sync with OpenBSD -current
This commit is contained in:
parent
a48b7fc94f
commit
df306e9b72
GPG key ID:
F42C07F07E2E35B7
1354 changed files with 105229 additions and 31150 deletions
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ec_local.h,v 1.30 2024/10/18 17:27:07 tb Exp $ */
|
||||
/* $OpenBSD: ec_local.h,v 1.54 2025/01/07 08:52:17 tb Exp $ */
|
||||
/*
|
||||
* Originally written by Bodo Moeller for the OpenSSL project.
|
||||
*/
|
||||
|
|
@ -88,28 +88,11 @@ __BEGIN_HIDDEN_DECLS
|
|||
struct ec_method_st {
|
||||
int field_type;
|
||||
|
||||
int (*group_init)(EC_GROUP *);
|
||||
void (*group_finish)(EC_GROUP *);
|
||||
int (*group_copy)(EC_GROUP *, const EC_GROUP *);
|
||||
|
||||
int (*group_set_curve)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a,
|
||||
const BIGNUM *b, BN_CTX *);
|
||||
int (*group_get_curve)(const EC_GROUP *, BIGNUM *p, BIGNUM *a,
|
||||
BIGNUM *b, BN_CTX *);
|
||||
|
||||
int (*group_get_degree)(const EC_GROUP *);
|
||||
int (*group_order_bits)(const EC_GROUP *);
|
||||
int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
|
||||
|
||||
int (*point_init)(EC_POINT *);
|
||||
void (*point_finish)(EC_POINT *);
|
||||
int (*point_copy)(EC_POINT *, const EC_POINT *);
|
||||
|
||||
int (*point_set_to_infinity)(const EC_GROUP *, EC_POINT *);
|
||||
int (*point_set_Jprojective_coordinates)(const EC_GROUP *, EC_POINT *,
|
||||
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
|
||||
int (*point_get_Jprojective_coordinates)(const EC_GROUP *,
|
||||
const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
|
||||
int (*point_set_affine_coordinates)(const EC_GROUP *, EC_POINT *,
|
||||
const BIGNUM *x, const BIGNUM *y, BN_CTX *);
|
||||
int (*point_get_affine_coordinates)(const EC_GROUP *, const EC_POINT *,
|
||||
|
|
@ -117,18 +100,11 @@ struct ec_method_st {
|
|||
int (*point_set_compressed_coordinates)(const EC_GROUP *, EC_POINT *,
|
||||
const BIGNUM *x, int y_bit, BN_CTX *);
|
||||
|
||||
size_t (*point2oct)(const EC_GROUP *, const EC_POINT *,
|
||||
point_conversion_form_t form, unsigned char *buf, size_t len,
|
||||
BN_CTX *);
|
||||
int (*oct2point)(const EC_GROUP *, EC_POINT *, const unsigned char *buf,
|
||||
size_t len, BN_CTX *);
|
||||
|
||||
int (*add)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a,
|
||||
const EC_POINT *b, BN_CTX *);
|
||||
int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
|
||||
int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *);
|
||||
|
||||
int (*is_at_infinity)(const EC_GROUP *, const EC_POINT *);
|
||||
int (*is_on_curve)(const EC_GROUP *, const EC_POINT *, BN_CTX *);
|
||||
int (*point_cmp)(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b,
|
||||
BN_CTX *);
|
||||
|
|
@ -145,10 +121,6 @@ struct ec_method_st {
|
|||
const BIGNUM *g_scalar, const BIGNUM *p_scalar,
|
||||
const EC_POINT *point, BN_CTX *);
|
||||
|
||||
/*
|
||||
* Internal methods.
|
||||
*/
|
||||
|
||||
/*
|
||||
* These can be used by 'add' and 'dbl' so that the same implementations
|
||||
* of point operations can be used with different optimized versions of
|
||||
|
|
@ -158,18 +130,12 @@ struct ec_method_st {
|
|||
const BIGNUM *b, BN_CTX *);
|
||||
int (*field_sqr)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
|
||||
BN_CTX *);
|
||||
int (*field_div)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
|
||||
const BIGNUM *b, BN_CTX *);
|
||||
|
||||
/* Encode to and decode from other forms (e.g. Montgomery). */
|
||||
int (*field_encode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
|
||||
BN_CTX *);
|
||||
int (*field_decode)(const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
|
||||
BN_CTX *);
|
||||
|
||||
int (*field_set_to_one)(const EC_GROUP *, BIGNUM *r, BN_CTX *);
|
||||
int (*blind_coordinates)(const EC_GROUP *group, EC_POINT *p,
|
||||
BN_CTX *ctx);
|
||||
} /* EC_METHOD */;
|
||||
|
||||
struct ec_group_st {
|
||||
|
|
@ -180,10 +146,10 @@ struct ec_group_st {
|
|||
const EC_METHOD *meth;
|
||||
|
||||
EC_POINT *generator; /* Optional */
|
||||
BIGNUM order;
|
||||
BIGNUM cofactor;
|
||||
BIGNUM *order;
|
||||
BIGNUM *cofactor;
|
||||
|
||||
int curve_name; /* Optional NID for named curve. */
|
||||
int nid; /* Optional NID for named curve. */
|
||||
|
||||
/* ASN.1 encoding controls. */
|
||||
int asn1_flag;
|
||||
|
|
@ -194,119 +160,50 @@ struct ec_group_st {
|
|||
size_t seed_len;
|
||||
|
||||
/*
|
||||
* Internal methods and members. Handled by the method functions, even
|
||||
* if they appear to be generic.
