Add functions to set ECDSA_METHOD structure.
Add various functions to allocate and set the fields of an ECDSA_METHOD structure.
This commit is contained in:
parent
9600602267
commit
94c2f77a62
4
CHANGES
4
CHANGES
@ -277,6 +277,10 @@
|
||||
|
||||
Changes between 1.0.1e and 1.0.2 [xx XXX xxxx]
|
||||
|
||||
*) Add functions to allocate and set the fields of an ECDSA_METHOD
|
||||
structure.
|
||||
[Douglas E. Engert, Steve Henson]
|
||||
|
||||
*) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
|
||||
avoids preferring ECDHE-ECDSA ciphers when the client appears to be
|
||||
Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
|
||||
|
@ -244,6 +244,59 @@ ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key,
|
||||
#endif
|
||||
|
||||
|
||||
/** Allocates and initialize a ECDSA_METHOD structure
|
||||
* \param ecdsa_method pointer to ECDSA_METHOD to copy. (May be NULL)
|
||||
* \return pointer to a ECDSA_METHOD structure or NULL if an error occurred
|
||||
*/
|
||||
|
||||
ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_method);
|
||||
|
||||
/** frees a ECDSA_METHOD structure
|
||||
* \param ecdsa_method pointer to the ECDSA_METHOD structure
|
||||
*/
|
||||
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method);
|
||||
|
||||
/** Set the ECDSA_do_sign function in the ECDSA_METHOD
|
||||
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||
* \param ecdsa_do_sign a funtion of type ECDSA_do_sign
|
||||
*/
|
||||
|
||||
void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
|
||||
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
|
||||
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey));
|
||||
|
||||
/** Set the ECDSA_sign_setup function in the ECDSA_METHOD
|
||||
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||
* \param ecdsa_sign_setup a funtion of type ECDSA_sign_setup
|
||||
*/
|
||||
|
||||
void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
|
||||
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
|
||||
BIGNUM **r));
|
||||
|
||||
/** Set the ECDSA_do_verify function in the ECDSA_METHOD
|
||||
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||
* \param ecdsa_do_verify a funtion of type ECDSA_do_verify
|
||||
*/
|
||||
|
||||
void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
|
||||
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
|
||||
const ECDSA_SIG *sig, EC_KEY *eckey));
|
||||
|
||||
void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
|
||||
|
||||
/** Set the flags field in the ECDSA_METHOD
|
||||
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||
* \param flags flags value to set
|
||||
*/
|
||||
|
||||
void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
|
||||
|
||||
/** Set the name field in the ECDSA_METHOD
|
||||
* \param ecdsa_method pointer to existing ECDSA_METHOD
|
||||
* \param name name to set
|
||||
*/
|
||||
|
||||
/* BEGIN ERROR CODES */
|
||||
/* The following lines are auto generated by the script mkerr.pl. Any changes
|
||||
* made after this point may be overwritten when the script is next run.
|
||||
@ -256,6 +309,7 @@ void ERR_load_ECDSA_strings(void);
|
||||
#define ECDSA_F_ECDSA_DATA_NEW_METHOD 100
|
||||
#define ECDSA_F_ECDSA_DO_SIGN 101
|
||||
#define ECDSA_F_ECDSA_DO_VERIFY 102
|
||||
#define ECDSA_F_ECDSA_METHOD_NEW 105
|
||||
#define ECDSA_F_ECDSA_SIGN_SETUP 103
|
||||
|
||||
/* Reason codes. */
|
||||
|
@ -73,6 +73,7 @@ static ERR_STRING_DATA ECDSA_str_functs[]=
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_METHOD_NEW), "ECDSA_METHOD_new"},
|
||||
{ERR_FUNC(ECDSA_F_ECDSA_SIGN_SETUP), "ECDSA_sign_setup"},
|
||||
{0,NULL}
|
||||
};
|
||||
|
@ -264,3 +264,68 @@ void *ECDSA_get_ex_data(EC_KEY *d, int idx)
|
||||
return NULL;
|
||||
return(CRYPTO_get_ex_data(&ecdsa->ex_data,idx));
|
||||
}
|
||||
|
||||
ECDSA_METHOD *ECDSA_METHOD_new(ECDSA_METHOD *ecdsa_meth)
|
||||
{
|
||||
ECDSA_METHOD *ret;
|
||||
|
||||
ret = OPENSSL_malloc(sizeof(ECDSA_METHOD));
|
||||
if (ret == NULL)
|
||||
{
|
||||
ECDSAerr(ECDSA_F_ECDSA_METHOD_NEW, ERR_R_MALLOC_FAILURE);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (ecdsa_meth)
|
||||
*ret = *ecdsa_meth;
|
||||
else
|
||||
{
|
||||
ret->ecdsa_sign_setup = 0;
|
||||
ret->ecdsa_do_sign = 0;
|
||||
ret->ecdsa_do_verify = 0;
|
||||
ret->name = NULL;
|
||||
ret->flags = 0;
|
||||
}
|
||||
ret->flags |= ECDSA_METHOD_FLAG_ALLOCATED;
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
void ECDSA_METHOD_set_sign(ECDSA_METHOD *ecdsa_method,
|
||||
ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
|
||||
const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey))
|
||||
{
|
||||
ecdsa_method->ecdsa_do_sign = ecdsa_do_sign;
|
||||
}
|
||||
|
||||
void ECDSA_METHOD_set_sign_setup(ECDSA_METHOD *ecdsa_method,
|
||||
int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
|
||||
BIGNUM **r))
|
||||
{
|
||||
ecdsa_method->ecdsa_sign_setup = ecdsa_sign_setup;
|
||||
}
|
||||
|
||||
void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
|
||||
int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
|
||||
const ECDSA_SIG *sig, EC_KEY *eckey))
|
||||
{
|
||||
ecdsa_method->ecdsa_do_verify = ecdsa_do_verify;
|
||||
}
|
||||
|
||||
void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags)
|
||||
{
|
||||
ecdsa_method->flags = flags | ECDSA_METHOD_FLAG_ALLOCATED;
|
||||
}
|
||||
|
||||
void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name)
|
||||
{
|
||||
ecdsa_method->name = name;
|
||||
}
|
||||
|
||||
void ECDSA_METHOD_free(ECDSA_METHOD *ecdsa_method)
|
||||
{
|
||||
if (ecdsa_method->flags & ECDSA_METHOD_FLAG_ALLOCATED)
|
||||
OPENSSL_free(ecdsa_method);
|
||||
}
|
||||
|
||||
|
||||
|
@ -82,6 +82,11 @@ struct ecdsa_method
|
||||
char *app_data;
|
||||
};
|
||||
|
||||
/* The ECDSA_METHOD was allocated and can be freed */
|
||||
|
||||
#define ECDSA_METHOD_FLAG_ALLOCATED 0x2
|
||||
|
||||
|
||||
/* If this flag is set the ECDSA method is FIPS compliant and can be used
|
||||
* in FIPS mode. This is set in the validated module method. If an
|
||||
* application sets this flag in its own methods it is its responsibility
|
||||
|
Loading…
Reference in New Issue
Block a user