This commit was manufactured by cvs2svn to create tag 'BEFORE_COMPAQ_PATCH'.

bignum assembly method of bn-586.pl
and co-586.pl which (for some reason)
VC++ doesn't use.

CHANGES

@@ -2,15 +2,59 @@
  OpenSSL CHANGES
  _______________
 
+ Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
+
+  *) Change internals of the EC library so that the functions
+          EC_GROUP_set_generator()
+          EC_GROUP_get_generator()
+          EC_GROUP_get_order()
+          EC_GROUP_get_cofactor()
+     are implemented directly in crypto/ec/ec_lib.c and not dispatched
+     to methods, which would lead to unnecessary code duplication when
+     adding different types of curves.
+     [Nils Larsch with input by Bodo Moeller]
+
+  *) Implement compute_wNAF (crypto/ec/ec_mult.c) without BIGNUM
+     arithmetic, and such that modified wNAFs are generated
+     (which avoid length expansion in many cases).
+     [Bodo Moeller]
+
+  *) Add a function EC_GROUP_check_discriminant() (defined via
+     EC_METHOD) that verifies that the curve discriminant is non-zero.
+
+     Add a function EC_GROUP_check() that makes some sanity tests
+     on a EC_GROUP, its generator and order.  This includes
+     EC_GROUP_check_discriminant().
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Add ECDSA in new directory crypto/ecdsa/.
+
+     Add applications 'openssl ecdsaparam' and 'openssl ecdsa'
+     (these are variants of 'openssl dsaparam' and 'openssl dsa').
+
+     ECDSA support is also included in various other files across the
+     library.  Most notably,
+     - 'openssl req' now has a '-newkey ecdsa:file' option;
+     - EVP_PKCS82PKEY (crypto/evp/evp_pkey.c) now can handle ECDSA;
+     - X509_PUBKEY_get (crypto/asn1/x_pubkey.c) and
+       d2i_PublicKey (crypto/asn1/d2i_pu.c) have been modified to make
+       them suitable for ECDSA where domain parameters must be
+       extracted before the specific public key.
+     [Nils Larsch <nla@trustcenter.de>]
+
+  *) Include some named elliptic curves, and add OIDs from X9.62,
+     SECG, and WAP/WTLS.  The curves can be obtained from the new
+     functions
+          EC_GROUP_new_by_nid()
+          EC_GROUP_new_by_name()
+     Also add a 'nid' field to EC_GROUP objects, which can be accessed
+     via
+         EC_GROUP_set_nid()
+         EC_GROUP_get_nid()
+     [Nils Larsch <nla@trustcenter.de, Bodo Moeller]
+ 
  Changes between 0.9.6d and 0.9.7  [XX xxx 2002]
 
-  *) Improve diagnostics in file reading and command-line digests.
-     [Ben Laurie aided and abetted by Solar Designer <solar@openwall.com>]
-
-  *) Add AES modes CFB and OFB to the object database.  Correct an
-     error in AES-CFB decryption.
-     [Richard Levitte]
-
   *) Remove most calls to EVP_CIPHER_CTX_cleanup() in evp_enc.c, this 
      allows existing EVP_CIPHER_CTX structures to be reused after
      calling EVP_*Final(). This behaviour is used by encryption
@@ -32,8 +76,6 @@
      form for "surname", serialNumber has no short form.
      Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
      therefore remove "mail" short name for "internet 7".
-     The OID for unique identifiers in X509 certificates is
-     x500UniqueIdentifier, not uniqueIdentifier.
      Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>)
      [Lutz Jaenicke]
 
@@ -340,10 +382,6 @@
      By default, clients may request session resumption even during
      renegotiation (if session ID contexts permit); with this option,
      session resumption is possible only in the first handshake.
-
-     SSL_OP_ALL is now 0x00000FFFL instead of 0x000FFFFFL.  This makes
-     more bits available for options that should not be part of
-     SSL_OP_ALL (such as SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION).
      [Bodo Moeller]
 
   *) Add some demos for certificate and certificate request creation.
@@ -1631,19 +1669,6 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
   *) Fix EVP_dsa_sha macro.
      [Nils Larsch]
 
-  *) New option
-          SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
-     for disabling the SSL 3.0/TLS 1.0 CBC vulnerability countermeasure
-     that was added in OpenSSL 0.9.6d.
-
-     As the countermeasure turned out to be incompatible with some
-     broken SSL implementations, the new option is part of SSL_OP_ALL.
-     SSL_OP_ALL is usually employed when compatibility with weird SSL
-     implementations is desired (e.g. '-bugs' option to 's_client' and
-     's_server'), so the new option is automatically set in many
-     applications.
-     [Bodo Moeller]
-
  Changes between 0.9.6c and 0.9.6d  [9 May 2002]
 
   *) Fix crypto/asn1/a_sign.c so that 'parameters' is omitted (not

Configure

@@ -145,8 +145,8 @@ my %table=(
 "debug-ulf",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT:::${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
 "debug-steve",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DPEDANTIC -g -mcpu=i486 -pedantic -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "debug-steve-linux-pseudo64",	"gcc:-DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe::-D_REENTRANT::-rdynamic -ldl:SIXTY_FOUR_BIT::dlfcn",
-"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -Wno-long-long -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "dist",		"cc:-O::(unknown)::::::",
 
 # Basic configs that should work on any (32 and less bit) box
@@ -169,7 +169,6 @@ my %table=(
 "solaris-sparcv8-gcc","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # -m32 should be safe to add as long as driver recognizes -mcpu=ultrasparc
 "solaris-sparcv9-gcc","gcc:-m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"solaris64-sparcv9-gcc31","gcc:-mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::asm/md5-sparcv9.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # gcc pre-2.8 doesn't understand -mcpu=ultrasparc, so fall down to -mv8
 # but keep the assembler modules.
 "solaris-sparcv9-gcc27","gcc:-mv8 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus-gcc27.o:::asm/md5-sparcv8plus-gcc27.o::::::dlfcn:solaris-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@@ -197,10 +196,10 @@ my %table=(
 "linux-sparcv7","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::",
 # Ray Miller <ray.miller@computing-services.oxford.ac.uk> has patiently
 # assisted with debugging of following two configs.
-"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o::::",
 # it's a real mess with -mcpu=ultrasparc option under Linux, but
 # -Wa,-Av8plus should do the trick no matter what.
-"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"linux-sparcv9","gcc:-mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # !!!Folowing can't be even tested yet!!!
 #    We have to wait till 64-bit glibc for SPARC is operational!!!
 #"linux64-sparcv9","sparc64-linux-gcc:-m64 -mcpu=v9 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT:ULTRASPARC::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::asm/md5-sparcv9.o:",
@@ -256,9 +255,6 @@ my %table=(
 "hpux-parisc-cc-o4","cc:-Ae +O4 +ESlit -z -DB_ENDIAN -DBN_DIV2W -DMD32_XARRAY::::-ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux-parisc-gcc","gcc:-O3 -DB_ENDIAN -DBN_DIV2W::::-Wl,+s -ldld:BN_LLONG DES_PTR DES_UNROLL DES_RISC1::::::::::dl:hpux-shared:-fPIC::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "hpux64-parisc-cc","cc:-Ae +DD64 +O3 +ESlit -z -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-# 64bit PARISC for GCC without optimization, which seems to make problems.
-# Submitted by <ross.alexander@uk.neceur.com>
-"hpux64-parisc-gcc","gcc:-DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT::::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # IA-64 targets
 # I have no idea if this one actually works, feedback needed. <appro>
@@ -380,7 +376,7 @@ my %table=(
 "linux-k6",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -mcpu=k6 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
-"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
 "linux-aout",	"gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}",
 "linux-mipsel",   "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG:::",
@@ -481,7 +477,7 @@ my %table=(
 
 # Sinix/ReliantUNIX RM400
 # NOTE: The CDS++ Compiler up to V2.0Bsomething has the IRIX_CC_BUG optimizer problem. Better use -g  */
-"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"ReliantUNIX","cc:-KPIC -g -DTERMIOS -DB_ENDIAN::-Kthread:SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:BN_LLONG DES_PTR DES_RISC2 DES_UNROLL BF_PTR::::::::::dlfcn:reliantunix-shared::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "SINIX","cc:-O::(unknown):SNI:-lsocket -lnsl -lc -L/usr/ucblib -lucb:RC4_INDEX RC4_CHAR:::",
 "SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::",
 
@@ -512,15 +508,9 @@ my %table=(
 # and its library files in util/pl/*)
 "Mingw32", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
 
-# UWIN 
-"UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-
 # Cygwin
 "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll",
-
-# DJGPP
-"DJGPP", "gcc:-I/dev/env/DJDIR/watt32/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L$ENV{DJDIR}/watt32/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32:cygwin-shared:::.dll",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 1000 -DL_ENDIAN::(unknown):::::::",
@@ -539,12 +529,12 @@ my %table=(
 "OpenBSD-sparc",	"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "OpenBSD-sparc64",	"gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2 BF_PTR::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 "OpenBSD-vax",		"gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-"OpenBSD-hppa",		"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"OpenBSD-hppa",		"gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::BN_LLONG RC2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 ##### MacOS X (a.k.a. Rhapsody or Darwin) setup
 "rhapsody-ppc-cc","cc:-O3 -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::",
-"darwin-ppc-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
-"darwin-i386-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC::.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-ppc-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:::::::::::darwin-shared:-fPIC:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
+"darwin-i386-cc","cc:-O3 -nostdinc -I/System/Library/Frameworks/System.framework/Headers -I/System/Library/Frameworks/System.frameworks/Headers/bsd -I/usr/include -fomit-frame-pointer -Wall -DB_ENDIAN::(unknown):MACOSX::BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::::-fPIC",
 
 ##### Sony NEWS-OS 4.x
 "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::",
@@ -646,7 +636,6 @@ my $libs;
 my $target;
 my $options;
 my $symlink;
-my $make_depend=0;
 my %withargs=();
 
 my @argvcopy=@ARGV;
@@ -745,6 +734,14 @@ PROCESS_ARGS:
 				$depflags .= "-DOPENSSL_NO_MDC2 ";
 				$openssl_algorithm_defines .= "#define OPENSSL_NO_MDC2\n";
 				}
+			if ($algo eq "EC" || $algo eq "SHA" || $algo eq "SHA1")
+				{
+				push @skip, "ecdsa";
+				$options .= " no-ecdsa";
+				$flags .= "-DOPENSSL_NO_ECDSA ";
+				$depflags .= "-DOPENSSL_NO_ECDSA ";
+				$openssl_algorithm_defines .= "#define OPENSSL_NO_ECDSA\n";
+				}
 			if ($algo eq "MD5")
 				{
 				$no_md5 = 1;
@@ -904,7 +901,6 @@ print "Configuring for $target\n";
 my $IsWindows=scalar grep /^$target$/,@WinTargets;
 
 $exe_ext=".exe" if ($target eq "Cygwin");
-$exe_ext=".exe" if ($target eq "DJGPP");
 $openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
 $prefix=$openssldir if $prefix eq "";
 
@@ -912,7 +908,7 @@ chop $openssldir if $openssldir =~ /\/$/;
 chop $prefix if $prefix =~ /\/$/;
 
 $openssldir=$prefix . "/ssl" if $openssldir eq "";
-$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/])/;
+$openssldir=$prefix . "/" . $openssldir if $openssldir !~ /^\//;
 
 
 print "IsWindows=$IsWindows\n";
@@ -1127,10 +1123,6 @@ if ($rmd160_obj =~ /\.o$/)
 	$cflags.=" -DRMD160_ASM";
 	}
 
-# "Stringify" the C flags string.  This permits it to be made part of a string
-# and works as well on command lines.
-$cflags =~ s/([\\\"])/\\\1/g;
-
 my $version = "unknown";
 my $major = "unknown";
 my $minor = "unknown";
@@ -1216,21 +1208,13 @@ while (<IN>)
 	if ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*$/)
 		{
 		my $sotmp = $1;
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/;
-		}
-	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.dylib$/)
-		{
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.dylib/;
+		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp/
 		}
 	elsif ($shared_extension ne "" && $shared_extension =~ /^\.s([ol])\.[^\.]*\.[^\.]*$/)
 		{
 		my $sotmp = $1;
 		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.s$sotmp.\$(SHLIB_MAJOR) .s$sotmp/;
 		}
-	elsif ($shared_extension ne "" && $shared_extension =~ /^\.[^\.]*\.[^\.]*\.dylib$/)
-		{
-		s/^SHARED_LIBS_LINK_EXTS=.*/SHARED_LIBS_LINK_EXTS=.\$(SHLIB_MAJOR).dylib .dylib/;
-		}
 	s/^SHARED_LDFLAGS=.*/SHARED_LDFLAGS=$shared_ldflag/;
 	print OUT $_."\n";
 	}
@@ -1439,12 +1423,11 @@ if($IsWindows) {
 EOF
 	close(OUT);
 } else {
-	my $make_command = "make -f Makefile.ssl PERL=\'$perl\'";
-	my $make_targets = "";
-	$make_targets .= " links" if $symlink;
-	$make_targets .= " depend" if $depflags ne "" && $make_depend;
-	(system $make_command.$make_targets) == 0 or exit $?
-		if $make_targets ne "";
+	(system "make -f Makefile.ssl PERL=\'$perl\' links") == 0 or exit $?
+		if $symlink;
+	### (system 'make depend') == 0 or exit $? if $depflags ne "";
+	# Run "make depend" manually if you want to be able to delete
+	# the source code files of ciphers you left out.
 	if ( $perl =~ m@^/@) {
 	    &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
 	    &dofile("apps/der_chop",$perl,'^#!/', '#!%s');
@@ -1454,16 +1437,7 @@ EOF
 	    &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
 	    &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
 	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
-	}
-	if ($depflags ne "" && !$make_depend) {
-		print <<EOF;
-
-Since you've disabled at least one algorithm, you need to do the following
-before building:
-
-	make depend
-EOF
-	}
+	}	    
 }
 
 print <<EOF;

FAQ

@@ -52,7 +52,6 @@ OpenSSL  -  Frequently Asked Questions
 * Why can't the OpenSSH configure script detect OpenSSL?
 * Can I use OpenSSL's SSL library with non-blocking I/O?
 * Why doesn't my server application receive a client certificate?
-* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
 
 ===============================================================================
 
@@ -625,13 +624,5 @@ if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the
 SSL_CTX_set_verify() function to enable the use of client certificates.
 
 
-* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
-
-For OpenSSL 0.9.7 the OID table was extended and corrected. In earlier
-versions, uniqueIdentifier was incorrectly used for X.509 certificates.
-The correct name according to RFC2256 (LDAP) is x500UniqueIdentifier.
-Change your code to use the new name when compiling against OpenSSL 0.9.7.
-
-
 ===============================================================================
 

INSTALL

@@ -2,10 +2,8 @@
  INSTALLATION ON THE UNIX PLATFORM
  ---------------------------------
 
- [Installation on DOS (with djgpp), Windows, OpenVMS and MacOS (before MacOS X)
-  is described in INSTALL.DJGPP, INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.
-  This document describes installation on operating systems in the Unix
-  family.]
+ [Installation on Windows, OpenVMS and MacOS (before MacOS X) is described
+  in INSTALL.W32, INSTALL.VMS and INSTALL.MacOS.]
 
  To install OpenSSL, you will need:
 

INSTALL.DJGPP

@@ -1,32 +0,0 @@
-
- 
- INSTALLATION ON THE DOS PLATFORM WITH DJGPP
- -------------------------------------------
-
- Openssl has been ported to DOS, but only with long filename support. If
- you wish to compile on native DOS with 8+3 filenames, you will have to
- tweak the installation yourself, including renaming files with illegal
- or duplicate names.
-
- You should have a full DJGPP environment installed, including the
- latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
- requires that PERL and BC also be installed.
-
- All of these can be obtained from the usual DJGPP mirror sites, such as
- "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp". You also need to have
- the WATT-32 networking package installed before you try to compile
- openssl. This can be obtained from "http://www.bgnett.no/~giva/". The
- Makefile assumes that the WATT-32 code is in directory "watt32" under
- /dev/env/DJDIR.
-
- To compile openssl, start your BASH shell. Then configure for DOS by
- running "./Configure" with appropriate arguments. The basic syntax for
- DOS is:
- ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
- 
- You may run out of DPMI selectors when running in a DOS box under
- Windows. If so, just close the BASH shell, go back to Windows, and
- restart BASH. Then run "make" again.
-
- Building openssl under DJGPP has been tested with DJGPP 2.03,
- GCC 2.952, GCC 2.953, perl 5.005_02 and perl 5.006_01.

Makefile.org

@@ -166,7 +166,7 @@ SHLIBDIRS= crypto ssl
 SDIRS=  \
 	md2 md4 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
-	bn ec rsa dsa dh dso engine aes \
+	bn ec rsa dsa ecdsa dh dso engine aes \
 	buffer bio stack lhash rand err objects \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
 
@@ -585,7 +585,7 @@ test:   tests
 
 tests: rehash
 	@(cd test && echo "testing..." && \
-	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
+	$(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SDIRS='${SDIRS}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PERL='${PERL}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' OPENSSL_DEBUG_MEMORY=on tests );
 	@LD_LIBRARY_PATH="`pwd`"; SHLIB_PATH="`pwd`"; LIBPATH="`pwd`"; \
 		export LD_LIBRARY_PATH SHLIB_PATH LIBPATH; \
 		apps/openssl version -a
@@ -598,7 +598,7 @@ depend:
 	do \
 	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making dependencies $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' PERL='${PERL}' depend ) || exit 1; \
+		$(MAKE) SDIRS='${SDIRS}' DEPFLAG='${DEPFLAG}' MAKEDEPPROG='${MAKEDEPPROG}' KRB5_INCLUDES='${KRB5_INCLUDES}' depend ) || exit 1; \
 	fi; \
 	done;
 
@@ -644,19 +644,13 @@ TABLE: Configure
 
 update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
 
-# Build distribution tar-file. As the list of files returned by "find" is
-# pretty long, on several platforms a "too many arguments" error or similar
-# would occur. Therefore the list of files is temporarily stored into a file
-# and read directly, requiring GNU-Tar. Call "make TAR=gtar dist" if the normal
-# tar does not support the --files-from option.
 tar:
-	find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort > ../$(TARFILE).list; \
-	$(TAR) $(TARFLAGS) --files-from ../$(TARFILE).list -cvf - | \
+	@$(TAR) $(TARFLAGS) -cvf - \
+		`find * \! -path CVS/\* \! -path \*/CVS/\* \! -name CVS \! -name .cvsignore \! -name STATUS \! -name TABLE | sort` |\
 	tardy --user_number=0  --user_name=openssl \
 	      --group_number=0 --group_name=openssl \
 	      --prefix=openssl-$(VERSION) - |\
 	gzip --best >../$(TARFILE).gz; \
-	rm -f ../$(TARFILE).list; \
 	ls -l ../$(TARFILE).gz
 
 tar-snap:
@@ -671,7 +665,7 @@ dist:
 	$(PERL) Configure dist
 	@$(MAKE) dist_pem_h
 	@$(MAKE) SDIRS='${SDIRS}' clean
-	@$(MAKE) TAR='${TAR}' TARFLAGS='${TARFLAGS}' tar
+	@$(MAKE) tar
 
 dist_pem_h:
 	(cd crypto/pem; $(MAKE) CC='${CC}' SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
@@ -738,20 +732,18 @@ install_docs:
 		fn=`basename $$i .pod`; \
 		if [ "$$fn" = "config" ]; then sec=5; else sec=1; fi; \
 		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
-		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "`cd ../../util; ./pod2mantest ignore` \
-			--section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`") \
+		(cd `dirname $$i`; \
+		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
+			 --release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
 	@for i in doc/crypto/*.pod doc/ssl/*.pod; do \
 		fn=`basename $$i .pod`; \
 		if [ "$$fn" = "des_modes" ]; then sec=7; else sec=3; fi; \
 		echo "installing man$$sec/`basename $$i .pod`.$$sec"; \
-		(cd `$(PERL) util/dirname.pl $$i`; \
-		sh -c "`cd ../../util; ./pod2mantest ignore` \
-			--section=$$sec --center=OpenSSL \
-			--release=$(VERSION) `basename $$i`") \
+		(cd `dirname $$i`; \
+		$(PERL) ../../util/pod2man.pl --section=$$sec --center=OpenSSL \
+			--release=$(VERSION) `basename $$i`) \
 			>  $(INSTALL_PREFIX)$(MANDIR)/man$$sec/`basename $$i .pod`.$$sec; \
 	done
 

NEWS

@@ -31,7 +31,6 @@
       o Reworked parts of the BIGNUM code.
       o Support for new engines: Broadcom ubsec, Accelerated Encryption
         Processing, IBM 4758.
-      o Extended and corrected OID (object identifier) table.
       o PRNG: query at more locations for a random device, automatic query for
         EGD style random sources at several locations.
       o SSL/TLS: allow optional cipher choice according to server's preference.

README

@@ -1,5 +1,5 @@
 
- OpenSSL 0.9.7-beta2 16 Jun 2002
+ OpenSSL 0.9.8-dev XX xxx XXXX
 
  Copyright (c) 1998-2002 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

STATUS

@@ -1,12 +1,10 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/06/16 11:27:38 $
+  ______________                           $Date: 2002/05/16 10:01:53 $
 
   DEVELOPMENT STATE
 
-    o  OpenSSL 0.9.8:  Under development...
-    o  OpenSSL 0.9.7-beta2: Released on June 16th, 2002
-    o  OpenSSL 0.9.7-beta1: Released on June  1st, 2002
+    o  OpenSSL 0.9.7:  Under development...
     o  OpenSSL 0.9.6d: Released on May        9th, 2002
     o  OpenSSL 0.9.6c: Released on December  21st, 2001
     o  OpenSSL 0.9.6b: Released on July       9th, 2001
@@ -60,6 +58,9 @@
 
   OPEN ISSUES
 
+    o  Do we want the EVP API changes in 0.9.7?
+       Can compatibility be improved?
+
     o  The Makefile hierarchy and build mechanism is still not a round thing:
 
        1. The config vs. Configure scripts

TABLE

@@ -1,4 +1,3 @@
-Output of `Configure TABLE':
 
 *** BC-16
 $cc           = bcc
@@ -80,15 +79,15 @@ $thread_cflag =
 $sys_id       = CYGWIN32
 $lflags       = 
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = asm/bn86-out.o asm/co86-out.o
-$des_obj      = asm/dx86-out.o asm/yx86-out.o
-$bf_obj       = asm/bx86-out.o
-$md5_obj      = asm/mx86-out.o
-$sha1_obj     = asm/sx86-out.o
-$cast_obj     = asm/cx86-out.o
-$rc4_obj      = asm/rx86-out.o
-$rmd160_obj   = asm/rm86-out.o
-$rc5_obj      = asm/r586-out.o
+$bn_obj       = 
+$des_obj      = 
+$bf_obj       = 
+$md5_obj      = 
+$sha1_obj     = 
+$cast_obj     = 
+$rc4_obj      = 
+$rmd160_obj   = 
+$rc5_obj      = 
 $dso_scheme   = win32
 $shared_target= cygwin-shared
 $shared_cflag = 
@@ -120,30 +119,6 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 
-*** DJGPP
-$cc           = gcc
-$cflags       = -I/dev/env/DJDIR/watt32/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall
-$unistd       = 
-$thread_cflag = 
-$sys_id       = MSDOS
-$lflags       = -L/watt32/lib -lwatt
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-
 *** FreeBSD
 $cc           = gcc
 $cflags       = -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall
@@ -452,8 +427,8 @@ $rc5_obj      =
 $dso_scheme   = dlfcn
 $shared_target= bsd-gcc-shared
 $shared_cflag = -fPIC
-$shared_ldflag = 
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_ldflag = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = 
 $ranlib       = 
 
 *** OpenBSD-i386
@@ -764,8 +739,8 @@ $rc5_obj      =
 $dso_scheme   = dlfcn
 $shared_target= reliantunix-shared
 $shared_cflag = 
-$shared_ldflag = 
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_ldflag = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = 
 $ranlib       = 
 
 *** SINIX
@@ -816,30 +791,6 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 
-*** UWIN
-$cc           = cc
-$cflags       = -DTERMIOS -DL_ENDIAN -O -Wall
-$unistd       = 
-$thread_cflag = 
-$sys_id       = UWIN
-$lflags       = 
-$bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-
 *** VC-MSDOS
 $cc           = cl
 $cflags       = 
@@ -1338,10 +1289,10 @@ $rc4_obj      =
 $rmd160_obj   = 
 $rc5_obj      = 
 $dso_scheme   = 
-$shared_target= darwin-shared
+$shared_target= 
 $shared_cflag = -fPIC
 $shared_ldflag = 
-$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$shared_extension = 
 $ranlib       = 
 
 *** darwin-ppc-cc
@@ -1364,8 +1315,8 @@ $rc5_obj      =
 $dso_scheme   = 
 $shared_target= darwin-shared
 $shared_cflag = -fPIC
-$shared_ldflag = 
-$shared_extension = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$shared_ldflag = .$(SHLIB_MAJOR).$(SHLIB_MINOR).dylib
+$shared_extension = 
 $ranlib       = 
 
 *** debug
@@ -1538,7 +1489,7 @@ $ranlib       =
 
 *** debug-levitte-linux-elf
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -Wno-long-long -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -1562,7 +1513,7 @@ $ranlib       =
 
 *** debug-levitte-linux-noasm
 $cc           = gcc
-$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wtraditional -Wundef -Wshadow -Wid-clash-31 -Wcast-align -Wconversion -Wno-long-long -pipe
+$cflags       = -DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wid-clash-31 -Wno-long-long -pipe
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -1604,8 +1555,8 @@ $rc5_obj      = asm/r586-elf.o
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
-$shared_ldflag = 
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_ldflag = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = 
 $ranlib       = 
 
 *** debug-linux-elf-noefence
@@ -1824,30 +1775,6 @@ $shared_ldflag =
 $shared_extension = 
 $ranlib       = 
 
-*** debug-steve-linux-pseudo64
-$cc           = gcc
-$cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG_ALL -DOPENSSL_NO_ASM -g -mcpu=i486 -Wall -Werror -Wshadow -pipe
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$sys_id       = 
-$lflags       = -rdynamic -ldl
-$bn_ops       = SIXTY_FOUR_BIT
-$bn_obj       = 
-$des_obj      = dlfcn
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = 
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
-$shared_extension = 
-$ranlib       = 
-
 *** debug-ulf
 $cc           = gcc
 $cflags       = -DL_ENDIAN -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -g -O2 -m486 -Wall -Werror -Wshadow -pipe
@@ -2400,30 +2327,6 @@ $shared_ldflag =
 $shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 
-*** hpux64-parisc-gcc
-$cc           = gcc
-$cflags       = -DB_ENDIAN -DMD32_XARRAY
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$sys_id       = 
-$lflags       = -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = 
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= hpux64-shared
-$shared_cflag = -fpic
-$shared_ldflag = 
-$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
-$ranlib       = 
-
 *** hpux64-parisc2-cc
 $cc           = cc
 $cflags       = +DD64 +O3 +Optrs_strongly_typed +Olibcalls -Ae +ESlit -DB_ENDIAN -DMD32_XARRAY
@@ -3078,7 +2981,7 @@ $cflags       = -mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
-$lflags       = -ldl
+$lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $bn_obj       = asm/sparcv8.o
 $des_obj      = 
@@ -3089,11 +2992,11 @@ $cast_obj     =
 $rc4_obj      = 
 $rmd160_obj   = 
 $rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= linux-shared
-$shared_cflag = -fPIC
+$dso_scheme   = 
+$shared_target= 
+$shared_cflag = 
 $shared_ldflag = 
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = 
 $ranlib       = 
 
 *** linux-sparcv9
@@ -3102,7 +3005,7 @@ $cflags       = -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -W
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = ULTRASPARC
-$lflags       = -ldl
+$lflags       = 
 $bn_ops       = BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR
 $bn_obj       = asm/sparcv8plus.o
 $des_obj      = 
@@ -3116,8 +3019,8 @@ $rc5_obj      =
 $dso_scheme   = dlfcn
 $shared_target= linux-shared
 $shared_cflag = -fPIC
-$shared_ldflag = 
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_ldflag = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = 
 $ranlib       = 
 
 *** ncr-scde
@@ -3696,30 +3599,6 @@ $shared_ldflag =
 $shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 
-*** solaris64-sparcv9-gcc31
-$cc           = gcc
-$cflags       = -mcpu=ultrasparc -m64 -O3 -fomit-frame-pointer -Wall -DB_ENDIAN
-$unistd       = 
-$thread_cflag = -D_REENTRANT
-$sys_id       = ULTRASPARC
-$lflags       = -lsocket -lnsl -ldl
-$bn_ops       = SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR
-$bn_obj       = 
-$des_obj      = 
-$bf_obj       = 
-$md5_obj      = asm/md5-sparcv9.o
-$sha1_obj     = 
-$cast_obj     = 
-$rc4_obj      = 
-$rmd160_obj   = 
-$rc5_obj      = 
-$dso_scheme   = dlfcn
-$shared_target= solaris-shared
-$shared_cflag = -fPIC
-$shared_ldflag = 
-$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
-$ranlib       = 
-
 *** sunos-gcc
 $cc           = gcc
 $cflags       = -O3 -mv8 -Dssize_t=int