|
||||
* Coefficients of the Weierstrass equation y^2 = x^3 + a*x + b (mod p).
|
||||
*/
|
||||
|
||||
/*
|
||||
* Field specification. For GF(p) this is the modulus; for GF(2^m),
|
||||
* this is the irreducible polynomial defining the field.
|
||||
*/
|
||||
BIGNUM field;
|
||||
|
||||
/*
|
||||
* Curve coefficients. In characteristic > 3, the curve is defined by a
|
||||
* Weierstrass equation of the form y^2 = x^3 + a*x + b.
|
||||
*/
|
||||
BIGNUM a, b;
|
||||
BIGNUM *p;
|
||||
BIGNUM *a;
|
||||
BIGNUM *b;
|
||||
|
||||
/* Enables optimized point arithmetics for special case. */
|
||||
int a_is_minus3;
|
||||
|
||||
/* Montgomery context and values used by EC_GFp_mont_method. */
|
||||
/* Montgomery context used by EC_GFp_mont_method. */
|
||||
BN_MONT_CTX *mont_ctx;
|
||||
BIGNUM *mont_one;
|
||||
} /* EC_GROUP */;
|
||||
|
||||
struct ec_key_st {
|
||||
const EC_KEY_METHOD *meth;
|
||||
|
||||
int version;
|
||||
|
||||
EC_GROUP *group;
|
||||
|
||||
EC_POINT *pub_key;
|
||||
BIGNUM *priv_key;
|
||||
|
||||
unsigned int enc_flag;
|
||||
point_conversion_form_t conv_form;
|
||||
|
||||
int references;
|
||||
int flags;
|
||||
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
} /* EC_KEY */;
|
||||
|
||||
struct ec_point_st {
|
||||
const EC_METHOD *meth;
|
||||
|
||||
/*
|
||||
* All members except 'meth' are handled by the method functions,
|
||||
* even if they appear generic.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Jacobian projective coordinates: (X, Y, Z) represents (X/Z^2, Y/Z^3)
|
||||
* if Z != 0
|
||||
*/
|
||||
BIGNUM X;
|
||||
BIGNUM Y;
|
||||
BIGNUM Z;
|
||||
BIGNUM *X;
|
||||
BIGNUM *Y;
|
||||
BIGNUM *Z;
|
||||
int Z_is_one; /* enable optimized point arithmetics for special case */
|
||||
} /* EC_POINT */;
|
||||
|
||||
/* method functions in ec_mult.c
|
||||
* (ec_lib.c uses these as defaults if group->method->mul is 0) */
|
||||
int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
|
||||
size_t num, const EC_POINT *points[], const BIGNUM *scalars[], BN_CTX *);
|
||||
/* Compute r = generator * m + point * n in non-constant time. */
|
||||
int ec_wnaf_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *m,
|
||||
const EC_POINT *point, const BIGNUM *n, BN_CTX *ctx);
|
||||
|
||||
/* method functions in ecp_smpl.c */
|
||||
int ec_GFp_simple_group_init(EC_GROUP *);
|
||||
void ec_GFp_simple_group_finish(EC_GROUP *);
|
||||
int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
|
||||
int ec_GFp_simple_group_set_curve(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
|
||||
int ec_GFp_simple_group_get_curve(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
|
||||
int ec_GFp_simple_group_get_degree(const EC_GROUP *);
|
||||
int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
|
||||
int ec_GFp_simple_point_init(EC_POINT *);
|
||||
void ec_GFp_simple_point_finish(EC_POINT *);
|
||||
int ec_GFp_simple_point_copy(EC_POINT *, const EC_POINT *);
|
||||
int ec_GFp_simple_point_set_to_infinity(const EC_GROUP *, EC_POINT *);
|
||||
int ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *, EC_POINT *,
|
||||
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *);
|
||||
int ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *,
|
||||
const EC_POINT *, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *);
|
||||
int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *, EC_POINT *,
|
||||
const BIGNUM *x, const BIGNUM *y, BN_CTX *);
|
||||
int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *, const EC_POINT *,
|
||||
BIGNUM *x, BIGNUM *y, BN_CTX *);
|
||||
int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *, EC_POINT *,
|
||||
const BIGNUM *x, int y_bit, BN_CTX *);
|
||||
size_t ec_GFp_simple_point2oct(const EC_GROUP *, const EC_POINT *, point_conversion_form_t form,
|
||||
unsigned char *buf, size_t len, BN_CTX *);
|
||||
int ec_GFp_simple_oct2point(const EC_GROUP *, EC_POINT *,
