EX_DATA_get_data(group->extra_data, ec_pre_comp_dup, ec_pre_comp_free, ec_pre_comp_clear_free) != NULL) return 1; else return 0; diff --git a/crypto/ecdh/ecdh.h b/crypto/ecdh/ecdh.h index 98b8bb253c..b4b58ee65b 100644 --- a/crypto/ecdh/ecdh.h +++ b/crypto/ecdh/ecdh.h @@ -85,13 +85,6 @@ extern "C" { #endif -typedef struct ecdh_data_st ECDH_DATA; - -/* ECDH_DATA functions */ -ECDH_DATA *ECDH_DATA_new(void); -ECDH_DATA *ECDH_DATA_new_method(ENGINE *); -void ECDH_DATA_free(ECDH_DATA *); - const ECDH_METHOD *ECDH_OpenSSL(void); void ECDH_set_default_method(const ECDH_METHOD *); diff --git a/crypto/ecdh/ecdhtest.c b/crypto/ecdh/ecdhtest.c index f4e02966e2..c0414b92d3 100644 --- a/crypto/ecdh/ecdhtest.c +++ b/crypto/ecdh/ecdhtest.c @@ -119,9 +119,7 @@ static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) } -int test_ecdh_curve(int , char *, BN_CTX *, BIO *); - -int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) +static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) { EC_KEY *a=NULL; EC_KEY *b=NULL; @@ -130,12 +128,14 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) char buf[12]; unsigned char *abuf=NULL,*bbuf=NULL; int i,alen,blen,aout,bout,ret=0; + const EC_GROUP *group; - if ((a=EC_KEY_new()) == NULL) goto err; - if ((a->group=EC_GROUP_new_by_curve_name(nid)) == NULL) goto err; + a = EC_KEY_new_by_curve_name(nid); + b = EC_KEY_new_by_curve_name(nid); + if (a == NULL || b == NULL) + goto err; - if ((b=EC_KEY_new()) == NULL) goto err; - b->group = a->group; + group = EC_KEY_get0_group(a); if ((x_a=BN_new()) == NULL) goto err; if ((y_a=BN_new()) == NULL) goto err; @@ -152,13 +152,15 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) if (!EC_KEY_generate_key(a)) goto err; - if (EC_METHOD_get_field_type(EC_GROUP_method_of(a->group)) == NID_X9_62_prime_field) + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { - if (!EC_POINT_get_affine_coordinates_GFp(a->group, a->pub_key, x_a, y_a, ctx)) goto err; + if (!EC_POINT_get_affine_coordinates_GFp(group, + EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } else { - if (!EC_POINT_get_affine_coordinates_GF2m(a->group, a->pub_key, x_a, y_a, ctx)) goto err; + if (!EC_POINT_get_affine_coordinates_GF2m(group, + EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; } #ifdef NOISY BIO_puts(out," pri 1="); @@ -175,13 +177,15 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) if (!EC_KEY_generate_key(b)) goto err; - if (EC_METHOD_get_field_type(EC_GROUP_method_of(b->group)) == NID_X9_62_prime_field) + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { - if (!EC_POINT_get_affine_coordinates_GFp(b->group, b->pub_key, x_b, y_b, ctx)) goto err; + if (!EC_POINT_get_affine_coordinates_GFp(group, + EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; } else { - if (!EC_POINT_get_affine_coordinates_GF2m(a->group, b->pub_key, x_b, y_b, ctx)) goto err; + if (!EC_POINT_get_affine_coordinates_GF2m(group, + EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; } #ifdef NOISY @@ -199,7 +203,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) alen=KDF1_SHA1_len; abuf=(unsigned char *)OPENSSL_malloc(alen); - aout=ECDH_compute_key(abuf,alen,b->pub_key,a,KDF1_SHA1); + aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1); #ifdef NOISY BIO_puts(out," key1 ="); @@ -216,7 +220,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) blen=KDF1_SHA1_len; bbuf=(unsigned char *)OPENSSL_malloc(blen); - bout=ECDH_compute_key(bbuf,blen,a->pub_key,b,KDF1_SHA1); + bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1); #ifdef NOISY BIO_puts(out," key2 ="); @@ -237,7 +241,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) BIO_printf(out, " failed\n\n"); BIO_printf(out, "key a:\n"); BIO_printf(out, "private key: "); - BN_print(out, a->priv_key); + BN_print(out, EC_KEY_get0_private_key(a)); BIO_printf(out, "\n"); BIO_printf(out, "public key (x,y): "); BN_print(out, x_a); @@ -245,7 +249,7 @@ int test_ecdh_curve(int nid, char *text, BN_CTX *ctx, BIO *out) BN_print(out, y_a); BIO_printf(out, "\nkey b:\n"); BIO_printf(out, "private key: "); - BN_print(out, b->priv_key); + BN_print(out, EC_KEY_get0_private_key(b)); BIO_printf(out, "\n"); BIO_printf(out, "public key (x,y): "); BN_print(out, x_b); @@ -286,8 +290,6 @@ err: if (y_a) BN_free(y_a); if (x_b) BN_free(x_b); if (y_b) BN_free(y_b); - if (a->group) EC_GROUP_free(a->group); - a->group = b->group = NULL; if (b) EC_KEY_free(b); if (a) EC_KEY_free(a); return(ret); diff --git a/crypto/ecdh/ech_lib.c b/crypto/ecdh/ech_lib.c index a6392bcb3d..85fbfc5cac 100644 --- a/crypto/ecdh/ech_lib.c +++ b/crypto/ecdh/ech_lib.c @@ -76,10 +76,11 @@ const char *ECDH_version="ECDH" OPENSSL_VERSION_PTEXT; -static void ecdh_finish(EC_KEY *); - static const ECDH_METHOD *default_ECDH_method = NULL; +static void *ecdh_data_dup(void *); +static void ecdh_data_free(void *); + void ECDH_set_default_method(const ECDH_METHOD *meth) { default_ECDH_method = meth; @@ -122,12 +123,7 @@ int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth) return 1; } -ECDH_DATA *ECDH_DATA_new(void) - { - return ECDH_DATA_new_method(NULL); - } - -ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) +static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) { ECDH_DATA *ret; @@ -139,7 +135,6 @@ ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) } ret->init = NULL; - ret->finish = ecdh_finish; ret->meth = ECDH_get_default_method(); ret->engine = engine; @@ -172,12 +167,26 @@ ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) return(ret); } -void ECDH_DATA_free(ECDH_DATA *r) +void *ecdh_data_new(void) { -#if 0 - if (r->meth->finish) - r->meth->finish(r); -#endif + return (void *)ECDH_DATA_new_method(NULL); + } + +static void *ecdh_data_dup(void *data) +{ + ECDH_DATA *r = (ECDH_DATA *)data; + + /* XXX: dummy operation */ + if (r == NULL) + return NULL; + + return (void *)ecdh_data_new(); +} + +void ecdh_data_free(void *data) + { + ECDH_DATA *r = (ECDH_DATA *)data; + #ifndef OPENSSL_NO_ENGINE if (r->engine) ENGINE_finish(r->engine); @@ -192,25 +201,24 @@ void ECDH_DATA_free(ECDH_DATA *r) ECDH_DATA *ecdh_check(EC_KEY *key) { - if (key->meth_data) - { - if (key->meth_data->finish != ecdh_finish) - { - key->meth_data->finish(key); - key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new(); - } - } - else - key->meth_data = (EC_KEY_METH_DATA *)ECDH_DATA_new(); - return (ECDH_DATA *)key->meth_data; - } - -static void ecdh_finish(EC_KEY *key) + ECDH_DATA *ecdh_data; + + void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup, + ecdh_data_free, ecdh_data_free); + if (data == NULL) { - if (key->meth_data && key->meth_data->finish == ecdh_finish) - ECDH_DATA_free((ECDH_DATA *)key->meth_data); + ecdh_data = (ECDH_DATA *)ecdh_data_new(); + if (ecdh_data == NULL) + return NULL; + EC_KEY_insert_key_method_data(key, (void *)ecdh_data, + ecdh_data_dup, ecdh_data_free, ecdh_data_free); } + else + ecdh_data = (ECDH_DATA *)data; + + return ecdh_data; + } int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) diff --git a/crypto/ecdh/ech_locl.h b/crypto/ecdh/ech_locl.h index 1a2db43b8a..f658526a7e 100644 --- a/crypto/ecdh/ech_locl.h +++ b/crypto/ecdh/ech_locl.h @@ -75,16 +75,15 @@ struct ecdh_method char *app_data; }; -struct ecdh_data_st { +typedef struct ecdh_data_st { /* EC_KEY_METH_DATA part */ int (*init)(EC_KEY *); - void (*finish)(EC_KEY *); /* method specific part */ ENGINE *engine; int flags; const ECDH_METHOD *meth; CRYPTO_EX_DATA ex_data; -}; +} ECDH_DATA; ECDH_DATA *ecdh_check(EC_KEY *); diff --git a/crypto/ecdh/ech_ossl.c b/crypto/ecdh/ech_ossl.c index dab7e8eab8..2a40ff12df 100644 --- a/crypto/ecdh/ech_ossl.c +++ b/crypto/ecdh/ech_ossl.c @@ -112,6 +112,8 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, BN_CTX *ctx; EC_POINT *tmp=NULL; BIGNUM *x=NULL, *y=NULL; + const BIGNUM *priv_key; + const EC_GROUP* group; int ret= -1; size_t buflen, len; unsigned char *buf=NULL; @@ -127,27 +129,29 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); - if (ecdh->priv_key == NULL) + priv_key = EC_KEY_get0_private_key(ecdh); + if (priv_key == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); goto err; } - if ((tmp=EC_POINT_new(ecdh->group)) == NULL) + group = EC_KEY_get0_group(ecdh); + if ((tmp=EC_POINT_new(group)) == NULL) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); goto err; } - if (!EC_POINT_mul(ecdh->group, tmp, NULL, pub_key, ecdh->priv_key, ctx)) + if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } - if (EC_METHOD_get_field_type(EC_GROUP_method_of(ecdh->group)) == NID_X9_62_prime_field) + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) { - if (!EC_POINT_get_affine_coordinates_GFp(ecdh->group, tmp, x, y, ctx)) + if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; @@ -155,14 +159,14 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, } else { - if (!EC_POINT_get_affine_coordinates_GF2m(ecdh->group, tmp, x, y, ctx)) + if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) { ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); goto err; } } - buflen = (EC_GROUP_get_degree(ecdh->group) + 7)/8; + buflen = (EC_GROUP_get_degree(group) + 7)/8; len = BN_num_bytes(x); if (len > buflen) { diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h index 14bb363389..76c5a4aa2a 100644 --- a/crypto/ecdsa/ecdsa.h +++ b/crypto/ecdsa/ecdsa.h @@ -81,9 +81,6 @@ typedef struct ECDSA_SIG_st BIGNUM *s; } ECDSA_SIG; -/* ecdsa_data_st is defined in ecs_locl.h */ -typedef struct ecdsa_data_st ECDSA_DATA; - /** ECDSA_SIG *ECDSA_SIG_new(void) * allocates and initialize a ECDSA_SIG structure * \return pointer to a ECDSA_SIG structure or NULL if an error occurred @@ -115,25 +112,6 @@ int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp); */ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len); -/** ECDSA_DATA_new - * creates a new ECDSA_DATA object - * \return pointer to a newly allocated (and initialized) ECDSA_DATA object - */ -ECDSA_DATA *ECDSA_DATA_new(void); - -/** ECDSA_DATA_new_method - * creates a new ECDSA_DATA object using a specified ENGINE - * \param eng pointer to a ENGINE structure - * \return pointer to a newly allocated (and initialized) ECDSA_DATA object - */ -ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng); - -/** ECDSA_DATA_free - * frees ECDSA_DATA structure - * \param data pointer to a ECDSA_DATA structure - */ -void ECDSA_DATA_free(ECDSA_DATA *data); - /** ECDSA_do_sign * computes the ECDSA signature of the given hash value using * the supplied private key and returns the created signature. @@ -144,6 +122,20 @@ void ECDSA_DATA_free(ECDSA_DATA *data); */ ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey); +/** ECDSA_do_sign_ex + * computes ECDSA signature of a given hash value using the supplied + * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). + * \param dgst pointer to the hash value to sign + * \param dgstlen length of the hash value + * \param kinv optional pointer to a pre-computed inverse k + * \param rp optional pointer to the pre-computed rp value (see + * ECDSA_sign_setup + * \param eckey pointer to the EC_KEY object containing a private EC key + * \return pointer to a ECDSA_SIG structure or NULL + */ +ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, + const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); + /** ECDSA_do_verify * verifies that the supplied signature is a valid ECDSA * signature of the supplied hash value using the supplied public key. @@ -186,9 +178,7 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); int ECDSA_size(const