Add flag to support cofactor ECDH

CHANGES

@@ -4,6 +4,9 @@
 
  Changes between 1.0.1 and 1.1.0  [xx XXX xxxx]
 
+  *) Add flag to EC_KEY to use cofactor ECDH if set.
+     [Steve Henson]
+
   *) Update fips_test_suite to support multiple command line options. New
      test to induce all self test errors in sequence and check expected
      failures.

crypto/ecdh/ecdh.h

@@ -85,6 +85,8 @@
 extern "C" {
 #endif
 
+#define EC_FLAG_COFACTOR_ECDH	0x1000
+
 const ECDH_METHOD *ECDH_OpenSSL(void);
 
 void	  ECDH_set_default_method(const ECDH_METHOD *);

crypto/ecdh/ech_ossl.c

@@ -146,6 +146,18 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
 		}
 
 	group = EC_KEY_get0_group(ecdh);
+
+	if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH)
+		{
+		if (!EC_GROUP_get_cofactor(group, x, ctx) ||
+			!BN_mul(x, x, priv_key, ctx))
+			{
+			ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		priv_key = x;
+		}
+
 	if ((tmp=EC_POINT_new(group)) == NULL)
 		{
 		ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);

fips/ecdh/fips_ecdh_selftest.c

@@ -166,6 +166,7 @@ int FIPS_selftest_ecdh(void)
 			rv = -1;
 			goto err;
 			}
+		EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH);
 
 		if (!EC_KEY_set_public_key_affine_coordinates(ec1, x, y))
 			{
@@ -194,6 +195,7 @@ int FIPS_selftest_ecdh(void)
 			rv = -1;
 			goto err;
 			}
+		EC_KEY_set_flags(ec1, EC_FLAG_COFACTOR_ECDH);
 
 		if (!EC_KEY_set_public_key_affine_coordinates(ec2, x, y))
 			{

fips/ecdh/fips_ecdhvs.c

@@ -261,6 +261,7 @@ static void ec_output_Zhash(FILE *out, int exout, EC_GROUP *group,
 	unsigned char chash[EVP_MAX_MD_SIZE];
 	int Zlen;
 	ec = EC_KEY_new();
+	EC_KEY_set_flags(ec, EC_FLAG_COFACTOR_ECDH);
 	EC_KEY_set_group(ec, group);
 	peerkey = make_peer(group, cx, cy);
 	if (rhash == NULL)