VMS/tcpip_shr_decc.opt

@@ -1 +0,0 @@
-sys$share:tcpip$ipc_shr.exe/share

apps/apps.c

@@ -310,16 +310,9 @@ void program_name(char *in, char *out, int size)
 
 	q=strrchr(p,'.');
 	if (q == NULL)
-		q = p + strlen(p);
-	strncpy(out,p,size-1);
-	if (q-p >= size)
-		{
-		out[size-1]='\0';
-		}
-	else
-		{
-		out[q-p]='\0';
-		}
+		q = in+size;
+	strncpy(out,p,q-p);
+	out[q-p]='\0';
 	}
 #else
 void program_name(char *in, char *out, int size)
@@ -490,7 +483,7 @@ static int ui_close(UI *ui)
 	{
 	return UI_method_get_closer(UI_OpenSSL())(ui);
 	}
-int setup_ui_method(void)
+int setup_ui_method()
 	{
 	ui_method = UI_create_method("OpenSSL application user interface");
 	UI_method_set_opener(ui_method, ui_open);
@@ -499,7 +492,7 @@ int setup_ui_method(void)
 	UI_method_set_closer(ui_method, ui_close);
 	return 0;
 	}
-void destroy_ui_method(void)
+void destroy_ui_method()
 	{
 	if(ui_method)
 		{
@@ -1263,7 +1256,7 @@ X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
 }
 
 /* Try to load an engine in a shareable library */
-static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
+ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
 	{
 	ENGINE *e = ENGINE_by_id("dynamic");
 	if (e)

apps/apps.h

@@ -134,6 +134,10 @@ long app_RAND_load_files(char *file); /* `file' is a list of files to read,
                                        * (see e_os.h).  The string is
                                        * destroyed! */
 
+#ifdef OPENSSL_NO_STDIO
+BIO_METHOD *BIO_s_file();
+#endif
+
 #ifdef OPENSSL_SYS_WIN32
 #define rename(from,to) WIN32_rename((from),(to))
 int WIN32_rename(char *oldname,char *newname);
@@ -213,8 +217,8 @@ typedef struct pw_cb_data
 int password_callback(char *buf, int bufsiz, int verify,
 	PW_CB_DATA *cb_data);
 
-int setup_ui_method(void);
-void destroy_ui_method(void);
+int setup_ui_method();
+void destroy_ui_method();
 
 int should_retry(int i);
 int args_from_file(char *file, int *argc, char **argv[]);

apps/asn1pars.c

@@ -184,7 +184,7 @@ bad:
 		BIO_printf(bio_err,"where options are\n");
 		BIO_printf(bio_err," -inform arg   input format - one of DER TXT PEM\n");
 		BIO_printf(bio_err," -in arg       input file\n");
-		BIO_printf(bio_err," -out arg      output file (output format is always DER\n");
+		BIO_printf(bio_err," -out arg      output file\n");
 		BIO_printf(bio_err," -noout arg    don't produce any output\n");
 		BIO_printf(bio_err," -offset arg   offset into file\n");
 		BIO_printf(bio_err," -length arg   length of section in file\n");
@@ -195,6 +195,7 @@ bad:
 		BIO_printf(bio_err," -strparse offset\n");
 		BIO_printf(bio_err,"               a series of these can be used to 'dig' into multiple\n");
 		BIO_printf(bio_err,"               ASN1 blob wrappings\n");
+		BIO_printf(bio_err," -out filename output DER encoding to file\n");
 		goto end;
 		}
 

apps/ca.c

@@ -1509,6 +1509,11 @@ bad:
 			if (pkey->type == EVP_PKEY_DSA) 
 				dgst=EVP_dss1();
 			else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+			if (pkey->type == EVP_PKEY_ECDSA)
+				dgst=EVP_ecdsa();
+			else
 #endif
 				dgst=EVP_md5();
 			}
@@ -1568,10 +1573,6 @@ bad:
 				}
 			j=TXT_DB_write(out,db);
 			if (j <= 0) goto err;
-			BIO_free_all(out);
-			out = NULL;
-			BIO_free_all(in);
-			in = NULL;
 			strncpy(buf[1],dbfile,BSIZE-4);
 			buf[1][BSIZE-4]='\0';
 #ifndef OPENSSL_SYS_VMS
@@ -1579,6 +1580,10 @@ bad:
 #else
 			strcat(buf[1],"-old");
 #endif
+			BIO_free(in);
+			in = NULL;
+			BIO_free(out);
+			out = NULL;
 			if (rename(dbfile,buf[1]) < 0)
 				{
 				BIO_printf(bio_err,"unable to rename %s to %s\n", dbfile, buf[1]);
@@ -2284,6 +2289,16 @@ again2:
 		EVP_PKEY_copy_parameters(pktmp,pkey);
 	EVP_PKEY_free(pktmp);
 #endif
+#ifndef OPENSSL_NO_ECDSA
+	if (pkey->type == EVP_PKEY_ECDSA)
+		dgst = EVP_ecdsa();
+	pktmp = X509_get_pubkey(ret);
+	if (EVP_PKEY_missing_parameters(pktmp) &&
+		!EVP_PKEY_missing_parameters(pkey))
+		EVP_PKEY_copy_parameters(pktmp, pkey);
+	EVP_PKEY_free(pktmp);
+#endif
+
 
 	if (!X509_sign(ret,pkey,dgst))
 		goto err;

apps/dgst.c

@@ -73,9 +73,8 @@
 #undef PROG
 #define PROG	dgst_main
 
-int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file);
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
+		EVP_PKEY *key, unsigned char *sigin, int siglen);
 
 int MAIN(int, char **);
 
@@ -320,36 +319,22 @@ int MAIN(int argc, char **argv)
 	if (argc == 0)
 		{
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)");
+		do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf, siglen);
 		}
 	else
 		{
 		name=OBJ_nid2sn(md->type);
 		for (i=0; i<argc; i++)
 			{
-			char *tmp,*tofree=NULL;
-			int r;
-
 			if (BIO_read_filename(in,argv[i]) <= 0)
 				{
 				perror(argv[i]);
 				err++;
 				continue;
 				}
-			if(!out_bin)
-				{
-				tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
-				sprintf(tmp,"%s(%s)= ",name,argv[i]);
-				}
-			else
-				tmp="";
-			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i]);
-			if(r)
-			    err=r;
-			if(tofree)
-				OPENSSL_free(tofree);
+			if(!out_bin) BIO_printf(out, "%s(%s)= ",name,argv[i]);
+			do_fp(out, buf,inp,separator, out_bin, sigkey, 
+								sigbuf, siglen);
 			(void)BIO_reset(bmd);
 			}
 		}
@@ -368,9 +353,8 @@ end:
 	EXIT(err);
 	}
 
-int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
-	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file)
+void do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
+			EVP_PKEY *key, unsigned char *sigin, int siglen)
 	{
 	int len;
 	int i;
@@ -378,33 +362,21 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	for (;;)
 		{
 		i=BIO_read(bp,(char *)buf,BUFSIZE);
-		if(i < 0)
-			{
-			BIO_printf(bio_err, "Read Error in %s\n",file);
-			ERR_print_errors(bio_err);
-			return 1;
-			}
-		if (i == 0) break;
+		if (i <= 0) break;
 		}
 	if(sigin)
 		{
 		EVP_MD_CTX *ctx;
 		BIO_get_md_ctx(bp, &ctx);
 		i = EVP_VerifyFinal(ctx, sigin, (unsigned int)siglen, key); 
-		if(i > 0)
-			BIO_printf(out, "Verified OK\n");
-		else if(i == 0)
-			{
-			BIO_printf(out, "Verification Failure\n");
-			return 1;
-			}
+		if(i > 0) BIO_printf(out, "Verified OK\n");
+		else if(i == 0) BIO_printf(out, "Verification Failure\n");
 		else
 			{
 			BIO_printf(bio_err, "Error Verifying Data\n");
 			ERR_print_errors(bio_err);
-			return 1;
 			}
-		return 0;
+		return;
 		}
 	if(key)
 		{
@@ -414,7 +386,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			{
 			BIO_printf(bio_err, "Error Signing Data\n");
 			ERR_print_errors(bio_err);
-			return 1;
+			return;
 			}
 		}
 	else
@@ -423,7 +395,6 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	if(binout) BIO_write(out, buf, len);
 	else 
 		{
-		BIO_write(out,title,strlen(title));
 		for (i=0; i<len; i++)
 			{
 			if (sep && (i != 0))
@@ -432,6 +403,5 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 			}
 		BIO_printf(out, "\n");
 		}
-	return 0;
 	}
 

apps/ecdsa.c

@@ -0,0 +1,445 @@
+/* apps/ecdsa.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef OPENSSL_NO_ECDSA
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/ecdsa.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG	ecdsa_main
+
+/* -inform arg	- input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg	- input file - default stdin
+ * -out arg	- output file - default stdout
+ * -des		- encrypt output if PEM format with DES in cbc mode
+ * -des3	- encrypt output if PEM format
+ * -idea	- encrypt output if PEM format
+ * -aes128	- encrypt output if PEM format
+ * -aes192	- encrypt output if PEM format
+ * -aes256	- encrypt output if PEM format
+ * -text	- print a text version
+ * -pub		- print the ECDSA public key
+ * -compressed  - print the public key in compressed form ( default )   
+ * -hybrid 	- print the public key in hybrid form
+ * -uncompressed - print the public key in uncompressed form
+ *		  the last three options ( compressed, hybrid and uncompressed )
+ *		  are only used if the "-pub" option is also selected.
+ *	  	  For a precise description of the the meaning of compressed,
+ *		  hybrid and uncompressed please refer to the X9.62 standart.
+ *		  All three forms represents ways to express the ecdsa public
+ *		  key ( a point on a elliptic curve ) as octet string. Let len be
+ *		  the length ( in bytes ) of an element of the field over which
+ *		  the curve is defined, then a compressed octet string has the form
+ *		  0x02 + result of BN_bn2bin() of the x coordinate of the public key
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+	ENGINE 	*e = NULL;
+	int 	ret = 1;
+	ECDSA 	*ecdsa = NULL;
+	int 	i, badops = 0;
+	const EVP_CIPHER *enc = NULL;
+	BIO 	*in = NULL, *out = NULL;
+	int 	informat, outformat, text=0, noout=0;
+	int  	pubin = 0, pubout = 0;
+	char 	*infile, *outfile, *prog, *engine;
+	char 	*passargin = NULL, *passargout = NULL;
+	char 	*passin = NULL, *passout = NULL;
+	int 	pub = 0, point_form = 0;
+	unsigned char *buffer = NULL;
+	unsigned int  buf_len = 0;
+	BIGNUM	*tmp_bn = NULL;
+
+	apps_startup();
+
+	if (bio_err == NULL)
+		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+			BIO_set_fp(bio_err, stderr, BIO_NOCLOSE|BIO_FP_TEXT);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+
+	engine = NULL;
+	infile = NULL;
+	outfile = NULL;
+	informat = FORMAT_PEM;
+	outformat = FORMAT_PEM;
+
+	prog = argv[0];
+	argc--;
+	argv++;
+	while (argc >= 1)
+	{
+		if (strcmp(*argv,"-inform") == 0)
+		{
+			if (--argc < 1) goto bad;
+			informat=str2fmt(*(++argv));
+		}
+		else if (strcmp(*argv,"-outform") == 0)
+		{
+			if (--argc < 1) goto bad;
+			outformat=str2fmt(*(++argv));
+		}
+		else if (strcmp(*argv,"-in") == 0)
+		{
+			if (--argc < 1) goto bad;
+			infile= *(++argv);
+		}
+		else if (strcmp(*argv,"-out") == 0)
+		{
+			if (--argc < 1) goto bad;
+			outfile= *(++argv);
+		}
+		else if (strcmp(*argv,"-passin") == 0)
+		{
+			if (--argc < 1) goto bad;
+			passargin= *(++argv);
+		}
+		else if (strcmp(*argv,"-passout") == 0)
+		{
+			if (--argc < 1) goto bad;
+			passargout= *(++argv);
+		}
+		else if (strcmp(*argv, "-engine") == 0)
+		{
+			if (--argc < 1) goto bad;
+			engine= *(++argv);
+		}
+		else if (strcmp(*argv, "-noout") == 0)
+			noout = 1;
+		else if (strcmp(*argv, "-text") == 0)
+			text = 1;
+		else if (strcmp(*argv, "-pub") == 0)
+		{
+			pub = 1;
+			buffer = (unsigned char *)(*(argv+1));
+			if (strcmp((char *)buffer, "compressed") == 0)
+				point_form = POINT_CONVERSION_COMPRESSED;
+			else if (strcmp((char *)buffer, "hybrid") == 0)
+				point_form = POINT_CONVERSION_HYBRID;
+			else if (strcmp((char *)buffer, "uncompressed") == 0)
+				point_form = POINT_CONVERSION_UNCOMPRESSED;
+			if (point_form)
+			{
+				argc--;
+				argv++;
+			}
+		}
+		else if (strcmp(*argv, "-pubin") == 0)
+			pubin=1;
+		else if (strcmp(*argv, "-pubout") == 0)
+			pubout=1;
+		else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
+		{
+			BIO_printf(bio_err,"unknown option %s\n",*argv);
+			badops=1;
+			break;
+		}
+		argc--;
+		argv++;
+	}
+
+	if (badops)
+	{
+bad:
+		BIO_printf(bio_err, "%s [options] <infile >outfile\n",prog);
+		BIO_printf(bio_err, "where options are\n");
+		BIO_printf(bio_err, " -inform arg     input format - DER or PEM\n");
+		BIO_printf(bio_err, " -outform arg    output format - DER or PEM\n");
+		BIO_printf(bio_err, " -in arg         input file\n");
+		BIO_printf(bio_err, " -passin arg     input file pass phrase source\n");
+		BIO_printf(bio_err, " -out arg        output file\n");
+		BIO_printf(bio_err, " -passout arg    output file pass phrase source\n");
+		BIO_printf(bio_err, " -engine e       use engine e, possibly a hardware device.\n");
+		BIO_printf(bio_err, " -des            encrypt PEM output with cbc des\n");
+		BIO_printf(bio_err, " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef OPENSSL_NO_IDEA
+		BIO_printf(bio_err, " -idea           encrypt PEM output with cbc idea\n");
+#endif
+#ifndef OPENSSL_NO_AES
+		BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+		BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
+#endif
+		BIO_printf(bio_err, " -text           print the key in text\n");
+		BIO_printf(bio_err, " -noout          don't print key out\n");
+		BIO_printf(bio_err, " -pub [compressed | hybrid | uncompressed] \n");
+		BIO_printf(bio_err, "         compressed     print the public key in compressed form ( default )\n");   
+		BIO_printf(bio_err, "         hybrid         print the public key in hybrid form\n");
+ 		BIO_printf(bio_err, "         uncompressed   print the public key in uncompressed form\n");
+		goto end;
+	}
+
+	ERR_load_crypto_strings();
+
+        e = setup_engine(bio_err, engine, 0);
+
+	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) 
+	{
+		BIO_printf(bio_err, "Error getting passwords\n");
+		goto end;
+	}
+
+	in = BIO_new(BIO_s_file());
+	out = BIO_new(BIO_s_file());
+	if ((in == NULL) || (out == NULL))
+	{
+		ERR_print_errors(bio_err);
+		goto end;
+	}
+
+	if (infile == NULL)
+		BIO_set_fp(in,stdin,BIO_NOCLOSE);
+	else
+	{
+		if (BIO_read_filename(in,infile) <= 0)
+		{
+			perror(infile);
+			goto end;
+		}
+	}
+
+	BIO_printf(bio_err,"read ECDSA key\n");
+	if (informat == FORMAT_ASN1) 
+	{
+		if (pubin) 
+			ecdsa = d2i_ECDSA_PUBKEY_bio(in, NULL);
+		else 
+			ecdsa = d2i_ECDSAPrivateKey_bio(in, NULL);
+	} else if (informat == FORMAT_PEM) 
+	{
+		if (pubin) 
+			ecdsa = PEM_read_bio_ECDSA_PUBKEY(in, NULL, NULL, NULL);
+		else 
+			ecdsa = PEM_read_bio_ECDSAPrivateKey(in, NULL, NULL, passin);
+	} else
+	{
+		BIO_printf(bio_err, "bad input format specified for key\n");
+		goto end;
+	}
+	if (ecdsa == NULL)
+	{
+		BIO_printf(bio_err,"unable to load Key\n");
+		ERR_print_errors(bio_err);
+		goto end;
+	}
+
+	if (outfile == NULL)
+	{
+		BIO_set_fp(out, stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+		{
+			BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+			out = BIO_push(tmpbio, out);
+		}
+#endif
+	}
+	else
+	{
+		if (BIO_write_filename(out, outfile) <= 0)
+		{
+			perror(outfile);
+			goto end;
+		}
+	}
+
+	if (text) 
+		if (!ECDSA_print(out, ecdsa, 0))
+		{
+			perror(outfile);
+			ERR_print_errors(bio_err);
+			goto end;
+		}
+
+	if (pub)
+	{
+		fprintf(stdout, "Public Key (");
+		if (point_form == POINT_CONVERSION_COMPRESSED)
+			fprintf(stdout, "COMPRESSED");
+		else if (point_form == POINT_CONVERSION_UNCOMPRESSED)
+			fprintf(stdout, "UNCOMPRESSED");
+		else if (point_form == POINT_CONVERSION_HYBRID)
+			fprintf(stdout, "HYBRID");
+		fprintf(stdout, ")=");
+		buf_len = EC_POINT_point2oct(ecdsa->group, EC_GROUP_get0_generator(ecdsa->group),
+					     point_form, NULL, 0, NULL);
+		if (!buf_len)
+		{
+			BIO_printf(bio_err,"invalid public key length\n");
+			ERR_print_errors(bio_err);
+			goto end;
+		}
+		if ((tmp_bn = BN_new()) == NULL ||
+		    (buffer = OPENSSL_malloc(buf_len)) == NULL) goto end;
+		if (!EC_POINT_point2oct(ecdsa->group, EC_GROUP_get0_generator(ecdsa->group),
+					     point_form, buffer, buf_len, NULL) ||
+		    !BN_bin2bn(buffer, buf_len, tmp_bn))
+		{
+			BIO_printf(bio_err,"can not encode public key\n");
+			ERR_print_errors(bio_err);
+			OPENSSL_free(buffer);
+			goto end;
+		}
+		BN_print(out, tmp_bn);
+		fprintf(stdout,"\n");
+	}
+
+	if (noout) 
+		goto end;
+	BIO_printf(bio_err, "writing ECDSA key\n");
+	if (outformat == FORMAT_ASN1) 
+	{
+		if(pubin || pubout) 
+			i = i2d_ECDSA_PUBKEY_bio(out, ecdsa);
+		else 
+			i = i2d_ECDSAPrivateKey_bio(out, ecdsa);
+	} else if (outformat == FORMAT_PEM) 
+	{
+		if(pubin || pubout)
+			i = PEM_write_bio_ECDSA_PUBKEY(out, ecdsa);
+		else 
+			i = PEM_write_bio_ECDSAPrivateKey(out, ecdsa, enc,
+							NULL, 0, NULL, passout);
+	} else 
+	{
+		BIO_printf(bio_err, "bad output format specified for outfile\n");
+		goto end;
+	}
+	if (!i)
+	{
+		BIO_printf(bio_err, "unable to write private key\n");
+		ERR_print_errors(bio_err);
+	}
+	else
+		ret=0;
+end:
+	if (in) 	BIO_free(in);
+	if (out)	BIO_free_all(out);
+	if (ecdsa) 	ECDSA_free(ecdsa);
+	if (tmp_bn)	BN_free(tmp_bn);
+	if (passin) 	OPENSSL_free(passin);
+	if (passout) 	OPENSSL_free(passout);
+	apps_shutdown();
+	EXIT(ret);
+}
+#endif

apps/ecdsaparam.c

@@ -0,0 +1,660 @@
+/* apps/ecdsaparam.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef OPENSSL_NO_ECDSA
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/bio.h>
+#include <openssl/err.h>
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/ecdsa.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#undef PROG
+#define PROG	ecdsaparam_main
+
+/* -inform arg	  	- input format - default PEM (DER or PEM)
+ * -outform arg 	- output format - default PEM
+ * -in arg		- input file  - default stdin
+ * -out arg		- output file - default stdout
+ * -noout
+ * -text
+ * -check               - validate the ec parameters
+ * -C
+ * -noout
+ * -genkey		- generate a private public keypair based on the supplied curve
+ * -named_curve		- use the curve oid instead of the parameters
+ * -NIST_192		- use the NIST recommended curve parameters over a 192 bit prime field
+ * -NIST_224		- use the NIST recommended curve parameters over a 224 bit prime field
+ * -NIST_256		- use the NIST recommended curve parameters over a 256 bit prime field
+ * -NIST_384		- use the NIST recommended curve parameters over a 384 bit prime field
+ * -NIST_521		- use the NIST recommended curve parameters over a 521 bit prime field
+ * -X9_62_192v1		- use the X9_62 192v1 example curve over a 192 bit prime field
+ * -X9_62_192v2		- use the X9_62 192v2 example curve over a 192 bit prime field
+ * -X9_62_192v3		- use the X9_62 192v3 example curve over a 192 bit prime field
+ * -X9_62_239v1		- use the X9_62 239v1 example curve over a 239 bit prime field
+ * -X9_62_239v2		- use the X9_62 239v2 example curve over a 239 bit prime field
+ * -X9_62_239v3		- use the X9_62 239v3 example curve over a 239 bit prime field
+ * -X9_62_256v1		- use the X9_62 239v1 example curve over a 256 bit prime field
+ * -SECG_PRIME_112R1    - use the SECG 112r1 recommended curve over a 112 bit prime field
+ * -SECG_PRIME_112R2    - use the SECG 112r2 recommended curve over a 112 bit prime field
+ * -SECG_PRIME_128R1    - use the SECG 128r1 recommended curve over a 128 bit prime field
+ * -SECG_PRIME_128R2    - use the SECG 128r2 recommended curve over a 128 bit prime field
+ * -SECG_PRIME_160K1    - use the SECG 160k1 recommended curve over a 160 bit prime field
+ * -SECG_PRIME_160R1    - use the SECG 160r1 recommended curve over a 160 bit prime field
+ * -SECG_PRIME_160R2    - use the SECG 160r2 recommended curve over a 160 bit prime field
+ * -SECG_PRIME_192K1    - use the SECG 192k1 recommended curve over a 192 bit prime field
+ * -SECG_PRIME_192R1    - use the SECG 192r1 recommended curve over a 192 bit prime field
+ * -SECG_PRIME_224K1    - use the SECG 224k1 recommended curve over a 224 bit prime field
+ * -SECG_PRIME_224R1    - use the SECG 224r1 recommended curve over a 224 bit prime field
+ * -SECG_PRIME_256K1    - use the SECG 256k1 recommended curve over a 256 bit prime field
+ * -SECG_PRIME_256R1    - use the SECG 256r1 recommended curve over a 256 bit prime field
+ * -SECG_PRIME_384R1    - use the SECG 384r1 recommended curve over a 384 bit prime field
+ * -SECG_PRIME_521R1    - use the SECG 521r1 recommended curve over a 521 bit prime field
+ * -WTLS_6              - use the WAP/WTLS recommended curve number 6 over a 112 bit field
+ * -WTLS_8              - use the WAP/WTLS recommended curve number 8 over a 112 bit field
+ * -WTLS_9              - use the WAP/WTLS recommended curve number 9 over a 160 bit field
+ */
+
+int MAIN(int, char **);
+
+int MAIN(int argc, char **argv)
+{
+	ENGINE 	*e = NULL;
+	ECDSA 	*ecdsa = NULL;
+	int 	i, badops = 0, text = 0;
+	BIO 	*in = NULL, *out = NULL;
+	int 	informat, outformat, noout = 0, C = 0, ret = 1;
+	char 	*infile, *outfile, *prog, *inrand = NULL;
+	int 	genkey = 0;
+	int	check = 0;
+	int 	need_rand = 0;
+	char 	*engine=NULL;
+	int	curve_type = EC_GROUP_NO_CURVE;
+	int	named_curve = 0;
+	BIGNUM	*tmp_1 = NULL, *tmp_2 = NULL, *tmp_3 = NULL, *tmp_4 = NULL, *tmp_5 = NULL,
+		*tmp_6 = NULL, *tmp_7 = NULL;
+	BN_CTX	*ctx = NULL;
+	EC_POINT *point = NULL;
+	unsigned char *data = NULL;
+
+	apps_startup();
+
+	if (bio_err == NULL)
+		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+
+	if (!load_config(bio_err, NULL))
+		goto end;
+
+	infile=NULL;
+	outfile=NULL;
+	informat=FORMAT_PEM;
+	outformat=FORMAT_PEM;
+
+	prog=argv[0];
+	argc--;
+	argv++;
+	while (argc >= 1)
+		{
+		if 	(strcmp(*argv,"-inform") == 0)
+		{
+			if (--argc < 1) goto bad;
+			informat=str2fmt(*(++argv));
+		}
+		else if (strcmp(*argv,"-outform") == 0)
+		{
+			if (--argc < 1) goto bad;
+			outformat=str2fmt(*(++argv));
+		}
+		else if (strcmp(*argv,"-in") == 0)
+		{
+			if (--argc < 1) goto bad;
+			infile= *(++argv);
+		}
+		else if (strcmp(*argv,"-out") == 0)
+		{
+			if (--argc < 1) goto bad;
+			outfile= *(++argv);
+		}
+		else if(strcmp(*argv, "-engine") == 0)
+		{
+			if (--argc < 1) goto bad;
+			engine = *(++argv);
+		}
+		else if (strcmp(*argv,"-text") == 0)
+			text = 1;
+		else if (strcmp(*argv,"-C") == 0)
+			C = 1;
+		else if (strcmp(*argv,"-check") == 0)
+			check = 1;
+		else if (strcmp(*argv,"-genkey") == 0)
+		{
+			genkey = 1;
+			need_rand = 1;
+		}
+		else if (strcmp(*argv,"-rand") == 0)
+		{
+			if (--argc < 1) goto bad;
+			inrand= *(++argv);
+			need_rand=1;
+		}
+		else if (strcmp(*argv, "-named_curve") == 0)
+			named_curve = 1;
+		else if (strcmp(*argv, "-NIST_192") == 0)
+			curve_type = EC_GROUP_NIST_PRIME_192;
+		else if (strcmp(*argv, "-NIST_224") == 0)
+			curve_type = EC_GROUP_NIST_PRIME_224;
+		else if (strcmp(*argv, "-NIST_256") == 0)
+			curve_type = EC_GROUP_NIST_PRIME_256;
+		else if (strcmp(*argv, "-NIST_384") == 0)
+			curve_type = EC_GROUP_NIST_PRIME_384;
+		else if (strcmp(*argv, "-NIST_521") == 0)
+			curve_type = EC_GROUP_NIST_PRIME_521;
+		else if (strcmp(*argv, "-X9_62_192v1") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_192V1;
+		else if (strcmp(*argv, "-X9_62_192v2") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_192V2;
+		else if (strcmp(*argv, "-X9_62_192v3") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_192V3;
+		else if (strcmp(*argv, "-X9_62_239v1") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_239V1;
+		else if (strcmp(*argv, "-X9_62_239v2") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_239V2;
+		else if (strcmp(*argv, "-X9_62_239v3") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_239V3;
+		else if (strcmp(*argv, "-X9_62_256v1") == 0)
+			curve_type = EC_GROUP_X9_62_PRIME_256V1;
+		else if (strcmp(*argv, "-SECG_PRIME_112R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_112R1;
+		else if (strcmp(*argv, "-SECG_PRIME_112R2") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_112R2;
+		else if (strcmp(*argv, "-SECG_PRIME_128R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_128R1;
+		else if (strcmp(*argv, "-SECG_PRIME_128R2") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_128R2;
+		else if (strcmp(*argv, "-SECG_PRIME_160K1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_160K1;
+		else if (strcmp(*argv, "-SECG_PRIME_160R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_160R1;
+		else if (strcmp(*argv, "-SECG_PRIME_160R2") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_160R2;
+		else if (strcmp(*argv, "-SECG_PRIME_192K1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_192K1;
+		else if (strcmp(*argv, "-SECG_PRIME_192R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_192R1;
+		else if (strcmp(*argv, "-SECG_PRIME_224K1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_224K1;
+		else if (strcmp(*argv, "-SECG_PRIME_224R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_224R1;
+		else if (strcmp(*argv, "-SECG_PRIME_256K1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_256K1;
+		else if (strcmp(*argv, "-SECG_PRIME_256R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_256R1;
+		else if (strcmp(*argv, "-SECG_PRIME_384R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_384R1;
+		else if (strcmp(*argv, "-SECG_PRIME_521R1") == 0)
+			curve_type = EC_GROUP_SECG_PRIME_521R1;
+		else if (strcmp(*argv, "-WTLS_6") == 0)
+			curve_type = EC_GROUP_WTLS_6;
+		else if (strcmp(*argv, "-WTLS_8") == 0)
+			curve_type = EC_GROUP_WTLS_8;
+		else if (strcmp(*argv, "-WTLS_9") == 0)
+			curve_type = EC_GROUP_WTLS_9;
+		else if (strcmp(*argv, "-noout") == 0)
+			noout=1;
+		else
+		{
+			BIO_printf(bio_err,"unknown option %s\n",*argv);
+			badops=1;
+			break;
+		}
+		argc--;
+		argv++;
+	}
+
+	if (badops)
+	{
+bad:
+		BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
+		BIO_printf(bio_err,"where options are\n");
+		BIO_printf(bio_err," -inform arg        input format - DER or PEM\n");
+		BIO_printf(bio_err," -outform arg       output format - DER or PEM\n");
+		BIO_printf(bio_err," -in arg            input file\n");
+		BIO_printf(bio_err," -out arg           output file\n");
+		BIO_printf(bio_err," -text              print as text\n");
+		BIO_printf(bio_err," -C                 Output C code\n");
+		BIO_printf(bio_err," -check             validate the ec parameters\n");
+		BIO_printf(bio_err," -noout             no output\n");
+		BIO_printf(bio_err," -rand              files to use for random number input\n");
+		BIO_printf(bio_err," -engine e          use engine e, possibly a hardware device.\n");
+		BIO_printf(bio_err," -named_curve       use the curve oid instead of the parameters\n");
+		BIO_printf(bio_err," -NIST_192          use the NIST recommended curve parameters over a 192 bit prime field\n");
+		BIO_printf(bio_err," -NIST_224          use the NIST recommended curve parameters over a 224 bit prime field\n");
+		BIO_printf(bio_err," -NIST_256          use the NIST recommended curve parameters over a 256 bit prime field\n");
+		BIO_printf(bio_err," -NIST_384          use the NIST recommended curve parameters over a 384 bit prime field\n");
+		BIO_printf(bio_err," -NIST_521          use the NIST recommended curve parameters over a 521 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_192v1       use the X9_62 192v1 example curve over a 192 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_192v2       use the X9_62 192v2 example curve over a 192 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_192v3       use the X9_62 192v3 example curve over a 192 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_239v1       use the X9_62 239v1 example curve over a 239 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_239v2       use the X9_62 239v2 example curve over a 239 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_239v3       use the X9_62 239v3 example curve over a 239 bit prime field\n");
+		BIO_printf(bio_err," -X9_62_256v1       use the X9_62 239v1 example curve over a 256 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_112R1  use the SECG 112r1 recommended curve over a 112 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_112R2  use the SECG 112r2 recommended curve over a 112 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_128R1  use the SECG 128r1 recommended curve over a 128 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_128R2  use the SECG 128r2 recommended curve over a 128 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_160K1  use the SECG 160k1 recommended curve over a 160 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_160R1  use the SECG 160r1 recommended curve over a 160 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_160R2  use the SECG 160r2 recommended curve over a 160 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_192K1  use the SECG 192k1 recommended curve over a 192 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_192R1  use the SECG 192r1 recommended curve over a 192 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_224K1  use the SECG 224k1 recommended curve over a 224 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_224R1  use the SECG 224r1 recommended curve over a 224 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_256K1  use the SECG 256k1 recommended curve over a 256 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_256R1  use the SECG 256r1 recommended curve over a 256 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_384R1  use the SECG 384r1 recommended curve over a 384 bit prime field\n");
+		BIO_printf(bio_err," -SECG_PRIME_521R1  use the SECG 521r1 recommended curve over a 521 bit prime field\n");
+		BIO_printf(bio_err," -WTLS_6            use the WAP/WTLS recommended curve number 6 over a 112 bit field\n");
+		BIO_printf(bio_err," -WTLS_8            use the WAP/WTLS recommended curve number 8 over a 112 bit field\n");
+		BIO_printf(bio_err," -WTLS_9            use the WAP/WTLS recommended curve number 9 over a 112 bit field\n");
+		goto end;
+	}
+
+	ERR_load_crypto_strings();
+
+	in=BIO_new(BIO_s_file());
+	out=BIO_new(BIO_s_file());
+	if ((in == NULL) || (out == NULL))
+	{
+		ERR_print_errors(bio_err);
+		goto end;
+	}
+
+	if (infile == NULL)
+		BIO_set_fp(in,stdin,BIO_NOCLOSE);
+	else
+	{
+		if (BIO_read_filename(in,infile) <= 0)
+		{
+			perror(infile);
+			goto end;
+		}
+	}
+	if (outfile == NULL)
+	{
+		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+		{
+		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+		out = BIO_push(tmpbio, out);
+		}
+#endif
+	}
+	else
+	{
+		if (BIO_write_filename(out,outfile) <= 0)
+		{
+			perror(outfile);
+			goto end;
+		}
+	}
+
+        e = setup_engine(bio_err, engine, 0);
+
+	if (need_rand)
+	{
+		app_RAND_load_file(NULL, bio_err, (inrand != NULL));
+		if (inrand != NULL)
+			BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+				app_RAND_load_files(inrand));
+	}
+
+	if (curve_type != EC_GROUP_NO_CURVE)
+	{
+		if ((ecdsa = ECDSA_new()) == NULL)
+			goto end;
+		ecdsa->group = EC_GROUP_new_by_name(curve_type);
+		if (named_curve)
+			ECDSA_set_parameter_flags(ecdsa, ECDSA_FLAG_NAMED_CURVE);
+	}
+	else if (informat == FORMAT_ASN1)
+		ecdsa = d2i_ECDSAParameters_bio(in,NULL);
+	else if (informat == FORMAT_PEM)
+		ecdsa = PEM_read_bio_ECDSAParameters(in, NULL, NULL, NULL);
+	else
+	{
+		BIO_printf(bio_err, "bad input format specified\n");
+		goto end;
+	}
+	if (ecdsa == NULL)
+	{
+		BIO_printf(bio_err, "unable to load ECDSA parameters\n");
+		ERR_print_errors(bio_err);
+		goto end;
+	}
+
+	if (text)
+	{
+		ECDSAParameters_print(out, ecdsa);
+	}
+
+	if (check)
+	{
+		if (ecdsa == NULL)
+			BIO_printf(bio_err, "no elliptic curve parameters\n");
+		BIO_printf(bio_err, "checking elliptic curve parameters: ");
+		if (!EC_GROUP_check(ecdsa->group, NULL))
+		{
+			BIO_printf(bio_err, "failed\n");
+			ERR_print_errors(bio_err);
+		}
+		else
+			BIO_printf(bio_err, "ok\n");
+			
+	}
+	
+	if (C)
+	{	/* TODO: characteristic two */
+		int 	l, len, bits_p;
+		if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL ||
+		    (tmp_3 = BN_new()) == NULL || (tmp_4 = BN_new()) == NULL ||
+		    (tmp_5 = BN_new()) == NULL || (tmp_6 = BN_new()) == NULL ||
+                    (tmp_7 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL)
+		{
+			perror("OPENSSL_malloc");
+			goto end;
+		}
+		if (!EC_GROUP_get_curve_GFp(ecdsa->group, tmp_1, tmp_2, tmp_3, ctx))
+			goto end;
+		if ((point = EC_GROUP_get0_generator(ecdsa->group)) == NULL)
+			goto end;
+		if (!EC_POINT_get_affine_coordinates_GFp(ecdsa->group, point, tmp_4, tmp_5, ctx))
+			goto end;
+		if (!EC_GROUP_get_order(ecdsa->group, tmp_6, ctx))
+			goto end;
+		if (!EC_GROUP_get_cofactor(ecdsa->group, tmp_7, ctx))
+			goto end;
+		
+		len    = BN_num_bytes(tmp_1);
+		bits_p = BN_num_bits(tmp_1);
+		data=(unsigned char *)OPENSSL_malloc(len+20);
+		if (data == NULL)
+		{
+			perror("OPENSSL_malloc");
+			goto end;
+		}
+		l = BN_bn2bin(tmp_1, data);
+		printf("static unsigned char ecdsa%d_p[]={", bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n\n");
+
+		l = BN_bn2bin(tmp_2, data);
+		printf("static unsigned char ecdsa%d_a[]={",bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n");
+
+		l = BN_bn2bin(tmp_3, data);
+		printf("static unsigned char ecdsa%d_b[]={", bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n\n");
+
+		l = BN_bn2bin(tmp_4, data);
+		printf("static unsigned char ecdsa%d_x[]={", bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n");
+
+		l = BN_bn2bin(tmp_5, data);
+		printf("static unsigned char ecdsa%d_y[]={", bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n");
+
+		l = BN_bn2bin(tmp_6, data);
+		printf("static unsigned char ecdsa%d_o[]={", bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n");
+
+		l = BN_bn2bin(tmp_7, data);
+		printf("static unsigned char ecdsa%d_c[]={", bits_p);
+		for (i=0; i<l; i++)
+		{
+			if ((i%12) == 0) printf("\n\t");
+			printf("0x%02X,",data[i]);
+		}
+		printf("\n\t};\n\n");
+
+		/* FIXME:
+		 * generated code should check for errors
+		 */
+
+		printf("ECDSA *get_ecdsa%d(void)\n\t{\n",bits_p);
+		printf("\tint ok=0;\n");
+		printf("\tECDSA    *ecdsa=NULL;\n");
+		printf("\tEC_POINT *point=NULL;\n");
+		printf("\tBIGNUM   *tmp_1=NULL,*tmp_2=NULL,*tmp_3=NULL;\n\n");
+		printf("\tif ((ecdsa=ECDSA_new()) == NULL)\n");
+		printf("\t\treturn(NULL);\n\n");
+		printf("\t/* generate EC_GROUP structure */\n");
+		printf("\tif ((tmp_1 = BN_bin2bn(ecdsa%d_p, sizeof(ecdsa%d_p), NULL)) == NULL) goto err;\n", bits_p, bits_p);
+		printf("\tif ((tmp_2 = BN_bin2bn(ecdsa%d_a, sizeof(ecdsa%d_a), NULL)) == NULL) goto err;\n", bits_p, bits_p);
+		printf("\tif ((tmp_3 = BN_bin2bn(ecdsa%d_b, sizeof(ecdsa%d_b), NULL)) == NULL) goto err;\n", bits_p, bits_p);
+		printf("\tif ((ecdsa->group = EC_GROUP_new_curve_GFp(tmp_1, tmp_2, tmp_3, NULL)) == NULL) goto err;\n\n");
+		printf("\t/* build generator */\n");
+		printf("\tif (!BN_bin2bn(ecdsa%d_x, sizeof(ecdsa%d_x), tmp_1)) goto err;\n", bits_p, bits_p);
+		printf("\tif (!BN_bin2bn(ecdsa%d_y, sizeof(ecdsa%d_y), tmp_2)) goto err;\n", bits_p, bits_p);
+		printf("\tif ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err;\n");
+		printf("\tif (!EC_POINT_set_affine_coordinates_GFp(ecdsa->group, point, tmp_1, tmp_2, NULL)) goto err;\n");
+		printf("\t/* set generator, order and cofactor */\n");
+		printf("\tif (!BN_bin2bn(ecdsa%d_o, sizeof(ecdsa%d_o), tmp_1)) goto err;\n", bits_p, bits_p);
+		printf("\tif (!BN_bin2bn(ecdsa%d_c, sizeof(ecdsa%d_c), tmp_2)) goto err;\n", bits_p, bits_p);
+		printf("\tif (!EC_GROUP_set_generator(ecdsa->group, point, tmp_1, tmp_2)) goto err;\n");
+		printf("\n\tok=1;\n");
+		printf("err:\n");
+		printf("\tif (tmp_1) BN_free(tmp_1);\n");
+		printf("\tif (tmp_2) BN_free(tmp_2);\n");
+		printf("\tif (tmp_3) BN_free(tmp_3);\n");
+		printf("\tif (point) EC_POINT_free(point);\n");
+		printf("\tif (!ok)\n");
+		printf("\t\t{\n");
+		printf("\t\tECDSA_free(ecdsa);\n");
+		printf("\t\tecdsa = NULL;\n");
+		printf("\t\t}\n");
+		printf("\treturn(ecdsa);\n\t}\n");
+	}
+
+
+	if (!noout)
+	{
+		if (outformat == FORMAT_ASN1)
+			i = i2d_ECDSAParameters_bio(out, ecdsa);
+		else if (outformat == FORMAT_PEM)
+			i = PEM_write_bio_ECDSAParameters(out, ecdsa);
+		else	
+		{
+			BIO_printf(bio_err,"bad output format specified for outfile\n");
+			goto end;
+		}
+		if (!i)
+		{
+			BIO_printf(bio_err, "unable to write ECDSA parameters\n");
+			ERR_print_errors(bio_err);
+			goto end;
+		}
+	}
+	if (genkey)
+	{
+		ECDSA *ecdsakey;
+
+		assert(need_rand);
+		if ((ecdsakey = ECDSAParameters_dup(ecdsa)) == NULL) goto end;
+		if (!ECDSA_generate_key(ecdsakey)) goto end;
+		if (outformat == FORMAT_ASN1)
+			i = i2d_ECDSAPrivateKey_bio(out, ecdsakey);
+		else if (outformat == FORMAT_PEM)
+			i = PEM_write_bio_ECDSAPrivateKey(out, ecdsakey, NULL, NULL, 0, NULL, NULL);
+		else	
+		{
+			BIO_printf(bio_err, "bad output format specified for outfile\n");
+			goto end;
+		}
+		ECDSA_free(ecdsakey);
+	}
+	if (need_rand)
+		app_RAND_write_file(NULL, bio_err);
+	ret=0;
+end:
+	if (in != NULL) 	BIO_free(in);
+	if (out != NULL) 	BIO_free_all(out);
+	if (ecdsa != NULL) 	ECDSA_free(ecdsa);
+	if (tmp_1)		BN_free(tmp_1);
+	if (tmp_2)		BN_free(tmp_2);
+	if (tmp_3)		BN_free(tmp_3);
+	if (tmp_3)		BN_free(tmp_4);
+	if (tmp_3)		BN_free(tmp_5);
+	if (tmp_3)		BN_free(tmp_6);
+	if (tmp_3)		BN_free(tmp_7);
+	if (ctx)		BN_CTX_free(ctx);
+	if (data)		OPENSSL_free(data);
+	apps_shutdown();
+	EXIT(ret);
+}
+#endif

apps/enc.c

@@ -78,7 +78,7 @@ int set_hex(char *in,unsigned char *out,int size);
 #define BSIZE	(8*1024)
 #define	PROG	enc_main
 
-static void show_ciphers(const OBJ_NAME *name,void *bio_)
+void show_ciphers(const OBJ_NAME *name,void *bio_)
 	{
 	BIO *bio=bio_;
 	static int n;

apps/makeapps.com

@@ -44,7 +44,6 @@ $!  keywords:
 $!
 $!	UCX		for UCX
 $!	SOCKETSHR	for SOCKETSHR+NETLIB
-$!	TCPIP		for TCPIP (post UCX)
 $!
 $!  P5, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
 $!
@@ -964,8 +963,7 @@ $ ENDIF
 $!
 $! Time to check the contents, and to make sure we get the correct library.
 $!
-$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX" -
-     .OR. P4.EQS."TCPIP" .OR. P4.EQS."NONE"
+$ IF P4.EQS."SOCKETSHR" .OR. P4.EQS."MULTINET" .OR. P4.EQS."UCX"
 $ THEN
 $!
 $!  Check to see if SOCKETSHR was chosen
@@ -975,7 +973,7 @@ $   THEN
 $!
 $!    Set the library to use SOCKETSHR
 $!
-$     TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
+$     TCPIP_LIB = "[-.VMS]SOCKETSHR_SHR.OPT/OPT"
 $!
 $!    Done with SOCKETSHR
 $!
@@ -1001,45 +999,19 @@ $   THEN
 $!
 $!    Set the library to use UCX.
 $!
-$     TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
+$     TCPIP_LIB = "[-.VMS]UCX_SHR_DECC.OPT/OPT"
 $     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
 $     THEN
-$       TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
+$       TCPIP_LIB = "[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
 $     ELSE
 $       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
-	  TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
+	  TCPIP_LIB = "[-.VMS]UCX_SHR_VAXC.OPT/OPT"
 $     ENDIF
 $!
 $!    Done with UCX
 $!
 $   ENDIF
 $!
-$!  Check to see if TCPIP (post UCX) was chosen
-$!
-$   IF P4.EQS."TCPIP"
-$   THEN
-$!
-$!    Set the library to use TCPIP.
-$!
-$     TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
-$!  Check to see if NONE was chosen
-$!
-$   IF P4.EQS."NONE"
-$   THEN
-$!
-$!    Do not use TCPIP.
-$!
-$     TCPIP_LIB = ""
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
 $!  Add TCP/IP type to CC definitions.
 $!
 $   CCDEFS = CCDEFS + ",TCPIP_TYPE_''P4'"
@@ -1059,7 +1031,6 @@ $   WRITE SYS$OUTPUT "The Option ",P4," Is Invalid.  The Valid Options Are:"
 $   WRITE SYS$OUTPUT ""
 $   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
 $   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
-$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
 $   WRITE SYS$OUTPUT ""
 $!
 $!  Time To EXIT.

apps/ocsp.c

@@ -553,8 +553,8 @@ int MAIN(int argc, char **argv)
 		BIO_printf (bio_err, "-port num		 port to run responder on\n");
 		BIO_printf (bio_err, "-index file	 certificate status index file\n");
 		BIO_printf (bio_err, "-CA file		 CA certificate\n");
-		BIO_printf (bio_err, "-rsigner file	 responder certificate to sign responses with\n");
-		BIO_printf (bio_err, "-rkey file	 responder key to sign responses with\n");
+		BIO_printf (bio_err, "-rsigner file	 responder certificate to sign requests with\n");
+		BIO_printf (bio_err, "-rkey file	 responder key to sign requests with\n");
 		BIO_printf (bio_err, "-rother file	 other certificates to include in response\n");
 		BIO_printf (bio_err, "-resp_no_certs     don't include any certificates in response\n");
 		BIO_printf (bio_err, "-nmin n	 	 number of minutes before next update\n");
@@ -676,18 +676,6 @@ int MAIN(int argc, char **argv)
 
 	if (req_text && req) OCSP_REQUEST_print(out, req, 0);
 
-	if (reqout)
-		{
-		derbio = BIO_new_file(reqout, "wb");
-		if(!derbio)
-			{
-			BIO_printf(bio_err, "Error opening file %s\n", reqout);
-			goto end;
-			}
-		i2d_OCSP_REQUEST_bio(derbio, req);
-		BIO_free(derbio);
-		}
-
 	if (ridx_filename && (!rkey || !rsigner || !rca_cert))
 		{
 		BIO_printf(bio_err, "Need a responder certificate, key and CA for this operation!\n");
@@ -821,8 +809,6 @@ int MAIN(int argc, char **argv)
 
 	if (!store)
 		store = setup_verify(bio_err, CAfile, CApath);
-	if (!store)
-		goto end;
 	if (verify_certfile)
 		{
 		verify_other = load_certs(bio_err, verify_certfile, FORMAT_PEM,

apps/progs.h

@@ -17,6 +17,8 @@ extern int rsa_main(int argc,char *argv[]);
 extern int rsautl_main(int argc,char *argv[]);
 extern int dsa_main(int argc,char *argv[]);
 extern int dsaparam_main(int argc,char *argv[]);
+extern int ecdsa_main(int argc,char *argv[]);
+extern int ecdsaparam_main(int argc,char *argv[]);
 extern int x509_main(int argc,char *argv[]);
 extern int genrsa_main(int argc,char *argv[]);
 extern int gendsa_main(int argc,char *argv[]);
@@ -78,6 +80,12 @@ FUNCTION functions[] = {
 #endif
 #ifndef OPENSSL_NO_DSA
 	{FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	{FUNC_TYPE_GENERAL,"ecdsa",ecdsa_main},
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	{FUNC_TYPE_GENERAL,"ecdsaparam",ecdsaparam_main},
 #endif
 	{FUNC_TYPE_GENERAL,"x509",x509_main},
 #ifndef OPENSSL_NO_RSA

apps/progs.pl

@@ -33,6 +33,8 @@ foreach (@ARGV)
 		{ print "#ifndef OPENSSL_NO_RSA\n${str}#endif\n";  }
 	elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
 		{ print "#ifndef OPENSSL_NO_DSA\n${str}#endif\n"; }
+	elsif ( ($_ =~ /^ecdsa$/) || ($_ =~ /^ecdsaparam$/))
+		{ print "#ifndef OPENSSL_NO_ECDSA\n${str}#endif\n";}
 	elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/) || ($_ =~ /^dhparam$/))
 		{ print "#ifndef OPENSSL_NO_DH\n${str}#endif\n"; }
 	elsif ( ($_ =~ /^pkcs12$/))

apps/req.c

@@ -142,6 +142,7 @@ static int batch=0;
 #define TYPE_RSA	1
 #define TYPE_DSA	2
 #define TYPE_DH		3
+#define TYPE_ECDSA	4
 
 int MAIN(int, char **);
 
@@ -150,6 +151,9 @@ int MAIN(int argc, char **argv)
 	ENGINE *e = NULL;
 #ifndef OPENSSL_NO_DSA
 	DSA *dsa_params=NULL;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	ECDSA *ecdsa_params = NULL;
 #endif
 	unsigned long nmflag = 0;
 	int ex=1,x509=0,days=30;
@@ -318,11 +322,63 @@ int MAIN(int argc, char **argv)
 						}
 					}
 				BIO_free(in);
-				newkey=BN_num_bits(dsa_params->p);
 				in=NULL;
+				newkey=BN_num_bits(dsa_params->p);
 				}
 			else 
 #endif
+#ifndef OPENSSL_NO_ECDSA
+				if (strncmp("ecdsa:",p,4) == 0)
+				{
+				X509 *xtmp=NULL;
+				EVP_PKEY *dtmp;
+
+				pkey_type=TYPE_ECDSA;
+				p+=6;
+				if ((in=BIO_new_file(p,"r")) == NULL)
+					{
+					perror(p);
+					goto end;
+					}
+				if ((ecdsa_params = PEM_read_bio_ECDSAParameters(in, NULL, NULL, NULL)) == NULL)
+					{
+					ERR_clear_error();
+					(void)BIO_reset(in);
+					if ((xtmp=PEM_read_bio_X509(in,NULL,NULL,NULL)) == NULL)
+						{	
+						BIO_printf(bio_err,"unable to load ECDSA parameters from file\n");
+						goto end;
+						}
+
+					if ((dtmp=X509_get_pubkey(xtmp)) == NULL) goto end;
+					if (dtmp->type == EVP_PKEY_ECDSA)
+						ecdsa_params = ECDSAParameters_dup(dtmp->pkey.ecdsa);
+					EVP_PKEY_free(dtmp);
+					X509_free(xtmp);
+					if (ecdsa_params == NULL)
+						{
+						BIO_printf(bio_err,"Certificate does not contain ECDSA parameters\n");
+						goto end;
+						}
+					}
+
+				BIO_free(in);
+				in=NULL;
+				
+				{
+				BIGNUM *order = BN_new();
+				
+				if (!order)
+					goto end;
+				if (!EC_GROUP_get_order(ecdsa_params->group, order, NULL))
+					goto end;
+				newkey = BN_num_bits(order);
+				BN_free(order);
+				}
+
+				}
+			else
+#endif
 #ifndef OPENSSL_NO_DH
 				if (strncmp("dh:",p,4) == 0)
 				{
@@ -434,6 +490,7 @@ bad:
 		BIO_printf(bio_err,"                the random number generator\n");
 		BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
 		BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
+		BIO_printf(bio_err," -newkey ecdsa:file generate a new ECDSA key, parameters taken from CA in 'file'\n");
 		BIO_printf(bio_err," -[digest]      Digest to sign with (md5, sha1, md2, mdc2, md4)\n");
 		BIO_printf(bio_err," -config file   request template file.\n");
 		BIO_printf(bio_err," -subj arg      set or modify request subject\n");
@@ -630,7 +687,7 @@ bad:
 			   message */
 			goto end;
 			}
-		if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA)
+		if (EVP_PKEY_type(pkey->type) == EVP_PKEY_DSA || EVP_PKEY_type(pkey->type) == EVP_PKEY_ECDSA)
 			{
 			char *randfile = NCONF_get_string(req_conf,SECTION,"RANDFILE");
 			if (randfile == NULL)
@@ -654,14 +711,15 @@ bad:
 				newkey=DEFAULT_KEY_LENGTH;
 			}
 
-		if (newkey < MIN_KEY_LENGTH)
+		if (newkey < MIN_KEY_LENGTH && (pkey_type == TYPE_RSA || pkey_type == TYPE_DSA))
+		/* TODO: appropriate minimal keylength for the different algorithm (esp. ECDSA) */
 			{
 			BIO_printf(bio_err,"private key length is too short,\n");
 			BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey);
 			goto end;
 			}
 		BIO_printf(bio_err,"Generating a %d bit %s private key\n",
-			newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA");
+			newkey,(pkey_type == TYPE_RSA)?"RSA":(pkey_type == TYPE_DSA)?"DSA":"ECDSA");
 
 		if ((pkey=EVP_PKEY_new()) == NULL) goto end;
 
@@ -683,6 +741,14 @@ bad:
 			dsa_params=NULL;
 			}
 #endif
+#ifndef OPENSSL_NO_ECDSA
+			if (pkey_type == TYPE_ECDSA)
+			{
+			if (!ECDSA_generate_key(ecdsa_params)) goto end;
+			if (!EVP_PKEY_assign_ECDSA(pkey, ecdsa_params)) goto end;
+			ecdsa_params = NULL;
+			}
+#endif
 
 		app_RAND_write_file(randfile, bio_err);
 
@@ -788,6 +854,10 @@ loop:
 #ifndef OPENSSL_NO_DSA
 		if (pkey->type == EVP_PKEY_DSA)
 			digest=EVP_dss1();
+#endif
+#ifndef OPENSSL_NO_ECDSA
+		if (pkey->type == EVP_PKEY_ECDSA)
+			digest=EVP_ecdsa();
 #endif
 		if (req == NULL)
 			{
@@ -1069,6 +1139,9 @@ end:
 	OBJ_cleanup();
 #ifndef OPENSSL_NO_DSA
 	if (dsa_params != NULL) DSA_free(dsa_params);
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	if (ecdsa_params != NULL) ECDSA_free(ecdsa_params);
 #endif
 	apps_shutdown();
 	EXIT(ex);

apps/s_server.c

@@ -705,7 +705,7 @@ bad:
 			}
 		}
 
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA)
+#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
 	if (nocert)
 #endif
 		{

apps/x509.c

@@ -245,7 +245,7 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-CAkeyform") == 0)
 			{
 			if (--argc < 1) goto bad;
-			CAkeyformat=str2fmt(*(++argv));
+			CAformat=str2fmt(*(++argv));
 			}
 		else if (strcmp(*argv,"-days") == 0)
 			{
@@ -869,6 +869,10 @@ bad:
 		                if (Upkey->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
 #endif
+#ifndef OPENSSL_NO_ECDSA
+				if (Upkey->type == EVP_PKEY_ECDSA)
+					digest=EVP_ecdsa();
+#endif
 
 				assert(need_rand);
 				if (!sign(x,Upkey,days,clrext,digest,
@@ -888,6 +892,10 @@ bad:
 		                if (CApkey->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
 #endif
+#ifndef OPENSSL_NO_ECDSA
+				if (CApkey->type == EVP_PKEY_ECDSA)
+					digest = EVP_ecdsa();
+#endif
 				
 				assert(need_rand);
 				if (!x509_certify(ctx,CAfile,digest,x,xca,
@@ -917,6 +925,8 @@ bad:
 
 		                if (pk->type == EVP_PKEY_DSA)
 		                        digest=EVP_dss1();
+				else if (pk->type == EVP_PKEY_ECDSA)
+					digest=EVP_ecdsa();
 
 				rq=X509_to_X509_REQ(x,pk,digest);
 				EVP_PKEY_free(pk);

config

@@ -390,30 +390,18 @@ exit 0
 
 # figure out if gcc is available and if so we use it otherwise
 # we fallback to whatever cc does on the system
-GCCVER=`(gcc -dumpversion) 2>/dev/null`
+GCCVER=`(gcc --version) 2>/dev/null`
 if [ "$GCCVER" != "" ]; then
   CC=gcc
-  # Since gcc 3.1 gcc --version behaviour has changed.  gcc -dumpversion
-  # does give us what we want though, so we use that.  We just just the
-  # major and minor version numbers.
+  # then strip off whatever prefix Cygnus prepends the number with...
+  GCCVER=`echo $GCCVER | sed 's/^[a-z]*\-//'`
   # peak single digit before and after first dot, e.g. 2.95.1 gives 29
   GCCVER=`echo $GCCVER | sed 's/\([0-9]\)\.\([0-9]\).*/\1\2/'`
 else
   CC=cc
 fi
 GCCVER=${GCCVER:-0}
-if [ "$SYSTEM" = "HP-UX" ];then
-  # By default gcc is a ILP32 compiler (with long long == 64).
-  GCC_BITS="32"
-  if [ $GCCVER -ge 30 ]; then
-    # PA64 support only came in with gcc 3.0.x.
-    # We look for the preprocessor symbol __LP64__ indicating
-    # 64bit bit long and pointer.  sizeof(int) == 32 on HPUX64.
-    if gcc -v -E -x c /dev/null 2>&1 | grep __LP64__ > /dev/null; then
-      GCC_BITS="64"
-    fi
-  fi
-fi
+
 if [ "$SYSTEM" = "SunOS" ]; then
   if [ $GCCVER -ge 30 ]; then
     # 64-bit ABI isn't officially supported in gcc 3.0, but it appears
@@ -671,16 +659,7 @@ EOF
   RM*-siemens-sysv4) OUT="ReliantUNIX" ;;
   *-siemens-sysv4) OUT="SINIX" ;;
   *-hpux1*)
-	if [ $CC = "gcc" ];
-	then
-	  if [ $GCC_BITS = "64" ]; then
-	    OUT="hpux64-parisc-gcc"
-	  else
-	    OUT="hpux-parisc-gcc"
-	  fi
-	else
-	  OUT="hpux-parisc-$CC"
-	fi
+	OUT="hpux-parisc-$CC"
 	KERNEL_BITS=`(getconf KERNEL_BITS) 2>/dev/null`
 	KERNEL_BITS=${KERNEL_BITS:-32}
 	CPU_VERSION=`(getconf CPU_VERSION) 2>/dev/null`

crypto/Makefile.ssl

@@ -28,7 +28,7 @@ LIBS=
 
 SDIRS=	md2 md5 sha mdc2 hmac ripemd \
 	des rc2 rc4 rc5 idea bf cast \
-	bn ec rsa dsa dh dso engine aes \
+	bn ec rsa dsa ecdsa dh dso engine aes \
 	buffer bio stack lhash rand err objects \
 	evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5
 
@@ -54,11 +54,11 @@ all: buildinf.h lib subdirs shared
 
 buildinf.h: ../Makefile.ssl
 	( echo "#ifndef MK1MF_BUILD"; \
-	echo '  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */'; \
-	echo '  #define CFLAGS "$(CC) $(CFLAG)"'; \
-	echo '  #define PLATFORM "$(PLATFORM)"'; \
+	echo "  /* auto-generated by crypto/Makefile.ssl for crypto/cversion.c */"; \
+	echo "  #define CFLAGS \"$(CC) $(CFLAG)\""; \
+	echo "  #define PLATFORM \"$(PLATFORM)\""; \
 	echo "  #define DATE \"`LC_ALL=C LC_TIME=C date`\""; \
-	echo '#endif' ) >buildinf.h
+	echo "#endif" ) >buildinf.h
 
 testapps:
 	if echo ${SDIRS} | fgrep ' des '; \
@@ -141,7 +141,7 @@ depend:
 	@for i in $(SDIRS) ;\
 	do \
 	(cd $$i && echo "making depend in crypto/$$i..." && \
-	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' PERL='${PERL}' depend ); \
+	$(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' DEPFLAG='${DEPFLAG}' depend ); \
 	done;
 
 clean:

crypto/aes/aes_cfb.c

@@ -137,7 +137,7 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
 	} else {
 		while (l--) {
 			if (n == 0) {
-				AES_encrypt(ivec, ivec, key);
+				AES_decrypt(ivec, ivec, key);
 			}
 			c = *(in);
 			*(out++) = *(in++) ^ ivec[n];

crypto/aes/aes_ctr.c

@@ -106,8 +106,8 @@ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
 
 	while (l--) {
 		if (n == 0) {
-			AES_encrypt(counter, tmp, key);
 			AES_ctr128_inc(counter);
+			AES_encrypt(counter, tmp, key);
 		}
 		*(out++) = *(in++) ^ tmp[n];
 		n = (n+1) % AES_BLOCK_SIZE;

crypto/asn1/Makefile.ssl

@@ -145,13 +145,14 @@ a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c
 a_digest.o: ../../e_os.h ../../include/openssl/asn1.h
-a_digest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_digest.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_digest.o: ../../include/openssl/opensslconf.h
+a_digest.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_digest.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+a_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+a_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_digest.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 a_digest.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -257,10 +258,12 @@ a_set.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 a_set.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 a_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_set.o: ../cryptlib.h a_set.c
-a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+a_sign.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 a_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 a_sign.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 a_sign.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 a_sign.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -270,18 +273,20 @@ a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 a_sign.o: ../cryptlib.h a_sign.c
-a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_strex.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-a_strex.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-a_strex.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-a_strex.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-a_strex.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-a_strex.o: ../../include/openssl/x509_vfy.h a_strex.c charmap.h
+a_strex.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+a_strex.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_strex.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_strex.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+a_strex.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
+a_strex.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_strex.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+a_strex.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+a_strex.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+a_strex.o: a_strex.c charmap.h
 a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h
 a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 a_strnid.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -326,13 +331,14 @@ a_utf8.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 a_utf8.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 a_utf8.o: ../cryptlib.h a_utf8.c
 a_verify.o: ../../e_os.h ../../include/openssl/asn1.h
-a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_verify.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_verify.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-a_verify.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-a_verify.o: ../../include/openssl/opensslconf.h
+a_verify.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+a_verify.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_verify.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+a_verify.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+a_verify.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 a_verify.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -347,11 +353,10 @@ asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c
 asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
-asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_lib.o: ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c
@@ -365,14 +370,15 @@ asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c
 asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h
-asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-asn_moid.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-asn_moid.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-asn_moid.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-asn_moid.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-asn_moid.o: ../../include/openssl/opensslconf.h
+asn_moid.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+asn_moid.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+asn_moid.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+asn_moid.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+asn_moid.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+asn_moid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 asn_moid.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -387,10 +393,12 @@ asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c
-d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h
+d2i_pr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 d2i_pr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+d2i_pr.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -398,10 +406,12 @@ d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 d2i_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 d2i_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 d2i_pr.o: ../cryptlib.h d2i_pr.c
-d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h
+d2i_pu.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 d2i_pu.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+d2i_pu.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -442,10 +452,12 @@ f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c
-i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h
+i2d_pr.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 i2d_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 i2d_pr.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 i2d_pr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+i2d_pr.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -453,10 +465,12 @@ i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 i2d_pr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 i2d_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 i2d_pr.o: ../cryptlib.h i2d_pr.c
-i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h
+i2d_pu.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 i2d_pu.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+i2d_pu.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -469,7 +483,8 @@ n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
 n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 n_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
 n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -482,7 +497,8 @@ nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 nsseq.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 nsseq.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 nsseq.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-nsseq.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+nsseq.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
 nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -495,6 +511,7 @@ p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 p5_pbe.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 p5_pbe.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p5_pbe.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -509,6 +526,7 @@ p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 p5_pbev2.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 p5_pbev2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p5_pbev2.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -523,6 +541,7 @@ p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 p8_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 p8_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+p8_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -533,24 +552,28 @@ p8_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 p8_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 p8_pkey.o: ../cryptlib.h p8_pkey.c
 t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h
-t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-t_bitst.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-t_bitst.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-t_bitst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-t_bitst.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-t_bitst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-t_bitst.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-t_bitst.o: ../../include/openssl/x509v3.h ../cryptlib.h t_bitst.c
-t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_bitst.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+t_bitst.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+t_bitst.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+t_bitst.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+t_bitst.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+t_bitst.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_bitst.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_bitst.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+t_bitst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+t_bitst.o: ../cryptlib.h t_bitst.c
+t_crl.o: ../../e_os.h ../../include/openssl/asn1.h
+t_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_crl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+t_crl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
 t_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 t_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -560,20 +583,24 @@ t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 t_crl.o: ../cryptlib.h t_crl.c
-t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
+t_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 t_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
 t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
 t_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 t_pkey.o: ../../include/openssl/symhacks.h ../cryptlib.h t_pkey.c
-t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_req.o: ../../e_os.h ../../include/openssl/asn1.h
+t_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_req.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_req.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
 t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -583,10 +610,12 @@ t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 t_req.o: ../cryptlib.h t_req.c
-t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_spki.o: ../../e_os.h ../../include/openssl/asn1.h
+t_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 t_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -596,11 +625,13 @@ t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 t_spki.o: ../cryptlib.h t_spki.c
-t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509.o: ../../e_os.h ../../include/openssl/asn1.h
+t_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 t_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+t_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
 t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -611,18 +642,20 @@ t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
 t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
 t_x509.o: ../cryptlib.h t_x509.c
 t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h
-t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-t_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-t_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
-t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h t_x509a.c
+t_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509a.o: ../cryptlib.h t_x509a.c
 tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -677,7 +710,8 @@ x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_algor.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 x_algor.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_algor.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
 x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -691,6 +725,7 @@ x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_attrib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_attrib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_attrib.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -714,6 +749,7 @@ x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_crl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_crl.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -727,7 +763,8 @@ x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
 x_exten.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 x_exten.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 x_exten.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/evp.h
+x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h
 x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -736,10 +773,12 @@ x_exten.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 x_exten.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 x_exten.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_exten.o: x_exten.c
-x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_info.o: ../../e_os.h ../../include/openssl/asn1.h
+x_info.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_info.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_info.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -763,6 +802,7 @@ x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_name.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_name.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_name.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -773,24 +813,26 @@ x_name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 x_name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 x_name.o: ../cryptlib.h x_name.c
 x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-x_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-x_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
-x_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-x_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-x_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-x_pkey.o: ../cryptlib.h x_pkey.c
+x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
+x_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+x_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
+x_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+x_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c
 x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h
 x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_pubkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_pubkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_pubkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_pubkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -805,6 +847,7 @@ x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_req.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -819,6 +862,7 @@ x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_sig.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_sig.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_sig.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_sig.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -833,6 +877,7 @@ x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -847,6 +892,7 @@ x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_val.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_val.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_val.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_val.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
@@ -861,7 +907,8 @@ x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 x_x509.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_x509.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
 x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
@@ -876,6 +923,7 @@ x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 x_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 x_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+x_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
 x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h

crypto/asn1/a_bitstr.c

@@ -71,6 +71,8 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
 	if (a == NULL) return(0);
 
 	len=a->length;
+	ret=1+len;
+	if (pp == NULL) return(ret);
 
 	if (len > 0)
 		{
@@ -98,10 +100,6 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
 		}
 	else
 		bits=0;
-
-	ret=1+len;
-	if (pp == NULL) return(ret);
-
 	p= *pp;
 
 	*(p++)=(unsigned char)bits;

crypto/asn1/a_enum.c

@@ -151,17 +151,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
 	else ret->type=V_ASN1_ENUMERATED;
 	j=BN_num_bits(bn);
 	len=((j == 0)?0:((j/8)+1));
-	if (ret->length < len+4)
-		{
-		unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
-		if (!new_data)
-			{
-			ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		ret->data=new_data;
-		}
-
+	ret->data=(unsigned char *)OPENSSL_malloc(len+4);
 	ret->length=BN_bn2bin(bn,ret->data);
 	return(ret);
 err:

crypto/asn1/a_int.c

@@ -397,16 +397,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
 	else ret->type=V_ASN1_INTEGER;
 	j=BN_num_bits(bn);
 	len=((j == 0)?0:((j/8)+1));
-	if (ret->length < len+4)
-		{
-		unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
-		if (!new_data)
-			{
-			ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
-			goto err;
-			}
-		ret->data=new_data;
-		}
+	ret->data=(unsigned char *)OPENSSL_malloc(len+4);
 	ret->length=BN_bn2bin(bn,ret->data);
 	/* Correct zero case */
 	if(!ret->length)

crypto/asn1/a_set.c

@@ -118,7 +118,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
 		}
 
         pStart  = p; /* Catch the beg of Setblobs*/
-        if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array
+        rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)); /* In this array
 we will store the SET blobs */
 
         for (i=0; i<sk_num(a); i++)
@@ -135,7 +135,7 @@ SetBlob
  /* Now we have to sort the blobs. I am using a simple algo.
     *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
         qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
-        if (!(pTempMem = OPENSSL_malloc(totSize))) return 0;
+        pTempMem = OPENSSL_malloc(totSize);
 
 /* Copy to temp mem */
         p = pTempMem;

crypto/asn1/a_strex.c

@@ -77,8 +77,8 @@
 /* Three IO functions for sending data to memory, a BIO and
  * and a FILE pointer.
  */
-#if 0				/* never used */
-static int send_mem_chars(void *arg, const void *buf, int len)
+
+int send_mem_chars(void *arg, const void *buf, int len)
 {
 	unsigned char **out = arg;
 	if(!out) return 1;
@@ -86,16 +86,15 @@ static int send_mem_chars(void *arg, const void *buf, int len)
 	*out += len;
 	return 1;
 }
-#endif
 
-static int send_bio_chars(void *arg, const void *buf, int len)
+int send_bio_chars(void *arg, const void *buf, int len)
 {
 	if(!arg) return 1;
 	if(BIO_write(arg, buf, len) != len) return 0;
 	return 1;
 }
 
-static int send_fp_chars(void *arg, const void *buf, int len)
+int send_fp_chars(void *arg, const void *buf, int len)
 {
 	if(!arg) return 1;
 	if(fwrite(buf, 1, len, arg) != (unsigned int)len) return 0;
@@ -241,7 +240,7 @@ static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen
  * #01234 format.
  */
 
-static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
+int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
 {
 	/* Placing the ASN1_STRING in a temp ASN1_TYPE allows
 	 * the DER encoding to readily obtained

crypto/asn1/a_utctm.c

@@ -222,7 +222,6 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
 int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
 	{
 	struct tm *tm;
-	struct tm data;
 	int offset;
 	int year;
 
@@ -239,7 +238,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
 
 	t -= offset*60; /* FIXME: may overflow in extreme cases */
 
-	tm = OPENSSL_gmtime(&t, &data);
+	{ struct tm data; tm = OPENSSL_gmtime(&t, &data); }
 	
 #define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
 	year = g2(s->data);

crypto/asn1/asn1.h

@@ -773,7 +773,6 @@ int 	ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
 int 	ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
 
 DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
-DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
 DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
 DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
 DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
@@ -1009,12 +1008,13 @@ void ERR_load_ASN1_strings(void);
 #define ASN1_F_D2I_X509_PKEY				 159
 #define ASN1_F_I2D_ASN1_TIME				 160
 #define ASN1_F_I2D_DSA_PUBKEY				 161
+#define ASN1_F_I2D_ECDSA_PUBKEY				 174
 #define ASN1_F_I2D_NETSCAPE_RSA				 162
 #define ASN1_F_I2D_PRIVATEKEY				 163
 #define ASN1_F_I2D_PUBLICKEY				 164
 #define ASN1_F_I2D_RSA_PUBKEY				 165
 #define ASN1_F_LONG_C2I					 166
-#define ASN1_F_OID_MODULE_INIT				 174
+#define ASN1_F_OID_MODULE_INIT				 175
 #define ASN1_F_PKCS5_PBE2_SET				 167
 #define ASN1_F_X509_CINF_NEW				 168
 #define ASN1_F_X509_CRL_ADD0_REVOKED			 169

crypto/asn1/asn1_err.c

@@ -1,6 +1,6 @@
 /* crypto/asn1/asn1_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -128,6 +128,7 @@ static ERR_STRING_DATA ASN1_str_functs[]=
 {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0),	"d2i_X509_PKEY"},
 {ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0),	"I2D_ASN1_TIME"},
 {ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0),	"i2d_DSA_PUBKEY"},
+{ERR_PACK(0,ASN1_F_I2D_ECDSA_PUBKEY,0),	"i2d_ECDSA_PUBKEY"},
 {ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0),	"i2d_Netscape_RSA"},
 {ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0),	"i2d_PrivateKey"},
 {ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0),	"i2d_PublicKey"},

crypto/asn1/asn1_lib.c

@@ -59,7 +59,6 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
 
 static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
 static void asn1_put_length(unsigned char **pp, int length);

crypto/asn1/d2i_pr.c

@@ -68,6 +68,9 @@
 #ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
 
 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
 	     long length)
@@ -107,6 +110,16 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
 			goto err;
 			}
 		break;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	case EVP_PKEY_ECDSA:
+		if ((ret->pkey.ecdsa = d2i_ECDSAPrivateKey(NULL, 
+			(const unsigned char **)pp, length)) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
+			goto err;
+			}
+		break;
 #endif
 	default:
 		ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
@@ -138,7 +151,10 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
 	/* Since we only need to discern "traditional format" RSA and DSA
 	 * keys we can just count the elements.
          */
-	if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA;
+	if(sk_ASN1_TYPE_num(inkey) == 6) 
+		keytype = EVP_PKEY_DSA;
+	else if (sk_ASN1_TYPE_num(inkey) == 4)
+		keytype = EVP_PKEY_ECDSA;
 	else keytype = EVP_PKEY_RSA;
 	sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
 	return d2i_PrivateKey(keytype, a, pp, length);

crypto/asn1/d2i_pu.c

@@ -68,6 +68,9 @@
 #ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
 
 EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
 	     long length)
@@ -100,13 +103,23 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
 #endif
 #ifndef OPENSSL_NO_DSA
 	case EVP_PKEY_DSA:
-		if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,
+		if ((ret->pkey.dsa=d2i_DSAPublicKey(&(ret->pkey.dsa),
 			(const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
 			{
 			ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
 			goto err;
 			}
 		break;
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	case EVP_PKEY_ECDSA:
+		if ((ret->pkey.ecdsa = ECDSAPublicKey_set_octet_string(&(ret->pkey.ecdsa), 
+			(const unsigned char **)pp, length)) == NULL)
+			{
+			ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
+			goto err;
+			}
+	break;
 #endif
 	default:
 		ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);

crypto/asn1/i2d_pr.c

@@ -67,6 +67,9 @@
 #ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
 
 int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
 	{
@@ -83,6 +86,12 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
 		return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
 		}
 #endif
+#ifndef OPENSSL_NO_ECDSA
+	if (a->type == EVP_PKEY_ECDSA)
+		{
+		return(i2d_ECDSAPrivateKey(a->pkey.ecdsa, pp));
+		}
+#endif
 
 	ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
 	return(-1);

crypto/asn1/i2d_pu.c

@@ -67,6 +67,9 @@
 #ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
 
 int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
 	{
@@ -79,6 +82,10 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
 #ifndef OPENSSL_NO_DSA
 	case EVP_PKEY_DSA:
 		return(i2d_DSAPublicKey(a->pkey.dsa,pp));
+#endif
+#ifndef OPENSSL_NO_ECDSA
+	case EVP_PKEY_ECDSA:
+		return(ECDSAPublicKey_get_octet_string(a->pkey.ecdsa, pp));
 #endif
 	default:
 		ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);

crypto/asn1/n_pkey.c

@@ -92,8 +92,6 @@ ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
 	ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
 } ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
 
-DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY,NETSCAPE_ENCRYPTED_PKEY)
 IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
 
 ASN1_SEQUENCE(NETSCAPE_PKEY) = {
@@ -102,8 +100,6 @@ ASN1_SEQUENCE(NETSCAPE_PKEY) = {
 	ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
 } ASN1_SEQUENCE_END(NETSCAPE_PKEY)
 
-DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
-DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
 IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
 
 static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,

crypto/asn1/t_pkey.c

@@ -69,26 +69,29 @@
 #ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
 
 static int print(BIO *fp,const char *str,BIGNUM *num,
 		unsigned char *buf,int off);
 #ifndef OPENSSL_NO_RSA
 #ifndef OPENSSL_NO_FP_API
 int RSA_print_fp(FILE *fp, const RSA *x, int off)
-        {
-        BIO *b;
-        int ret;
+	{
+	BIO *b;
+	int ret;
 
-        if ((b=BIO_new(BIO_s_file())) == NULL)
+	if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
 		RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
+		return(0);
 		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=RSA_print(b,x,off);
-        BIO_free(b);
-        return(ret);
-        }
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=RSA_print(b,x,off);
+	BIO_free(b);
+	return(ret);
+	}
 #endif
 
 int RSA_print(BIO *bp, const RSA *x, int off)
@@ -209,6 +212,150 @@ err:
 	}
 #endif /* !OPENSSL_NO_DSA */
 
+#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_FP_API
+int ECDSA_print_fp(FILE *fp, const ECDSA *x, int off)
+{
+	BIO *b;
+	int ret;
+ 
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_PRINT_FP, ERR_R_BIO_LIB);
+		return(0);
+	}
+	BIO_set_fp(b, fp, BIO_NOCLOSE);
+	ret = ECDSA_print(b, x, off);
+	BIO_free(b);
+	return(ret);
+}
+#endif
+
+int ECDSA_print(BIO *bp, const ECDSA *x, int off)
+	{
+	char str[128];
+	unsigned char *buffer=NULL;
+	int     i, buf_len=0, ret=0, reason=ERR_R_BIO_LIB;
+	BIGNUM  *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL,
+		*tmp_4=NULL, *tmp_5=NULL, *tmp_6=NULL,
+		*tmp_7=NULL;
+	BN_CTX  *ctx=NULL;
+	EC_POINT *point=NULL;
+ 
+	/* TODO: fields other than prime fields */
+       
+	if (!x || !x->group)
+		{
+		reason = ECDSA_R_MISSING_PARAMETERS;
+		goto err;
+		}
+	if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL ||
+		(tmp_3 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL ||
+		(tmp_6 = BN_new()) == NULL || (tmp_7 = BN_new()) == NULL)
+		{
+		reason = ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+	if (!EC_GROUP_get_curve_GFp(x->group, tmp_1, tmp_2, tmp_3, ctx))
+		{
+		reason = ERR_R_EC_LIB;
+		goto err;
+		}
+	if ((point = EC_GROUP_get0_generator(x->group)) == NULL)
+		{
+		reason = ERR_R_EC_LIB;
+		goto err;
+		}
+	if (!EC_GROUP_get_order(x->group, tmp_6, NULL) || !EC_GROUP_get_cofactor(x->group, tmp_7, NULL))
+		{
+		reason = ERR_R_EC_LIB;
+		goto err;
+		}
+	if ((buf_len = EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), NULL, 0, ctx)) == 0)
+		{
+		reason = ECDSA_R_UNEXPECTED_PARAMETER_LENGTH;
+		goto err;
+		}
+	if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
+		{
+		reason = ERR_R_MALLOC_FAILURE;
+		goto err;
+		}
+	if (!EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), 
+				buffer, buf_len, ctx)) goto err;
+	if ((tmp_4 = BN_bin2bn(buffer, buf_len, NULL)) == NULL)
+		{
+		reason = ERR_R_BN_LIB;
+		goto err;
+		}
+	if ((i = EC_POINT_point2oct(x->group, x->pub_key, ECDSA_get_conversion_form(x), NULL, 0, ctx)) == 0)
+		{
+		reason = ECDSA_R_UNEXPECTED_PARAMETER_LENGTH;
+		goto err;
+		}
+	if (i > buf_len && (buffer = OPENSSL_realloc(buffer, i)) == NULL)
+		{
+		reason = ERR_R_MALLOC_FAILURE;
+		buf_len = i;
+		goto err;
+		}
+	if (!EC_POINT_point2oct(x->group, x->pub_key, ECDSA_get_conversion_form(x), 
+				buffer, buf_len, ctx))
+		{
+		reason = ERR_R_EC_LIB;
+		goto err;
+		}
+	if ((tmp_5 = BN_bin2bn(buffer, buf_len, NULL)) == NULL)
+		{
+		reason = ERR_R_BN_LIB;
+		goto err;
+		}
+	if (tmp_1 != NULL)
+		i = BN_num_bytes(tmp_1)*2;
+	else
+		i=256;
+	if ((i + 10) > buf_len && (buffer = OPENSSL_realloc(buffer, i+10)) == NULL)
+		{
+		reason = ERR_R_MALLOC_FAILURE;
+		buf_len = i;
+		goto err;
+		}
+	if (off)
+		{
+		if (off > 128) off=128;
+		memset(str,' ',off);
+		}
+	if (x->priv_key != NULL)
+		{
+		if (off && (BIO_write(bp, str, off) <= 0)) goto err;
+		if (BIO_printf(bp, "Private-Key: (%d bit)\n", BN_num_bits(tmp_1)) <= 0) goto err;
+		}
+  
+	if ((x->priv_key != NULL) && !print(bp, "priv:", x->priv_key, buffer, off)) goto err;
+	if ((tmp_5 != NULL) && !print(bp, "pub: ", tmp_5, buffer, off)) goto err;
+	if ((tmp_1 != NULL) && !print(bp, "P:   ", tmp_1, buffer, off)) goto err;
+	if ((tmp_2 != NULL) && !print(bp, "A:   ", tmp_2, buffer, off)) goto err;
+	if ((tmp_3 != NULL) && !print(bp, "B:   ", tmp_3, buffer, off)) goto err;
+	if ((tmp_4 != NULL) && !print(bp, "Gen: ", tmp_4, buffer, off)) goto err;
+	if ((tmp_6 != NULL) && !print(bp, "Order: ", tmp_6, buffer, off)) goto err;
+	if ((tmp_7 != NULL) && !print(bp, "Cofactor: ", tmp_7, buffer, off)) goto err;
+	ret=1;
+err:
+	if (!ret)
+ 		ECDSAerr(ECDSA_F_ECDSA_PRINT, reason);
+	if (tmp_1) BN_free(tmp_1);
+	if (tmp_2) BN_free(tmp_2);
+	if (tmp_3) BN_free(tmp_3);
+	if (tmp_4) BN_free(tmp_4);
+	if (tmp_5) BN_free(tmp_5);
+	if (tmp_6) BN_free(tmp_6);
+	if (tmp_7) BN_free(tmp_7);
+	if (ctx)   BN_CTX_free(ctx);
+	if (buffer != NULL) OPENSSL_free(buffer);
+	return(ret);
+	}
+#endif
+
 static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
 	     int off)
 	{
@@ -262,20 +409,20 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
 #ifndef OPENSSL_NO_DH
 #ifndef OPENSSL_NO_FP_API
 int DHparams_print_fp(FILE *fp, const DH *x)
-        {
-        BIO *b;
-        int ret;
+	{
+	BIO *b;
+	int ret;
 
-        if ((b=BIO_new(BIO_s_file())) == NULL)
+	if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
 		DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
+		return(0);
 		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=DHparams_print(b, x);
-        BIO_free(b);
-        return(ret);
-        }
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=DHparams_print(b, x);
+	BIO_free(b);
+	return(ret);
+	}
 #endif
 
 int DHparams_print(BIO *bp, const DH *x)
@@ -315,20 +462,20 @@ err:
 #ifndef OPENSSL_NO_DSA
 #ifndef OPENSSL_NO_FP_API
 int DSAparams_print_fp(FILE *fp, const DSA *x)
-        {
-        BIO *b;
-        int ret;
+	{
+	BIO *b;
+	int ret;
 
-        if ((b=BIO_new(BIO_s_file())) == NULL)
+	if ((b=BIO_new(BIO_s_file())) == NULL)
 		{
 		DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
-                return(0);
+		return(0);
 		}
-        BIO_set_fp(b,fp,BIO_NOCLOSE);
-        ret=DSAparams_print(b, x);
-        BIO_free(b);
-        return(ret);
-        }
+	BIO_set_fp(b,fp,BIO_NOCLOSE);
+	ret=DSAparams_print(b, x);
+	BIO_free(b);
+	return(ret);
+	}
 #endif
 
 int DSAparams_print(BIO *bp, const DSA *x)
@@ -359,3 +506,95 @@ err:
 
 #endif /* !OPENSSL_NO_DSA */
 
+#ifndef OPENSSL_NO_ECDSA
+#ifndef OPENSSL_NO_FP_API
+int ECDSAParameters_print_fp(FILE *fp, const ECDSA *x)
+	{
+	BIO *b;
+	int ret;
+ 
+	if ((b=BIO_new(BIO_s_file())) == NULL)
+	{
+		ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
+		return(0);
+	}
+	BIO_set_fp(b, fp, BIO_NOCLOSE);
+	ret = ECDSAParameters_print(b, x);
+	BIO_free(b);
+	return(ret);
+	}
+#endif
+
+int ECDSAParameters_print(BIO *bp, const ECDSA *x)
+       {
+       unsigned char *buffer=NULL;
+       int     buf_len;
+       int     reason=ERR_R_EC_LIB, i, ret=0;
+       BIGNUM  *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL, *tmp_4=NULL,
+               *tmp_5=NULL, *tmp_6=NULL;
+       BN_CTX  *ctx=NULL;
+       EC_POINT *point=NULL;
+ 
+       /* TODO: fields other than prime fields */
+       if (!x || !x->group)
+       {
+		reason = ECDSA_R_MISSING_PARAMETERS;
+		goto err;
+       }
+       if ((tmp_1 = BN_new()) == NULL || (tmp_2 = BN_new()) == NULL ||
+	   (tmp_3 = BN_new()) == NULL || (tmp_5 = BN_new()) == NULL ||
+           (tmp_6 = BN_new()) == NULL || (ctx = BN_CTX_new()) == NULL)
+       {
+		reason = ERR_R_MALLOC_FAILURE;
+		goto err;
+	}
+	if (!EC_GROUP_get_curve_GFp(x->group, tmp_1, tmp_2, tmp_3, ctx)) goto err;
+	if ((point = EC_GROUP_get0_generator(x->group)) == NULL) goto err;
+	if (!EC_GROUP_get_order(x->group, tmp_5, ctx)) goto err;
+	if (!EC_GROUP_get_cofactor(x->group, tmp_6, ctx)) goto err;	
+	buf_len = EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), NULL, 0, ctx);
+	if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL)
+	{
+		reason = ERR_R_MALLOC_FAILURE;
+		goto err;
+	}
+	if (!EC_POINT_point2oct(x->group, point, ECDSA_get_conversion_form(x), buffer, buf_len, ctx))
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	if ((tmp_4 = BN_bin2bn(buffer, buf_len, NULL)) == NULL)
+	{
+		reason = ERR_R_BN_LIB;
+		goto err;
+	}
+  
+	i = BN_num_bits(tmp_1) + 10;
+	if (i > buf_len && (buffer = OPENSSL_realloc(buffer, i)) == NULL)
+	{
+		reason=ERR_R_MALLOC_FAILURE;
+		goto err;
+	}
+ 
+	if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n", BN_num_bits(tmp_1)) <= 0) goto err;
+	if (!print(bp, "Prime p:", tmp_1, buffer, 4)) goto err;
+	if (!print(bp, "Curve a:", tmp_2, buffer, 4)) goto err;
+	if (!print(bp, "Curve b:", tmp_3, buffer, 4)) goto err;
+	if (!print(bp, "Generator (compressed):", tmp_4, buffer, 4)) goto err; 
+	if (!print(bp, "Order:", tmp_5, buffer, 4)) goto err;
+	if (!print(bp, "Cofactor:", tmp_6, buffer, 4)) goto err;
+	ret=1;
+err:
+	if (tmp_1)  BN_free(tmp_1);
+	if (tmp_2)  BN_free(tmp_2);
+	if (tmp_3)  BN_free(tmp_3);
+	if (tmp_4)  BN_free(tmp_4);
+	if (tmp_5)  BN_free(tmp_5);
+	if (tmp_6)  BN_free(tmp_6);
+	if (ctx)    BN_CTX_free(ctx);
+	if (buffer) OPENSSL_free(buffer);
+	ECDSAerr(ECDSA_F_ECDSAPARAMETERS_PRINT, reason);
+	return(ret);
+	}
+  
+#endif

crypto/asn1/t_req.c

@@ -134,6 +134,15 @@ int X509_REQ_print(BIO *bp, X509_REQ *x)
 		}
 	else
 #endif
+#ifndef OPENSSL_NO_ECDSA
+		if (pkey != NULL && pkey->type == EVP_PKEY_ECDSA)
+		{
+			BIO_printf(bp, "%12sECDSA Public Key: \n","");
+			ECDSA_print(bp, pkey->pkey.ecdsa, 16);
+		}
+	else
+#endif
+
 		BIO_printf(bp,"%12sUnknown Public Key:\n","");
 
 	if (pkey != NULL)

crypto/asn1/t_spki.c

@@ -93,6 +93,15 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
 		}
 		else
 #endif
+#ifndef OPENSSL_NO_ECDSA
+		if (pkey->type == EVP_PKEY_ECDSA)
+		{
+			BIO_printf(out, "  ECDSA Public Key:\n");
+			ECDSA_print(out, pkey->pkey.ecdsa,2);
+		}
+		else
+#endif
+
 			BIO_printf(out,"  Unknown Public Key:\n");
 		EVP_PKEY_free(pkey);
 	}

crypto/asn1/t_x509.c

@@ -66,6 +66,9 @@
 #ifndef OPENSSL_NO_DSA
 #include <openssl/dsa.h>
 #endif
+#ifndef OPENSSL_NO_ECDSA
+#include <openssl/ecdsa.h>
+#endif
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
@@ -228,6 +231,14 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
 			DSA_print(bp,pkey->pkey.dsa,16);
 			}
 		else
+#endif
+#ifndef OPENSSL_NO_ECDSA
+		if (pkey->type == EVP_PKEY_ECDSA)
+			{
+			BIO_printf(bp, "%12sECDSA Public Key:\n","");
+			ECDSA_print(bp, pkey->pkey.ecdsa, 16);
+			}
+		else
 #endif
 			BIO_printf(bp,"%12sUnknown Public Key:\n","");
 

crypto/asn1/x_pubkey.c

@@ -63,13 +63,14 @@
 
 /* Minor tweak to operation: free up EVP_PKEY */
 static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
-{
-	if(operation == ASN1_OP_FREE_POST) {
+	{
+	if (operation == ASN1_OP_FREE_POST)
+		{
 		X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
 		EVP_PKEY_free(pubkey->pkey);
-	}
+		}
 	return 1;
-}
+	}
 
 ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
 	ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
@@ -108,18 +109,17 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 			a->parameter->type=V_ASN1_NULL;
 			}
 		}
-	else
 #ifndef OPENSSL_NO_DSA
-		if (pkey->type == EVP_PKEY_DSA)
+	else if (pkey->type == EVP_PKEY_DSA)
 		{
 		unsigned char *pp;
 		DSA *dsa;
-
+		
 		dsa=pkey->pkey.dsa;
 		dsa->write_params=0;
 		ASN1_TYPE_free(a->parameter);
 		i=i2d_DSAparams(dsa,NULL);
-		if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
+		p=(unsigned char *)OPENSSL_malloc(i);
 		pp=p;
 		i2d_DSAparams(dsa,&pp);
 		a->parameter=ASN1_TYPE_new();
@@ -128,19 +128,68 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
 		ASN1_STRING_set(a->parameter->value.sequence,p,i);
 		OPENSSL_free(p);
 		}
-	else
 #endif
+#ifndef OPENSSL_NO_ECDSA
+	else if (pkey->type == EVP_PKEY_ECDSA)
+		{
+		int nid=0;
+		unsigned char *pp;
+		ECDSA *ecdsa;
+		
+		ecdsa = pkey->pkey.ecdsa;
+		ASN1_TYPE_free(a->parameter);
+
+		if ((a->parameter = ASN1_TYPE_new()) == NULL)
+			{
+			X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
+			goto err;
+			}
+
+		if ((ECDSA_get_parameter_flags(ecdsa) & ECDSA_FLAG_NAMED_CURVE) && (nid = EC_GROUP_get_nid(ecdsa->group)))
+			{
+			/* just set the OID */
+			a->parameter->type = V_ASN1_OBJECT;
+			a->parameter->value.object = OBJ_nid2obj(nid);
+			}
+		else /* explicit parameters */
+			{
+			if ((i = i2d_ECDSAParameters(ecdsa, NULL)) == 0)
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB);
+				goto err;
+				}
+			if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
+				goto err;
+				}	
+			pp = p;
+			if (!i2d_ECDSAParameters(ecdsa, &pp))
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_ECDSA_LIB);
+				OPENSSL_free(p);
+				goto err;
+				}
+			a->parameter->type = V_ASN1_SEQUENCE;
+			if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
+				{
+				X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
+				OPENSSL_free(p);
+				goto err;
+				}
+			ASN1_STRING_set(a->parameter->value.sequence, p, i);
+			OPENSSL_free(p);
+			}
+		}
+#endif
+	else if (1)
 		{
 		X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
 		goto err;
 		}
 
 	if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
-	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
-		{
-		X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
-		goto err;
-		}
+	if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL) goto err;
 	p=s;
 	i2d_PublicKey(pkey,&p);
 	if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
@@ -173,7 +222,7 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	long j;
 	int type;
 	unsigned char *p;
-#ifndef OPENSSL_NO_DSA
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
 	const unsigned char *cp;
 	X509_ALGOR *a;
 #endif
@@ -181,40 +230,97 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
 	if (key == NULL) goto err;
 
 	if (key->pkey != NULL)
-	    {
-	    CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
-	    return(key->pkey);
-	    }
+		{
+		CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
+		return(key->pkey);
+		}
 
 	if (key->public_key == NULL) goto err;
 
 	type=OBJ_obj2nid(key->algor->algorithm);
-	p=key->public_key->data;
-        j=key->public_key->length;
-        if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
+	if ((ret = EVP_PKEY_new()) == NULL)
 		{
-		X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
+		X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
 		goto err;
 		}
-	ret->save_parameters=0;
+	ret->type = EVP_PKEY_type(type);
 
-#ifndef OPENSSL_NO_DSA
+	/* the parameters must be extracted before the public key (ECDSA!) */
+	
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
 	a=key->algor;
-	if (ret->type == EVP_PKEY_DSA)
+#endif
+
+	if (0)
+		;
+#ifndef OPENSSL_NO_DSA
+	else if (ret->type == EVP_PKEY_DSA)
 		{
 		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
 			{
+			if ((ret->pkey.dsa = DSA_new()) == NULL)
+				{
+				X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
 			ret->pkey.dsa->write_params=0;
 			cp=p=a->parameter->value.sequence->data;
 			j=a->parameter->value.sequence->length;
-			if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
+			if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
 				goto err;
 			}
 		ret->save_parameters=1;
 		}
 #endif
-	key->pkey=ret;
-	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
+#ifndef OPENSSL_NO_ECDSA
+	else if (ret->type == EVP_PKEY_ECDSA)
+		{
+		if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
+			{
+			/* type == V_ASN1_SEQUENCE => we have explicit parameters
+                         * (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
+			 */
+			if ((ret->pkey.ecdsa= ECDSA_new()) == NULL)
+				{
+				X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
+				goto err;
+				}
+			cp = p = a->parameter->value.sequence->data;
+			j = a->parameter->value.sequence->length;
+			if (!d2i_ECDSAParameters(&ret->pkey.ecdsa, &cp, (long)j))
+				{
+				X509err(X509_F_X509_PUBKEY_GET, ERR_R_ECDSA_LIB);
+				goto err;
+				}
+			}
+		else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
+			{
+			/* type == V_ASN1_OBJECT => the parameters are given
+			 * by an asn1 OID
+			 */
+			if (ret->pkey.ecdsa == NULL)
+				ret->pkey.ecdsa = ECDSA_new();
+			if (ret->pkey.ecdsa->group)
+				EC_GROUP_free(ret->pkey.ecdsa->group);
+			ret->pkey.ecdsa->parameter_flags |= ECDSA_FLAG_NAMED_CURVE;
+			if ((ret->pkey.ecdsa->group = EC_GROUP_new_by_name(OBJ_obj2nid(a->parameter->value.object))) == NULL)
+				goto err;
+			}
+			/* the case implicitlyCA is currently not implemented */
+		ret->save_parameters = 1;
+		}
+#endif
+
+	p=key->public_key->data;
+        j=key->public_key->length;
+        if ((ret = d2i_PublicKey(type, &ret, &p, (long)j)) == NULL)
+		{
+		X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
+		goto err;
+		}
+
+	key->pkey = ret;
+	CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
 	return(ret);
 err:
 	if (ret != NULL)
@@ -228,7 +334,7 @@ err:
 
 EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
 	     long length)
-{
+	{
 	X509_PUBKEY *xpk;
 	EVP_PKEY *pktmp;
 	xpk = d2i_X509_PUBKEY(NULL, pp, length);
@@ -236,15 +342,16 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
 	pktmp = X509_PUBKEY_get(xpk);
 	X509_PUBKEY_free(xpk);
 	if(!pktmp) return NULL;
-	if(a) {
+	if(a)
+		{
 		EVP_PKEY_free(*a);
 		*a = pktmp;
-	}
+		}
 	return pktmp;
-}
+	}
 
 int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
-{
+	{
 	X509_PUBKEY *xpk=NULL;
 	int ret;
 	if(!a) return 0;
@@ -252,7 +359,7 @@ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
 	ret = i2d_X509_PUBKEY(xpk, pp);
 	X509_PUBKEY_free(xpk);
 	return ret;
-}
+	}
 
 /* The following are equivalents but which return RSA and DSA
  * keys
@@ -260,75 +367,117 @@ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
 #ifndef OPENSSL_NO_RSA
 RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
 	     long length)
-{
+	{
 	EVP_PKEY *pkey;
 	RSA *key;
 	unsigned char *q;
 	q = *pp;
 	pkey = d2i_PUBKEY(NULL, &q, length);
-	if(!pkey) return NULL;
+	if (!pkey) return NULL;
 	key = EVP_PKEY_get1_RSA(pkey);
 	EVP_PKEY_free(pkey);
-	if(!key) return NULL;
+	if (!key) return NULL;
 	*pp = q;
-	if(a) {
+	if (a)
+		{
 		RSA_free(*a);
 		*a = key;
-	}
+		}
 	return key;
-}
+	}
 
 int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
-{
+	{
 	EVP_PKEY *pktmp;
 	int ret;
-	if(!a) return 0;
+	if (!a) return 0;
 	pktmp = EVP_PKEY_new();
-	if(!pktmp) {
+	if (!pktmp)
+		{
 		ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
 		return 0;
-	}
+		}
 	EVP_PKEY_set1_RSA(pktmp, a);
 	ret = i2d_PUBKEY(pktmp, pp);
 	EVP_PKEY_free(pktmp);
 	return ret;
-}
+	}
 #endif
 
 #ifndef OPENSSL_NO_DSA
 DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
 	     long length)
-{
+	{
 	EVP_PKEY *pkey;
 	DSA *key;
 	unsigned char *q;
 	q = *pp;
 	pkey = d2i_PUBKEY(NULL, &q, length);
-	if(!pkey) return NULL;
+	if (!pkey) return NULL;
 	key = EVP_PKEY_get1_DSA(pkey);
 	EVP_PKEY_free(pkey);
-	if(!key) return NULL;
+	if (!key) return NULL;
 	*pp = q;
-	if(a) {
+	if (a)
+		{
 		DSA_free(*a);
 		*a = key;
-	}
+		}
 	return key;
-}
+	}
 
 int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
-{
+	{
 	EVP_PKEY *pktmp;
 	int ret;
 	if(!a) return 0;
 	pktmp = EVP_PKEY_new();
-	if(!pktmp) {
+	if(!pktmp)
+		{
 		ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
 		return 0;
-	}
+		}
 	EVP_PKEY_set1_DSA(pktmp, a);
 	ret = i2d_PUBKEY(pktmp, pp);
 	EVP_PKEY_free(pktmp);
 	return ret;
-}
+	}
+#endif
+
+#ifndef OPENSSL_NO_ECDSA
+ECDSA *d2i_ECDSA_PUBKEY(ECDSA **a, unsigned char **pp, long length)
+	{
+	EVP_PKEY *pkey;
+	ECDSA *key;
+	unsigned char *q;
+	q = *pp;
+	pkey = d2i_PUBKEY(NULL, &q, length);
+	if (!pkey) return(NULL);
+	key = EVP_PKEY_get1_ECDSA(pkey);
+	EVP_PKEY_free(pkey);
+	if (!key)  return(NULL);
+	*pp = q;
+	if (a)
+		{
+		ECDSA_free(*a);
+		*a = key;
+		}
+	return(key);
+	}
+
+int i2d_ECDSA_PUBKEY(ECDSA *a, unsigned char **pp)
+	{
+	EVP_PKEY *pktmp;
+	int ret;
+	if (!a)	return(0);
+	if ((pktmp = EVP_PKEY_new()) == NULL)
+		{
+		ASN1err(ASN1_F_I2D_ECDSA_PUBKEY, ERR_R_MALLOC_FAILURE);
+		return(0);
+		}
+	EVP_PKEY_set1_ECDSA(pktmp, a);
+	ret = i2d_PUBKEY(pktmp, pp);
+	EVP_PKEY_free(pktmp);
+	return(ret);
+	}
 #endif

crypto/bio/b_sock.c

@@ -484,11 +484,7 @@ int BIO_socket_ioctl(int fd, long type, unsigned long *arg)
 	{
 	int i;
 
-#ifdef __DJGPP__
-	i=ioctlsocket(fd,type,(char *)arg);
-#else
 	i=ioctlsocket(fd,type,arg);
-#endif /* __DJGPP__ */
 	if (i < 0)
 		SYSerr(SYS_F_IOCTLSOCKET,get_last_socket_error());
 	return(i);

crypto/bio/bf_nbio.c

@@ -103,7 +103,7 @@ static int nbiof_new(BIO *bi)
 	{
 	NBIO_TEST *nt;
 
-	if (!(nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST)))) return(0);
+	nt=(NBIO_TEST *)OPENSSL_malloc(sizeof(NBIO_TEST));
 	nt->lrn= -1;
 	nt->lwn= -1;
 	bi->ptr=(char *)nt;

crypto/bio/bio.h

@@ -647,7 +647,6 @@ void ERR_load_BIO_strings(void);
 #define BIO_F_CONN_CTRL					 127
 #define BIO_F_CONN_STATE				 115
 #define BIO_F_FILE_CTRL					 116
-#define BIO_F_FILE_READ					 130
 #define BIO_F_LINEBUFFER_CTRL				 129
 #define BIO_F_MEM_READ					 128
 #define BIO_F_MEM_WRITE					 117

crypto/bio/bio_err.c

@@ -91,7 +91,6 @@ static ERR_STRING_DATA BIO_str_functs[]=
 {ERR_PACK(0,BIO_F_CONN_CTRL,0),	"CONN_CTRL"},
 {ERR_PACK(0,BIO_F_CONN_STATE,0),	"CONN_STATE"},
 {ERR_PACK(0,BIO_F_FILE_CTRL,0),	"FILE_CTRL"},
-{ERR_PACK(0,BIO_F_FILE_READ,0),	"FILE_READ"},
 {ERR_PACK(0,BIO_F_LINEBUFFER_CTRL,0),	"LINEBUFFER_CTRL"},
 {ERR_PACK(0,BIO_F_MEM_READ,0),	"MEM_READ"},
 {ERR_PACK(0,BIO_F_MEM_WRITE,0),	"MEM_WRITE"},

crypto/bio/bss_file.c

@@ -162,12 +162,6 @@ static int MS_CALLBACK file_read(BIO *b, char *out, int outl)
 	if (b->init && (out != NULL))
 		{
 		ret=fread(out,1,(int)outl,(FILE *)b->ptr);
-		if(ret == 0 && ferror((FILE *)b->ptr))
-			{
-			SYSerr(SYS_F_FREAD,get_last_sys_error());
-			BIOerr(BIO_F_FILE_READ,ERR_R_SYS_LIB);
-			ret=-1;
-			}
 		}
 	return(ret);
 	}

crypto/bn/bn_div.c

@@ -200,10 +200,10 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 
 	/* First we normalise the numbers */
 	norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
-	if (!(BN_lshift(sdiv,divisor,norm_shift))) goto err;
+	BN_lshift(sdiv,divisor,norm_shift);
 	sdiv->neg=0;
 	norm_shift+=BN_BITS2;
-	if (!(BN_lshift(snum,num,norm_shift))) goto err;
+	BN_lshift(snum,num,norm_shift);
 	snum->neg=0;
 	div_n=sdiv->top;
 	num_n=snum->top;
@@ -327,7 +327,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 		tmp->top=j;
 
 		j=wnum.top;
-		if (!BN_sub(&wnum,&wnum,tmp)) goto err;
+		BN_sub(&wnum,&wnum,tmp);
 
 		snum->top=snum->top+wnum.top-j;
 
@@ -335,7 +335,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
 			{
 			q--;
 			j=wnum.top;
-			if (!BN_add(&wnum,&wnum,sdiv)) goto err;
+			BN_add(&wnum,&wnum,sdiv);
 			snum->top+=wnum.top-j;
 			}
 		*(resp--)=q;

crypto/bn/bn_mont.c

@@ -221,7 +221,7 @@ int BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont,
 
 	if (!BN_mul(t1,t2,&mont->N,ctx)) goto err;
 	if (!BN_add(t2,a,t1)) goto err;
-	if (!BN_rshift(ret,t2,mont->ri)) goto err;
+	BN_rshift(ret,t2,mont->ri);
 #endif /* MONT_WORD */
 
 	if (BN_ucmp(ret, &(mont->N)) >= 0)
@@ -282,8 +282,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
 		BN_ULONG buf[2];
 
 		mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
-		if (!(BN_zero(R))) goto err;
-		if (!(BN_set_bit(R,BN_BITS2))) goto err;	/* R */
+		BN_zero(R);
+		BN_set_bit(R,BN_BITS2);			/* R */
 
 		buf[0]=mod->d[0]; /* tmod = N mod word size */
 		buf[1]=0;

crypto/bn/bn_mul.c

@@ -66,7 +66,7 @@
 #include "cryptlib.h"
 #include "bn_lcl.h"
 
-#if defined(OPENSSL_NO_ASM) || !(defined(__i386) || defined(__i386__)) || defined(__DJGPP__) /* Assembler implementation exists only for x86 */
+#if defined(OPENSSL_NO_ASM) || !(defined(__i386) || defined(__i386__))/* Assembler implementation exists only for x86 */
 /* Here follows specialised variants of bn_add_words() and
    bn_sub_words().  They have the property performing operations on
    arrays of different sizes.  The sizes of those arrays is expressed through
@@ -964,7 +964,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 
 	if ((al == 0) || (bl == 0))
 		{
-		if (!BN_zero(r)) goto err;
+		BN_zero(r);
 		return(1);
 		}
 	top=al+bl;
@@ -1044,7 +1044,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 		if (i == 1 && !BN_get_flags(b,BN_FLG_STATIC_DATA))
 			{
 			BIGNUM *tmp_bn = (BIGNUM *)b;
-			if (bn_wexpand(tmp_bn,al) == NULL) goto err;
+			bn_wexpand(tmp_bn,al);
 			tmp_bn->d[bl]=0;
 			bl++;
 			i--;
@@ -1052,7 +1052,7 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 		else if (i == -1 && !BN_get_flags(a,BN_FLG_STATIC_DATA))
 			{
 			BIGNUM *tmp_bn = (BIGNUM *)a;
-			if (bn_wexpand(tmp_bn,bl) == NULL) goto err;
+			bn_wexpand(tmp_bn,bl);
 			tmp_bn->d[al]=0;
 			al++;
 			i++;
@@ -1067,14 +1067,14 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 			t = BN_CTX_get(ctx);
 			if (al == j) /* exact multiple */
 				{
-				if (bn_wexpand(t,k*2) == NULL) goto err;
-				if (bn_wexpand(rr,k*2) == NULL) goto err;
+				bn_wexpand(t,k*2);
+				bn_wexpand(rr,k*2);
 				bn_mul_recursive(rr->d,a->d,b->d,al,t->d);
 				}
 			else
 				{
-				if (bn_wexpand(t,k*4) == NULL) goto err;
-				if (bn_wexpand(rr,k*4) == NULL) goto err;
+				bn_wexpand(t,k*4);
+				bn_wexpand(rr,k*4);
 				bn_mul_part_recursive(rr->d,a->d,b->d,al-j,j,t->d);
 				}
 			rr->top=top;

crypto/conf/Makefile.ssl

@@ -112,14 +112,15 @@ conf_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 conf_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 conf_lib.o: conf_lib.c
 conf_mall.o: ../../e_os.h ../../include/openssl/asn1.h
-conf_mall.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-conf_mall.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-conf_mall.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-conf_mall.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-conf_mall.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-conf_mall.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_mall.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-conf_mall.o: ../../include/openssl/objects.h
+conf_mall.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+conf_mall.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+conf_mall.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mall.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+conf_mall.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mall.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+conf_mall.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+conf_mall.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+conf_mall.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 conf_mall.o: ../../include/openssl/opensslconf.h
 conf_mall.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 conf_mall.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
@@ -129,14 +130,15 @@ conf_mall.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 conf_mall.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 conf_mall.o: ../cryptlib.h conf_mall.c
 conf_mod.o: ../../e_os.h ../../include/openssl/asn1.h
-conf_mod.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-conf_mod.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-conf_mod.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-conf_mod.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-conf_mod.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-conf_mod.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-conf_mod.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-conf_mod.o: ../../include/openssl/opensslconf.h
+conf_mod.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+conf_mod.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+conf_mod.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_mod.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+conf_mod.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_mod.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+conf_mod.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+conf_mod.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+conf_mod.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
 conf_mod.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 conf_mod.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
 conf_mod.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
@@ -144,14 +146,16 @@ conf_mod.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 conf_mod.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 conf_mod.o: ../cryptlib.h conf_mod.c
 conf_sap.o: ../../e_os.h ../../include/openssl/asn1.h
-conf_sap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-conf_sap.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-conf_sap.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-conf_sap.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
-conf_sap.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-conf_sap.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-conf_sap.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-conf_sap.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+conf_sap.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+conf_sap.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+conf_sap.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+conf_sap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+conf_sap.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
+conf_sap.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+conf_sap.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+conf_sap.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+conf_sap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+conf_sap.o: ../../include/openssl/opensslconf.h
 conf_sap.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 conf_sap.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
 conf_sap.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h

crypto/conf/conf.h

@@ -129,7 +129,6 @@ int CONF_dump_fp(LHASH *conf, FILE *out);
 int CONF_dump_bio(LHASH *conf, BIO *out);
 
 void OPENSSL_config(const char *config_name);
-void OPENSSL_no_config(void);
 
 /* New conf code.  The semantics are different from the functions above.
    If that wasn't the case, the above functions would have been replaced */
@@ -142,10 +141,10 @@ struct conf_st
 	};
 
 CONF *NCONF_new(CONF_METHOD *meth);
-CONF_METHOD *NCONF_default(void);
-CONF_METHOD *NCONF_WIN32(void);
+CONF_METHOD *NCONF_default();
+CONF_METHOD *NCONF_WIN32();
 #if 0 /* Just to give you an idea of what I have in mind */
-CONF_METHOD *NCONF_XML(void);
+CONF_METHOD *NCONF_XML();
 #endif
 void NCONF_free(CONF *conf);
 void NCONF_free_data(CONF *conf);
@@ -177,7 +176,6 @@ int CONF_modules_load_file(const char *filename, const char *appname,
 			   unsigned long flags);
 void CONF_modules_unload(int all);
 void CONF_modules_finish(void);
-void CONF_modules_free(void);
 int CONF_module_add(const char *name, conf_init_func *ifunc,
 		    conf_finish_func *ffunc);
 

crypto/conf/conf_lib.c

@@ -382,9 +382,8 @@ int NCONF_dump_bio(const CONF *conf, BIO *out)
 	return conf->meth->dump(conf, out);
 	}
 
-
 /* This function should be avoided */
-#if 0
+#undef NCONF_get_number
 long NCONF_get_number(CONF *conf,char *group,char *name)
 	{
 	int status;
@@ -398,4 +397,4 @@ long NCONF_get_number(CONF *conf,char *group,char *name)
 		}
 	return ret;
 	}
-#endif
+

crypto/cryptlib.c

@@ -103,7 +103,9 @@ static const char* lock_names[CRYPTO_NUM_LOCKS] =
 	"dynlock",
 	"engine",
 	"ui",
-#if CRYPTO_NUM_LOCKS != 31
+	"ecdsa",
+	"ec",
+#if CRYPTO_NUM_LOCKS != 33
 # error "Inconsistency between crypto.h and cryptlib.c"
 #endif
 	};

crypto/crypto-lib.com

@@ -49,7 +49,6 @@ $!  P5, if defined, sets a TCP/IP library to use, through one of the following
 $!  keywords:
 $!
 $!	UCX		for UCX
-$!	TCPIP		for TCPIP (post UCX)
 $!	SOCKETSHR	for SOCKETSHR+NETLIB
 $!
 $!  P6, if defined, sets a compiler thread NOT needed on OpenVMS 7.1 (and up)
@@ -641,7 +640,6 @@ $   WRITE SYS$OUTPUT "	",APPLICATION,".exe"
 $!
 $! Link The Program, Check To See If We Need To Link With RSAREF Or Not.
 $!
-$   ON ERROR THEN GOTO NEXT_APPLICATION
 $   IF (RSAREF.EQS."TRUE")
 $   THEN
 $!
@@ -1360,8 +1358,7 @@ $   WRITE SYS$OUTPUT "Main MACRO Compiling Command: ",MACRO
 $!
 $! Time to check the contents, and to make sure we get the correct library.
 $!
-$ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX" -
-     .OR. P5.EQS."TCPIP" .OR. P5.EQS."NONE"
+$ IF P5.EQS."SOCKETSHR" .OR. P5.EQS."MULTINET" .OR. P5.EQS."UCX"
 $ THEN
 $!
 $!  Check to see if SOCKETSHR was chosen
@@ -1371,7 +1368,7 @@ $   THEN
 $!
 $!    Set the library to use SOCKETSHR
 $!
-$     TCPIP_LIB = "SYS$DISK:[-.VMS]SOCKETSHR_SHR.OPT/OPT"
+$     TCPIP_LIB = "[-.VMS]SOCKETSHR_SHR.OPT/OPT"
 $!
 $!    Done with SOCKETSHR
 $!
@@ -1397,45 +1394,19 @@ $   THEN
 $!
 $!    Set the library to use UCX.
 $!
-$     TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC.OPT/OPT"
+$     TCPIP_LIB = "[-.VMS]UCX_SHR_DECC.OPT/OPT"
 $     IF F$TRNLNM("UCX$IPC_SHR") .NES. ""
 $     THEN
-$       TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
+$       TCPIP_LIB = "[-.VMS]UCX_SHR_DECC_LOG.OPT/OPT"
 $     ELSE
 $       IF COMPILER .NES. "DECC" .AND. ARCH .EQS. "VAX" THEN -
-	  TCPIP_LIB = "SYS$DISK:[-.VMS]UCX_SHR_VAXC.OPT/OPT"
+	  TCPIP_LIB = "[-.VMS]UCX_SHR_VAXC.OPT/OPT"
 $     ENDIF
 $!
 $!    Done with UCX
 $!
 $   ENDIF
 $!
-$!  Check to see if TCPIP was chosen
-$!
-$   IF P5.EQS."TCPIP"
-$   THEN
-$!
-$!    Set the library to use TCPIP (post UCX).
-$!
-$     TCPIP_LIB = "SYS$DISK:[-.VMS]TCPIP_SHR_DECC.OPT/OPT"
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
-$!  Check to see if NONE was chosen
-$!
-$   IF P5.EQS."NONE"
-$   THEN
-$!
-$!    Do not use a TCPIP library.
-$!
-$     TCPIP_LIB = ""
-$!
-$!    Done with TCPIP
-$!
-$   ENDIF
-$!
 $!  Print info
 $!
 $   WRITE SYS$OUTPUT "TCP/IP library spec: ", TCPIP_LIB
@@ -1451,7 +1422,6 @@ $   WRITE SYS$OUTPUT "The Option ",P5," Is Invalid.  The Valid Options Are:"
 $   WRITE SYS$OUTPUT ""
 $   WRITE SYS$OUTPUT "    SOCKETSHR  :  To link with SOCKETSHR TCP/IP library."
 $   WRITE SYS$OUTPUT "    UCX        :  To link with UCX TCP/IP library."
-$   WRITE SYS$OUTPUT "    TCPIP      :  To link with TCPIP (post UCX) TCP/IP library."
 $   WRITE SYS$OUTPUT ""
 $!
 $!  Time To EXIT.

crypto/crypto.h

@@ -126,7 +126,9 @@ extern "C" {
 #define	CRYPTO_LOCK_DYNLOCK		28
 #define	CRYPTO_LOCK_ENGINE		29
 #define	CRYPTO_LOCK_UI			30
-#define	CRYPTO_NUM_LOCKS		31
+#define CRYPTO_LOCK_ECDSA               31
+#define CRYPTO_LOCK_EC			32
+#define	CRYPTO_NUM_LOCKS		33
 
 #define CRYPTO_LOCK		1
 #define CRYPTO_UNLOCK		2
@@ -233,6 +235,7 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
 #define CRYPTO_EX_INDEX_ENGINE		9
 #define CRYPTO_EX_INDEX_X509		10
 #define CRYPTO_EX_INDEX_UI		11
+#define CRYPTO_EX_INDEX_ECDSA		12
 
 /* Dynamically assigned indexes start from this value (don't use directly, use
  * via CRYPTO_ex_data_new_class). */

crypto/des/Makefile.ssl

@@ -108,6 +108,7 @@ files:
 
 links:
 	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@$(TOP)/util/point.sh ../../perlasm asm/perlasm
 	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
 	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
 	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

crypto/des/des_old.h

@@ -366,7 +366,7 @@ int _ossl_old_des_enc_write(int fd,char *buf,int len,_ossl_old_des_key_schedule
 	_ossl_old_des_cblock *iv);
 char *_ossl_old_des_fcrypt(const char *buf,const char *salt, char *ret);
 char *_ossl_old_des_crypt(const char *buf,const char *salt);
-#if !defined(PERL5) && !defined(NeXT)
+#if !defined(PERL5) && !defined(__FreeBSD__) && !defined(NeXT)
 char *_ossl_old_crypt(const char *buf,const char *salt);
 #endif
 void _ossl_old_des_ofb_encrypt(unsigned char *in,unsigned char *out,

crypto/des/read_pwd.c

@@ -246,7 +246,7 @@ int des_read_pw(char *buf, char *buff, int size, const char *prompt,
 	long status;
 	unsigned short channel = 0;
 #else
-#if !defined(OPENSSL_SYS_MSDOS) || defined(__DJGPP__)
+#ifndef OPENSSL_SYS_MSDOS
 	TTY_STRUCT tty_orig,tty_new;
 #endif
 #endif

crypto/dh/Makefile.ssl

@@ -112,10 +112,12 @@ dh_gen.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 dh_gen.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
 dh_gen.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 dh_gen.o: ../cryptlib.h dh_gen.c
-dh_key.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_key.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_key.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 dh_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 dh_key.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 dh_key.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dh_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 dh_key.o: ../../include/openssl/engine.h ../../include/openssl/err.h
 dh_key.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 dh_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -123,10 +125,12 @@ dh_key.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 dh_key.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 dh_key.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 dh_key.o: ../cryptlib.h dh_key.c
-dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+dh_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+dh_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
 dh_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
 dh_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
 dh_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dh_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
 dh_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
 dh_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 dh_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h

crypto/dsa/Makefile.ssl

@@ -121,49 +121,54 @@ dsa_key.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
 dsa_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 dsa_key.o: ../cryptlib.h dsa_key.c
 dsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-dsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-dsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-dsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-dsa_lib.o: ../../include/openssl/ui.h ../cryptlib.h dsa_lib.c
+dsa_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+dsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dsa_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+dsa_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+dsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+dsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+dsa_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+dsa_lib.o: ../cryptlib.h dsa_lib.c
 dsa_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_ossl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_ossl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_ossl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_ossl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_ossl.o: ../../include/openssl/opensslconf.h
+dsa_ossl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_ossl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_ossl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_ossl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_ossl.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+dsa_ossl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dsa_ossl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 dsa_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 dsa_ossl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 dsa_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 dsa_ossl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 dsa_ossl.o: ../cryptlib.h dsa_ossl.c
 dsa_sign.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_sign.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-dsa_sign.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-dsa_sign.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-dsa_sign.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-dsa_sign.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-dsa_sign.o: ../../include/openssl/opensslconf.h
+dsa_sign.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+dsa_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+dsa_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+dsa_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+dsa_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+dsa_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+dsa_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 dsa_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 dsa_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 dsa_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 dsa_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 dsa_sign.o: ../cryptlib.h dsa_sign.c
 dsa_vrf.o: ../../e_os.h ../../include/openssl/asn1.h
-dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h
-dsa_vrf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-dsa_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-dsa_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-dsa_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-dsa_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-dsa_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-dsa_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-dsa_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-dsa_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-dsa_vrf.o: ../cryptlib.h dsa_vrf.c
+dsa_vrf.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h
+dsa_vrf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dsa_vrf.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dsa_vrf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+dsa_vrf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+dsa_vrf.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+dsa_vrf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+dsa_vrf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+dsa_vrf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+dsa_vrf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+dsa_vrf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dsa_vrf.o: ../../include/openssl/ui.h ../cryptlib.h dsa_vrf.c

crypto/dso/dso_dlfcn.c

@@ -114,7 +114,7 @@ DSO_METHOD *DSO_METHOD_dlfcn(void)
  * as we don't have autoconf yet, I'm implementing a hack that could
  * be hacked further relatively easily to deal with cases as we find
  * them. Initially this is to cope with OpenBSD. */
-#if defined(__OpenBSD__) || defined(__NetBSD__)
+#ifdef __OpenBSD__
 #	ifdef DL_LAZY
 #		define DLOPEN_FLAG DL_LAZY
 #	else

crypto/ec/Makefile.ssl

@@ -24,10 +24,10 @@ APPS=
 
 LIB=$(TOP)/libcrypto.a
 LIBSRC=	ec_lib.c ecp_smpl.c ecp_mont.c ecp_recp.c ecp_nist.c ec_cvt.c ec_mult.c \
-	ec_err.c
+	ec_err.c ec_curve.c ec_check.c
 
 LIBOBJ=	ec_lib.o ecp_smpl.o ecp_mont.o ecp_recp.o ecp_nist.o ec_cvt.o ec_mult.o \
-	ec_err.o
+	ec_err.o ec_curve.o ec_check.o
 
 SRC= $(LIBSRC)
 
@@ -82,6 +82,22 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
+ec_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_check.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_check.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_check.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ec_check.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+ec_check.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ec_check.o: ec_check.c ec_lcl.h
+ec_curve.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ec_curve.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ec_curve.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ec_curve.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ec_curve.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ec_curve.o: ../../include/openssl/opensslconf.h
+ec_curve.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ec_curve.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ec_curve.o: ../../include/openssl/symhacks.h ec_curve.c ec_lcl.h
 ec_cvt.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
 ec_cvt.o: ../../include/openssl/ec.h ../../include/openssl/opensslconf.h
 ec_cvt.o: ../../include/openssl/symhacks.h ec_cvt.c ec_lcl.h

crypto/ec/ec.h

@@ -1,6 +1,6 @@
 /* crypto/ec/ec.h */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -108,7 +108,15 @@ void EC_GROUP_clear_free(EC_GROUP *);
 int EC_GROUP_copy(EC_GROUP *, const EC_GROUP *);
 
 const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
-	
+
+int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
+EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
+int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
+int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+
+void EC_GROUP_set_nid(EC_GROUP *, int);
+int EC_GROUP_get_nid(const EC_GROUP *);
+
 
 /* We don't have types for field specifications and field elements in general.
  * Otherwise we could declare
@@ -117,14 +125,54 @@ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *);
 int EC_GROUP_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 int EC_GROUP_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
 
+/* EC_GROUP_check() returns 1 if 'group' defines a valid group, 0 otherwise */
+int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
+/* EC_GROUP_check_discriminant() returns 1 if the discriminant of the
+ * elliptic curve is not zero, 0 otherwise */
+int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *);
+
 /* EC_GROUP_new_GFp() calls EC_GROUP_new() and EC_GROUP_set_GFp()
  * after choosing an appropriate EC_METHOD */
 EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 
-int EC_GROUP_set_generator(EC_GROUP *, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *);
-int EC_GROUP_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int EC_GROUP_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+/* EC_GROUP_new_by_nid() and EC_GROUP_new_by_name() also set
+ * generator and order */
+EC_GROUP *EC_GROUP_new_by_nid(int nid);
+EC_GROUP *EC_GROUP_new_by_name(int name);
+/* Currently valid arguments to EC_GROUP_new_by_name() */
+#define EC_GROUP_NO_CURVE		0
+#define EC_GROUP_NIST_PRIME_192		NID_X9_62_prime192v1
+#define EC_GROUP_NIST_PRIME_224		NID_secp224r1
+#define EC_GROUP_NIST_PRIME_256		NID_X9_62_prime256v1
+#define EC_GROUP_NIST_PRIME_384		NID_secp384r1
+#define EC_GROUP_NIST_PRIME_521		NID_secp521r1
+#define EC_GROUP_X9_62_PRIME_192V1	NID_X9_62_prime192v1
+#define EC_GROUP_X9_62_PRIME_192V2	NID_X9_62_prime192v2
+#define EC_GROUP_X9_62_PRIME_192V3	NID_X9_62_prime192v3
+#define EC_GROUP_X9_62_PRIME_239V1	NID_X9_62_prime239v1
+#define EC_GROUP_X9_62_PRIME_239V2	NID_X9_62_prime239v2
+#define EC_GROUP_X9_62_PRIME_239V3	NID_X9_62_prime239v3
+#define EC_GROUP_X9_62_PRIME_256V1	NID_X9_62_prime256v1
+#define EC_GROUP_SECG_PRIME_112R1	NID_secp112r1
+#define EC_GROUP_SECG_PRIME_112R2	NID_secp112r2
+#define EC_GROUP_SECG_PRIME_128R1	NID_secp128r1
+#define EC_GROUP_SECG_PRIME_128R2	NID_secp128r2
+#define EC_GROUP_SECG_PRIME_160K1	NID_secp160k1
+#define EC_GROUP_SECG_PRIME_160R1	NID_secp160r1
+#define EC_GROUP_SECG_PRIME_160R2	NID_secp160r2
+#define EC_GROUP_SECG_PRIME_192K1	NID_secp192k1
+#define EC_GROUP_SECG_PRIME_192R1	NID_X9_62_prime192v1
+#define EC_GROUP_SECG_PRIME_224K1	NID_secp224k1
+#define EC_GROUP_SECG_PRIME_224R1	NID_secp224r1
+#define EC_GROUP_SECG_PRIME_256K1	NID_secp256k1
+#define EC_GROUP_SECG_PRIME_256R1	NID_X9_62_prime256v1
+#define EC_GROUP_SECG_PRIME_384R1	NID_secp384r1
+#define EC_GROUP_SECG_PRIME_521R1	NID_secp521r1
+#define EC_GROUP_WTLS_6			NID_wap_wsg_idm_ecid_wtls6
+#define EC_GROUP_WTLS_7			NID_secp160r1
+#define EC_GROUP_WTLS_8			NID_wap_wsg_idm_ecid_wtls8
+#define EC_GROUP_WTLS_9			NID_wap_wsg_idm_ecid_wtls9
+#define EC_GROUP_WTLS_12		NID_secp224r1
 
 EC_POINT *EC_POINT_new(const EC_GROUP *);
 void EC_POINT_free(EC_POINT *);
@@ -182,6 +230,7 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_GFP_MONT_FIELD_ENCODE			 134
 #define EC_F_EC_GFP_MONT_FIELD_MUL			 131
 #define EC_F_EC_GFP_MONT_FIELD_SQR			 132
+#define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT	 152
 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP		 100
 #define EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR		 101
 #define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE			 102
@@ -191,13 +240,19 @@ void ERR_load_EC_strings(void);
 #define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP 105
 #define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP 128
 #define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP 129
+#define EC_F_EC_GROUP_CHECK				 150
+#define EC_F_EC_GROUP_CHECK_DISCRIMINANT		 153
 #define EC_F_EC_GROUP_COPY				 106
 #define EC_F_EC_GROUP_GET0_GENERATOR			 139
 #define EC_F_EC_GROUP_GET_COFACTOR			 140
 #define EC_F_EC_GROUP_GET_CURVE_GFP			 130
 #define EC_F_EC_GROUP_GET_EXTRA_DATA			 107
 #define EC_F_EC_GROUP_GET_ORDER				 141
+#define EC_F_EC_GROUP_GROUP2NID				 147
 #define EC_F_EC_GROUP_NEW				 108
+#define EC_F_EC_GROUP_NEW_BY_NAME			 144
+#define EC_F_EC_GROUP_NEW_BY_NID			 146
+#define EC_F_EC_GROUP_NEW_GFP_FROM_HEX			 148
 #define EC_F_EC_GROUP_PRECOMPUTE_MULT			 142
 #define EC_F_EC_GROUP_SET_CURVE_GFP			 109
 #define EC_F_EC_GROUP_SET_EXTRA_DATA			 110
@@ -224,6 +279,7 @@ void ERR_load_EC_strings(void);
 
 /* Reason codes. */
 #define EC_R_BUFFER_TOO_SMALL				 100
+#define EC_R_DISCRIMINANT_IS_ZERO			 118
 #define EC_R_INCOMPATIBLE_OBJECTS			 101
 #define EC_R_INVALID_ARGUMENT				 112
 #define EC_R_INVALID_COMPRESSED_POINT			 110
@@ -231,12 +287,16 @@ void ERR_load_EC_strings(void);
 #define EC_R_INVALID_ENCODING				 102
 #define EC_R_INVALID_FIELD				 103
 #define EC_R_INVALID_FORM				 104
+#define EC_R_INVALID_GROUP_ORDER			 119
 #define EC_R_NOT_INITIALIZED				 111
 #define EC_R_NO_SUCH_EXTRA_DATA				 105
 #define EC_R_POINT_AT_INFINITY				 106
 #define EC_R_POINT_IS_NOT_ON_CURVE			 107
 #define EC_R_SLOT_FULL					 108
 #define EC_R_UNDEFINED_GENERATOR			 113
+#define EC_R_UNDEFINED_ORDER				 122
+#define EC_R_UNKNOWN_GROUP				 116
+#define EC_R_UNKNOWN_NID				 117
 #define EC_R_UNKNOWN_ORDER				 114
 
 #ifdef  __cplusplus

crypto/ec/ec_check.c

@@ -0,0 +1,122 @@
+/* crypto/ec/ec_check.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ec_lcl.h"
+#include <openssl/err.h>
+
+int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx)
+	{
+	int ret = 0;
+	BIGNUM *order;
+	BN_CTX *new_ctx = NULL;
+	EC_POINT *point = NULL;
+
+	if (ctx == NULL)
+		{
+		ctx = new_ctx = BN_CTX_new();
+		if (ctx == NULL)
+			{
+			ECerr(EC_F_EC_GROUP_CHECK, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
+		}
+	BN_CTX_start(ctx);
+	if ((order = BN_CTX_get(ctx)) == NULL) goto err;
+
+	/* check the discriminant */
+	if (!EC_GROUP_check_discriminant(group, ctx))
+		{
+		ECerr(EC_F_EC_GROUP_CHECK, EC_R_DISCRIMINANT_IS_ZERO);
+		goto err;
+		}
+
+	/* check the generator */
+	if (group->generator == NULL)
+		{
+		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR);
+		goto err;
+		}
+	if (!EC_POINT_is_on_curve(group, group->generator, ctx))
+		{
+		ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE);
+		goto err;
+		}
+
+	/* check the order of the generator */
+	if ((point = EC_POINT_new(group)) == NULL) goto err;
+	if (!EC_GROUP_get_order(group, order, ctx)) goto err; 
+	if (BN_is_zero(order))
+		{
+		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);
+		goto err;
+		}
+	
+	if (!EC_POINT_mul(group, point, order, NULL, NULL, ctx)) goto err;
+	if (!EC_POINT_is_at_infinity(group, point))
+		{
+		ECerr(EC_F_EC_GROUP_CHECK, EC_R_INVALID_GROUP_ORDER);
+		goto err;
+		}
+
+	ret = 1;
+
+err:
+	BN_CTX_end(ctx);
+	if (new_ctx != NULL)
+		BN_CTX_free(new_ctx);
+	if (point)
+		EC_POINT_free(point);
+	return ret;
+	}

crypto/ec/ec_curve.c

@@ -0,0 +1,362 @@
+/* crypto/ec/ec_curve.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ec_lcl.h"
+#include <openssl/err.h>
+#include <openssl/obj_mac.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* #define _EC_GROUP_EXAMPLE_PRIME_CURVE	\
+ *		"the prime number p", "a", "b", "the compressed base point", "y-bit", "order", "cofactor"
+ */
+/* the nist prime curves */
+#define _EC_GROUP_NIST_PRIME_192	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",\
+		"64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1",\
+		"188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012",1,\
+		"FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831",1
+#define _EC_GROUP_NIST_PRIME_224	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE",\
+		"B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4",\
+		"B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21",0,\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D",1
+#define _EC_GROUP_NIST_PRIME_384	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC",\
+		"B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF",\
+		"AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7",1,\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973",1
+#define _EC_GROUP_NIST_PRIME_521	\
+		"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF",\
+		"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC",\
+		"051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B"\
+		"315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00",\
+		"C6858E06B70404E9CD9E3ECB662395B4429C648139053F"\
+		"B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66",0,\
+		"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"\
+		"FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409",1
+/* the x9.62 prime curves (minus the nist prime curves) */
+#define _EC_GROUP_X9_62_PRIME_192V2	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",\
+		"CC22D6DFB95C6B25E49C0D6364A4E5980C393AA21668D953",\
+		"EEA2BAE7E1497842F2DE7769CFE9C989C072AD696F48034A",1,\
+		"FFFFFFFFFFFFFFFFFFFFFFFE5FB1A724DC80418648D8DD31",1
+#define _EC_GROUP_X9_62_PRIME_192V3	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC",\
+		"22123DC2395A05CAA7423DAECCC94760A7D462256BD56916",\
+		"7D29778100C65A1DA1783716588DCE2B8B4AEE8E228F1896",0,\
+		"FFFFFFFFFFFFFFFFFFFFFFFF7A62D031C83F4294F640EC13",1
+#define _EC_GROUP_X9_62_PRIME_239V1	\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",\
+		"6B016C3BDCF18941D0D654921475CA71A9DB2FB27D1D37796185C2942C0A",\
+		"0FFA963CDCA8816CCC33B8642BEDF905C3D358573D3F27FBBD3B3CB9AAAF",0,\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF9E5E9A9F5D9071FBD1522688909D0B",1
+#define _EC_GROUP_X9_62_PRIME_239V2	\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",\
+		"617FAB6832576CBBFED50D99F0249C3FEE58B94BA0038C7AE84C8C832F2C",\
+		"38AF09D98727705120C921BB5E9E26296A3CDCF2F35757A0EAFD87B830E7",0,\
+		"7FFFFFFFFFFFFFFFFFFFFFFF800000CFA7E8594377D414C03821BC582063",1
+#define _EC_GROUP_X9_62_PRIME_239V3	\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFF",\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFFFFFFFF8000000000007FFFFFFFFFFC",\
+		"255705FA2A306654B1F4CB03D6A750A30C250102D4988717D9BA15AB6D3E",\
+		"6768AE8E18BB92CFCF005C949AA2C6D94853D0E660BBF854B1C9505FE95A",1,\
+		"7FFFFFFFFFFFFFFFFFFFFFFF7FFFFF975DEB41B3A6057C3C432146526551",1
+#define _EC_GROUP_X9_62_PRIME_256V1	\
+		"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF",\
+		"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC",\
+		"5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B",\
+		"6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296",1,\
+		"FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551",1
+/* the secg prime curves (minus the nist and x9.62 prime curves) */
+#define _EC_GROUP_SECG_PRIME_112R1	\
+		"DB7C2ABF62E35E668076BEAD208B",\
+		"DB7C2ABF62E35E668076BEAD2088",\
+		"659EF8BA043916EEDE8911702B22",\
+		"09487239995A5EE76B55F9C2F098",0,\
+		"DB7C2ABF62E35E7628DFAC6561C5",1
+#define _EC_GROUP_SECG_PRIME_112R2	\
+		"DB7C2ABF62E35E668076BEAD208B",\
+		"6127C24C05F38A0AAAF65C0EF02C",\
+		"51DEF1815DB5ED74FCC34C85D709",\
+		"4BA30AB5E892B4E1649DD0928643",1,\
+		"36DF0AAFD8B8D7597CA10520D04B",4
+#define _EC_GROUP_SECG_PRIME_128R1	\
+		"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",\
+		"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC",\
+		"E87579C11079F43DD824993C2CEE5ED3",\
+		"161FF7528B899B2D0C28607CA52C5B86",1,\
+		"FFFFFFFE0000000075A30D1B9038A115",1
+#define _EC_GROUP_SECG_PRIME_128R2	\
+		"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF",\
+		"D6031998D1B3BBFEBF59CC9BBFF9AEE1",\
+		"5EEEFCA380D02919DC2C6558BB6D8A5D",\
+		"7B6AA5D85E572983E6FB32A7CDEBC140",0,\
+		"3FFFFFFF7FFFFFFFBE0024720613B5A3",4
+#define _EC_GROUP_SECG_PRIME_160K1	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",\
+		"0",\
+		"7",\
+		"3B4C382CE37AA192A4019E763036F4F5DD4D7EBB",0,\
+		"0100000000000000000001B8FA16DFAB9ACA16B6B3",1
+#define _EC_GROUP_SECG_PRIME_160R1	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC",\
+		"1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45",\
+		"4A96B5688EF573284664698968C38BB913CBFC82",0,\
+		"0100000000000000000001F4C8F927AED3CA752257",1
+#define _EC_GROUP_SECG_PRIME_160R2	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73",\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70",\
+		"B4E134D3FB59EB8BAB57274904664D5AF50388BA",\
+		"52DCB034293A117E1F4FF11B30F7199D3144CE6D",0,\
+		"0100000000000000000000351EE786A818F3A1A16B",1
+#define _EC_GROUP_SECG_PRIME_192K1	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37",\
+		"0",\
+		"3",\
+		"DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D",1,\
+		"FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D",1
+#define _EC_GROUP_SECG_PRIME_224K1	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D",\
+		"0",\
+		"5",\
+		"A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C",1,\
+		"010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7",1
+#define _EC_GROUP_SECG_PRIME_256K1	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F",\
+		"0",\
+		"7",\
+		"79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798",0,\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141",1
+/* some wap/wtls curves */
+#define _EC_GROUP_WTLS_6	\
+		"DB7C2ABF62E35E668076BEAD208B",\
+		"DB7C2ABF62E35E668076BEAD2088",\
+		"659EF8BA043916EEDE8911702B22",\
+		"09487239995A5EE76B55F9C2F098",0,\
+		"DB7C2ABF62E35E7628DFAC6561C5",1
+#define _EC_GROUP_WTLS_8	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFDE7",\
+		"0",\
+		"3",\
+		"1",0,\
+		"0100000000000001ECEA551AD837E9",1
+#define _EC_GROUP_WTLS_9	\
+		"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC808F",\
+		"0",\
+		"3",\
+		"1",0,\
+		"0100000000000000000001CDC98AE0E2DE574ABF33",1
+
+static EC_GROUP *ec_group_new_GFp_from_hex(const char *prime_in,
+	    const char *a_in, const char *b_in,
+	    const char *x_in, const int y_bit, const char *order_in, const BN_ULONG cofac_in)
+	{
+	EC_GROUP *group=NULL;
+	EC_POINT *P=NULL;
+	BN_CTX	 *ctx=NULL;
+	BIGNUM 	 *prime=NULL,*a=NULL,*b=NULL,*x=NULL,*order=NULL;
+	int	 ok=0;
+
+	if ((ctx = BN_CTX_new()) == NULL) goto bn_err;
+	if ((prime = BN_new()) == NULL || (a = BN_new()) == NULL || (b = BN_new()) == NULL ||
+		(x = BN_new()) == NULL || (order = BN_new()) == NULL) goto bn_err;
+	
+	if (!BN_hex2bn(&prime, prime_in)) goto bn_err;
+	if (!BN_hex2bn(&a, a_in)) goto bn_err;
+	if (!BN_hex2bn(&b, b_in)) goto bn_err;
+
+	if ((group = EC_GROUP_new_curve_GFp(prime, a, b, ctx)) == NULL) goto err;
+	if ((P = EC_POINT_new(group)) == NULL) goto err;
+	
+	if (!BN_hex2bn(&x, x_in)) goto bn_err;
+	if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, y_bit, ctx)) goto err;
+	if (!BN_hex2bn(&order, order_in)) goto bn_err;
+	if (!BN_set_word(x, cofac_in)) goto bn_err;
+	if (!EC_GROUP_set_generator(group, P, order, x)) goto err;
+	ok=1;
+bn_err:
+	if (!ok)
+		ECerr(EC_F_EC_GROUP_NEW_GFP_FROM_HEX, ERR_R_BN_LIB);
+err:
+	if (!ok)
+		{
+		EC_GROUP_free(group);
+		group = NULL;
+		}
+	if (P) 	   EC_POINT_free(P);
+	if (ctx)   BN_CTX_free(ctx);
+	if (prime) BN_free(prime);
+	if (a)     BN_free(a);
+	if (b)     BN_free(b);
+	if (order) BN_free(order);
+	if (x)     BN_free(x);
+	return(group);
+	}
+
+EC_GROUP *EC_GROUP_new_by_name(int name)
+	{
+	EC_GROUP *ret = NULL;
+	switch (name)
+		{
+	case EC_GROUP_NO_CURVE:
+		return NULL;
+	/* some nist curves */
+	case EC_GROUP_NIST_PRIME_224: /* EC_GROUP_NIST_PRIME_224 == EC_GROUP_SECG_PRIME_224R1 */
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_NIST_PRIME_224);
+		break;
+
+	case EC_GROUP_NIST_PRIME_384: /* EC_GROUP_NIST_PRIME_384 == EC_GROUP_SECG_PRIME_384R1 */
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_NIST_PRIME_384);
+		break;
+
+	case EC_GROUP_NIST_PRIME_521: /* EC_GROUP_NIST_PRIME_521 == EC_GROUP_SECG_PRIME_521R1 */
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_NIST_PRIME_521);
+		break;
+	/* x9.62 prime curves */
+	case EC_GROUP_X9_62_PRIME_192V1: /* == EC_GROUP_NIST_PRIME_192 == EC_GROUP_SECG_PRIME_192R1 */
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_NIST_PRIME_192);
+		break;
+
+	case EC_GROUP_X9_62_PRIME_192V2:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_X9_62_PRIME_192V2);
+		break;
+
+	case EC_GROUP_X9_62_PRIME_192V3:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_X9_62_PRIME_192V3);
+		break;
+
+	case EC_GROUP_X9_62_PRIME_239V1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_X9_62_PRIME_239V1);
+		break;
+
+	case EC_GROUP_X9_62_PRIME_239V2:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_X9_62_PRIME_239V2);
+		break;
+
+	case EC_GROUP_X9_62_PRIME_239V3:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_X9_62_PRIME_239V3);
+		break;
+
+	case EC_GROUP_X9_62_PRIME_256V1: /* == EC_GROUP_NIST_PRIME_256 == EC_GROUP_SECG_PRIME_256R1 */
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_X9_62_PRIME_256V1);
+		break;
+	/* the remaining secg curves */
+	case EC_GROUP_SECG_PRIME_112R1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_112R1);
+		break;
+	case EC_GROUP_SECG_PRIME_112R2:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_112R2);
+		break;
+	case EC_GROUP_SECG_PRIME_128R1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_128R1);
+		break;
+	case EC_GROUP_SECG_PRIME_128R2:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_128R2);
+		break;
+	case EC_GROUP_SECG_PRIME_160K1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_160K1);
+		break;
+	case EC_GROUP_SECG_PRIME_160R1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_160R1);
+		break;
+	case EC_GROUP_SECG_PRIME_160R2:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_160R2);
+		break;
+	case EC_GROUP_SECG_PRIME_192K1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_192K1);
+		break;
+	case EC_GROUP_SECG_PRIME_224K1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_224K1);
+		break;
+	case EC_GROUP_SECG_PRIME_256K1:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_SECG_PRIME_256K1);
+		break;
+	/* some wap/wtls curves */
+	case EC_GROUP_WTLS_6:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_WTLS_6);
+		break;
+	case EC_GROUP_WTLS_8:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_WTLS_8);
+		break;
+	case EC_GROUP_WTLS_9:
+		ret = ec_group_new_GFp_from_hex(_EC_GROUP_WTLS_9);
+		break;
+
+		}
+	if (ret == NULL)
+		{
+		ECerr(EC_F_EC_GROUP_NEW_BY_NAME, EC_R_UNKNOWN_GROUP);
+		return NULL;
+		}
+	EC_GROUP_set_nid(ret, name);
+	return ret;
+	}
+
+
+EC_GROUP *EC_GROUP_new_by_nid(int nid)
+	{
+	return EC_GROUP_new_by_name(nid);
+	}

crypto/ec/ec_cvt.c

@@ -1,6 +1,6 @@
 /* crypto/ec/ec_cvt.c */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions

crypto/ec/ec_err.c

@@ -1,6 +1,6 @@
 /* crypto/ec/ec_err.c */
 /* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -71,6 +71,7 @@ static ERR_STRING_DATA EC_str_functs[]=
 {ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_ENCODE,0),	"ec_GFp_mont_field_encode"},
 {ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_MUL,0),	"ec_GFp_mont_field_mul"},
 {ERR_PACK(0,EC_F_EC_GFP_MONT_FIELD_SQR,0),	"ec_GFp_mont_field_sqr"},
+{ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT,0),	"ec_GFp_simple_group_check_discriminant"},
 {ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE_GFP,0),	"ec_GFp_simple_group_set_curve_GFp"},
 {ERR_PACK(0,EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR,0),	"ec_GFp_simple_group_set_generator"},
 {ERR_PACK(0,EC_F_EC_GFP_SIMPLE_MAKE_AFFINE,0),	"ec_GFp_simple_make_affine"},
@@ -80,13 +81,19 @@ static ERR_STRING_DATA EC_str_functs[]=
 {ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES_GFP,0),	"ec_GFp_simple_point_get_affine_coordinates_GFp"},
 {ERR_PACK(0,EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES_GFP,0),	"ec_GFp_simple_point_set_affine_coordinates_GFp"},
 {ERR_PACK(0,EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES_GFP,0),	"ec_GFp_simple_set_compressed_coordinates_GFp"},
+{ERR_PACK(0,EC_F_EC_GROUP_CHECK,0),	"EC_GROUP_check"},
+{ERR_PACK(0,EC_F_EC_GROUP_CHECK_DISCRIMINANT,0),	"EC_GROUP_check_discriminant"},
 {ERR_PACK(0,EC_F_EC_GROUP_COPY,0),	"EC_GROUP_copy"},
 {ERR_PACK(0,EC_F_EC_GROUP_GET0_GENERATOR,0),	"EC_GROUP_get0_generator"},
 {ERR_PACK(0,EC_F_EC_GROUP_GET_COFACTOR,0),	"EC_GROUP_get_cofactor"},
 {ERR_PACK(0,EC_F_EC_GROUP_GET_CURVE_GFP,0),	"EC_GROUP_get_curve_GFp"},
 {ERR_PACK(0,EC_F_EC_GROUP_GET_EXTRA_DATA,0),	"EC_GROUP_get_extra_data"},
 {ERR_PACK(0,EC_F_EC_GROUP_GET_ORDER,0),	"EC_GROUP_get_order"},
+{ERR_PACK(0,EC_F_EC_GROUP_GROUP2NID,0),	"EC_GROUP_GROUP2NID"},
 {ERR_PACK(0,EC_F_EC_GROUP_NEW,0),	"EC_GROUP_new"},
+{ERR_PACK(0,EC_F_EC_GROUP_NEW_BY_NAME,0),	"EC_GROUP_new_by_name"},
+{ERR_PACK(0,EC_F_EC_GROUP_NEW_BY_NID,0),	"EC_GROUP_new_by_nid"},
+{ERR_PACK(0,EC_F_EC_GROUP_NEW_GFP_FROM_HEX,0),	"EC_GROUP_NEW_GFP_FROM_HEX"},
 {ERR_PACK(0,EC_F_EC_GROUP_PRECOMPUTE_MULT,0),	"EC_GROUP_precompute_mult"},
 {ERR_PACK(0,EC_F_EC_GROUP_SET_CURVE_GFP,0),	"EC_GROUP_set_curve_GFp"},
 {ERR_PACK(0,EC_F_EC_GROUP_SET_EXTRA_DATA,0),	"EC_GROUP_set_extra_data"},
@@ -116,6 +123,7 @@ static ERR_STRING_DATA EC_str_functs[]=
 static ERR_STRING_DATA EC_str_reasons[]=
 	{
 {EC_R_BUFFER_TOO_SMALL                   ,"buffer too small"},
+{EC_R_DISCRIMINANT_IS_ZERO               ,"discriminant is zero"},
 {EC_R_INCOMPATIBLE_OBJECTS               ,"incompatible objects"},
 {EC_R_INVALID_ARGUMENT                   ,"invalid argument"},
 {EC_R_INVALID_COMPRESSED_POINT           ,"invalid compressed point"},
@@ -123,12 +131,16 @@ static ERR_STRING_DATA EC_str_reasons[]=
 {EC_R_INVALID_ENCODING                   ,"invalid encoding"},
 {EC_R_INVALID_FIELD                      ,"invalid field"},
 {EC_R_INVALID_FORM                       ,"invalid form"},
+{EC_R_INVALID_GROUP_ORDER                ,"invalid group order"},
 {EC_R_NOT_INITIALIZED                    ,"not initialized"},
 {EC_R_NO_SUCH_EXTRA_DATA                 ,"no such extra data"},
 {EC_R_POINT_AT_INFINITY                  ,"point at infinity"},
 {EC_R_POINT_IS_NOT_ON_CURVE              ,"point is not on curve"},
 {EC_R_SLOT_FULL                          ,"slot full"},
 {EC_R_UNDEFINED_GENERATOR                ,"undefined generator"},
+{EC_R_UNDEFINED_ORDER                    ,"undefined order"},
+{EC_R_UNKNOWN_GROUP                      ,"unknown group"},
+{EC_R_UNKNOWN_NID                        ,"unknown nid"},
 {EC_R_UNKNOWN_ORDER                      ,"unknown order"},
 {0,NULL}
 	};

crypto/ec/ec_lcl.h

@@ -73,14 +73,8 @@ struct ec_method_st {
 	int (*group_set_curve_GFp)(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 	int (*group_get_curve_GFp)(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
 
-	/* used by EC_GROUP_set_generator, EC_GROUP_get0_generator,
-	 * EC_GROUP_get_order, EC_GROUP_get_cofactor:
-	 */
-	int (*group_set_generator)(EC_GROUP *, const EC_POINT *generator,
-	        const BIGNUM *order, const BIGNUM *cofactor);
-	EC_POINT *(*group_get0_generator)(const EC_GROUP *);
-	int (*group_get_order)(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-	int (*group_get_cofactor)(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+	/* used by EC_GROUP_check: */
+	int (*group_check_discriminant)(const EC_GROUP *, BN_CTX *);
 
 	/* used by EC_POINT_new, EC_POINT_free, EC_POINT_clear_free, EC_POINT_copy: */
 	int (*point_init)(EC_POINT *);
@@ -143,16 +137,24 @@ struct ec_method_st {
 struct ec_group_st {
 	const EC_METHOD *meth;
 
+	EC_POINT *generator; /* optional */
+	BIGNUM order, cofactor;
+
+	int nid; /* optional NID for named curve */
+
 	void *extra_data;
 	void *(*extra_data_dup_func)(void *);
 	void (*extra_data_free_func)(void *);
 	void (*extra_data_clear_free_func)(void *);
 
-	/* All members except 'meth' and 'extra_data...' are handled by
-	 * the method functions, even if they appear generic */
+	/* The following members are handled by the method functions,
+	 * even if they appear generic */
 	
 	BIGNUM field; /* Field specification.
-	               * For curves over GF(p), this is the modulus. */
+	               * For curves over GF(p), this is the modulus;
+	               * for curves over GF(2^m), this is the 
+	               * irreducible polynomial defining the field.
+	               */
 
 	BIGNUM a, b; /* Curve coefficients.
 	              * (Here the assumption is that BIGNUMs can be used
@@ -160,11 +162,12 @@ struct ec_group_st {
 	              * For characteristic  > 3,  the curve is defined
 	              * by a Weierstrass equation of the form
 	              *     y^2 = x^3 + a*x + b.
+	              * For characteristic  2,  the curve is defined by
+	              * an equation of the form
+	              *     y^2 + x*y = x^3 + a*x^2 + b.
 	              */
-	int a_is_minus3; /* enable optimized point arithmetics for special case */
 
-	EC_POINT *generator; /* optional */
-	BIGNUM order, cofactor;
+	int a_is_minus3; /* enable optimized point arithmetics for special case */
 
 	void *field_data1; /* method-specific (e.g., Montgomery structure) */
 	void *field_data2; /* method-specific */
@@ -208,11 +211,7 @@ void ec_GFp_simple_group_clear_finish(EC_GROUP *);
 int ec_GFp_simple_group_copy(EC_GROUP *, const EC_GROUP *);
 int ec_GFp_simple_group_set_curve_GFp(EC_GROUP *, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);
 int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *);
-int ec_GFp_simple_group_set_generator(EC_GROUP *, const EC_POINT *generator,
-	const BIGNUM *order, const BIGNUM *cofactor);
-EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *);
-int ec_GFp_simple_group_get_order(const EC_GROUP *, BIGNUM *order, BN_CTX *);
-int ec_GFp_simple_group_get_cofactor(const EC_GROUP *, BIGNUM *cofactor, BN_CTX *);
+int ec_GFp_simple_group_check_discriminant(const EC_GROUP *, BN_CTX *);
 int ec_GFp_simple_point_init(EC_POINT *);
 void ec_GFp_simple_point_finish(EC_POINT *);
 void ec_GFp_simple_point_clear_finish(EC_POINT *);

crypto/ec/ec_lib.c

@@ -1,6 +1,6 @@
 /* crypto/ec/ec_lib.c */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -93,7 +93,13 @@ EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
 	ret->extra_data_dup_func = 0;
 	ret->extra_data_free_func = 0;
 	ret->extra_data_clear_free_func = 0;
-	
+
+	ret->generator = NULL;
+	BN_init(&ret->order);
+	BN_init(&ret->cofactor);
+
+	ret->nid = 0;	
+
 	if (!meth->group_init(ret))
 		{
 		OPENSSL_free(ret);
@@ -113,6 +119,11 @@ void EC_GROUP_free(EC_GROUP *group)
 
 	EC_GROUP_free_extra_data(group);
 
+	if (group->generator != NULL)
+		EC_POINT_free(group->generator);
+	BN_free(&group->order);
+	BN_free(&group->cofactor);
+
 	OPENSSL_free(group);
 	}
  
@@ -128,6 +139,11 @@ void EC_GROUP_clear_free(EC_GROUP *group)
 
 	EC_GROUP_clear_free_extra_data(group);
 
+	if (group->generator != NULL)
+		EC_POINT_clear_free(group->generator);
+	BN_clear_free(&group->order);
+	BN_clear_free(&group->cofactor);
+
 	memset(group, 0, sizeof *group);
 	OPENSSL_free(group);
 	}
@@ -163,6 +179,30 @@ int EC_GROUP_copy(EC_GROUP *dest, const EC_GROUP *src)
 		dest->extra_data_clear_free_func = src->extra_data_clear_free_func;
 		}
 
+	if (src->generator != NULL)
+		{
+		if (dest->generator == NULL)
+			{
+			dest->generator = EC_POINT_new(dest);
+			if (dest->generator == NULL) return 0;
+			}
+		if (!EC_POINT_copy(dest->generator, src->generator)) return 0;
+		}
+	else
+		{
+		/* src->generator == NULL */
+		if (dest->generator != NULL)
+			{
+			EC_POINT_clear_free(dest->generator);
+			dest->generator = NULL;
+			}
+		}
+
+	if (!BN_copy(&dest->order, &src->order)) return 0;
+	if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
+
+	dest->nid = src->nid;
+
 	return dest->meth->group_copy(dest, src);
 	}
 
@@ -173,6 +213,71 @@ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group)
 	}
 
 
+int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor)
+	{
+	if (generator == NULL)
+		{
+		ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
+		return 0   ;
+		}
+
+	if (group->generator == NULL)
+		{
+		group->generator = EC_POINT_new(group);
+		if (group->generator == NULL) return 0;
+		}
+	if (!EC_POINT_copy(group->generator, generator)) return 0;
+
+	if (order != NULL)
+		{ if (!BN_copy(&group->order, order)) return 0; }	
+	else
+		{ if (!BN_zero(&group->order)) return 0; }	
+
+	if (cofactor != NULL)
+		{ if (!BN_copy(&group->cofactor, cofactor)) return 0; }	
+	else
+		{ if (!BN_zero(&group->cofactor)) return 0; }	
+
+	return 1;
+	}
+
+
+EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
+	{
+	return group->generator;
+	}
+
+
+int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
+	{
+	if (!BN_copy(order, &group->order))
+		return 0;
+
+	return !BN_is_zero(order);
+	}
+
+
+int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
+	{
+	if (!BN_copy(cofactor, &group->cofactor))
+		return 0;
+
+	return !BN_is_zero(&group->cofactor);
+	}
+
+
+void EC_GROUP_set_nid(EC_GROUP *group, int nid)
+	{
+	group->nid = nid;
+	}
+
+
+int EC_GROUP_get_nid(const EC_GROUP *group)
+	{
+	return group->nid;
+	}
+
+
 int EC_GROUP_set_curve_GFp(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 	{
 	if (group->meth->group_set_curve_GFp == 0)
@@ -195,47 +300,14 @@ int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *
 	}
 
 
-int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, const BIGNUM *order, const BIGNUM *cofactor)
+int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	{
-	if (group->meth->group_set_generator == 0)
+	if (group->meth->group_check_discriminant == 0)
 		{
-		ECerr(EC_F_EC_GROUP_SET_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+		ECerr(EC_F_EC_GROUP_CHECK_DISCRIMINANT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		return 0;
 		}
-	return group->meth->group_set_generator(group, generator, order, cofactor);
-	}
-
-
-EC_POINT *EC_GROUP_get0_generator(const EC_GROUP *group)
-	{
-	if (group->meth->group_get0_generator == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET0_GENERATOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get0_generator(group);
-	}
-
-
-int EC_GROUP_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_order == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_ORDER, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_order(group, order, ctx);
-	}
-
-
-int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-	{
-	if (group->meth->group_get_cofactor == 0)
-		{
-		ECerr(EC_F_EC_GROUP_GET_COFACTOR, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-		return 0;
-		}
-	return group->meth->group_get_cofactor(group, cofactor, ctx);
+	return group->meth->group_check_discriminant(group, ctx);
 	}
 
 
@@ -302,7 +374,6 @@ void EC_GROUP_clear_free_extra_data(EC_GROUP *group)
 	}
 
 
-
 /* functions for EC_POINT objects */
 
 EC_POINT *EC_POINT_new(const EC_GROUP *group)

crypto/ec/ec_mult.c

@@ -1,6 +1,6 @@
 /* crypto/ec/ec_mult.c */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -68,25 +68,23 @@
  */
 
 
-/* Determine the width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
+/* Determine the modified width-(w+1) Non-Adjacent Form (wNAF) of 'scalar'.
  * This is an array  r[]  of values that are either zero or odd with an
  * absolute value less than  2^w  satisfying
  *     scalar = \sum_j r[j]*2^j
- * where at most one of any  w+1  consecutive digits is non-zero.
+ * where at most one of any  w+1  consecutive digits is non-zero
+ * with the exception that the most significant digit may be only
+ * w-1 zeros away from that next non-zero digit.
  */
-static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, BN_CTX *ctx)
+static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len)
 	{
-	BIGNUM *c;
+	int window_val;
 	int ok = 0;
 	signed char *r = NULL;
 	int sign = 1;
 	int bit, next_bit, mask;
 	size_t len = 0, j;
 	
-	BN_CTX_start(ctx);
-	c = BN_CTX_get(ctx);
-	if (c == NULL) goto err;
-	
 	if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */
 		{
 		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
@@ -96,60 +94,84 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B
 	next_bit = bit << 1; /* at most 256 */
 	mask = next_bit - 1; /* at most 255 */
 
-	if (!BN_copy(c, scalar)) goto err;
-	if (c->neg)
+	if (scalar->neg)
 		{
 		sign = -1;
-		c->neg = 0;
 		}
 
-	len = BN_num_bits(c) + 1; /* wNAF may be one digit longer than binary representation */
-	r = OPENSSL_malloc(len);
+	len = BN_num_bits(scalar);
+	r = OPENSSL_malloc(len + 1); /* modified wNAF may be one digit longer than binary representation */
 	if (r == NULL) goto err;
 
-	j = 0;
-	while (!BN_is_zero(c))
+	if (scalar->d == NULL || scalar->top == 0)
 		{
-		int u = 0;
+		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+		goto err;
+		}
+	window_val = scalar->d[0] & mask;
+	j = 0;
+	while ((window_val != 0) || (j + w + 1 < len)) /* if j+w+1 >= len, window_val will not increase */
+		{
+		int digit = 0;
 
-		if (BN_is_odd(c)) 
+		/* 0 <= window_val <= 2^(w+1) */
+
+		if (window_val & 1)
 			{
-			if (c->d == NULL || c->top == 0)
+			/* 0 < window_val < 2^(w+1) */
+
+			if (window_val & bit)
+				{
+				digit = window_val - next_bit; /* -2^w < digit < 0 */
+
+#if 1 /* modified wNAF */
+				if (j + w + 1 >= len)
+					{
+					/* special case for generating modified wNAFs:
+					 * no new bits will be added into window_val,
+					 * so using a positive digit here will decrease
+					 * the total length of the representation */
+					
+					digit = window_val & (mask >> 1); /* 0 < digit < 2^w */
+					}
+#endif
+				}
+			else
+				{
+				digit = window_val; /* 0 < digit < 2^w */
+				}
+			
+			if (digit <= -bit || digit >= bit || !(digit & 1))
 				{
 				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
-			u = c->d[0] & mask;
-			if (u & bit)
-				{
-				u -= next_bit;
-				/* u < 0 */
-				if (!BN_add_word(c, -u)) goto err;
-				}
-			else
-				{
-				/* u > 0 */
-				if (!BN_sub_word(c, u)) goto err;
-				}
 
-			if (u <= -bit || u >= bit || !(u & 1) || c->neg)
+			window_val -= digit;
+
+			/* now window_val is 0 or 2^(w+1) in standard wNAF generation;
+			 * for modified window NAFs, it may also be 2^w
+			 */
+			if (window_val != 0 && window_val != next_bit && window_val != bit)
 				{
 				ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
 			}
 
-		r[j++] = sign * u;
-		
-		if (BN_is_odd(c))
+		r[j++] = sign * digit;
+
+		window_val >>= 1;
+		window_val += bit * BN_is_bit_set(scalar, j + w);
+
+		if (window_val > next_bit)
 			{
 			ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 			goto err;
 			}
-		if (!BN_rshift1(c, c)) goto err;
 		}
 
-	if (j > len)
+	if (j > len + 1)
 		{
 		ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
 		goto err;
@@ -158,7 +180,6 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len, B
 	ok = 1;
 
  err:
-	BN_CTX_end(ctx);
 	if (!ok)
 		{
 		OPENSSL_free(r);
@@ -314,7 +335,7 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 			}
 
 		wNAF[i + 1] = NULL; /* make sure we always have a pivot */
-		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i], ctx);
+		wNAF[i] = compute_wNAF((i < num ? scalars[i] : scalar), wsize[i], &wNAF_len[i]);
 		if (wNAF[i] == NULL) goto err;
 		if (wNAF_len[i] > max_len)
 			max_len = wNAF_len[i];

crypto/ec/ecp_mont.c

@@ -67,10 +67,7 @@ const EC_METHOD *EC_GFp_mont_method(void)
 		ec_GFp_mont_group_copy,
 		ec_GFp_mont_group_set_curve_GFp,
 		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
+		ec_GFp_simple_group_check_discriminant,
 		ec_GFp_simple_point_init,
 		ec_GFp_simple_point_finish,
 		ec_GFp_simple_point_clear_finish,

crypto/ec/ecp_nist.c

@@ -69,6 +69,7 @@ const EC_METHOD *EC_GFp_nist_method(void)
 		ec_GFp_simple_group_get0_generator,
 		ec_GFp_simple_group_get_order,
 		ec_GFp_simple_group_get_cofactor,
+		ec_GFp_simple_group_check_discriminant,
 		ec_GFp_simple_point_init,
 		ec_GFp_simple_point_finish,
 		ec_GFp_simple_point_clear_finish,

crypto/ec/ecp_recp.c

@@ -69,6 +69,7 @@ const EC_METHOD *EC_GFp_recp_method(void)
 		ec_GFp_simple_group_get0_generator,
 		ec_GFp_simple_group_get_order,
 		ec_GFp_simple_group_get_cofactor,
+		ec_GFp_simple_group_check_discriminant,
 		ec_GFp_simple_point_init,
 		ec_GFp_simple_point_finish,
 		ec_GFp_simple_point_clear_finish,

crypto/ec/ecp_smpl.c

@@ -2,7 +2,7 @@
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
  * for the OpenSSL project. */
 /* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -69,10 +69,7 @@ const EC_METHOD *EC_GFp_simple_method(void)
 		ec_GFp_simple_group_copy,
 		ec_GFp_simple_group_set_curve_GFp,
 		ec_GFp_simple_group_get_curve_GFp,
-		ec_GFp_simple_group_set_generator,
-		ec_GFp_simple_group_get0_generator,
-		ec_GFp_simple_group_get_order,
-		ec_GFp_simple_group_get_cofactor,
+		ec_GFp_simple_group_check_discriminant,
 		ec_GFp_simple_point_init,
 		ec_GFp_simple_point_finish,
 		ec_GFp_simple_point_clear_finish,
@@ -109,9 +106,6 @@ int ec_GFp_simple_group_init(EC_GROUP *group)
 	BN_init(&group->a);
 	BN_init(&group->b);
 	group->a_is_minus3 = 0;
-	group->generator = NULL;
-	BN_init(&group->order);
-	BN_init(&group->cofactor);
 	return 1;
 	}
 
@@ -121,10 +115,6 @@ void ec_GFp_simple_group_finish(EC_GROUP *group)
 	BN_free(&group->field);
 	BN_free(&group->a);
 	BN_free(&group->b);
-	if (group->generator != NULL)
-		EC_POINT_free(group->generator);
-	BN_free(&group->order);
-	BN_free(&group->cofactor);
 	}
 
 
@@ -133,13 +123,6 @@ void ec_GFp_simple_group_clear_finish(EC_GROUP *group)
 	BN_clear_free(&group->field);
 	BN_clear_free(&group->a);
 	BN_clear_free(&group->b);
-	if (group->generator != NULL)
-		{
-		EC_POINT_clear_free(group->generator);
-		group->generator = NULL;
-		}
-	BN_clear_free(&group->order);
-	BN_clear_free(&group->cofactor);
 	}
 
 
@@ -151,28 +134,6 @@ int ec_GFp_simple_group_copy(EC_GROUP *dest, const EC_GROUP *src)
 
 	dest->a_is_minus3 = src->a_is_minus3;
 
-	if (src->generator != NULL)
-		{
-		if (dest->generator == NULL)
-			{
-			dest->generator = EC_POINT_new(dest);
-			if (dest->generator == NULL) return 0;
-			}
-		if (!EC_POINT_copy(dest->generator, src->generator)) return 0;
-		}
-	else
-		{
-		/* src->generator == NULL */
-		if (dest->generator != NULL)
-			{
-			EC_POINT_clear_free(dest->generator);
-			dest->generator = NULL;
-			}
-		}
-
-	if (!BN_copy(&dest->order, &src->order)) return 0;
-	if (!BN_copy(&dest->cofactor, &src->cofactor)) return 0;
-
 	return 1;
 	}
 
@@ -283,58 +244,69 @@ int ec_GFp_simple_group_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *
 	}
 
 
-
-int ec_GFp_simple_group_set_generator(EC_GROUP *group, const EC_POINT *generator,
-	const BIGNUM *order, const BIGNUM *cofactor)
+int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	{
-	if (generator == NULL)
+	int ret = 0;
+	BIGNUM *a,*b,*order,*tmp_1,*tmp_2;
+	const BIGNUM *p = &group->field;
+	BN_CTX *new_ctx = NULL;
+
+	if (ctx == NULL)
 		{
-		ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_GENERATOR, ERR_R_PASSED_NULL_PARAMETER);
-		return 0   ;
+		ctx = new_ctx = BN_CTX_new();
+		if (ctx == NULL)
+			{
+			ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT, ERR_R_MALLOC_FAILURE);
+			goto err;
+			}
 		}
+	BN_CTX_start(ctx);
+	a = BN_CTX_get(ctx);
+	b = BN_CTX_get(ctx);
+	tmp_1 = BN_CTX_get(ctx);
+	tmp_2 = BN_CTX_get(ctx);
+	order = BN_CTX_get(ctx);
+	if (order == NULL) goto err;
 
-	if (group->generator == NULL)
+	if (group->meth->field_decode)
 		{
-		group->generator = EC_POINT_new(group);
-		if (group->generator == NULL) return 0;
+		if (!group->meth->field_decode(group, a, &group->a, ctx)) goto err;
+		if (!group->meth->field_decode(group, b, &group->b, ctx)) goto err;
 		}
-	if (!EC_POINT_copy(group->generator, generator)) return 0;
-
-	if (order != NULL)
-		{ if (!BN_copy(&group->order, order)) return 0; }	
 	else
-		{ if (!BN_zero(&group->order)) return 0; }	
+		{
+		if (!BN_copy(a, &group->a)) goto err;
+		if (!BN_copy(b, &group->b)) goto err;
+		}
+	
+	/* check the discriminant:
+	 * y^2 = x^3 + a*x + b is an elliptic curve <=> 4*a^3 + 27*b^2 != 0 (mod p) 
+         * 0 =< a, b < p */
+	if (BN_is_zero(a))
+		{
+		if (BN_is_zero(b)) goto err;
+		}
+	else if (!BN_is_zero(b))
+		{
+		if (!BN_mod_sqr(tmp_1, a, p, ctx)) goto err;
+		if (!BN_mod_mul(tmp_2, tmp_1, a, p, ctx)) goto err;
+		if (!BN_lshift(tmp_1, tmp_2, 2)) goto err;
+		/* tmp_1 = 4*a^3 */
 