EC_KEY *eckey); /** ECDSA_sign_setup - * precompute parts of the signing operation (the computed values may be - * passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature - * computation). + * precompute parts of the signing operation. * \param eckey pointer to the EC_KEY object containing a private EC key * \param ctx pointer to a BN_CTX object (may be NULL) * \param kinv pointer to a BIGNUM pointer for the inverse of k @@ -212,6 +202,25 @@ int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); + +/** ECDSA_sign_ex + * computes ECDSA signature of a given hash value using the supplied + * private key (note: sig must point to ECDSA_size(eckey) bytes of memory). + * \param type this parameter is ignored + * \param dgst pointer to the hash value to sign + * \param dgstlen length of the hash value + * \param sig buffer to hold the DER encoded signature + * \param siglen pointer to the length of the returned signature + * \param kinv optional pointer to a pre-computed inverse k + * \param rp optional pointer to the pre-computed rp value (see + * ECDSA_sign_setup + * \param eckey pointer to the EC_KEY object containing a private EC key + * \return 1 on success and 0 otherwise + */ +int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, + unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, + const BIGNUM *rp, EC_KEY *eckey); + /** ECDSA_verify * verifies that the given signature is valid ECDSA signature * of the supplied hash value using the specified public key. diff --git a/crypto/ecdsa/ecdsatest.c b/crypto/ecdsa/ecdsatest.c index 5315d90dd2..70f2cc4e8e 100644 --- a/crypto/ecdsa/ecdsatest.c +++ b/crypto/ecdsa/ecdsatest.c @@ -3,7 +3,7 @@ * Written by Nils Larsch for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -201,9 +201,7 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid)); /* create the key */ - if ((key = EC_KEY_new()) == NULL) - goto x962_int_err; - if ((key->group = EC_GROUP_new_by_curve_name(nid)) == NULL) + if ((key = EC_KEY_new_by_curve_name(nid)) == NULL) goto x962_int_err; if (!EC_KEY_generate_key(key)) goto x962_int_err; @@ -291,6 +289,7 @@ int test_builtin(BIO *out) EC_builtin_curve *curves = NULL; size_t crv_len = 0, n = 0; EC_KEY *eckey = NULL, *wrong_eckey = NULL; + EC_GROUP *group; unsigned char digest[20], wrong_digest[20]; unsigned char *signature = NULL; unsigned int sig_len; @@ -337,9 +336,13 @@ int test_builtin(BIO *out) /* create new ecdsa key (== EC_KEY) */ if ((eckey = EC_KEY_new()) == NULL) goto builtin_err; - if ((eckey->group = EC_GROUP_new_by_curve_name(nid)) == NULL) + group = EC_GROUP_new_by_curve_name(nid); + if (group == NULL) + goto builtin_err; + if (EC_KEY_set_group(eckey, group) == 0) goto builtin_err; - if (EC_GROUP_get_degree(eckey->group) < 160) + EC_GROUP_free(group); + if (EC_GROUP_get_degree(EC_KEY_get0_group(eckey)) < 160) /* drop the curve */ { EC_KEY_free(eckey); @@ -356,8 +359,12 @@ int test_builtin(BIO *out) /* create second key */ if ((wrong_eckey = EC_KEY_new()) == NULL) goto builtin_err; - if ((wrong_eckey->group = EC_GROUP_new_by_curve_name(nid)) == NULL) + group = EC_GROUP_new_by_curve_name(nid); + if (group == NULL) + goto builtin_err; + if (EC_KEY_set_group(wrong_eckey, group) == 0) goto builtin_err; + EC_GROUP_free(group); if (!EC_KEY_generate_key(wrong_eckey)) { BIO_printf(out, " failed\n"); diff --git a/crypto/ecdsa/ecs_lib.c b/crypto/ecdsa/ecs_lib.c index 645a7087c8..8a6d4ad45d 100644 --- a/crypto/ecdsa/ecs_lib.c +++ b/crypto/ecdsa/ecs_lib.c @@ -1,6 +1,6 @@ /* crypto/ecdsa/ecs_lib.c */ /* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -63,10 +63,11 @@ const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT; -static void ecdsa_finish(EC_KEY *); - static const ECDSA_METHOD *default_ECDSA_method = NULL; +static void *ecdsa_data_dup(void *); +static void ecdsa_data_free(void *); + void ECDSA_set_default_method(const ECDSA_METHOD *meth) { default_ECDSA_method = meth; @@ -90,10 +91,6 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth) return 0; mtmp = ecdsa->meth; -#if 0 - if (mtmp->finish) - mtmp->finish(eckey); -#endif #ifndef OPENSSL_NO_ENGINE if (ecdsa->engine) { @@ -102,19 +99,11 @@ int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth) } #endif ecdsa->meth = meth; -#if 0 - if (meth->init) - meth->init(eckey); -#endif - return 1; -} -ECDSA_DATA *ECDSA_DATA_new(void) -{ - return ECDSA_DATA_new_method(NULL); + return 1; } -ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) +static ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) { ECDSA_DATA *ret; @@ -126,10 +115,6 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) } ret->init = NULL; - ret->finish = ecdsa_finish; - - ret->kinv = NULL; - ret->r = NULL; ret->meth = ECDSA_get_default_method(); ret->engine = engine; @@ -162,22 +147,30 @@ ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *engine) return(ret); } -void ECDSA_DATA_free(ECDSA_DATA *r) +void *ecdsa_data_new(void) { - if (r->kinv) - BN_clear_free(r->kinv); - if (r->r) - BN_clear_free(r->r); + return (void *)ECDSA_DATA_new_method(NULL); +} + +static void *ecdsa_data_dup(void *data) +{ + ECDSA_DATA *r = (ECDSA_DATA *)data; + + /* XXX: dummy operation */ + if (r == NULL) + return NULL; + + return ecdsa_data_new(); +} + +static void ecdsa_data_free(void *data) +{ + ECDSA_DATA *r = (ECDSA_DATA *)data; -#if 0 - if (r->meth->finish) - r->meth->finish(r); -#endif #ifndef OPENSSL_NO_ENGINE if (r->engine) ENGINE_finish(r->engine); #endif - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data); OPENSSL_cleanse((void *)r, sizeof(ECDSA_DATA)); @@ -187,23 +180,23 @@ void ECDSA_DATA_free(ECDSA_DATA *r) ECDSA_DATA *ecdsa_check(EC_KEY *key) { - if (key->meth_data) + ECDSA_DATA *ecdsa_data; + + void *data = EC_KEY_get_key_method_data(key, ecdsa_data_dup, + ecdsa_data_free, ecdsa_data_free); + if (data == NULL) { - if (key->meth_data->finish != ecdsa_finish) - { - key->meth_data->finish(key); - key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new(); - } + ecdsa_data = (ECDSA_DATA *)ecdsa_data_new(); + if (ecdsa_data == NULL) + return NULL; + EC_KEY_insert_key_method_data(key, (void *)ecdsa_data, + ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free); } else - key->meth_data = (EC_KEY_METH_DATA *)ECDSA_DATA_new(); - return (ECDSA_DATA *)key->meth_data; -} + ecdsa_data = (ECDSA_DATA *)data; + -static void ecdsa_finish(EC_KEY *key) -{ - if (key->meth_data && key->meth_data->finish == ecdsa_finish) - ECDSA_DATA_free((ECDSA_DATA *)key->meth_data); + return ecdsa_data; } int ECDSA_size(const EC_KEY *r) @@ -212,11 +205,12 @@ int ECDSA_size(const EC_KEY *r) ASN1_INTEGER bs; BIGNUM *order=NULL; unsigned char buf[4]; + const EC_GROUP *group = EC_KEY_get0_group(r); - if (r == NULL || r->group == NULL) + if (r == NULL || group == NULL) return 0; if ((order = BN_new()) == NULL) return 0; - if (!EC_GROUP_get_order(r->group,order,NULL)) + if (!EC_GROUP_get_order(group,order,NULL)) { BN_clear_free(order); return 0; diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h index 343b866249..3a69a840e2 100644 --- a/crypto/ecdsa/ecs_locl.h +++ b/crypto/ecdsa/ecs_locl.h @@ -69,7 +69,7 @@ struct ecdsa_method { const char *name; ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, - EC_KEY *eckey); + const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey); int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r); int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, @@ -82,18 +82,15 @@ struct ecdsa_method char *app_data; }; -struct ecdsa_data_st { +typedef struct ecdsa_data_st { /* EC_KEY_METH_DATA part */ int (*init)(EC_KEY *); - void (*finish)(EC_KEY *); /* method (ECDSA) specific part */ - BIGNUM *kinv; /* signing pre-calc */ - BIGNUM *r; /* signing pre-calc */ ENGINE *engine; int flags; const ECDSA_METHOD *meth; CRYPTO_EX_DATA ex_data; -}; +} ECDSA_DATA; /** ecdsa_check * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index ea776db8d8..8be45ddc93 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -62,7 +62,7 @@ #include <openssl/bn.h> static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, - EC_KEY *eckey); + const BIGNUM *, const BIGNUM *, EC_KEY *eckey); static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp); static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, @@ -92,14 +92,14 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BN_CTX *ctx = NULL; BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; EC_POINT *tmp_point=NULL; - EC_GROUP *group; + const EC_GROUP *group; int ret = 0; - if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key) + + if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER); return 0; } - group = eckey->group; if (ctx_in == NULL) { @@ -210,24 +210,27 @@ err: static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, - EC_KEY *eckey) + const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) { int ok = 0; - BIGNUM *kinv=NULL, *r, *s, *m=NULL,*tmp=NULL,*order=NULL; + BIGNUM *kinv=NULL, *s, *m=NULL,*tmp=NULL,*order=NULL; + const BIGNUM *ckinv; BN_CTX *ctx = NULL; - EC_GROUP *group; + const EC_GROUP *group; ECDSA_SIG *ret; ECDSA_DATA *ecdsa; + const BIGNUM *priv_key; - ecdsa = ecdsa_check(eckey); - - if (!eckey->group || !eckey->pub_key || !eckey->priv_key || !ecdsa) + ecdsa = ecdsa_check(eckey); + group = EC_KEY_get0_group(eckey); + priv_key = EC_KEY_get0_private_key(eckey); + + if (group == NULL || priv_key == NULL || ecdsa == NULL) { ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER); return NULL; } - group = eckey->group; ret = ECDSA_SIG_new(); if (!ret) { @@ -262,26 +265,26 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, } do { - if (ecdsa->kinv == NULL || ecdsa->r == NULL) + if (in_kinv == NULL || in_r == NULL) { if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r)) { ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB); goto err; } - r = ret->r; + ckinv = kinv; } else { - BN_free(ret->r); - kinv = ecdsa->kinv; - r = ecdsa->r; - ret->r = r; - ecdsa->kinv = NULL; - ecdsa->r = NULL; + ckinv = in_kinv; + if (BN_copy(ret->r, in_r) == NULL) + { + ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } } - if (!BN_mod_mul(tmp, eckey->priv_key, r, order, ctx)) + if (!BN_mod_mul(tmp, priv_key, ret->r, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); goto err; @@ -291,7 +294,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); goto err; } - if (!BN_mod_mul(s, s, kinv, order, ctx)) + if (!BN_mod_mul(s, s, ckinv, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB); goto err; @@ -326,16 +329,17 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, BN_CTX *ctx; BIGNUM *order, *u1, *u2, *m, *X; EC_POINT *point = NULL; - EC_GROUP *group; + const EC_GROUP *group; + const EC_POINT *pub_key; + /* check input values */ - if (!eckey || !eckey->group || !eckey->pub_key || !sig) + if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || + (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS); return -1; } - group = eckey->group; - ctx = BN_CTX_new(); if (!ctx) { @@ -398,7 +402,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE); goto err; } - if (!EC_POINT_mul(group, point, u1, eckey->pub_key, u2, ctx)) + if (!EC_POINT_mul(group, point, u1, pub_key, u2, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB); goto err; diff --git a/crypto/ecdsa/ecs_sign.c b/crypto/ecdsa/ecs_sign.c index ee6aef8010..5143923050 100644 --- a/crypto/ecdsa/ecs_sign.c +++ b/crypto/ecdsa/ecs_sign.c @@ -58,27 +58,40 @@ #include <openssl/engine.h> #endif -ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) +ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) +{ + return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey); +} + +ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dlen, + const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey) { ECDSA_DATA *ecdsa = ecdsa_check(eckey); if (ecdsa == NULL) return NULL; - return ecdsa->meth->ecdsa_do_sign(dgst, dlen, eckey); + return ecdsa->meth->ecdsa_do_sign(dgst, dlen, NULL, NULL, eckey); } int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, unsigned int *siglen, EC_KEY *eckey) { + return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey); +} + +int ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char + *sig, unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, + EC_KEY *eckey) +{ ECDSA_SIG *s; - s=ECDSA_do_sign(dgst,dlen,eckey); + s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); if (s == NULL) { *siglen=0; - return(0); + return 0; } - *siglen=i2d_ECDSA_SIG(s,&sig); + *siglen = i2d_ECDSA_SIG(s, &sig); ECDSA_SIG_free(s); - return(1); + return 1; } int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 4d38425b03..e35d472c70 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -140,7 +140,7 @@ struct evp_pkey_st struct dh_st *dh; /* DH */ #endif #ifndef OPENSSL_NO_EC - struct ec_key_st *eckey;/* ECC */ + struct ec_key_st *ec; /* ECC */ #endif } pkey; int save_parameters; diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 6510ed54dc..b71555e712 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -250,6 +250,7 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) } else { + EC_GROUP *group; cp = p = param->value.object->data; plen = param->value.object->length; @@ -262,11 +263,13 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) ERR_R_MALLOC_FAILURE); goto ecerr; } - if ((eckey->group = EC_GROUP_new_by_curve_name( - OBJ_obj2nid(a->parameter->value.object))) == NULL) + group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object)); + if (group == NULL) goto ecerr; - EC_GROUP_set_asn1_flag(eckey->group, - OPENSSL_EC_NAMED_CURVE); + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + if (EC_KEY_set_group(eckey, group) == 0) + goto ecerr; + EC_GROUP_free(group); } /* We have parameters now set private key */ @@ -277,28 +280,40 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) } /* calculate public key (if necessary) */ - if (!eckey->pub_key) + if (EC_KEY_get0_public_key(eckey) == NULL) { + const BIGNUM *priv_key; + const EC_GROUP *group; + EC_POINT *pub_key; /* the public key was not included in the SEC1 private * key => calculate the public key */ - eckey->pub_key = EC_POINT_new(eckey->group); - if (!eckey->pub_key) + group = EC_KEY_get0_group(eckey); + pub_key = EC_POINT_new(group); + if (pub_key == NULL) + { + EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); + goto ecerr; + } + if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group))) { + EC_POINT_free(pub_key); EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } - if (!EC_POINT_copy(eckey->pub_key, - EC_GROUP_get0_generator(eckey->group))) + priv_key = EC_KEY_get0_private_key(eckey); + if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) { + EC_POINT_free(pub_key); EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } - if (!EC_POINT_mul(eckey->group, eckey->pub_key, - eckey->priv_key, NULL, NULL, ctx)) + if (EC_KEY_set_public_key(eckey, pub_key) == 0) { + EC_POINT_free(pub_key); EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB); goto ecerr; } + EC_POINT_free(pub_key); } EVP_PKEY_assign_EC_KEY(pkey, eckey); @@ -583,17 +598,18 @@ err: #ifndef OPENSSL_NO_EC static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) { - EC_KEY *eckey; + EC_KEY *ec_key; + const EC_GROUP *group; unsigned char *p, *pp; int nid, i, ret = 0; - unsigned int tmp_flags; + unsigned int tmp_flags, old_flags; - if (pkey->pkey.eckey == NULL || pkey->pkey.eckey->group == NULL) + ec_key = pkey->pkey.ec; + if (ec_key == NULL || (group = EC_KEY_get0_group(ec_key)) == NULL) { EVPerr(EVP_F_ECKEY_PKEY2PKCS8, EVP_R_MISSING_PARAMETERS); return 0; } - eckey = pkey->pkey.eckey; /* set the ec parameters OID */ if (p8->pkeyalg->algorithm) @@ -615,8 +631,8 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) return 0; } - if (EC_GROUP_get_asn1_flag(eckey->group) - && (nid = EC_GROUP_get_curve_name(eckey->group))) + if (EC_GROUP_get_asn1_flag(group) + && (nid = EC_GROUP_get_curve_name(group))) { /* we have a 'named curve' => just set the OID */ p8->pkeyalg->parameter->type = V_ASN1_OBJECT; @@ -624,7 +640,7 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) } else /* explicit parameters */ { - if ((i = i2d_ECParameters(eckey, NULL)) == 0) + if ((i = i2d_ECParameters(ec_key, NULL)) == 0) { EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); return 0; @@ -635,7 +651,7 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) return 0; } pp = p; - if (!i2d_ECParameters(eckey, &pp)) + if (!i2d_ECParameters(ec_key, &pp)) { EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); OPENSSL_free(p); @@ -657,32 +673,33 @@ static int eckey_pkey2pkcs8(PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *pkey) /* do not include the parameters in the SEC1 private key * see PKCS#11 12.11 */ - tmp_flags = pkey->pkey.eckey->enc_flag; - pkey->pkey.eckey->enc_flag |= EC_PKEY_NO_PARAMETERS; - i = i2d_ECPrivateKey(pkey->pkey.eckey, NULL); + old_flags = EC_KEY_get_enc_flags(pkey->pkey.ec); + tmp_flags = old_flags | EC_PKEY_NO_PARAMETERS; + EC_KEY_set_enc_flags(pkey->pkey.ec, tmp_flags); + i = i2d_ECPrivateKey(pkey->pkey.ec, NULL); if (!i) { - pkey->pkey.eckey->enc_flag = tmp_flags; + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); return 0; } p = (unsigned char *) OPENSSL_malloc(i); if (!p) { - pkey->pkey.eckey->enc_flag = tmp_flags; + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); return 0; } pp = p; - if (!i2d_ECPrivateKey(pkey->pkey.eckey, &pp)) + if (!i2d_ECPrivateKey(pkey->pkey.ec, &pp)) { - pkey->pkey.eckey->enc_flag = tmp_flags; + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); EVPerr(EVP_F_ECKEY_PKEY2PKCS8, ERR_R_EC_LIB); OPENSSL_free(p); return 0; } /* restore old encoding flags */ - pkey->pkey.eckey->enc_flag = tmp_flags; + EC_KEY_set_enc_flags(pkey->pkey.ec, old_flags); switch(p8->broken) { diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 85caa478ca..04b57e8251 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -86,6 +86,7 @@ int EVP_PKEY_bits(EVP_PKEY *pkey) else if (pkey->type == EVP_PKEY_EC) { BIGNUM *order = BN_new(); + const EC_GROUP *group; int ret; if (!order) @@ -93,7 +94,8 @@ int EVP_PKEY_bits(EVP_PKEY *pkey) ERR_clear_error(); return 0; } - if (!EC_GROUP_get_order(pkey->pkey.eckey->group, order, NULL)) + group = EC_KEY_get0_group(pkey->pkey.ec); + if (!EC_GROUP_get_order(group, order, NULL)) { ERR_clear_error(); return 0; @@ -122,7 +124,7 @@ int EVP_PKEY_size(EVP_PKEY *pkey) #endif #ifndef OPENSSL_NO_ECDSA if (pkey->type == EVP_PKEY_EC) - return(ECDSA_size(pkey->pkey.eckey)); + return(ECDSA_size(pkey->pkey.ec)); #endif return(0); @@ -187,13 +189,12 @@ int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) #ifndef OPENSSL_NO_EC if (to->type == EVP_PKEY_EC) { - if (to->pkey.eckey->group != NULL) - EC_GROUP_free(to->pkey.eckey->group); - if ((to->pkey.eckey->group = EC_GROUP_new( - EC_GROUP_method_of(from->pkey.eckey->group))) == NULL) + EC_GROUP *group = EC_GROUP_dup(EC_KEY_get0_group(from->pkey.ec)); + if (group == NULL) goto err; - if (!EC_GROUP_copy(to->pkey.eckey->group, - from->pkey.eckey->group)) goto err; + if (EC_KEY_set_group(to->pkey.ec, group) == 0) + goto err; + EC_GROUP_free(group); } #endif return(1); @@ -216,7 +217,7 @@ int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey) #ifndef OPENSSL_NO_EC if (pkey->type == EVP_PKEY_EC) { - if (pkey->pkey.eckey->group == NULL) + if (EC_KEY_get0_group(pkey->pkey.ec) == NULL) return(1); } #endif @@ -240,7 +241,9 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) #ifndef OPENSSL_NO_EC if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC) { - if (EC_GROUP_cmp(a->pkey.eckey->group, b->pkey.eckey->group, NULL)) + const EC_GROUP *group_a = EC_KEY_get0_group(a->pkey.ec), + *group_b = EC_KEY_get0_group(b->pkey.ec); + if (EC_GROUP_cmp(group_a, group_b, NULL)) return 0; else return 1; @@ -275,8 +278,11 @@ int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b) #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: { - int r = EC_POINT_cmp(b->pkey.eckey->group, - b->pkey.eckey->pub_key,a->pkey.eckey->pub_key,NULL); + int r; + const EC_GROUP *group = EC_KEY_get0_group(b->pkey.ec); + const EC_POINT *pa = EC_KEY_get0_public_key(a->pkey.ec), + *pb = EC_KEY_get0_public_key(b->pkey.ec); + r = EC_POINT_cmp(group, pa, pb, NULL); if (r != 0) { if (r == 1) @@ -372,8 +378,9 @@ DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey) int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key) { int ret = EVP_PKEY_assign_EC_KEY(pkey,key); - if (ret) CRYPTO_add(&key->references, 1, CRYPTO_LOCK_EC); - return ret; + if (ret) + EC_KEY_up_ref(key); + return ret; } EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) @@ -383,8 +390,8 @@ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey) EVPerr(EVP_F_EVP_PKEY_GET1_EC_KEY, EVP_R_EXPECTING_A_EC_KEY); return NULL; } - CRYPTO_add(&pkey->pkey.eckey->references, 1, CRYPTO_LOCK_EC); - return pkey->pkey.eckey; + EC_KEY_up_ref(pkey->pkey.ec); + return pkey->pkey.ec; } #endif @@ -476,7 +483,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x) #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - EC_KEY_free(x->pkey.eckey); + EC_KEY_free(x->pkey.ec); break; #endif #ifndef OPENSSL_NO_DH diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index c8980bb56f..489e71a892 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -225,7 +225,7 @@ start: if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL) goto err; xi->x_pkey->dec_pkey->type=EVP_PKEY_EC; - pp=&(xi->x_pkey->dec_pkey->pkey.eckey); + pp=&(xi->x_pkey->dec_pkey->pkey.ec); if ((int)strlen(header) > 10) /* assume encrypted */ raw=1; } diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index d0d1e51019..d4f7cec712 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -1189,6 +1189,9 @@ int ssl3_get_key_exchange(SSL *s) #ifndef OPENSSL_NO_ECDH else if (alg & SSL_kECDHE) { + EC_GROUP *ngroup; + const EC_GROUP *group; + if ((ecdh=EC_KEY_new()) == NULL) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); @@ -1214,14 +1217,23 @@ int ssl3_get_key_exchange(SSL *s) goto f_err; } - if (!