|
||||
const unsigned char *buf, size_t len, BN_CTX *);
|
||||
int ec_GFp_simple_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
|
||||
int ec_GFp_simple_dbl(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
|
||||
int ec_GFp_simple_invert(const EC_GROUP *, EC_POINT *, BN_CTX *);
|
||||
int ec_GFp_simple_is_at_infinity(const EC_GROUP *, const EC_POINT *);
|
||||
int ec_GFp_simple_is_on_curve(const EC_GROUP *, const EC_POINT *, BN_CTX *);
|
||||
int ec_GFp_simple_cmp(const EC_GROUP *, const EC_POINT *a, const EC_POINT *b, BN_CTX *);
|
||||
int ec_GFp_simple_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *);
|
||||
int ec_GFp_simple_points_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *);
|
||||
int ec_GFp_simple_field_mul(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
|
||||
int ec_GFp_simple_field_sqr(const EC_GROUP *, BIGNUM *r, const BIGNUM *a, BN_CTX *);
|
||||
int ec_GFp_simple_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
|
||||
int ec_GFp_simple_mul_generator_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *scalar, BN_CTX *);
|
||||
int ec_GFp_simple_mul_single_ct(const EC_GROUP *, EC_POINT *r, const BIGNUM *scalar,
|
||||
const EC_POINT *point, BN_CTX *);
|
||||
int ec_GFp_simple_mul_double_nonct(const EC_GROUP *, EC_POINT *r, const BIGNUM *g_scalar,
|
||||
const BIGNUM *p_scalar, const EC_POINT *point, BN_CTX *);
|
||||
int ec_group_is_builtin_curve(const EC_GROUP *group, int *out_nid);
|
||||
int ec_group_get_field_type(const EC_GROUP *group);
|
||||
|
||||
int ec_group_simple_order_bits(const EC_GROUP *group);
|
||||
int ec_point_blind_coordinates(const EC_GROUP *group, EC_POINT *p, BN_CTX *ctx);
|
||||
/*
|
||||
* Wrappers around the unergonomic EC_POINT_{oct2point,point2oct}().
|
||||
*/
|
||||
int ec_point_from_octets(const EC_GROUP *group, const unsigned char *buf,
|
||||
size_t buf_len, EC_POINT **out_point, uint8_t *out_form, BN_CTX *ctx_in);
|
||||
int ec_point_to_octets(const EC_GROUP *group, const EC_POINT *point, int form,
|
||||
unsigned char **out_buf, size_t *len, BN_CTX *ctx_in);
|
||||
|
||||
/* EC_METHOD definitions */
|
||||
/* Public API in OpenSSL */
|
||||
const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
|
||||
const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
|
||||
|
||||
struct ec_key_method_st {
|
||||
const char *name;
|
||||
|
|
@ -336,6 +233,26 @@ struct ec_key_method_st {
|
|||
|
||||
#define EC_KEY_METHOD_DYNAMIC 1
|
||||
|
||||
struct ec_key_st {
|
||||
const EC_KEY_METHOD *meth;
|
||||
|
||||
int version;
|
||||
|
||||
EC_GROUP *group;
|
||||
|
||||
EC_POINT *pub_key;
|
||||
BIGNUM *priv_key;
|
||||
|
||||
unsigned int enc_flag;
|
||||
point_conversion_form_t conv_form;
|
||||
|
||||
int references;
|
||||
int flags;
|
||||
|
||||
CRYPTO_EX_DATA ex_data;
|
||||
} /* EC_KEY */;
|
||||
|
||||
int eckey_compute_pubkey(EC_KEY *eckey);
|
||||
int ec_key_gen(EC_KEY *eckey);
|
||||
int ecdh_compute_key(unsigned char **out, size_t *out_len,
|
||||
const EC_POINT *pub_key, const EC_KEY *ecdh);
|
||||
|
|
@ -350,15 +267,4 @@ int ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
|
|||
int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
|
||||
size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md);
|
||||
|
||||
int EC_POINT_set_Jprojective_coordinates(const EC_GROUP *group, EC_POINT *p,
|
||||
const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx);
|
||||
int EC_POINT_get_Jprojective_coordinates(const EC_GROUP *group,
|
||||
const EC_POINT *p, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx);
|
||||
|
||||
int ec_group_is_builtin_curve(const EC_GROUP *group);
|
||||
|
||||
/* Public API in OpenSSL */
|
||||
const BIGNUM *EC_GROUP_get0_cofactor(const EC_GROUP *group);
|
||||
const BIGNUM *EC_GROUP_get0_order(const EC_GROUP *group);
|
||||
|
||||
__END_HIDDEN_DECLS
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue