Add compute key support to EC_KEY_METHOD

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-22 18:48:59 +01:00 · 2015-10-22 18:48:59 +01:00 · a22a7e7089
commit a22a7e7089
parent 647b223875
3 changed files with 26 additions and 1 deletions
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@ -61,7 +61,8 @@
 static const EC_KEY_METHOD openssl_ec_key_method = {
    "OpenSSL EC_KEY method",
    0,
-    ossl_ec_key_gen
+    ossl_ec_key_gen,
+    ossl_ecdh_compute_key
 };

 const EC_KEY_METHOD *default_ec_key_meth = &openssl_ec_key_method;
@ -119,3 +120,14 @@ EC_KEY *EC_KEY_new_method(ENGINE *engine)
    ret->references = 1;
    return (ret);
 }
+
+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                     EC_KEY *eckey,
+                     void *(*KDF) (const void *in, size_t inlen, void *out,
+                                   size_t *outlen))
+{
+    if (eckey->meth->compute_key)
+        return eckey->meth->compute_key(out, outlen, pub_key, eckey, KDF);
+    ECerr(EC_F_ECDH_COMPUTE_KEY, EC_R_OPERATION_NOT_SUPPORTED);
+    return 0;
+}
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@ -561,8 +561,16 @@ struct ec_key_method_st {
    const char *name;
    int32_t flags;
    int (*keygen)(EC_KEY *key);
+    int (*compute_key)(void *out, size_t outlen, const EC_POINT *pub_key,
+                       EC_KEY *ecdh,
+                       void *(*KDF) (const void *in, size_t inlen,
+                                     void *out, size_t *outlen));
 } /* EC_KEY_METHOD */ ;

 #define EC_KEY_METHOD_DYNAMIC   1

 int ossl_ec_key_gen(EC_KEY *eckey);
+int ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                          EC_KEY *ecdh,
+                          void *(*KDF) (const void *in, size_t inlen,
+                                        void *out, size_t *outlen));
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@ -749,6 +749,7 @@ typedef struct ec_key_method_st EC_KEY_METHOD;
 /* some values for the flags field */
 # define EC_FLAG_NON_FIPS_ALLOW  0x1
 # define EC_FLAG_FIPS_CHECKED    0x2
+# define EC_FLAG_COFACTOR_ECDH   0x1000

 /** Creates a new EC_KEY object.
 *  \return EC_KEY object or NULL if an error occurred.
@ -994,6 +995,10 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen,
                   const unsigned char *sinfo, size_t sinfolen,
                   const EVP_MD *md);

+int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                     EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen,
+                                                 void *out, size_t *outlen));
+
 # define ECParameters_dup(x) ASN1_dup_of(EC_KEY,i2d_ECParameters,d2i_ECParameters,x)

 # ifndef __cplusplus