(ecdh->group=EC_GROUP_new_by_curve_name(curve_nid))) + ngroup = EC_GROUP_new_by_curve_name(curve_nid); + if (ngroup == NULL) + { + SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_EC_LIB); + goto err; + } + if (EC_KEY_set_group(ecdh, ngroup) == 0) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_EC_LIB); goto err; } + EC_GROUP_free(ngroup); + + group = EC_KEY_get0_group(ecdh); if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && - (EC_GROUP_get_degree(ecdh->group) > 163)) + (EC_GROUP_get_degree(group) > 163)) { al=SSL_AD_EXPORT_RESTRICTION; SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER); @@ -1231,7 +1243,7 @@ int ssl3_get_key_exchange(SSL *s) p+=2; /* Next, get the encoded ECPoint */ - if (((srvr_ecpoint = EC_POINT_new(ecdh->group)) == NULL) || + if (((srvr_ecpoint = EC_POINT_new(group)) == NULL) || ((bn_ctx = BN_CTX_new()) == NULL)) { SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); @@ -1242,7 +1254,7 @@ int ssl3_get_key_exchange(SSL *s) p+=1; param_len += (1 + encoded_pt_len); if ((param_len > n) || - (EC_POINT_oct2point(ecdh->group, srvr_ecpoint, + (EC_POINT_oct2point(group, srvr_ecpoint, p, encoded_pt_len, bn_ctx) == 0)) { al=SSL_AD_DECODE_ERROR; @@ -1267,10 +1279,11 @@ int ssl3_get_key_exchange(SSL *s) pkey=X509_get_pubkey(s->session->sess_cert->peer_pkeys[SSL_PKEY_ECC].x509); #endif /* else anonymous ECDH, so no certificate or pkey. */ - ecdh->pub_key = srvr_ecpoint; + EC_KEY_set_public_key(ecdh, srvr_ecpoint); s->session->sess_cert->peer_ecdh_tmp=ecdh; ecdh=NULL; BN_CTX_free(bn_ctx); + EC_POINT_free(srvr_ecpoint); srvr_ecpoint = NULL; } else if (alg & SSL_kECDH) @@ -1623,7 +1636,7 @@ int ssl3_send_client_key_exchange(SSL *s) #endif /* OPENSSL_NO_KRB5 */ #ifndef OPENSSL_NO_ECDH EC_KEY *clnt_ecdh = NULL; - EC_POINT *srvr_ecpoint = NULL; + const EC_POINT *srvr_ecpoint = NULL; EVP_PKEY *srvr_pub_pkey = NULL; unsigned char *encodedPoint = NULL; int encoded_pt_len = 0; @@ -1890,7 +1903,8 @@ int ssl3_send_client_key_exchange(SSL *s) #ifndef OPENSSL_NO_ECDH else if ((l & SSL_kECDH) || (l & SSL_kECDHE)) { - EC_GROUP *srvr_group = NULL; + const EC_GROUP *srvr_group = NULL; + EC_KEY *tkey; int ecdh_clnt_cert = 0; int field_size = 0; @@ -1924,10 +1938,7 @@ int ssl3_send_client_key_exchange(SSL *s) if (s->session->sess_cert->peer_ecdh_tmp != NULL) { - srvr_group = s->session->sess_cert-> \ - peer_ecdh_tmp->group; - srvr_ecpoint = s->session->sess_cert-> \ - peer_ecdh_tmp->pub_key; + tkey = s->session->sess_cert->peer_ecdh_tmp; } else { @@ -1936,18 +1947,19 @@ int ssl3_send_client_key_exchange(SSL *s) sess_cert->peer_pkeys[SSL_PKEY_ECC].x509); if ((srvr_pub_pkey == NULL) || (srvr_pub_pkey->type != EVP_PKEY_EC) || - (srvr_pub_pkey->pkey.eckey == NULL)) + (srvr_pub_pkey->pkey.ec == NULL)) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); goto err; } - srvr_group = srvr_pub_pkey->pkey.eckey->group; - srvr_ecpoint = - srvr_pub_pkey->pkey.eckey->pub_key; + tkey = srvr_pub_pkey->pkey.ec; } + srvr_group = EC_KEY_get0_group(tkey); + srvr_ecpoint = EC_KEY_get0_public_key(tkey); + if ((srvr_group == NULL) || (srvr_ecpoint == NULL)) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -1961,15 +1973,30 @@ int ssl3_send_client_key_exchange(SSL *s) goto err; } - clnt_ecdh->group = srvr_group; + if (!EC_KEY_set_group(clnt_ecdh, srvr_group)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB); + goto err; + } if (ecdh_clnt_cert) { /* Reuse key info from our certificate * We only need our private key to perform * the ECDH computation. */ - clnt_ecdh->priv_key = BN_dup(s->cert->key-> \ - privatekey->pkey.eckey->priv_key); + const BIGNUM *priv_key; + tkey = s->cert->key->privatekey->pkey.ec; + priv_key = EC_KEY_get0_private_key(tkey); + if (priv_key == NULL) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE); + goto err; + } + if (!EC_KEY_set_private_key(clnt_ecdh, priv_key)) + { + SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_EC_LIB); + goto err; + } } else { @@ -1985,7 +2012,7 @@ int ssl3_send_client_key_exchange(SSL *s) * make sure to clear it out afterwards */ - field_size = EC_GROUP_get_degree(clnt_ecdh->group); + field_size = EC_GROUP_get_degree(srvr_group); if (field_size <= 0) { SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE, @@ -2026,8 +2053,8 @@ int ssl3_send_client_key_exchange(SSL *s) * allocate memory accordingly. */ encoded_pt_len = - EC_POINT_point2oct(clnt_ecdh->group, - clnt_ecdh->pub_key, + EC_POINT_point2oct(srvr_group, + EC_KEY_get0_public_key(clnt_ecdh), POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); @@ -2043,8 +2070,8 @@ int ssl3_send_client_key_exchange(SSL *s) } /* Encode the public key */ - n = EC_POINT_point2oct(clnt_ecdh->group, - clnt_ecdh->pub_key, + n = EC_POINT_point2oct(srvr_group, + EC_KEY_get0_public_key(clnt_ecdh), POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encoded_pt_len, bn_ctx); @@ -2061,11 +2088,7 @@ int ssl3_send_client_key_exchange(SSL *s) BN_CTX_free(bn_ctx); if (encodedPoint != NULL) OPENSSL_free(encodedPoint); if (clnt_ecdh != NULL) - { - /* group is shared */ - clnt_ecdh->group = NULL; EC_KEY_free(clnt_ecdh); - } EVP_PKEY_free(srvr_pub_pkey); } #endif /* !OPENSSL_NO_ECDH */ @@ -2094,11 +2117,7 @@ err: BN_CTX_free(bn_ctx); if (encodedPoint != NULL) OPENSSL_free(encodedPoint); if (clnt_ecdh != NULL) - { - /* group is shared */ - clnt_ecdh->group = NULL; EC_KEY_free(clnt_ecdh); - } EVP_PKEY_free(srvr_pub_pkey); #endif return(-1); @@ -2165,7 +2184,7 @@ int ssl3_send_client_verify(SSL *s) if (!ECDSA_sign(pkey->save_type, &(data[MD5_DIGEST_LENGTH]), SHA_DIGEST_LENGTH,&(p[2]), - (unsigned int *)&j,pkey->pkey.eckey)) + (unsigned int *)&j,pkey->pkey.ec)) { SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY, ERR_R_ECDSA_LIB); diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index a34fc729be..4b1931a71f 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -1261,6 +1261,8 @@ int ssl3_send_server_key_exchange(SSL *s) #ifndef OPENSSL_NO_ECDH if (type & SSL_kECDHE) { + const EC_GROUP *group; + ecdhp=cert->ecdh_tmp; if ((ecdhp == NULL) && (s->cert->ecdh_tmp_cb != NULL)) { @@ -1296,8 +1298,8 @@ int ssl3_send_server_key_exchange(SSL *s) ecdh = ecdhp; s->s3->tmp.ecdh=ecdh; - if ((ecdh->pub_key == NULL) || - (ecdh->priv_key == NULL) || + if ((EC_KEY_get0_public_key(ecdh) == NULL) || + (EC_KEY_get0_private_key(ecdh) == NULL) || (s->options & SSL_OP_SINGLE_ECDH_USE)) { if(!EC_KEY_generate_key(ecdh)) @@ -1307,16 +1309,16 @@ int ssl3_send_server_key_exchange(SSL *s) } } - if ((ecdh->group == NULL) || - (ecdh->pub_key == NULL) || - (ecdh->priv_key == NULL)) + if (((group = EC_KEY_get0_group(ecdh)) == NULL) || + (EC_KEY_get0_public_key(ecdh) == NULL) || + (EC_KEY_get0_private_key(ecdh) == NULL)) { SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_ECDH_LIB); goto err; } if (SSL_C_IS_EXPORT(s->s3->tmp.new_cipher) && - (EC_GROUP_get_degree(ecdh->group) > 163)) + (EC_GROUP_get_degree(group) > 163)) { SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ECGROUP_TOO_LARGE_FOR_CIPHER); goto err; @@ -1327,7 +1329,7 @@ int ssl3_send_server_key_exchange(SSL *s) * supported named curves, curve_id is non-zero. */ if ((curve_id = - nid2curve_id(EC_GROUP_get_curve_name(ecdh->group))) + nid2curve_id(EC_GROUP_get_curve_name(group))) == 0) { SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNSUPPORTED_ELLIPTIC_CURVE); @@ -1338,8 +1340,8 @@ int ssl3_send_server_key_exchange(SSL *s) * First check the size of encoding and * allocate memory accordingly. */ - encodedlen = EC_POINT_point2oct(ecdh->group, - ecdh->pub_key, + encodedlen = EC_POINT_point2oct(group, + EC_KEY_get0_public_key(ecdh), POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); @@ -1353,8 +1355,8 @@ int ssl3_send_server_key_exchange(SSL *s) } - encodedlen = EC_POINT_point2oct(ecdh->group, - ecdh->pub_key, + encodedlen = EC_POINT_point2oct(group, + EC_KEY_get0_public_key(ecdh), POINT_CONVERSION_UNCOMPRESSED, encodedPoint, encodedlen, bn_ctx); @@ -2040,6 +2042,9 @@ int ssl3_get_client_key_exchange(SSL *s) { int ret = 1; int field_size = 0; + const EC_KEY *tkey; + const EC_GROUP *group; + const BIGNUM *priv_key; /* initialize structures for server's ECDH key pair */ if ((srvr_ecdh = EC_KEY_new()) == NULL) @@ -2053,23 +2058,29 @@ int ssl3_get_client_key_exchange(SSL *s) if (l & SSL_kECDH) { /* use the certificate */ - srvr_ecdh->group = s->cert->key->privatekey-> \ - pkey.eckey->group; - srvr_ecdh->priv_key = s->cert->key->privatekey-> \ - pkey.eckey->priv_key; + tkey = s->cert->key->privatekey->pkey.ec; } else { /* use the ephermeral values we saved when * generating the ServerKeyExchange msg. */ - srvr_ecdh->group = s->s3->tmp.ecdh->group; - srvr_ecdh->priv_key = s->s3->tmp.ecdh->priv_key; + tkey = s->s3->tmp.ecdh; + } + + group = EC_KEY_get0_group(tkey); + priv_key = EC_KEY_get0_private_key(tkey); + + if (!EC_KEY_set_group(srvr_ecdh, group) || + !EC_KEY_set_private_key(srvr_ecdh, priv_key)) + { + SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, + ERR_R_EC_LIB); + goto err; } /* Let's get client's public key */ - if ((clnt_ecpoint = EC_POINT_new(srvr_ecdh->group)) - == NULL) + if ((clnt_ecpoint = EC_POINT_new(group)) == NULL) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, ERR_R_MALLOC_FAILURE); @@ -2108,7 +2119,7 @@ int ssl3_get_client_key_exchange(SSL *s) } EC_POINT_copy(clnt_ecpoint, - clnt_pub_pkey->pkey.eckey->pub_key); + EC_KEY_get0_public_key(clnt_pub_pkey->pkey.ec)); ret = 2; /* Skip certificate verify processing */ } else @@ -2126,7 +2137,7 @@ int ssl3_get_client_key_exchange(SSL *s) /* Get encoded point length */ i = *p; p += 1; - if (EC_POINT_oct2point(srvr_ecdh->group, + if (EC_POINT_oct2point(group, clnt_ecpoint, p, i, bn_ctx) == 0) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, @@ -2140,7 +2151,7 @@ int ssl3_get_client_key_exchange(SSL *s) } /* Compute the shared pre-master secret */ - field_size = EC_GROUP_get_degree(srvr_ecdh->group); + field_size = EC_GROUP_get_degree(group); if (field_size <= 0) { SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, @@ -2165,11 +2176,7 @@ int ssl3_get_client_key_exchange(SSL *s) EVP_PKEY_free(clnt_pub_pkey); EC_POINT_free(clnt_ecpoint); if (srvr_ecdh != NULL) - { - srvr_ecdh->priv_key = NULL; - srvr_ecdh->group = NULL; EC_KEY_free(srvr_ecdh); - } BN_CTX_free(bn_ctx); /* Compute the master secret */ @@ -2198,11 +2205,7 @@ err: EVP_PKEY_free(clnt_pub_pkey); EC_POINT_free(clnt_ecpoint); if (srvr_ecdh != NULL) - { - srvr_ecdh->priv_key = NULL; - srvr_ecdh->group = NULL; EC_KEY_free(srvr_ecdh); - } BN_CTX_free(bn_ctx); #endif return(-1); @@ -2333,7 +2336,7 @@ int ssl3_get_cert_verify(SSL *s) { j=ECDSA_verify(pkey->save_type, &(s->s3->tmp.cert_verify_md[MD5_DIGEST_LENGTH]), - SHA_DIGEST_LENGTH,p,i,pkey->pkey.eckey); + SHA_DIGEST_LENGTH,p,i,pkey->pkey.ec); if (j <= 0) { /* bad signature */ diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 085456c90e..f8e86c3ceb 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -720,36 +720,30 @@ bad: #ifndef OPENSSL_NO_ECDH if (!no_ecdhe) { - ecdh = EC_KEY_new(); - if (ecdh != NULL) - { - if (named_curve) - { - int nid = OBJ_sn2nid(named_curve); - - if (nid == 0) - { - BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); - EC_KEY_free(ecdh); - goto end; - } + int nid; - ecdh->group = EC_GROUP_new_by_curve_name(nid); - if (ecdh->group == NULL) - { - BIO_printf(bio_err, "unable to create curve (%s)\n", named_curve); - EC_KEY_free(ecdh); - goto end; - } + if (named_curve != NULL) + { + nid = OBJ_sn2nid(named_curve); + if (nid == 0) + { + BIO_printf(bio_err, "unknown curve name (%s)\n", named_curve); + goto end; } - - if (ecdh->group == NULL) - ecdh->group=EC_GROUP_new_by_curve_name(NID_sect163r2); + } + else + nid = NID_sect163r2; - SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); - SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); - EC_KEY_free(ecdh); + ecdh = EC_KEY_new_by_curve_name(nid); + if (ecdh == NULL) + { + BIO_printf(bio_err, "unable to create curve\n"); + goto end; } + + SSL_CTX_set_tmp_ecdh(s_ctx, ecdh); + SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE); + EC_KEY_free(ecdh); } #else (void)no_ecdhe; diff --git a/util/libeay.num b/util/libeay.num index b8c218461e..47881945aa 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -2876,472 +2876,483 @@ EVP_sha256 3315 EXIST::FUNCTION:SHA,SHA256 FIPS_selftest_hmac 3316 NOEXIST::FUNCTION: FIPS_corrupt_rng 3317 NOEXIST::FUNCTION: BN_mod_exp_mont_consttime 3318 EXIST::FUNCTION: -BIO_new_dgram 3319 EXIST::FUNCTION: -BN_get0_nist_prime_384 3320 EXIST::FUNCTION: -ERR_set_mark 3321 EXIST::FUNCTION: -X509_STORE_CTX_set0_crls 3322 EXIST::FUNCTION: -ENGINE_set_STORE 3323 EXIST::FUNCTION:ENGINE -ENGINE_register_ECDSA 3324 EXIST::FUNCTION:ENGINE -STORE_method_set_list_start_function 3325 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_start_fn 3325 EXIST:VMS:FUNCTION: -BN_BLINDING_invert_ex 3326 EXIST::FUNCTION: -NAME_CONSTRAINTS_free 3327 EXIST::FUNCTION: -STORE_ATTR_INFO_set_number 3328 EXIST::FUNCTION: -BN_BLINDING_get_thread_id 3329 EXIST::FUNCTION: -X509_STORE_CTX_set0_param 3330 EXIST::FUNCTION: -POLICY_MAPPING_it 3331 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPING_it 3331 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_parse_attrs_start 3332 EXIST::FUNCTION: -POLICY_CONSTRAINTS_free 3333 EXIST::FUNCTION: -EVP_PKEY_add1_attr_by_NID 3334 EXIST::FUNCTION: -BN_nist_mod_192 3335 EXIST::FUNCTION: -EC_GROUP_get_trinomial_basis 3336 EXIST::FUNCTION:EC -STORE_set_method 3337 EXIST::FUNCTION: -GENERAL_SUBTREE_free 3338 EXIST::FUNCTION: -NAME_CONSTRAINTS_it 3339 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -NAME_CONSTRAINTS_it 3339 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ECDH_get_default_method 3340 EXIST::FUNCTION:ECDH -PKCS12_add_safe 3341 EXIST::FUNCTION: -STORE_method_get_update_store_function 3342 EXIST:!VMS:FUNCTION: -STORE_meth_get_update_store_fn 3342 EXIST:VMS:FUNCTION: -ENGINE_register_ECDH 3343 EXIST::FUNCTION:ENGINE -SHA512_Update 3344 EXIST::FUNCTION:SHA,SHA512 -i2d_ECPrivateKey 3345 EXIST::FUNCTION:EC -BN_get0_nist_prime_192 3346 EXIST::FUNCTION: -STORE_modify_certificate 3347 EXIST::FUNCTION: -EC_POINT_set_affine_coordinates_GF2m 3348 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_affine_coords_GF2m 3348 EXIST:VMS:FUNCTION:EC -BN_GF2m_mod_exp_arr 3349 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_number 3350 EXIST::FUNCTION: -X509_keyid_get0 3351 EXIST::FUNCTION: -ENGINE_load_gmp 3352 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE -pitem_new 3353 EXIST::FUNCTION: -BN_GF2m_mod_mul_arr 3354 EXIST::FUNCTION: -STORE_list_public_key_endp 3355 EXIST::FUNCTION: -o2i_ECPublicKey 3356 EXIST::FUNCTION:EC -EC_KEY_copy 3357 EXIST::FUNCTION:EC -BIO_dump_fp 3358 EXIST::FUNCTION:FP_API -X509_policy_node_get0_parent 3359 EXIST::FUNCTION: -EC_GROUP_check_discriminant 3360 EXIST::FUNCTION:EC -i2o_ECPublicKey 3361 EXIST::FUNCTION:EC -a2i_IPADDRESS 3362 EXIST::FUNCTION: -STORE_method_set_initialise_function 3363 EXIST:!VMS:FUNCTION: -STORE_meth_set_initialise_fn 3363 EXIST:VMS:FUNCTION: -X509_STORE_CTX_set_depth 3364 EXIST::FUNCTION: -X509_VERIFY_PARAM_inherit 3365 EXIST::FUNCTION: -EC_POINT_point2bn 3366 EXIST::FUNCTION:EC -STORE_ATTR_INFO_set_dn 3367 EXIST::FUNCTION: -X509_policy_tree_get0_policies 3368 EXIST::FUNCTION: -EC_GROUP_new_curve_GF2m 3369 EXIST::FUNCTION:EC -STORE_destroy_method 3370 EXIST::FUNCTION: -ENGINE_unregister_STORE 3371 EXIST::FUNCTION:ENGINE -EVP_PKEY_get1_EC_KEY 3372 EXIST::FUNCTION:EC -STORE_ATTR_INFO_get0_number 3373 EXIST::FUNCTION: -ENGINE_get_default_ECDH 3374 EXIST::FUNCTION:ENGINE -ASN1_OCTET_STRING_NDEF_it 3375 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -ASN1_OCTET_STRING_NDEF_it 3375 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_delete_public_key 3376 EXIST::FUNCTION: -STORE_get_public_key 3377 EXIST::FUNCTION: -STORE_modify_arbitrary 3378 EXIST::FUNCTION: -ENGINE_get_static_state 3379 EXIST::FUNCTION:ENGINE -pqueue_iterator 3380 EXIST::FUNCTION: -ECDSA_SIG_new 3381 EXIST::FUNCTION:ECDSA -OPENSSL_DIR_end 3382 EXIST::FUNCTION: -BN_GF2m_mod_sqr 3383 EXIST::FUNCTION: -EC_POINT_bn2point 3384 EXIST::FUNCTION:EC -X509_VERIFY_PARAM_set_depth 3385 EXIST::FUNCTION: -STORE_get_method 3386 EXIST::FUNCTION: -STORE_parse_attrs_end 3387 EXIST::FUNCTION: -EC_GROUP_get_point_conversion_form 3388 EXIST:!VMS:FUNCTION:EC -EC_GROUP_get_point_conv_form 3388 EXIST:VMS:FUNCTION:EC -STORE_method_set_store_function 3389 EXIST::FUNCTION: -STORE_ATTR_INFO_in 3390 EXIST::FUNCTION: -PEM_read_bio_ECPKParameters 3391 EXIST::FUNCTION:EC -EC_GROUP_get_pentanomial_basis 3392 EXIST::FUNCTION:EC -EVP_PKEY_add1_attr_by_txt 3393 EXIST::FUNCTION: -BN_BLINDING_set_flags 3394 EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_policies 3395 EXIST::FUNCTION: -X509_VERIFY_PARAM_set1_name 3396 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_purpose 3397 EXIST::FUNCTION: -STORE_get_number 3398 EXIST::FUNCTION: -ECDSA_sign_setup 3399 EXIST::FUNCTION:ECDSA -BN_GF2m_mod_solve_quad_arr 3400 EXIST::FUNCTION: -EC_KEY_up_ref 3401 EXIST::FUNCTION:EC -POLICY_MAPPING_free 3402 EXIST::FUNCTION: -BN_GF2m_mod_div 3403 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_flags 3404 EXIST::FUNCTION: -EC_KEY_free 3405 EXIST::FUNCTION:EC -STORE_method_set_list_next_function 3406 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_next_fn 3406 EXIST:VMS:FUNCTION: -PEM_write_bio_ECPrivateKey 3407 EXIST::FUNCTION:EC -d2i_EC_PUBKEY 3408 EXIST::FUNCTION:EC -STORE_method_get_generate_function 3409 EXIST:!VMS:FUNCTION: -STORE_meth_get_generate_fn 3409 EXIST:VMS:FUNCTION: -STORE_method_set_list_end_function 3410 EXIST:!VMS:FUNCTION: -STORE_meth_set_list_end_fn 3410 EXIST:VMS:FUNCTION: -pqueue_print 3411 EXIST::FUNCTION: -EC_GROUP_have_precompute_mult 3412 EXIST::FUNCTION:EC -EC_KEY_print_fp 3413 EXIST::FUNCTION:EC,FP_API -BN_GF2m_mod_arr 3414 EXIST::FUNCTION: -PEM_write_bio_X509_CERT_PAIR 3415 EXIST::FUNCTION: -EVP_PKEY_cmp 3416 EXIST::FUNCTION: -X509_policy_level_node_count 3417 EXIST::FUNCTION: -STORE_new_engine 3418 EXIST::FUNCTION: -STORE_list_public_key_start 3419 EXIST::FUNCTION: -X509_VERIFY_PARAM_new 3420 EXIST::FUNCTION: -ECDH_get_ex_data 3421 EXIST::FUNCTION:ECDH -EVP_PKEY_get_attr 3422 EXIST::FUNCTION: -ECDSA_do_sign 3423 EXIST::FUNCTION:ECDSA -ENGINE_unregister_ECDH 3424 EXIST::FUNCTION:ENGINE -ECDH_OpenSSL 3425 EXIST::FUNCTION:ECDH -EC_POINT_dup 3426 EXIST::FUNCTION:EC -GENERAL_SUBTREE_new 3427 EXIST::FUNCTION: -STORE_list_crl_endp 3428 EXIST::FUNCTION: -EC_get_builtin_curves 3429 EXIST::FUNCTION:EC -X509_policy_node_get0_qualifiers 3430 EXIST:!VMS:FUNCTION: -X509_pcy_node_get0_qualifiers 3430 EXIST:VMS:FUNCTION: -STORE_list_crl_end 3431 EXIST::FUNCTION: -EVP_PKEY_set1_EC_KEY 3432 EXIST::FUNCTION:EC -BN_GF2m_mod_sqrt_arr 3433 EXIST::FUNCTION: -i2d_ECPrivateKey_bio 3434 EXIST::FUNCTION:BIO,EC -ECPKParameters_print_fp 3435 EXIST::FUNCTION:EC,FP_API -pqueue_find 3436 EXIST::FUNCTION: -ECDSA_SIG_free 3437 EXIST::FUNCTION:ECDSA -PEM_write_bio_ECPKParameters 3438 EXIST::FUNCTION:EC -STORE_method_set_ctrl_function 3439 EXIST::FUNCTION: -STORE_list_public_key_end 3440 EXIST::FUNCTION: -pqueue_peek 3441 EXIST::FUNCTION: -STORE_get_arbitrary 3442 EXIST::FUNCTION: -STORE_store_crl 3443 EXIST::FUNCTION: -X509_policy_node_get0_policy 3444 EXIST::FUNCTION: -PKCS12_add_safes 3445 EXIST::FUNCTION: -BN_BLINDING_convert_ex 3446 EXIST::FUNCTION: -X509_policy_tree_free 3447 EXIST::FUNCTION: -OPENSSL_ia32cap_loc 3448 EXIST::FUNCTION: -BN_GF2m_poly2arr 3449 EXIST::FUNCTION: -STORE_ctrl 3450 EXIST::FUNCTION: -STORE_ATTR_INFO_compare 3451 EXIST::FUNCTION: -BN_get0_nist_prime_224 3452 EXIST::FUNCTION: -i2d_ECParameters 3453 EXIST::FUNCTION:EC -i2d_ECPKParameters 3454 EXIST::FUNCTION:EC -BN_GENCB_call 3455 EXIST::FUNCTION: -d2i_ECPKParameters 3456 EXIST::FUNCTION:EC -STORE_method_set_generate_function 3457 EXIST:!VMS:FUNCTION: -STORE_meth_set_generate_fn 3457 EXIST:VMS:FUNCTION: -ENGINE_set_ECDH 3458 EXIST::FUNCTION:ENGINE -NAME_CONSTRAINTS_new 3459 EXIST::FUNCTION: -SHA256_Init 3460 EXIST::FUNCTION:SHA,SHA256 -PEM_write_bio_EC_PUBKEY 3461 EXIST::FUNCTION:EC -STORE_ATTR_INFO_set_cstr 3462 EXIST::FUNCTION: -STORE_list_crl_next 3463 EXIST::FUNCTION: -STORE_ATTR_INFO_in_range 3464 EXIST::FUNCTION: -ECParameters_print 3465 EXIST::FUNCTION:BIO,EC -STORE_method_set_delete_function 3466 EXIST:!VMS:FUNCTION: -STORE_meth_set_delete_fn 3466 EXIST:VMS:FUNCTION: -STORE_list_certificate_next 3467 EXIST::FUNCTION: -ASN1_generate_nconf 3468 EXIST::FUNCTION: -BUF_memdup 3469 EXIST::FUNCTION: -BN_GF2m_mod_mul 3470 EXIST::FUNCTION: -STORE_method_get_list_next_function 3471 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_next_fn 3471 EXIST:VMS:FUNCTION: -STORE_ATTR_INFO_get0_dn 3472 EXIST::FUNCTION: -STORE_list_private_key_next 3473 EXIST::FUNCTION: -EC_GROUP_set_seed 3474 EXIST::FUNCTION:EC -X509_VERIFY_PARAM_set_trust 3475 EXIST::FUNCTION: -STORE_ATTR_INFO_free 3476 EXIST::FUNCTION: -STORE_get_private_key 3477 EXIST::FUNCTION: -EVP_PKEY_get_attr_count 3478 EXIST::FUNCTION: -STORE_ATTR_INFO_new 3479 EXIST::FUNCTION: -EC_GROUP_get_curve_GF2m 3480 EXIST::FUNCTION:EC -STORE_method_set_revoke_function 3481 EXIST:!VMS:FUNCTION: -STORE_meth_set_revoke_fn 3481 EXIST:VMS:FUNCTION: -STORE_store_number 3482 EXIST::FUNCTION: -BN_is_prime_ex 3483 EXIST::FUNCTION: -STORE_revoke_public_key 3484 EXIST::FUNCTION: -X509_STORE_CTX_get0_param 3485 EXIST::FUNCTION: -STORE_delete_arbitrary 3486 EXIST::FUNCTION: -PEM_read_X509_CERT_PAIR 3487 EXIST:!WIN16:FUNCTION: -X509_STORE_set_depth 3488 EXIST::FUNCTION: -ECDSA_get_ex_data 3489 EXIST::FUNCTION:ECDSA -SHA224 3490 EXIST::FUNCTION:SHA,SHA256 -BIO_dump_indent_fp 3491 EXIST::FUNCTION:FP_API -BUF_strndup 3492 EXIST::FUNCTION: -STORE_list_certificate_start 3493 EXIST::FUNCTION: -BN_GF2m_mod 3494 EXIST::FUNCTION: -X509_REQ_check_private_key 3495 EXIST::FUNCTION: -EC_GROUP_get_seed_len 3496 EXIST::FUNCTION:EC -ERR_load_STORE_strings 3497 EXIST::FUNCTION: -PEM_read_bio_EC_PUBKEY 3498 EXIST::FUNCTION:EC -STORE_list_private_key_end 3499 EXIST::FUNCTION: -i2d_EC_PUBKEY 3500 EXIST::FUNCTION:EC -ECDSA_get_default_method 3501 EXIST::FUNCTION:ECDSA -ASN1_put_eoc 3502 EXIST::FUNCTION: -X509_STORE_CTX_get_explicit_policy 3503 EXIST:!VMS:FUNCTION: -X509_STORE_CTX_get_expl_policy 3503 EXIST:VMS:FUNCTION: -ECDSA_DATA_free 3504 EXIST::FUNCTION:ECDSA -X509_VERIFY_PARAM_table_cleanup 3505 EXIST::FUNCTION: -STORE_modify_private_key 3506 EXIST::FUNCTION: -X509_VERIFY_PARAM_free 3507 EXIST::FUNCTION: -EC_METHOD_get_field_type 3508 EXIST::FUNCTION:EC -EC_GFp_nist_method 3509 EXIST::FUNCTION:EC -STORE_method_set_modify_function 3510 EXIST:!VMS:FUNCTION: -STORE_meth_set_modify_fn 3510 EXIST:VMS:FUNCTION: -STORE_parse_attrs_next 3511 EXIST::FUNCTION: -ENGINE_load_padlock 3512 EXIST::FUNCTION:ENGINE -EC_GROUP_set_curve_name 3513 EXIST::FUNCTION:EC -X509_CERT_PAIR_it 3514 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -X509_CERT_PAIR_it 3514 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_method_get_revoke_function 3515 EXIST:!VMS:FUNCTION: -STORE_meth_get_revoke_fn 3515 EXIST:VMS:FUNCTION: -STORE_method_set_get_function 3516 EXIST::FUNCTION: -STORE_modify_number 3517 EXIST::FUNCTION: -STORE_method_get_store_function 3518 EXIST::FUNCTION: -STORE_store_private_key 3519 EXIST::FUNCTION: -BN_GF2m_mod_sqr_arr 3520 EXIST::FUNCTION: -RSA_setup_blinding 3521 EXIST::FUNCTION:RSA -BIO_s_datagram 3522 EXIST::FUNCTION:DGRAM -STORE_Memory 3523 EXIST::FUNCTION: -sk_find_ex 3524 EXIST::FUNCTION: -EC_GROUP_set_curve_GF2m 3525 EXIST::FUNCTION:EC -ENGINE_set_default_ECDSA 3526 EXIST::FUNCTION:ENGINE -POLICY_CONSTRAINTS_new 3527 EXIST::FUNCTION: -BN_GF2m_mod_sqrt 3528 EXIST::FUNCTION: -ECDH_set_default_method 3529 EXIST::FUNCTION:ECDH -EC_KEY_generate_key 3530 EXIST::FUNCTION:EC -SHA384_Update 3531 EXIST::FUNCTION:SHA,SHA512 -BN_GF2m_arr2poly 3532 EXIST::FUNCTION: -STORE_method_get_get_function 3533 EXIST::FUNCTION: -STORE_method_set_cleanup_function 3534 EXIST:!VMS:FUNCTION: -STORE_meth_set_cleanup_fn 3534 EXIST:VMS:FUNCTION: -EC_GROUP_check 3535 EXIST::FUNCTION:EC -d2i_ECPrivateKey_bio 3536 EXIST::FUNCTION:BIO,EC -STORE_method_get_lock_store_function 3537 EXIST:!VMS:FUNCTION: -STORE_meth_get_lock_store_fn 3537 EXIST:VMS:FUNCTION: -X509_VERIFY_PARAM_get_depth 3538 EXIST::FUNCTION: -SHA224_Final 3539 EXIST::FUNCTION:SHA,SHA256 -STORE_method_set_update_store_function 3540 EXIST:!VMS:FUNCTION: -STORE_meth_set_update_store_fn 3540 EXIST:VMS:FUNCTION: -SHA224_Update 3541 EXIST::FUNCTION:SHA,SHA256 -d2i_ECPrivateKey 3542 EXIST::FUNCTION:EC -ASN1_item_ndef_i2d 3543 EXIST::FUNCTION: -STORE_delete_private_key 3544 EXIST::FUNCTION: -ERR_pop_to_mark 3545 EXIST::FUNCTION: -ENGINE_register_all_STORE 3546 EXIST::FUNCTION:ENGINE -X509_policy_level_get0_node 3547 EXIST::FUNCTION: -i2d_PKCS7_NDEF 3548 EXIST::FUNCTION: -EC_GROUP_get_degree 3549 EXIST::FUNCTION:EC -ASN1_generate_v3 3550 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_cstr 3551 EXIST::FUNCTION: -X509_policy_tree_level_count 3552 EXIST::FUNCTION: -BN_GF2m_add 3553 EXIST::FUNCTION: -STORE_generate_crl 3554 EXIST::FUNCTION: -STORE_store_public_key 3555 EXIST::FUNCTION: -X509_CERT_PAIR_free 3556 EXIST::FUNCTION: -STORE_revoke_private_key 3557 EXIST::FUNCTION: -BN_nist_mod_224 3558 EXIST::FUNCTION: -SHA512_Final 3559 EXIST::FUNCTION:SHA,SHA512 -STORE_ATTR_INFO_modify_dn 3560 EXIST::FUNCTION: -STORE_method_get_initialise_function 3561 EXIST:!VMS:FUNCTION: -STORE_meth_get_initialise_fn 3561 EXIST:VMS:FUNCTION: -STORE_delete_number 3562 EXIST::FUNCTION: -i2d_EC_PUBKEY_bio 3563 EXIST::FUNCTION:BIO,EC -BIO_dgram_non_fatal_error 3564 EXIST::FUNCTION: -EC_GROUP_get_asn1_flag 3565 EXIST::FUNCTION:EC -STORE_ATTR_INFO_in_ex 3566 EXIST::FUNCTION: -STORE_list_crl_start 3567 EXIST::FUNCTION: -ECDH_get_ex_new_index 3568 EXIST::FUNCTION:ECDH -STORE_method_get_modify_function 3569 EXIST:!VMS:FUNCTION: -STORE_meth_get_modify_fn 3569 EXIST:VMS:FUNCTION: -v2i_ASN1_BIT_STRING 3570 EXIST::FUNCTION: -STORE_store_certificate 3571 EXIST::FUNCTION: -OBJ_bsearch_ex 3572 EXIST::FUNCTION: -X509_STORE_CTX_set_default 3573 EXIST::FUNCTION: -STORE_ATTR_INFO_set_sha1str 3574 EXIST::FUNCTION: -BN_GF2m_mod_inv 3575 EXIST::FUNCTION: -BN_GF2m_mod_exp 3576 EXIST::FUNCTION: -STORE_modify_public_key 3577 EXIST::FUNCTION: -STORE_method_get_list_start_function 3578 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_start_fn 3578 EXIST:VMS:FUNCTION: -EC_GROUP_get0_seed 3579 EXIST::FUNCTION:EC -STORE_store_arbitrary 3580 EXIST::FUNCTION: -STORE_method_set_unlock_store_function 3581 EXIST:!VMS:FUNCTION: -STORE_meth_set_unlock_store_fn 3581 EXIST:VMS:FUNCTION: -BN_GF2m_mod_div_arr 3582 EXIST::FUNCTION: -ENGINE_set_ECDSA 3583 EXIST::FUNCTION:ENGINE -STORE_create_method 3584 EXIST::FUNCTION: -ECPKParameters_print 3585 EXIST::FUNCTION:BIO,EC -PEM_write_EC_PUBKEY 3586 EXIST:!WIN16:FUNCTION:EC -X509_VERIFY_PARAM_set1 3587 EXIST::FUNCTION: -ECDH_set_method 3588 EXIST::FUNCTION:ECDH -v2i_GENERAL_NAME_ex 3589 EXIST::FUNCTION: -ECDH_set_ex_data 3590 EXIST::FUNCTION:ECDH -STORE_generate_key 3591 EXIST::FUNCTION: -BN_nist_mod_521 3592 EXIST::FUNCTION: -X509_policy_tree_get0_level 3593 EXIST::FUNCTION: -EC_GROUP_set_point_conversion_form 3594 EXIST:!VMS:FUNCTION:EC -EC_GROUP_set_point_conv_form 3594 EXIST:VMS:FUNCTION:EC -PEM_read_EC_PUBKEY 3595 EXIST:!WIN16:FUNCTION:EC -i2d_ECDSA_SIG 3596 EXIST::FUNCTION:ECDSA -ECDSA_OpenSSL 3597 EXIST::FUNCTION:ECDSA -STORE_delete_crl 3598 EXIST::FUNCTION: -ASN1_const_check_infinite_end 3599 EXIST::FUNCTION: -EVP_PKEY_delete_attr 3600 EXIST::FUNCTION: -ECDSA_set_default_method 3601 EXIST::FUNCTION:ECDSA -EC_POINT_set_compressed_coordinates_GF2m 3602 EXIST:!VMS:FUNCTION:EC -EC_POINT_set_compr_coords_GF2m 3602 EXIST:VMS:FUNCTION:EC -EC_GROUP_cmp 3603 EXIST::FUNCTION:EC -STORE_revoke_certificate 3604 EXIST::FUNCTION: -ECDH_DATA_new_method 3605 EXIST::FUNCTION:ECDH -BN_get0_nist_prime_256 3606 EXIST::FUNCTION: -STORE_method_get_delete_function 3607 EXIST:!VMS:FUNCTION: -STORE_meth_get_delete_fn 3607 EXIST:VMS:FUNCTION: -SHA224_Init 3608 EXIST::FUNCTION:SHA,SHA256 -PEM_read_ECPrivateKey 3609 EXIST:!WIN16:FUNCTION:EC -SHA512_Init 3610 EXIST::FUNCTION:SHA,SHA512 -STORE_parse_attrs_endp 3611 EXIST::FUNCTION: -BN_set_negative 3612 EXIST::FUNCTION: -ERR_load_ECDSA_strings 3613 EXIST::FUNCTION:ECDSA -EC_GROUP_get_basis_type 3614 EXIST::FUNCTION:EC -ECDH_DATA_new 3615 EXIST::FUNCTION:ECDH -STORE_list_public_key_next 3616 EXIST::FUNCTION: -i2v_ASN1_BIT_STRING 3617 EXIST::FUNCTION: -STORE_OBJECT_free 3618 EXIST::FUNCTION: -BN_nist_mod_384 3619 EXIST::FUNCTION: -i2d_X509_CERT_PAIR 3620 EXIST::FUNCTION: -PEM_write_ECPKParameters 3621 EXIST:!WIN16:FUNCTION:EC -ECDH_compute_key 3622 EXIST::FUNCTION:ECDH -STORE_ATTR_INFO_get0_sha1str 3623 EXIST::FUNCTION: -ENGINE_register_all_ECDH 3624 EXIST::FUNCTION:ENGINE -pqueue_pop 3625 EXIST::FUNCTION: -STORE_ATTR_INFO_get0_cstr 3626 EXIST::FUNCTION: -POLICY_CONSTRAINTS_it 3627 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_CONSTRAINTS_it 3627 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -STORE_get_ex_new_index 3628 EXIST::FUNCTION: -EVP_PKEY_get_attr_by_OBJ 3629 EXIST::FUNCTION: -X509_VERIFY_PARAM_add0_policy 3630 EXIST::FUNCTION: -BN_GF2m_mod_solve_quad 3631 EXIST::FUNCTION: -SHA256 3632 EXIST::FUNCTION:SHA,SHA256 -i2d_ECPrivateKey_fp 3633 EXIST::FUNCTION:EC,FP_API -X509_policy_tree_get0_user_policies 3634 EXIST:!VMS:FUNCTION: -X509_pcy_tree_get0_usr_policies 3634 EXIST:VMS:FUNCTION: -OPENSSL_DIR_read 3635 EXIST::FUNCTION: -ENGINE_register_all_ECDSA 3636 EXIST::FUNCTION:ENGINE -X509_VERIFY_PARAM_lookup 3637 EXIST::FUNCTION: -EC_POINT_get_affine_coordinates_GF2m 3638 EXIST:!VMS:FUNCTION:EC -EC_POINT_get_affine_coords_GF2m 3638 EXIST:VMS:FUNCTION:EC -EC_GROUP_dup 3639 EXIST::FUNCTION:EC -ENGINE_get_default_ECDSA 3640 EXIST::FUNCTION:ENGINE -EC_KEY_new 3641 EXIST::FUNCTION:EC -SHA256_Transform 3642 EXIST::FUNCTION:SHA,SHA256 -ECDSA_verify 3643 EXIST::FUNCTION:ECDSA -EC_POINT_point2hex 3644 EXIST::FUNCTION:EC -ENGINE_get_STORE 3645 EXIST::FUNCTION:ENGINE -SHA512 3646 EXIST::FUNCTION:SHA,SHA512 -STORE_get_certificate 3647 EXIST::FUNCTION: -ECDSA_do_verify 3648 EXIST::FUNCTION:ECDSA -d2i_ECPrivateKey_fp 3649 EXIST::FUNCTION:EC,FP_API -STORE_delete_certificate 3650 EXIST::FUNCTION: -SHA512_Transform 3651 EXIST::FUNCTION:SHA,SHA512 -X509_STORE_set1_param 3652 EXIST::FUNCTION: -STORE_method_get_ctrl_function 3653 EXIST::FUNCTION: -STORE_free 3654 EXIST::FUNCTION: -PEM_write_ECPrivateKey 3655 EXIST:!WIN16:FUNCTION:EC -STORE_method_get_unlock_store_function 3656 EXIST:!VMS:FUNCTION: -STORE_meth_get_unlock_store_fn 3656 EXIST:VMS:FUNCTION: -STORE_get_ex_data 3657 EXIST::FUNCTION: -PEM_read_ECPKParameters 3658 EXIST:!WIN16:FUNCTION:EC -X509_CERT_PAIR_new 3659 EXIST::FUNCTION: -ENGINE_register_STORE 3660 EXIST::FUNCTION:ENGINE -RSA_generate_key_ex 3661 EXIST::FUNCTION:RSA -DSA_generate_parameters_ex 3662 EXIST::FUNCTION:DSA -ECParameters_print_fp 3663 EXIST::FUNCTION:EC,FP_API -X509V3_NAME_from_section 3664 EXIST::FUNCTION: -EVP_PKEY_add1_attr 3665 EXIST::FUNCTION: -STORE_modify_crl 3666 EXIST::FUNCTION: -STORE_list_private_key_start 3667 EXIST::FUNCTION: -POLICY_MAPPINGS_it 3668 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -POLICY_MAPPINGS_it 3668 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -GENERAL_SUBTREE_it 3669 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: -GENERAL_SUBTREE_it 3669 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: -ECDH_DATA_free 3670 EXIST::FUNCTION:ECDH -EC_GROUP_get_curve_name 3671 EXIST::FUNCTION:EC -PEM_write_X509_CERT_PAIR 3672 EXIST:!WIN16:FUNCTION: -BIO_dump_indent_cb 3673 EXIST::FUNCTION: -d2i_X509_CERT_PAIR 3674 EXIST::FUNCTION: -STORE_list_private_key_endp 3675 EXIST::FUNCTION: -asn1_const_Finish 3676 EXIST::FUNCTION: -i2d_EC_PUBKEY_fp 3677 EXIST::FUNCTION:EC,FP_API -BN_nist_mod_256 3678 EXIST::FUNCTION: -ECDSA_DATA_new 3679 EXIST::FUNCTION:ECDSA -X509_VERIFY_PARAM_add0_table 3680 EXIST::FUNCTION: -pqueue_free 3681 EXIST::FUNCTION: -BN_BLINDING_create_param 3682 EXIST::FUNCTION: -ECDSA_size 3683 EXIST::FUNCTION:ECDSA -d2i_EC_PUBKEY_bio 3684 EXIST::FUNCTION:BIO,EC -BN_get0_nist_prime_521 3685 EXIST::FUNCTION: -STORE_ATTR_INFO_modify_sha1str 3686 EXIST::FUNCTION: -BN_generate_prime_ex 3687 EXIST::FUNCTION: -EC_GROUP_new_by_curve_name 3688 EXIST::FUNCTION:EC -SHA256_Final 3689 EXIST::FUNCTION:SHA,SHA256 -DH_generate_parameters_ex 3690 EXIST::FUNCTION:DH -PEM_read_bio_ECPrivateKey 3691 EXIST::FUNCTION:EC -STORE_method_get_cleanup_function 3692 EXIST:!VMS:FUNCTION: -STORE_meth_get_cleanup_fn 3692 EXIST:VMS:FUNCTION: -ENGINE_get_ECDH 3693 EXIST::FUNCTION:ENGINE -d2i_ECDSA_SIG 3694 EXIST::FUNCTION:ECDSA -BN_is_prime_fasttest_ex 3695 EXIST::FUNCTION: -ECDSA_sign 3696 EXIST::FUNCTION:ECDSA -X509_policy_check 3697 EXIST::FUNCTION: -EVP_PKEY_get_attr_by_NID 3698 EXIST::FUNCTION: -STORE_set_ex_data 3699 EXIST::FUNCTION: -ENGINE_get_ECDSA 3700 EXIST::FUNCTION:ENGINE -EVP_ecdsa 3701 EXIST::FUNCTION:SHA -BN_BLINDING_get_flags 3702 EXIST::FUNCTION: -PKCS12_add_cert 3703 EXIST::FUNCTION: -STORE_OBJECT_new 3704 EXIST::FUNCTION: -ERR_load_ECDH_strings 3705 EXIST::FUNCTION:ECDH -EC_KEY_dup 3706 EXIST::FUNCTION:EC -EVP_CIPHER_CTX_rand_key 3707 EXIST::FUNCTION: -ECDSA_set_method 3708 EXIST::FUNCTION:ECDSA -a2i_IPADDRESS_NC 3709 EXIST::FUNCTION: -d2i_ECParameters 3710 EXIST::FUNCTION:EC -STORE_list_certificate_end 3711 EXIST::FUNCTION: -STORE_get_crl 3712 EXIST::FUNCTION: -X509_POLICY_NODE_print 3713 EXIST::FUNCTION: -SHA384_Init 3714 EXIST::FUNCTION:SHA,SHA512 -EC_GF2m_simple_method 3715 EXIST::FUNCTION:EC -ECDSA_set_ex_data 3716 EXIST::FUNCTION:ECDSA -SHA384_Final 3717 EXIST::FUNCTION:SHA,SHA512 -PKCS7_set_digest 3718 EXIST::FUNCTION: -EC_KEY_print 3719 EXIST::FUNCTION:BIO,EC -STORE_method_set_lock_store_function 3720 EXIST:!VMS:FUNCTION: -STORE_meth_set_lock_store_fn 3720 EXIST:VMS:FUNCTION: -ECDSA_get_ex_new_index 3721 EXIST::FUNCTION:ECDSA -SHA384 3722 EXIST::FUNCTION:SHA,SHA512 -POLICY_MAPPING_new 3723 EXIST::FUNCTION: -STORE_list_certificate_endp 3724 EXIST::FUNCTION: -X509_STORE_CTX_get0_policy_tree 3725 EXIST::FUNCTION: -EC_GROUP_set_asn1_flag 3726 EXIST::FUNCTION:EC -EC_KEY_check_key 3727 EXIST::FUNCTION:EC -d2i_EC_PUBKEY_fp 3728 EXIST::FUNCTION:EC,FP_API -PKCS7_set0_type_other 3729 EXIST::FUNCTION: -ECDSA_DATA_new_method 3730 EXIST::FUNCTION:ECDSA -PEM_read_bio_X509_CERT_PAIR 3731 EXIST::FUNCTION: -pqueue_next 3732 EXIST::FUNCTION: -STORE_method_get_list_end_function 3733 EXIST:!VMS:FUNCTION: -STORE_meth_get_list_end_fn 3733 EXIST:VMS:FUNCTION: -EVP_PKEY_add1_attr_by_OBJ 3734 EXIST::FUNCTION: -X509_VERIFY_PARAM_set_time 3735 EXIST::FUNCTION: -pqueue_new 3736 EXIST::FUNCTION: -ENGINE_set_default_ECDH 3737 EXIST::FUNCTION:ENGINE -STORE_new_method 3738 EXIST::FUNCTION: -PKCS12_add_key 3739 EXIST::FUNCTION: -DSO_merge 3740 EXIST::FUNCTION: -EC_POINT_hex2point 3741 EXIST::FUNCTION:EC -BIO_dump_cb 3742 EXIST::FUNCTION: -SHA256_Update 3743 EXIST::FUNCTION:SHA,SHA256 -pqueue_insert 3744 EXIST::FUNCTION: -pitem_free 3745 EXIST::FUNCTION: -BN_GF2m_mod_inv_arr 3746 EXIST::FUNCTION: -ENGINE_unregister_ECDSA 3747 EXIST::FUNCTION:ENGINE -BN_BLINDING_set_thread_id 3748 EXIST::FUNCTION: +EVP_PKEY_cmp 3319 EXIST::FUNCTION: +PEM_write_ECPKParameters 3320 EXIST:!WIN16:FUNCTION:EC +STORE_list_private_key_end 3321 EXIST::FUNCTION: +i2d_EC_PUBKEY_bio 3322 EXIST::FUNCTION:BIO,EC +BUF_memdup 3323 EXIST::FUNCTION: +NAME_CONSTRAINTS_it 3324 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +NAME_CONSTRAINTS_it 3324 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_KEY_copy 3325 EXIST::FUNCTION:EC +STORE_ATTR_INFO_get0_cstr 3326 EXIST::FUNCTION: +STORE_list_crl_end 3327 EXIST::FUNCTION: +EC_KEY_set_asn1_flag 3328 EXIST::FUNCTION:EC +X509_VERIFY_PARAM_free 3329 EXIST::FUNCTION: +EC_POINT_set_compressed_coordinates_GF2m 3330 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_compr_coords_GF2m 3330 EXIST:VMS:FUNCTION:EC +ASN1_generate_nconf 3331 EXIST::FUNCTION: +ECPKParameters_print 3332 EXIST::FUNCTION:BIO,EC +OBJ_bsearch_ex 3333 EXIST::FUNCTION: +EC_GROUP_get_curve_GF2m 3334 EXIST::FUNCTION:EC +STORE_method_set_store_function 3335 EXIST::FUNCTION: +d2i_ECPrivateKey_fp 3336 EXIST::FUNCTION:EC,FP_API +EC_KEY_up_ref 3337 EXIST::FUNCTION:EC +SHA384_Final 3338 EXIST::FUNCTION:SHA,SHA512 +EC_POINT_point2bn 3339 EXIST::FUNCTION:EC +STORE_modify_private_key 3340 EXIST::FUNCTION: +ENGINE_get_ECDSA 3341 EXIST::FUNCTION:ENGINE +ECDSA_verify 3342 EXIST::FUNCTION:ECDSA +STORE_list_certificate_next 3343 EXIST::FUNCTION: +BN_GF2m_mod_sqr_arr 3344 EXIST::FUNCTION: +STORE_OBJECT_free 3345 EXIST::FUNCTION: +STORE_delete_crl 3346 EXIST::FUNCTION: +X509_CERT_PAIR_it 3347 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +X509_CERT_PAIR_it 3347 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +X509_VERIFY_PARAM_set_purpose 3348 EXIST::FUNCTION: +EC_GROUP_get_asn1_flag 3349 EXIST::FUNCTION:EC +EC_POINT_set_affine_coordinates_GF2m 3350 EXIST:!VMS:FUNCTION:EC +EC_POINT_set_affine_coords_GF2m 3350 EXIST:VMS:FUNCTION:EC +X509_VERIFY_PARAM_set1_name 3351 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_depth 3352 EXIST::FUNCTION: +OPENSSL_ia32cap_loc 3353 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1 3354 EXIST::FUNCTION: +PEM_write_ECPrivateKey 3355 EXIST:!WIN16:FUNCTION:EC +EC_GROUP_cmp 3356 EXIST::FUNCTION:EC +STORE_ATTR_INFO_modify_sha1str 3357 EXIST::FUNCTION: +i2o_ECPublicKey 3358 EXIST::FUNCTION:EC +EVP_PKEY_get_attr_by_NID 3359 EXIST::FUNCTION: +ASN1_item_ndef_i2d 3360 EXIST::FUNCTION: +STORE_method_set_modify_function 3361 EXIST:!VMS:FUNCTION: +STORE_meth_set_modify_fn 3361 EXIST:VMS:FUNCTION: +POLICY_CONSTRAINTS_new 3362 EXIST::FUNCTION: +STORE_method_get_generate_function 3363 EXIST:!VMS:FUNCTION: +STORE_meth_get_generate_fn 3363 EXIST:VMS:FUNCTION: +STORE_list_public_key_endp 3364 EXIST::FUNCTION: +BN_BLINDING_convert_ex 3365 EXIST::FUNCTION: +STORE_get_ex_new_index 3366 EXIST::FUNCTION: +X509_policy_node_get0_qualifiers 3367 EXIST:!VMS:FUNCTION: +X509_pcy_node_get0_qualifiers 3367 EXIST:VMS:FUNCTION: +EC_GF2m_simple_method 3368 EXIST::FUNCTION:EC +STORE_method_get_get_function 3369 EXIST::FUNCTION: +EC_GROUP_get_curve_name 3370 EXIST::FUNCTION:EC +PEM_write_X509_CERT_PAIR 3371 EXIST:!WIN16:FUNCTION: +ENGINE_set_default_ECDH 3372 EXIST::FUNCTION:ENGINE +ERR_set_mark 3373 EXIST::FUNCTION: +sk_find_ex 3374 EXIST::FUNCTION: +PEM_read_bio_ECPrivateKey 3375 EXIST::FUNCTION:EC +BN_GF2m_mod_div_arr 3376 EXIST::FUNCTION: +i2d_X509_CERT_PAIR 3377 EXIST::FUNCTION: +BN_BLINDING_get_thread_id 3378 EXIST::FUNCTION: +EC_get_builtin_curves 3379 EXIST::FUNCTION:EC +NAME_CONSTRAINTS_new 3380 EXIST::FUNCTION: +EVP_PKEY_delete_attr 3381 EXIST::FUNCTION: +DSA_generate_parameters_ex 3382 EXIST::FUNCTION:DSA +X509_VERIFY_PARAM_set_time 3383 EXIST::FUNCTION: +STORE_delete_private_key 3384 EXIST::FUNCTION: +STORE_method_set_cleanup_function 3385 EXIST:!VMS:FUNCTION: +STORE_meth_set_cleanup_fn 3385 EXIST:VMS:FUNCTION: +PEM_read_bio_X509_CERT_PAIR 3386 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_number 3387 EXIST::FUNCTION: +BN_generate_prime_ex 3388 EXIST::FUNCTION: +STORE_get_number 3389 EXIST::FUNCTION: +ECDH_compute_key 3390 EXIST::FUNCTION:ECDH +asn1_const_Finish 3391 EXIST::FUNCTION: +STORE_method_get_store_function 3392 EXIST::FUNCTION: +STORE_parse_attrs_endp 3393 EXIST::FUNCTION: +STORE_list_private_key_endp 3394 EXIST::FUNCTION: +BN_BLINDING_set_thread_id 3395 EXIST::FUNCTION: +STORE_destroy_method 3396 EXIST::FUNCTION: +BN_nist_mod_521 3397 EXIST::FUNCTION: +EC_KEY_precompute_mult 3398 EXIST::FUNCTION:EC +STORE_ATTR_INFO_free 3399 EXIST::FUNCTION: +STORE_store_crl 3400 EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_OBJ 3401 EXIST::FUNCTION: +PKCS7_set_digest 3402 EXIST::FUNCTION: +ECDH_get_ex_data 3403 EXIST::FUNCTION:ECDH +d2i_ECPrivateKey_bio 3404 EXIST::FUNCTION:BIO,EC +BN_GF2m_mod_sqr 3405 EXIST::FUNCTION: +STORE_list_certificate_start 3406 EXIST::FUNCTION: +i2d_ECPrivateKey_bio 3407 EXIST::FUNCTION:BIO,EC +STORE_modify_crl 3408 EXIST::FUNCTION: +BN_GF2m_mod_div 3409 EXIST::FUNCTION: +STORE_new_method 3410 EXIST::FUNCTION: +ENGINE_register_STORE 3411 EXIST::FUNCTION:ENGINE +STORE_method_get_delete_function 3412 EXIST:!VMS:FUNCTION: +STORE_meth_get_delete_fn 3412 EXIST:VMS:FUNCTION: +STORE_list_crl_start 3413 EXIST::FUNCTION: +ECDH_set_default_method 3414 EXIST::FUNCTION:ECDH +STORE_method_get_cleanup_function 3415 EXIST:!VMS:FUNCTION: +STORE_meth_get_cleanup_fn 3415 EXIST:VMS:FUNCTION: +ECDSA_SIG_new 3416 EXIST::FUNCTION:ECDSA +OPENSSL_DIR_end 3417 EXIST::FUNCTION: +ECDSA_SIG_free 3418 EXIST::FUNCTION:ECDSA +BIO_dump_indent_fp 3419 EXIST::FUNCTION:FP_API +EC_GROUP_get_basis_type 3420 EXIST::FUNCTION:EC +pqueue_insert 3421 EXIST::FUNCTION: +EC_KEY_print 3422 EXIST::FUNCTION:BIO,EC +STORE_revoke_certificate 3423 EXIST::FUNCTION: +STORE_method_get_list_end_function 3424 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_end_fn 3424 EXIST:VMS:FUNCTION: +EC_METHOD_get_field_type 3425 EXIST::FUNCTION:EC +PEM_write_EC_PUBKEY 3426 EXIST:!WIN16:FUNCTION:EC +EC_POINT_point2hex 3427 EXIST::FUNCTION:EC +STORE_store_number 3428 EXIST::FUNCTION: +DH_generate_parameters_ex 3429 EXIST::FUNCTION:DH +STORE_Memory 3430 EXIST::FUNCTION: +SHA224_Final 3431 EXIST::FUNCTION:SHA,SHA256 +EC_GROUP_get0_seed 3432 EXIST::FUNCTION:EC +EVP_ecdsa 3433 EXIST::FUNCTION:SHA +EVP_PKEY_get_attr 3434 EXIST::FUNCTION: +X509_VERIFY_PARAM_lookup 3435 EXIST::FUNCTION: +ECDSA_get_ex_data 3436 EXIST::FUNCTION:ECDSA +STORE_get_certificate 3437 EXIST::FUNCTION: +BN_GF2m_mod 3438 EXIST::FUNCTION: +ENGINE_set_ECDH 3439 EXIST::FUNCTION:ENGINE +NAME_CONSTRAINTS_free 3440 EXIST::FUNCTION: +X509_policy_node_get0_parent 3441 EXIST::FUNCTION: +BN_GF2m_mod_exp_arr 3442 EXIST::FUNCTION: +ENGINE_unregister_ECDH 3443 EXIST::FUNCTION:ENGINE +BIO_new_dgram 3444 EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_NID 3445 EXIST::FUNCTION: +EC_KEY_get_conv_form 3446 EXIST::FUNCTION:EC +v2i_GENERAL_NAME_ex 3447 EXIST::FUNCTION: +STORE_store_private_key 3448 EXIST::FUNCTION: +STORE_method_set_revoke_function 3449 EXIST:!VMS:FUNCTION: +STORE_meth_set_revoke_fn 3449 EXIST:VMS:FUNCTION: +EC_GROUP_get_seed_len 3450 EXIST::FUNCTION:EC +POLICY_MAPPINGS_it 3451 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPINGS_it 3451 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +EC_KEY_check_key 3452 EXIST::FUNCTION:EC +X509_STORE_CTX_get_explicit_policy 3453 EXIST:!VMS:FUNCTION: +X509_STORE_CTX_get_expl_policy 3453 EXIST:VMS:FUNCTION: +STORE_ATTR_INFO_modify_number 3454 EXIST::FUNCTION: +STORE_modify_number 3455 EXIST::FUNCTION: +OPENSSL_DIR_read 3456 EXIST::FUNCTION: +STORE_new_engine 3457 EXIST::FUNCTION: +ASN1_const_check_infinite_end 3458 EXIST::FUNCTION: +STORE_ATTR_INFO_set_sha1str 3459 EXIST::FUNCTION: +i2d_PKCS7_NDEF 3460 EXIST::FUNCTION: +SHA512_Update 3461 EXIST::FUNCTION:SHA,SHA512 +PKCS12_add_safes 3462 EXIST::FUNCTION: +BN_get0_nist_prime_384 3463 EXIST::FUNCTION: +BN_is_prime_ex 3464 EXIST::FUNCTION: +BN_GENCB_call 3465 EXIST::FUNCTION: +EC_KEY_get0_public_key 3466 EXIST::FUNCTION:EC +ERR_pop_to_mark 3467 EXIST::FUNCTION: +EC_KEY_get_key_method_data 3468 EXIST::FUNCTION:EC +STORE_parse_attrs_next 3469 EXIST::FUNCTION: +v2i_ASN1_BIT_STRING 3470 EXIST::FUNCTION: +STORE_create_method 3471 EXIST::FUNCTION: +PKCS12_add_key 3472 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_policy 3473 EXIST::FUNCTION: +STORE_set_method 3474 EXIST::FUNCTION: +X509_VERIFY_PARAM_get_depth 3475 EXIST::FUNCTION: +STORE_list_public_key_start 3476 EXIST::FUNCTION: +BN_GF2m_mod_mul_arr 3477 EXIST::FUNCTION: +d2i_X509_CERT_PAIR 3478 EXIST::FUNCTION: +BN_nist_mod_192 3479 EXIST::FUNCTION: +i2d_ECPrivateKey_fp 3480 EXIST::FUNCTION:EC,FP_API +EC_GROUP_check_discriminant 3481 EXIST::FUNCTION:EC +ECPKParameters_print_fp 3482 EXIST::FUNCTION:EC,FP_API +POLICY_CONSTRAINTS_it 3483 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_CONSTRAINTS_it 3483 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +o2i_ECPublicKey 3484 EXIST::FUNCTION:EC +STORE_method_set_get_function 3485 EXIST::FUNCTION: +X509_policy_node_get0_policy 3486 EXIST::FUNCTION: +ENGINE_set_default_ECDSA 3487 EXIST::FUNCTION:ENGINE +STORE_get_public_key 3488 EXIST::FUNCTION: +d2i_ECDSA_SIG 3489 EXIST::FUNCTION:ECDSA +SHA256_Init 3490 EXIST::FUNCTION:SHA,SHA256 +EC_GROUP_have_precompute_mult 3491 EXIST::FUNCTION:EC +EVP_PKEY_add1_attr 3492 EXIST::FUNCTION: +d2i_EC_PUBKEY_fp 3493 EXIST::FUNCTION:EC,FP_API +PEM_read_ECPrivateKey 3494 EXIST:!WIN16:FUNCTION:EC +BN_GF2m_mod_inv_arr 3495 EXIST::FUNCTION: +STORE_method_set_unlock_store_function 3496 EXIST:!VMS:FUNCTION: +STORE_meth_set_unlock_store_fn 3496 EXIST:VMS:FUNCTION: +STORE_list_crl_next 3497 EXIST::FUNCTION: +EC_POINT_dup 3498 EXIST::FUNCTION:EC +ENGINE_set_STORE 3499 EXIST::FUNCTION:ENGINE +STORE_method_get_list_next_function 3500 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_next_fn 3500 EXIST:VMS:FUNCTION: +PKCS7_set0_type_other 3501 EXIST::FUNCTION: +STORE_ATTR_INFO_set_number 3502 EXIST::FUNCTION: +STORE_get_private_key 3503 EXIST::FUNCTION: +SHA384_Init 3504 EXIST::FUNCTION:SHA,SHA512 +SHA384_Update 3505 EXIST::FUNCTION:SHA,SHA512 +EC_GROUP_get_pentanomial_basis 3506 EXIST::FUNCTION:EC +EC_KEY_free 3507 EXIST::FUNCTION:EC +BN_GF2m_mod_mul 3508 EXIST::FUNCTION: +X509_CERT_PAIR_new 3509 EXIST::FUNCTION: +X509_policy_check 3510 EXIST::FUNCTION: +EC_KEY_insert_key_method_data 3511 EXIST::FUNCTION:EC +ENGINE_register_all_ECDSA 3512 EXIST::FUNCTION:ENGINE +ECDSA_set_ex_data 3513 EXIST::FUNCTION:ECDSA +SHA384 3514 EXIST::FUNCTION:SHA,SHA512 +BN_GF2m_mod_inv 3515 EXIST::FUNCTION: +PEM_write_bio_ECPKParameters 3516 EXIST::FUNCTION:EC +STORE_delete_public_key 3517 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_flags 3518 EXIST::FUNCTION: +i2d_ECParameters 3519 EXIST::FUNCTION:EC +BN_GF2m_arr2poly 3520 EXIST::FUNCTION: +STORE_method_set_delete_function 3521 EXIST:!VMS:FUNCTION: +STORE_meth_set_delete_fn 3521 EXIST:VMS:FUNCTION: +EC_GROUP_new_by_curve_name 3522 EXIST::FUNCTION:EC +X509_policy_level_get0_node 3523 EXIST::FUNCTION: +d2i_ECPrivateKey 3524 EXIST::FUNCTION:EC +STORE_method_set_update_store_function 3525 EXIST:!VMS:FUNCTION: +STORE_meth_set_update_store_fn 3525 EXIST:VMS:FUNCTION: +ERR_load_ECDH_strings 3526 EXIST::FUNCTION:ECDH +STORE_ATTR_INFO_modify_dn 3527 EXIST::FUNCTION: +EC_GROUP_set_curve_GF2m 3528 EXIST::FUNCTION:EC +X509_STORE_CTX_get0_param 3529 EXIST::FUNCTION: +SHA224_Update 3530 EXIST::FUNCTION:SHA,SHA256 +SHA256_Update 3531 EXIST::FUNCTION:SHA,SHA256 +EC_KEY_set_group 3532 EXIST::FUNCTION:EC +PEM_write_bio_EC_PUBKEY 3533 EXIST::FUNCTION:EC +pqueue_free 3534 EXIST::FUNCTION: +POLICY_MAPPING_new 3535 EXIST::FUNCTION: +EC_KEY_new 3536 EXIST::FUNCTION:EC +STORE_list_public_key_next 3537 EXIST::FUNCTION: +X509_CERT_PAIR_free 3538 EXIST::FUNCTION: +BN_set_negative 3539 EXIST::FUNCTION: +BN_nist_mod_256 3540 EXIST::FUNCTION: +BN_get0_nist_prime_256 3541 EXIST::FUNCTION: +RSA_generate_key_ex 