Hello,
After merge of ECDH and ECDSA and associating method to EC_KEY I would
like to request some additional functionality.
External cryptographic modules may store addition information to key.
What about to define CRYPTO_EX_DATA for ec keys?
Proposed patch "0008-extra-data-for-EC_KEY.patch" - note that index
CRYPTO_EX_INDEX is with gap in numbering but I would like patch to be
minimal.
I would like to request external applications to be able to change
method - see attached patch "0009-access-EC_KEY-method-property.patch".
Regards,
Roumen Petrov
>From 36e048c3bbd1c416194a20e8f0c1a84467bf2765 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Mon, 21 Dec 2015 17:56:34 +0200
Subject: [PATCH 08/15] extra data for EC_KEY
---
crypto/ec/ec_lcl.h | 1 +
crypto/ec/ec_lib.c | 10 ++++++++++
include/openssl/crypto.h | 3 +--
include/openssl/ec.h | 6 ++++++
util/libeay.num | 2 ++
5 files changed, 20 insertions(+), 2 deletions(-)
diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index ebfaae3..912aa8e 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -267,6 +267,7 @@ struct ec_key_st {
point_conversion_form_t conv_form;
int references;
int flags;
+ CRYPTO_EX_DATA ex_data;
EC_EXTRA_DATA *method_data;
} /* EC_KEY */ ;
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 7cb4759..e9e5832 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1091,3 +1091,13 @@ int ec_precompute_mont_data(EC_GROUP *group)
BN_CTX_free(ctx);
return ret;
}
+
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg)
+{
+ return (CRYPTO_set_ex_data(&key->ex_data, idx, arg));
+}
+
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx)
+{
+ return (CRYPTO_get_ex_data(&key->ex_data, idx));
+}
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 81e944d..bd8f07d 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -270,8 +270,7 @@ DECLARE_STACK_OF(void)
# define CRYPTO_EX_INDEX_X509_STORE_CTX 5
# define CRYPTO_EX_INDEX_DH 6
# define CRYPTO_EX_INDEX_DSA 7
-# define CRYPTO_EX_INDEX_ECDH 8
-# define CRYPTO_EX_INDEX_ECDSA 9
+# define CRYPTO_EX_INDEX_EC_KEY 8
# define CRYPTO_EX_INDEX_RSA 10
# define CRYPTO_EX_INDEX_ENGINE 11
# define CRYPTO_EX_INDEX_UI 12
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 1dc2db1..923844c 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -868,6 +868,12 @@ void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func) (void *),
void (*free_func) (void *),
void (*clear_free_func) (void *));
+
+#define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
+ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef)
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
+
/* wrapper functions for the underlying EC_GROUP object */
void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
diff --git a/util/libeay.num b/util/libeay.num
index bce6ca0..a3766ec 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4735,3 +4735,5 @@ OPENSSL_strlcat 5110 1_1_0 EXIST::FUNCTION:
OPENSSL_memdup 5111 1_1_0 NOEXIST::FUNCTION:
CRYPTO_memdup 5112 1_1_0 EXIST::FUNCTION:
CRYPTO_strndup 5113 1_1_0 EXIST::FUNCTION:
+EC_KEY_get_ex_data 5114 1_1_0 EXIST::FUNCTION:EC
+EC_KEY_set_ex_data 5115 1_1_0 EXIST::FUNCTION:EC
--
1.8.4
>From a347853193f419f21e4757abf0a8b1b8d523066b Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Mon, 21 Dec 2015 19:41:42 +0200
Subject: [PATCH 09/15] access EC_KEY method property
---
crypto/ec/ec_kmeth.c | 27 +++++++++++++++++++++++++++
include/openssl/ec.h | 2 ++
util/libeay.num | 2 ++
3 files changed, 31 insertions(+)
diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index d6c2811..9b6f4d9 100644
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -93,6 +93,33 @@ void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
default_ec_key_meth = meth;
}
+const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
+{
+ return key->meth;
+}
+
+int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
+{
+ {
+ /* method is set always, see ... _new_... */
+ void (*finish)(EC_KEY *key) = key->meth->finish;
+ if (finish)
+ finish(key);
+ }
+
+#ifndef OPENSSL_NO_ENGINE
+ if (key->engine) {
+ ENGINE_finish(key->engine);
+ key->engine = NULL;
+ }
+#endif
+
+ key->meth = meth;
+ if (meth->init)
+ meth->init(key);
+ return 1;
+}
+
EC_KEY *EC_KEY_new_method(ENGINE *engine)
{
EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 923844c..0ea4b0d 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1029,6 +1029,8 @@ int EC_KEY_print_fp(FILE *fp, const EC_KEY *key, int off);
const EC_KEY_METHOD *EC_KEY_OpenSSL(void);
const EC_KEY_METHOD *EC_KEY_get_default_method(void);
void EC_KEY_set_default_method(const EC_KEY_METHOD *meth);
+const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key);
+int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth);
EC_KEY *EC_KEY_new_method(ENGINE *engine);
int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
diff --git a/util/libeay.num b/util/libeay.num
index a3766ec..487bd95 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4737,3 +4737,5 @@ CRYPTO_memdup 5112 1_1_0 EXIST::FUNCTION:
CRYPTO_strndup 5113 1_1_0 EXIST::FUNCTION:
EC_KEY_get_ex_data 5114 1_1_0 EXIST::FUNCTION:EC
EC_KEY_set_ex_data 5115 1_1_0 EXIST::FUNCTION:EC
+EC_KEY_set_method 5116 1_1_0 EXIST::FUNCTION:EC
+EC_KEY_get_method 5117 1_1_0 EXIST::FUNCTION:EC
--
1.8.4
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
