RT3065: automatically generate a missing EC public key
When d2i_ECPrivateKey reads a private key with a missing (optional) public key, generate one automatically from the group and private key. Reviewed-by: Dr Stephen Henson <steve@openssl.org> (cherry picked from commit ed383f847156940e93f256fed78599873a4a9b28)
This commit is contained in:
parent
1f2b943254
commit
2083f7c465
@ -1183,19 +1183,20 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (ret->pub_key)
|
||||
EC_POINT_clear_free(ret->pub_key);
|
||||
ret->pub_key = EC_POINT_new(ret->group);
|
||||
if (ret->pub_key == NULL)
|
||||
{
|
||||
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (priv_key->publicKey)
|
||||
{
|
||||
const unsigned char *pub_oct;
|
||||
size_t pub_oct_len;
|
||||
|
||||
if (ret->pub_key)
|
||||
EC_POINT_clear_free(ret->pub_key);
|
||||
ret->pub_key = EC_POINT_new(ret->group);
|
||||
if (ret->pub_key == NULL)
|
||||
{
|
||||
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
|
||||
pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
|
||||
/* save the point conversion form */
|
||||
@ -1207,6 +1208,16 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL))
|
||||
{
|
||||
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
|
||||
goto err;
|
||||
}
|
||||
/* Remember the original private-key-only encoding. */
|
||||
ret->enc_flag |= EC_PKEY_NO_PUBKEY;
|
||||
}
|
||||
|
||||
ok = 1;
|
||||
err:
|
||||
|
@ -74,6 +74,11 @@ flags currently defined - EC_PKEY_NO_PARAMETERS and EC_PKEY_NO_PUBKEY. These fl
|
||||
converted into ASN1 in a call to i2d_ECPrivateKey. If EC_PKEY_NO_PARAMETERS is set then the public parameters for the curve are not encoded
|
||||
along with the private key. If EC_PKEY_NO_PUBKEY is set then the public key is not encoded along with the private key.
|
||||
|
||||
When reading a private key encoded with EC_PKEY_NO_PUBKEY,
|
||||
d2i_ECPrivateKey generates the missing public key
|
||||
automatically. Private keys encoded with EC_PKEY_NO_PARAMETERS cannot
|
||||
be loaded using d2i_ECPrivateKey.
|
||||
|
||||
The functions EC_KEY_get_conv_form and EC_KEY_set_conv_form get and set the point_conversion_form for the B<key>. For a description
|
||||
of point_conversion_forms please refer to L<EC_POINT_new(3)|EC_POINT_new(3)>.
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user