3542 EXIST::FUNCTION:RSA +BN_GF2m_mod_sqrt 3543 EXIST::FUNCTION: +ASN1_put_eoc 3544 EXIST::FUNCTION: +X509_policy_tree_get0_policies 3545 EXIST::FUNCTION: +X509_VERIFY_PARAM_set_trust 3546 EXIST::FUNCTION: +EC_GROUP_get_trinomial_basis 3547 EXIST::FUNCTION:EC +ECDSA_sign_setup 3548 EXIST::FUNCTION:ECDSA +X509_VERIFY_PARAM_table_cleanup 3549 EXIST::FUNCTION: +ENGINE_unregister_ECDSA 3550 EXIST::FUNCTION:ENGINE +STORE_generate_key 3551 EXIST::FUNCTION: +ENGINE_register_ECDH 3552 EXIST::FUNCTION:ENGINE +SHA512_Transform 3553 EXIST::FUNCTION:SHA,SHA512 +X509_STORE_CTX_set_depth 3554 EXIST::FUNCTION: +STORE_list_crl_endp 3555 EXIST::FUNCTION: +EVP_PKEY_get1_EC_KEY 3556 EXIST::FUNCTION:EC +STORE_get_ex_data 3557 EXIST::FUNCTION: +X509_VERIFY_PARAM_add0_table 3558 EXIST::FUNCTION: +BN_GF2m_mod_sqrt_arr 3559 EXIST::FUNCTION: +EVP_PKEY_add1_attr_by_txt 3560 EXIST::FUNCTION: +X509_STORE_CTX_set_default 3561 EXIST::FUNCTION: +i2d_EC_PUBKEY_fp 3562 EXIST::FUNCTION:EC,FP_API +BN_BLINDING_invert_ex 3563 EXIST::FUNCTION: +EC_POINT_hex2point 3564 EXIST::FUNCTION:EC +PEM_read_bio_ECPKParameters 3565 EXIST::FUNCTION:EC +PEM_write_bio_X509_CERT_PAIR 3566 EXIST::FUNCTION: +EC_KEY_new_by_curve_name 3567 EXIST::FUNCTION:EC +STORE_ATTR_INFO_in_range 3568 EXIST::FUNCTION: +STORE_method_get_initialise_function 3569 EXIST:!VMS:FUNCTION: +STORE_meth_get_initialise_fn 3569 EXIST:VMS:FUNCTION: +STORE_ATTR_INFO_get0_dn 3570 EXIST::FUNCTION: +STORE_set_ex_data 3571 EXIST::FUNCTION: +X509_REQ_check_private_key 3572 EXIST::FUNCTION: +STORE_ATTR_INFO_get0_sha1str 3573 EXIST::FUNCTION: +EC_GROUP_set_asn1_flag 3574 EXIST::FUNCTION:EC +ECDH_set_method 3575 EXIST::FUNCTION:ECDH +ECDSA_do_sign 3576 EXIST::FUNCTION:ECDSA +STORE_ATTR_INFO_new 3577 EXIST::FUNCTION: +STORE_method_get_lock_store_function 3578 EXIST:!VMS:FUNCTION: +STORE_meth_get_lock_store_fn 3578 EXIST:VMS:FUNCTION: +EC_KEY_set_public_key 3579 EXIST::FUNCTION:EC +BUF_strndup 3580 EXIST::FUNCTION: +STORE_ATTR_INFO_modify_cstr 3581 EXIST::FUNCTION: +POLICY_MAPPING_free 3582 EXIST::FUNCTION: +BN_get0_nist_prime_192 3583 EXIST::FUNCTION: +i2d_EC_PUBKEY 3584 EXIST::FUNCTION:EC +STORE_method_set_lock_store_function 3585 EXIST:!VMS:FUNCTION: +STORE_meth_set_lock_store_fn 3585 EXIST:VMS:FUNCTION: +PKCS12_add_safe 3586 EXIST::FUNCTION: +STORE_free 3587 EXIST::FUNCTION: +GENERAL_SUBTREE_it 3588 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +GENERAL_SUBTREE_it 3588 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +ECDSA_do_verify 3589 EXIST::FUNCTION:ECDSA +GENERAL_SUBTREE_free 3590 EXIST::FUNCTION: +EC_KEY_get0_private_key 3591 EXIST::FUNCTION:EC +ECDSA_get_ex_new_index 3592 EXIST::FUNCTION:ECDSA +SHA224 3593 EXIST::FUNCTION:SHA,SHA256 +STORE_delete_certificate 3594 EXIST::FUNCTION: +ECDSA_sign_ex 3595 EXIST::FUNCTION:ECDSA +BN_is_prime_fasttest_ex 3596 EXIST::FUNCTION: +EC_GROUP_set_curve_name 3597 EXIST::FUNCTION:EC +EVP_PKEY_set1_EC_KEY 3598 EXIST::FUNCTION:EC +STORE_store_arbitrary 3599 EXIST::FUNCTION: +EC_KEY_print_fp 3600 EXIST::FUNCTION:EC,FP_API +STORE_list_public_key_end 3601 EXIST::FUNCTION: +SHA256_Transform 3602 EXIST::FUNCTION:SHA,SHA256 +X509_policy_tree_level_count 3603 EXIST::FUNCTION: +SHA512_Init 3604 EXIST::FUNCTION:SHA,SHA512 +STORE_ATTR_INFO_in 3605 EXIST::FUNCTION: +ENGINE_get_default_ECDSA 3606 EXIST::FUNCTION:ENGINE +ENGINE_get_static_state 3607 EXIST::FUNCTION:ENGINE +ECParameters_print 3608 EXIST::FUNCTION:BIO,EC +STORE_get_arbitrary 3609 EXIST::FUNCTION: +BN_BLINDING_set_flags 3610 EXIST::FUNCTION: +BN_GF2m_mod_solve_quad 3611 EXIST::FUNCTION: +STORE_delete_number 3612 EXIST::FUNCTION: +STORE_method_get_revoke_function 3613 EXIST:!VMS:FUNCTION: +STORE_meth_get_revoke_fn 3613 EXIST:VMS:FUNCTION: +STORE_ATTR_INFO_set_cstr 3614 EXIST::FUNCTION: +BIO_dump_indent_cb 3615 EXIST::FUNCTION: +EC_KEY_dup 3616 EXIST::FUNCTION:EC +X509_keyid_get0 3617 EXIST::FUNCTION: +STORE_get_method 3618 EXIST::FUNCTION: +PKCS12_add_cert 3619 EXIST::FUNCTION: +X509_STORE_set1_param 3620 EXIST::FUNCTION: +BN_BLINDING_create_param 3621 EXIST::FUNCTION: +BN_BLINDING_get_flags 3622 EXIST::FUNCTION: +EVP_PKEY_get_attr_count 3623 EXIST::FUNCTION: +STORE_parse_attrs_start 3624 EXIST::FUNCTION: +STORE_method_set_list_next_function 3625 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_next_fn 3625 EXIST:VMS:FUNCTION: +STORE_parse_attrs_end 3626 EXIST::FUNCTION: +EC_GROUP_get_point_conversion_form 3627 EXIST:!VMS:FUNCTION:EC +EC_GROUP_get_point_conv_form 3627 EXIST:VMS:FUNCTION:EC +EC_KEY_get0_group 3628 EXIST::FUNCTION:EC +SHA256 3629 EXIST::FUNCTION:SHA,SHA256 +EC_GROUP_set_seed 3630 EXIST::FUNCTION:EC +pqueue_pop 3631 EXIST::FUNCTION: +i2d_ECPKParameters 3632 EXIST::FUNCTION:EC +pitem_new 3633 EXIST::FUNCTION: +ENGINE_set_ECDSA 3634 EXIST::FUNCTION:ENGINE +X509_STORE_CTX_set0_param 3635 EXIST::FUNCTION: +X509_policy_tree_get0_user_policies 3636 EXIST:!VMS:FUNCTION: +X509_pcy_tree_get0_usr_policies 3636 EXIST:VMS:FUNCTION: +X509V3_NAME_from_section 3637 EXIST::FUNCTION: +pqueue_peek 3638 EXIST::FUNCTION: +STORE_method_set_initialise_function 3639 EXIST:!VMS:FUNCTION: +STORE_meth_set_initialise_fn 3639 EXIST:VMS:FUNCTION: +EC_POINT_bn2point 3640 EXIST::FUNCTION:EC +ENGINE_load_gmp 3641 EXIST::FUNCTION:ENGINE,GMP,STATIC_ENGINE +pitem_free 3642 EXIST::FUNCTION: +ASN1_OCTET_STRING_NDEF_it 3643 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +ASN1_OCTET_STRING_NDEF_it 3643 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +STORE_ctrl 3644 EXIST::FUNCTION: +STORE_method_get_list_start_function 3645 EXIST:!VMS:FUNCTION: +STORE_meth_get_list_start_fn 3645 EXIST:VMS:FUNCTION: +pqueue_iterator 3646 EXIST::FUNCTION: +STORE_list_private_key_start 3647 EXIST::FUNCTION: +BIO_dgram_non_fatal_error 3648 EXIST::FUNCTION: +pqueue_next 3649 EXIST::FUNCTION: +BN_get0_nist_prime_521 3650 EXIST::FUNCTION: +PEM_read_EC_PUBKEY 3651 EXIST:!WIN16:FUNCTION:EC +EC_POINT_get_affine_coordinates_GF2m 3652 EXIST:!VMS:FUNCTION:EC +EC_POINT_get_affine_coords_GF2m 3652 EXIST:VMS:FUNCTION:EC +X509_policy_level_node_count 3653 EXIST::FUNCTION: +SHA512 3654 EXIST::FUNCTION:SHA,SHA512 +STORE_ATTR_INFO_set_dn 3655 EXIST::FUNCTION: +ECDSA_set_default_method 3656 EXIST::FUNCTION:ECDSA +STORE_ATTR_INFO_in_ex 3657 EXIST::FUNCTION: +d2i_ECParameters 3658 EXIST::FUNCTION:EC +EC_GROUP_dup 3659 EXIST::FUNCTION:EC +STORE_generate_crl 3660 EXIST::FUNCTION: +STORE_OBJECT_new 3661 EXIST::FUNCTION: +POLICY_CONSTRAINTS_free 3662 EXIST::FUNCTION: +a2i_IPADDRESS_NC 3663 EXIST::FUNCTION: +STORE_delete_arbitrary 3664 EXIST::FUNCTION: +STORE_method_set_generate_function 3665 EXIST:!VMS:FUNCTION: +STORE_meth_set_generate_fn 3665 EXIST:VMS:FUNCTION: +EC_GROUP_check 3666 EXIST::FUNCTION:EC +ECDSA_get_default_method 3667 EXIST::FUNCTION:ECDSA +ECDSA_sign 3668 EXIST::FUNCTION:ECDSA +i2v_ASN1_BIT_STRING 3669 EXIST::FUNCTION: +STORE_modify_arbitrary 3670 EXIST::FUNCTION: +EVP_CIPHER_CTX_rand_key 3671 EXIST::FUNCTION: +BN_nist_mod_224 3672 EXIST::FUNCTION: +STORE_revoke_public_key 3673 EXIST::FUNCTION: +STORE_method_get_unlock_store_function 3674 EXIST:!VMS:FUNCTION: +STORE_meth_get_unlock_store_fn 3674 EXIST:VMS:FUNCTION: +d2i_EC_PUBKEY_bio 3675 EXIST::FUNCTION:BIO,EC +EC_GFp_nist_method 3676 EXIST::FUNCTION:EC +EC_GROUP_get_degree 3677 EXIST::FUNCTION:EC +pqueue_new 3678 EXIST::FUNCTION: +EC_GROUP_new_curve_GF2m 3679 EXIST::FUNCTION:EC +ENGINE_register_ECDSA 3680 EXIST::FUNCTION:ENGINE +STORE_list_certificate_endp 3681 EXIST::FUNCTION: +PEM_read_bio_EC_PUBKEY 3682 EXIST::FUNCTION:EC +ENGINE_unregister_STORE 3683 EXIST::FUNCTION:ENGINE +d2i_ECPKParameters 3684 EXIST::FUNCTION:EC +BN_GF2m_poly2arr 3685 EXIST::FUNCTION: +SHA512_Final 3686 EXIST::FUNCTION:SHA,SHA512 +EC_KEY_set_conv_form 3687 EXIST::FUNCTION:EC +BN_GF2m_mod_solve_quad_arr 3688 EXIST::FUNCTION: +PEM_write_bio_ECPrivateKey 3689 EXIST::FUNCTION:EC +X509_policy_tree_free 3690 EXIST::FUNCTION: +STORE_list_certificate_end 3691 EXIST::FUNCTION: +BIO_dump_cb 3692 EXIST::FUNCTION: +EVP_PKEY_get_attr_by_OBJ 3693 EXIST::FUNCTION: +STORE_method_set_ctrl_function 3694 EXIST::FUNCTION: +EC_GROUP_set_point_conversion_form 3695 EXIST:!VMS:FUNCTION:EC +EC_GROUP_set_point_conv_form 3695 EXIST:VMS:FUNCTION:EC +STORE_modify_certificate 3696 EXIST::FUNCTION: +STORE_ATTR_INFO_compare 3697 EXIST::FUNCTION: +STORE_store_public_key 3698 EXIST::FUNCTION: +ECDH_OpenSSL 3699 EXIST::FUNCTION:ECDH +STORE_modify_public_key 3700 EXIST::FUNCTION: +ECDSA_size 3701 EXIST::FUNCTION:ECDSA +ENGINE_get_STORE 3702 EXIST::FUNCTION:ENGINE +EC_KEY_get_enc_flags 3703 EXIST::FUNCTION:EC +STORE_get_crl 3704 EXIST::FUNCTION: +ECDH_get_default_method 3705 EXIST::FUNCTION:ECDH +ECDH_get_ex_new_index 3706 EXIST::FUNCTION:ECDH +PEM_read_X509_CERT_PAIR 3707 EXIST:!WIN16:FUNCTION: +ERR_load_ECDSA_strings 3708 EXIST::FUNCTION:ECDSA +BN_nist_mod_384 3709 EXIST::FUNCTION: +ENGINE_get_default_ECDH 3710 EXIST::FUNCTION:ENGINE +X509_VERIFY_PARAM_inherit 3711 EXIST::FUNCTION: +ENGINE_load_padlock 3712 EXIST::FUNCTION:ENGINE +BN_get0_nist_prime_224 3713 EXIST::FUNCTION: +X509_STORE_set_depth 3714 EXIST::FUNCTION: +a2i_IPADDRESS 3715 EXIST::FUNCTION: +ECDSA_OpenSSL 3716 EXIST::FUNCTION:ECDSA +STORE_list_private_key_next 3717 EXIST::FUNCTION: +STORE_store_certificate 3718 EXIST::FUNCTION: +STORE_method_set_list_start_function 3719 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_start_fn 3719 EXIST:VMS:FUNCTION: +X509_STORE_CTX_get0_policy_tree 3720 EXIST::FUNCTION: +SHA224_Init 3721 EXIST::FUNCTION:SHA,SHA256 +pqueue_print 3722 EXIST::FUNCTION: +X509_VERIFY_PARAM_set1_policies 3723 EXIST::FUNCTION: +ASN1_generate_v3 3724 EXIST::FUNCTION: +pqueue_find 3725 EXIST::FUNCTION: +i2d_ECDSA_SIG 3726 EXIST::FUNCTION:ECDSA +STORE_method_get_ctrl_function 3727 EXIST::FUNCTION: +ECDH_set_ex_data 3728 EXIST::FUNCTION:ECDH +ECParameters_print_fp 3729 EXIST::FUNCTION:EC,FP_API +STORE_method_set_list_end_function 3730 EXIST:!VMS:FUNCTION: +STORE_meth_set_list_end_fn 3730 EXIST:VMS:FUNCTION: +ENGINE_register_all_STORE 3731 EXIST::FUNCTION:ENGINE +EC_KEY_set_private_key 3732 EXIST::FUNCTION:EC +ECDSA_do_sign_ex 3733 EXIST::FUNCTION:ECDSA +X509_policy_tree_get0_level 3734 EXIST::FUNCTION: +X509_POLICY_NODE_print 3735 EXIST::FUNCTION: +ENGINE_get_ECDH 3736 EXIST::FUNCTION:ENGINE +BIO_s_datagram 3737 EXIST::FUNCTION:DGRAM +PEM_read_ECPKParameters 3738 EXIST:!WIN16:FUNCTION:EC +ECDSA_set_method 3739 EXIST::FUNCTION:ECDSA +ERR_load_STORE_strings 3740 EXIST::FUNCTION: +STORE_method_get_modify_function 3741 EXIST:!VMS:FUNCTION: +STORE_meth_get_modify_fn 3741 EXIST:VMS:FUNCTION: +EC_KEY_set_enc_flags 3742 EXIST::FUNCTION:EC +d2i_EC_PUBKEY 3743 EXIST::FUNCTION:EC +SHA256_Final 3744 EXIST::FUNCTION:SHA,SHA256 +BN_GF2m_add 3745 EXIST::FUNCTION: +X509_STORE_CTX_set0_crls 3746 EXIST::FUNCTION: +GENERAL_SUBTREE_new 3747 EXIST::FUNCTION: +STORE_revoke_private_key 3748 EXIST::FUNCTION: +X509_VERIFY_PARAM_new 3749 EXIST::FUNCTION: +BIO_dump_fp 3750 EXIST::FUNCTION:FP_API +BN_GF2m_mod_arr 3751 EXIST::FUNCTION: +BN_GF2m_mod_exp 3752 EXIST::FUNCTION: +EC_KEY_generate_key 3753 EXIST::FUNCTION:EC +RSA_setup_blinding 3754 EXIST::FUNCTION:RSA +POLICY_MAPPING_it 3755 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE: +POLICY_MAPPING_it 3755 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION: +DSO_merge 3756 EXIST::FUNCTION: +STORE_method_get_update_store_function 3757 EXIST:!VMS:FUNCTION: +STORE_meth_get_update_store_fn 3757 EXIST:VMS:FUNCTION: +ENGINE_register_all_ECDH 3758 EXIST::FUNCTION:ENGINE +i2d_ECPrivateKey 3759 EXIST::FUNCTION:EC |