-	if (cofactor != NULL)
-		{ if (!BN_copy(&group->cofactor, cofactor)) return 0; }	
-	else
-		{ if (!BN_zero(&group->cofactor)) return 0; }	
+		if (!BN_mod_sqr(tmp_2, b, p, ctx)) goto err;
+		if (!BN_mul_word(tmp_2, 27)) goto err;
+		/* tmp_2 = 27*b^2 */
 
-	return 1;
-	}
+		if (!BN_mod_add(a, tmp_1, tmp_2, p, ctx)) goto err;
+		if (BN_is_zero(a)) goto err;
+		}
+	ret = 1;
 
-
-EC_POINT *ec_GFp_simple_group_get0_generator(const EC_GROUP *group)
-	{
-	return group->generator;
-	}
-
-
-int ec_GFp_simple_group_get_order(const EC_GROUP *group, BIGNUM *order, BN_CTX *ctx)
-	{
-	if (!BN_copy(order, &group->order))
-		return 0;
-
-	return !BN_is_zero(&group->order);
-	}
-
-
-int ec_GFp_simple_group_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, BN_CTX *ctx)
-	{
-	if (!BN_copy(cofactor, &group->cofactor))
-		return 0;
-
-	return !BN_is_zero(&group->cofactor);
+err:
+	BN_CTX_end(ctx);
+	if (new_ctx != NULL)
+		BN_CTX_free(new_ctx);
+	return ret;
 	}
 
 

crypto/ec/ectest.c

@@ -75,8 +75,8 @@ int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); retur
 	exit(1); \
 } while (0)
 
-#if 0
-static void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
+
+void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
 	{
 	clock_t clck;
 	int i, j;
@@ -138,7 +138,7 @@ static void timings(EC_GROUP *group, int multi, BN_CTX *ctx)
 	BN_free(s);
 	BN_free(s0);
 	}
-#endif
+
 
 int main(int argc, char *argv[])
 	{	

crypto/ecdsa/.cvsignore

@@ -0,0 +1,2 @@
+lib
+Makefile.save

crypto/ecdsa/Makefile.ssl

@@ -0,0 +1,163 @@
+#
+# crypto/ecdsa/Makefile
+#
+
+DIR=	ecdsa
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g -Wall
+INSTALL_PREFIX=
+OPENSSLDIR=     /usr/local/ssl
+INSTALLTOP=/usr/local/ssl
+MAKE=		make -f Makefile.ssl
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
+MAKEFILE=	Makefile.ssl
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ecdsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=	ecs_lib.c ecs_gen.c ecs_asn1.c ecs_ossl.c ecs_sign.c ecs_vrf.c \
+	ecs_key.c ecs_err.c 
+
+LIBOBJ=	ecs_lib.o ecs_gen.o ecs_asn1.o ecs_ossl.o ecs_sign.o ecs_vrf.o \
+	ecs_key.o ecs_err.o 
+
+SRC= $(LIBSRC)
+
+EXHEADER= ecdsa.h
+HEADER=	ecs_locl.h $(EXHEADER)
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+	@$(TOP)/util/point.sh Makefile.ssl Makefile
+	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
+	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
+	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
+
+install:
+	@for i in $(EXHEADER) ; \
+	do  \
+	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+	done;
+
+tags:
+	ctags $(SRC)
+
+tests:
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+	$(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ecs_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+ecs_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ecs_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ecs_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_asn1.o: ../../include/openssl/ec.h ../../include/openssl/err.h
+ecs_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+ecs_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+ecs_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h ecdsa.h ecs_asn1.c
+ecs_asn1.o: ecs_locl.h
+ecs_err.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ecs_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ecs_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecs_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ecs_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecs_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_err.o: ecs_err.c
+ecs_gen.o: ecs_gen.c
+ecs_key.o: ../../e_os.h ../../include/openssl/asn1.h
+ecs_key.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ecs_key.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ecs_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_key.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecs_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ecs_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
+ecs_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ecs_key.o: ../cryptlib.h ecs_key.c
+ecs_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+ecs_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ecs_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ecs_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ecs_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ecs_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ecs_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ecs_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecs_lib.o: ../cryptlib.h ecdsa.h ecs_lib.c ecs_locl.h
+ecs_ossl.o: ../../e_os.h ../../include/openssl/asn1.h
+ecs_ossl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ecs_ossl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ecs_ossl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+ecs_ossl.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_ossl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+ecs_ossl.o: ../../include/openssl/opensslconf.h
+ecs_ossl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_ossl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_ossl.o: ../../include/openssl/symhacks.h ../cryptlib.h ecs_ossl.c
+ecs_sign.o: ../../e_os.h ../../include/openssl/asn1.h
+ecs_sign.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+ecs_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ecs_sign.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ecs_sign.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ecs_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_sign.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ecs_sign.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_sign.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_sign.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ecs_sign.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_sign.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecs_sign.o: ../cryptlib.h ecs_sign.c
+ecs_vrf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+ecs_vrf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+ecs_vrf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+ecs_vrf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+ecs_vrf.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+ecs_vrf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+ecs_vrf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+ecs_vrf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+ecs_vrf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+ecs_vrf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+ecs_vrf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+ecs_vrf.o: ecs_vrf.c

crypto/ecdsa/ecdsa.h

@@ -0,0 +1,282 @@
+/* crypto/ecdsa/ecdsa.h */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ECDSA_H
+#define HEADER_ECDSA_H
+
+#ifdef OPENSSL_NO_ECDSA
+#error ECDSA is disabled.
+#endif
+
+#ifndef OPENSSL_NO_BIO
+#include <openssl/bio.h>
+#endif
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/crypto.h>
+#include <openssl/ossl_typ.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct ecdsa_st ECDSA;
+
+typedef struct ECDSA_SIG_st
+{
+	BIGNUM *r;
+	BIGNUM *s;
+} ECDSA_SIG;
+
+typedef struct ecdsa_method 
+{
+	const char *name;
+	ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa);
+	int (*ecdsa_sign_setup)(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **r);
+	int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa);
+	int (*init)(ECDSA *ecdsa);
+	int (*finish)(ECDSA *ecdsa);
+	int flags;
+	char *app_data;
+} ECDSA_METHOD;
+
+#define ECDSA_FLAG_NAMED_CURVE	1
+#define ECDSA_FLAG_IMPLICITLYCA	2
+
+struct ecdsa_st
+{
+	int version;
+	point_conversion_form_t conversion_form;
+
+	EC_GROUP *group;
+
+	EC_POINT *pub_key;
+	BIGNUM	 *priv_key;
+
+	BIGNUM	 *kinv; /* signing pre-calc */
+	BIGNUM	 *r;	/* signing pre-calc */
+
+	unsigned char *seed;	/* seed for curve generation */
+	unsigned int  seed_len; 
+
+	int	parameter_flags;
+
+	int 	references;
+	int	flags;
+	CRYPTO_EX_DATA ex_data;
+	const ECDSA_METHOD *meth;
+	struct engine_st *engine;
+};
+
+ECDSA_SIG *ECDSA_SIG_new(void);
+void	  ECDSA_SIG_free(ECDSA_SIG *a);
+int	  i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
+ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length);
+
+ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa);
+int	  ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA* ecdsa);
+int 	  ECDSA_generate_key(ECDSA *ecdsa);
+int	  ECDSA_check_key(ECDSA *ecdsa);
+
+const ECDSA_METHOD *ECDSA_OpenSSL(void);
+
+void	  ECDSA_set_default_method(const ECDSA_METHOD *);
+const ECDSA_METHOD *ECDSA_get_default_method(void);
+int 	  ECDSA_set_method(ECDSA *, const ECDSA_METHOD *);
+
+ECDSA	  *ECDSA_new(void);
+ECDSA	  *ECDSA_new_method(ENGINE *engine);
+int	  ECDSA_size(const ECDSA *);
+int 	  ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx, BIGNUM **kinv, BIGNUM **rp);
+int	  ECDSA_sign(int type, const unsigned char *dgst, int dgst_len, unsigned char *sig, 
+		     unsigned int *siglen, ECDSA *ecdsa);
+int 	  ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sig,
+		       int sig_len, ECDSA *ecdsa);
+int	  ECDSA_up_ref(ECDSA *ecdsa);
+void	  ECDSA_free(ECDSA *a);
+int 	  ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+	     			 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
+int 	  ECDSA_set_ex_data(ECDSA *d, int idx, void *arg);
+void 	  *ECDSA_get_ex_data(ECDSA *d, int idx);
+
+#ifndef OPENSSL_NO_BIO
+int	ECDSAParameters_print(BIO *bp, const ECDSA *x);
+int	ECDSA_print(BIO *bp, const ECDSA *x, int off);
+#endif
+#ifndef OPENSSL_NO_FP_API
+int	ECDSAParameters_print_fp(FILE *fp, const ECDSA *x);
+int	ECDSA_print_fp(FILE *fp, const ECDSA *x, int off);
+#endif 
+
+void 	ECDSA_set_parameter_flags(ECDSA *, int);
+int	ECDSA_get_parameter_flags(const ECDSA*);
+
+/* The ECDSA_{set|get}_conversion_type() functions set/get the
+ * conversion form for ec-points (see ec.h) in a ECDSA-structure */
+void	ECDSA_set_conversion_form(ECDSA *, const point_conversion_form_t);
+point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *);
+/* The ECDSA_{set|get}_default_conversion_form() functions set/get the 
+ * default conversion form */
+void	ECDSA_set_default_conversion_form(const point_conversion_form_t);
+point_conversion_form_t ECDSA_get_default_conversion_form(void);
+
+/* the basic de- and encode functions ( see ecs_asn1.c ) */
+ECDSA   *d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len);
+int     i2d_ECDSAParameters(ECDSA *a, unsigned char **out);
+
+ECDSA   *d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len);
+int     i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out);
+
+/* ECDSAPublicKey_set_octet_string() sets the public key in the ECDSA-structure.
+ * (*a) must be a pointer to a ECDSA-structure with (*a)->group not zero 
+ * (e.g. a ECDSA-structure with a valid EC_GROUP-structure) */
+ECDSA 	*ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len);
+/* ECDSAPublicKey_get_octet_string() returns the length of the octet string encoding
+ * of the public key. If out != NULL then the function returns in *out 
+ * a pointer to the octet string */
+int 	ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out);
+
+
+#define ECDSAParameters_dup(x) (ECDSA *)ASN1_dup((int (*)())i2d_ECDSAParameters, \
+		(char *(*)())d2i_ECDSAParameters,(char *)(x))
+#define d2i_ECDSAParameters_fp(fp,x) (ECDSA *)ASN1_d2i_fp((char *(*)())ECDSA_new, \
+		(char *(*)())d2i_ECDSAParameters,(fp),(unsigned char **)(x))
+#define i2d_ECDSAParameters_fp(fp,x) ASN1_i2d_fp(i2d_ECDSAParameters,(fp), \
+		(unsigned char *)(x))
+#define d2i_ECDSAParameters_bio(bp,x) (ECDSA *)ASN1_d2i_bio((char *(*)())ECDSA_new, \
+		(char *(*)())d2i_ECDSAParameters,(bp),(unsigned char **)(x))
+#define i2d_ECDSAParameters_bio(bp,x) ASN1_i2d_bio(i2d_ECDSAParameters,(bp), \
+		(unsigned char *)(x))
+
+/* BEGIN ERROR CODES */
+/* The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_ECDSA_strings(void);
+
+/* Error codes for the ECDSA functions. */
+
+/* Function codes. */
+#define ECDSA_F_D2I_ECDSAPARAMETERS			 100
+#define ECDSA_F_D2I_ECDSAPRIVATEKEY			 101
+#define ECDSA_F_ECDSAPARAMETERS_PRINT			 102
+#define ECDSA_F_ECDSAPARAMETERS_PRINT_FP		 103
+#define ECDSA_F_ECDSA_DO_SIGN				 104
+#define ECDSA_F_ECDSA_DO_VERIFY				 105
+#define ECDSA_F_ECDSA_GENERATE_KEY			 106
+#define ECDSA_F_ECDSA_GET				 107
+#define ECDSA_F_ECDSA_GET_CURVE_NID			 120
+#define ECDSA_F_ECDSA_GET_ECDSA				 121
+#define ECDSA_F_ECDSA_GET_EC_PARAMETERS			 122
+#define ECDSA_F_ECDSA_GET_X9_62_CURVE			 108
+#define ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS		 109
+#define ECDSA_F_ECDSA_GET_X9_62_FIELDID			 110
+#define ECDSA_F_ECDSA_NEW				 111
+#define ECDSA_F_ECDSA_PRINT				 112
+#define ECDSA_F_ECDSA_PRINT_FP				 113
+#define ECDSA_F_ECDSA_SET_GROUP_P			 114
+#define ECDSA_F_ECDSA_SET_PRIME_GROUP			 123
+#define ECDSA_F_ECDSA_SIGN_SETUP			 115
+#define ECDSA_F_I2D_ECDSAPARAMETERS			 116
+#define ECDSA_F_I2D_ECDSAPRIVATEKEY			 117
+#define ECDSA_F_I2D_ECDSAPUBLICKEY			 118
+#define ECDSA_F_SIG_CB					 119
+
+/* Reason codes. */
+#define ECDSA_R_BAD_SIGNATURE				 100
+#define ECDSA_R_CAN_NOT_GET_GENERATOR			 101
+#define ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY	 102
+#define ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE		 103
+#define ECDSA_R_D2I_EC_PARAMETERS_FAILURE		 133
+#define ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE		 104
+#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 105
+#define ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE		 106
+#define ECDSA_R_ECDSA_F_ECDSA_NEW			 107
+#define ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE		 134
+#define ECDSA_R_ECDSA_GET_FAILURE			 108
+#define ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE		 109
+#define ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE	 110
+#define ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE		 111
+#define ECDSA_R_ECDSA_NEW_FAILURE			 112
+#define ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE	 135
+#define ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE	 113
+#define ECDSA_R_ECPARAMETERS2ECDSA_FAILURE		 138
+#define ECDSA_R_EC_GROUP_NID2CURVE_FAILURE		 136
+#define ECDSA_R_ERR_EC_LIB				 114
+#define ECDSA_R_I2D_ECDSA_PRIVATEKEY			 115
+#define ECDSA_R_I2D_ECDSA_PUBLICKEY			 116
+#define ECDSA_R_MISSING_PARAMETERS			 117
+#define ECDSA_R_NOT_SUPPORTED				 118
+#define ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED		 119
+#define ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED		 120
+#define ECDSA_R_NO_CURVE_SPECIFIED			 121
+#define ECDSA_R_NO_FIELD_SPECIFIED			 122
+#define ECDSA_R_PRIME_MISSING				 123
+#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 124
+#define ECDSA_R_SIGNATURE_MALLOC_FAILED			 125
+#define ECDSA_R_UNEXPECTED_ASN1_TYPE			 126
+#define ECDSA_R_UNEXPECTED_PARAMETER			 127
+#define ECDSA_R_UNEXPECTED_PARAMETER_LENGTH		 128
+#define ECDSA_R_UNEXPECTED_VERSION_NUMER		 129
+#define ECDSA_R_UNKNOWN_PARAMETERS_TYPE			 137
+#define ECDSA_R_WRONG_FIELD_IDENTIFIER			 130
+#define ECDSA_R_X9_62_CURVE_NEW_FAILURE			 131
+#define ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE		 132
+
+#ifdef  __cplusplus
+}
+#endif
+#endif

crypto/ecdsa/ecdsatest.c

@@ -0,0 +1,684 @@
+/* crypto/ecdsa/ecdsatest.c */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+
+#ifdef CLOCKS_PER_SEC
+	/* "To determine the time in seconds, the value returned
+	 * by the clock function should be divided by the value
+	 * of the macro CLOCKS_PER_SEC."
+	 *                                       -- ISO/IEC 9899 */
+#	define UNIT "s"
+#else
+	/* "`CLOCKS_PER_SEC' undeclared (first use this function)"
+	 *                            -- cc on NeXTstep/OpenStep */
+#	define UNIT "units"
+#	define CLOCKS_PER_SEC 1
+#endif
+
+#ifdef OPENSSL_NO_ECDSA
+int main(int argc, char * argv[]) { puts("Elliptic curves are disabled."); return 0; }
+#else
+
+#include <openssl/crypto.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+#include <openssl/ecdsa.h>
+#include <openssl/engine.h>
+#include <openssl/err.h>
+
+static BIO *bio_err=NULL;
+static const char rnd_seed[] = "string to make the random number generator think it has entropy";
+
+#define	ECDSA_NIST_TESTS	10
+ECDSA_SIG*	signatures[ECDSA_NIST_TESTS];
+unsigned char	digest[ECDSA_NIST_TESTS][20];
+
+void clear_ecdsa(ECDSA *ecdsa)
+{
+	if (!ecdsa)
+		return;
+	if (ecdsa->group)
+	{
+		EC_GROUP_free(ecdsa->group);
+		ecdsa->group = NULL;
+	}
+	if (ecdsa->pub_key)
+	{
+		EC_POINT_free(ecdsa->pub_key);
+		ecdsa->pub_key = NULL;
+	}
+	if (ecdsa->priv_key)
+	{
+		BN_free(ecdsa->priv_key);
+		ecdsa->priv_key = NULL;
+	}
+}
+
+int set_p192_param(ECDSA *ecdsa)
+{
+	BN_CTX	 *ctx=NULL;
+	int 	 ret=0;
+
+	if (!ecdsa)
+		return 0;
+	if ((ctx = BN_CTX_new()) == NULL) goto err;
+	clear_ecdsa(ecdsa);
+	
+	if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_X9_62_PRIME_192V1)) == NULL)
+	{
+		BIO_printf(bio_err,"ECDSA_SET_GROUP_P_192_V1() failed \n");
+		goto err;
+	}
+	if ((ecdsa->pub_key = EC_POINT_new(ecdsa->group)) == NULL)
+	{
+		BIO_printf(bio_err,"EC_POINT_new failed \n");
+		goto err;
+	}
+
+	if (!BN_dec2bn(&(ecdsa->priv_key), "651056770906015076056810763456358567190100156695615665659"))	goto err;
+	if (!EC_POINT_mul(ecdsa->group,ecdsa->pub_key,ecdsa->priv_key,NULL,NULL,ctx))
+	{
+		BIO_printf(bio_err,"EC_POINT_mul() failed \n");
+		goto err;
+	}
+	ret = 1;
+
+err :	if (ctx)	BN_CTX_free(ctx);
+	return ret;
+}
+
+int set_p239_param(ECDSA *ecdsa)
+{
+	BN_CTX	 *ctx=NULL;
+	int 	 ret=0;
+
+	if (!ecdsa)
+		return 0;
+	if ((ctx = BN_CTX_new()) == NULL) goto err;
+	clear_ecdsa(ecdsa);
+	
+	if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_X9_62_PRIME_239V1)) == NULL)
+	{
+		BIO_printf(bio_err,"ECDSA_SET_GROUP_P_239_V1() failed \n");
+		goto err;
+	}
+	if ((ecdsa->pub_key = EC_POINT_new(ecdsa->group)) == NULL)
+	{
+		BIO_printf(bio_err,"EC_POINT_new failed \n");
+		goto err;
+	}
+
+	if (!BN_dec2bn(&(ecdsa->priv_key), "876300101507107567501066130761671078357010671067781776716671676178726717"))	goto err;
+	if (!EC_POINT_mul(ecdsa->group,ecdsa->pub_key,ecdsa->priv_key,NULL,NULL,ctx))
+	{
+		BIO_printf(bio_err,"EC_POINT_mul() failed \n");
+		goto err;
+	}
+	ret = 1;
+
+err :	if (ctx)	BN_CTX_free(ctx);
+	return ret;
+}
+
+int test_sig_vrf(ECDSA *ecdsa, const unsigned char* dgst)
+{
+        int       ret=0,type=0;
+        unsigned char *buffer=NULL;
+        unsigned int  buf_len;
+        clock_t  tim;
+ 
+        if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+                return 0;
+        if ((buf_len = ECDSA_size(ecdsa)) == 0)
+        {
+                BIO_printf(bio_err, "ECDSA_size() == 0 \n");
+                goto err;
+        }
+        if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
+                goto err;
+ 
+        tim = clock();
+        if (!ECDSA_sign(type, dgst , 20, buffer, &buf_len, ecdsa))
+        {
+                BIO_printf(bio_err, "ECDSA_sign() FAILED \n");
+                goto err;
+        }
+        tim = clock() - tim;
+        BIO_printf(bio_err, " [ ECDSA_sign() %.2f"UNIT, (double)tim/(CLOCKS_PER_SEC));
+ 
+        tim = clock();
+        ret = ECDSA_verify(type, dgst, 20, buffer, buf_len, ecdsa);
+        if (ret != 1)
+        {
+                BIO_printf(bio_err, "ECDSA_verify() FAILED \n");
+                goto err;
+        }
+        tim = clock() - tim;
+        BIO_printf(bio_err, " and ECDSA_verify() %.2f"UNIT" ] ", (double)tim/(CLOCKS_PER_SEC));
+ 
+err:    OPENSSL_free(buffer);
+        return(ret == 1);
+}
+
+int test_x962_sig_vrf(ECDSA *ecdsa, const unsigned char *dgst,
+                           const char *k_in, const char *r_in, const char *s_in)
+{
+        int       ret=0;
+        ECDSA_SIG *sig=NULL;
+        EC_POINT  *point=NULL;
+        BIGNUM    *r=NULL,*s=NULL,*k=NULL,*x=NULL,*y=NULL,*m=NULL,*ord=NULL;
+        BN_CTX    *ctx=NULL;
+        char      *tmp_char=NULL;
+ 
+        if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+                return 0;
+        if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err;
+        if ((r = BN_new()) == NULL || (s = BN_new()) == NULL || (k = BN_new()) == NULL ||
+            (x = BN_new()) == NULL || (y = BN_new()) == NULL || (m = BN_new()) == NULL ||
+            (ord = BN_new()) == NULL) goto err;
+        if ((ctx = BN_CTX_new()) == NULL) goto err;
+        if (!BN_bin2bn(dgst, 20, m)) goto err;
+        if (!BN_dec2bn(&k, k_in)) goto err;
+        if (!EC_POINT_mul(ecdsa->group, point, k, NULL, NULL, ctx)) goto err;
+        if (!EC_POINT_get_affine_coordinates_GFp(ecdsa->group, point, x, y, ctx)) goto err;
+        if (!EC_GROUP_get_order(ecdsa->group, ord, ctx)) goto err;
+        if ((ecdsa->r = BN_dup(x)) == NULL) goto err;
+        if ((ecdsa->kinv = BN_mod_inverse(NULL, k, ord, ctx)) == NULL) goto err;
+ 
+        if ((sig = ECDSA_do_sign(dgst, 20, ecdsa)) == NULL)
+        {
+                BIO_printf(bio_err,"ECDSA_do_sign() failed \n");
+                goto err;
+        }
+ 
+        if (!BN_dec2bn(&r, r_in)) goto err;
+        if (!BN_dec2bn(&s, s_in)) goto err;
+        if (BN_cmp(sig->r,r) != 0 || BN_cmp(sig->s,s) != 0)
+        {
+                tmp_char = OPENSSL_malloc(128);
+                if (tmp_char == NULL) goto err;
+                tmp_char = BN_bn2dec(sig->r);
+                BIO_printf(bio_err,"unexpected signature \n");
+                BIO_printf(bio_err,"sig->r = %s\n",tmp_char);
+                tmp_char = BN_bn2dec(sig->s);
+                BIO_printf(bio_err,"sig->s = %s\n",tmp_char);
+                goto err;
+        }
+	        ret = ECDSA_do_verify(dgst, 20, sig, ecdsa);
+        if (ret != 1)
+        {
+                BIO_printf(bio_err,"ECDSA_do_verify : signature verification failed \n");
+                goto err;
+        }
+ 
+        ret = 1;
+err :   if (r)    BN_free(r);
+        if (s)    BN_free(s);
+        if (k)    BN_free(k);
+        if (x)    BN_free(x);
+        if (y)    BN_free(y);
+	if (m)	  BN_free(m);
+        if (ord)  BN_free(ord);
+        if (sig)  ECDSA_SIG_free(sig);
+        if (ctx)  BN_CTX_free(ctx);
+        if (point) EC_POINT_free(point);
+        if (tmp_char) OPENSSL_free(tmp_char);
+        return(ret == 1);
+}
+
+int ecdsa_cmp(const ECDSA *a, const ECDSA *b)
+{
+	int 	ret=1;
+	BN_CTX	*ctx=NULL;
+	BIGNUM	*tmp_a1=NULL, *tmp_a2=NULL, *tmp_a3=NULL;
+	BIGNUM	*tmp_b1=NULL, *tmp_b2=NULL, *tmp_b3=NULL;
+
+	if ((ctx = BN_CTX_new()) == NULL) return 1;
+	if ((tmp_a1 = BN_new()) == NULL || (tmp_a2 = BN_new()) == NULL || (tmp_a3 = BN_new()) == NULL) goto err;
+	if ((tmp_b1 = BN_new()) == NULL || (tmp_b2 = BN_new()) == NULL || (tmp_b3 = BN_new()) == NULL) goto err;
+
+	if (a->pub_key && b->pub_key)
+		if (EC_POINT_cmp(a->group, a->pub_key, b->pub_key, ctx) != 0) goto err;
+	if (a->priv_key && b->priv_key)
+		if (BN_cmp(a->priv_key, b->priv_key) != 0) goto err;
+	if (!EC_GROUP_get_curve_GFp(a->group, tmp_a1, tmp_a2, tmp_a3, ctx)) goto err;
+	if (!EC_GROUP_get_curve_GFp(a->group, tmp_b1, tmp_b2, tmp_b3, ctx)) goto err;
+	if (BN_cmp(tmp_a1, tmp_b1) != 0) goto err;
+	if (BN_cmp(tmp_a2, tmp_b2) != 0) goto err;
+	if (BN_cmp(tmp_a3, tmp_b3) != 0) goto err;
+
+	ret = 0;
+err:	if (tmp_a1) BN_free(tmp_a1);
+	if (tmp_a2) BN_free(tmp_a2);
+	if (tmp_a3) BN_free(tmp_a3);
+	if (tmp_b1) BN_free(tmp_b1);
+	if (tmp_b2) BN_free(tmp_b2);
+	if (tmp_b3) BN_free(tmp_b3);
+	if (ctx) BN_CTX_free(ctx);
+	return(ret);
+}
+
+int main(void)
+{
+	ECDSA	 	*ecdsa=NULL, *ret_ecdsa=NULL;
+	BIGNUM	 	*d=NULL;
+	X509_PUBKEY 	*x509_pubkey=NULL;
+	PKCS8_PRIV_KEY_INFO *pkcs8=NULL;
+	EVP_PKEY 	*pkey=NULL, *ret_pkey=NULL;
+	int 	 	dgst_len=0;
+	unsigned char 	*dgst=NULL;
+	int 	 	ret = 0, i=0;
+	clock_t		tim;
+	unsigned char 	*buffer=NULL;
+	unsigned char   *pp;
+	long		buf_len=0;
+	double		tim_d;
+	EVP_MD_CTX	*md_ctx=NULL;
+	
+	/* enable memory leak checking unless explicitly disabled */
+	if (!((getenv("OPENSSL_DEBUG_MEMORY") != NULL) && (0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off"))))
+		{
+		CRYPTO_malloc_debug_init();
+		CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
+		}
+	else
+		{
+		/* OPENSSL_DEBUG_MEMORY=off */
+		CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
+		}
+	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+	ERR_load_crypto_strings();
+
+	if (bio_err == NULL)
+		bio_err=BIO_new_fp(stderr, BIO_NOCLOSE);
+
+	RAND_seed(rnd_seed, sizeof(rnd_seed));
+
+	if ((ecdsa = ECDSA_new()) == NULL)   goto err;
+
+	set_p192_param(ecdsa);
+	ECDSA_print(bio_err, ecdsa, 0);
+
+	/* en- decode tests */
+
+	/* i2d_ - d2i_ECDSAParameters() */
+	BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAParameters \n");
+	buf_len = i2d_ECDSAParameters(ecdsa, NULL);
+	if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
+	pp = buffer;
+	if (!i2d_ECDSAParameters(ecdsa, &pp)) goto err;
+	pp = buffer;
+	if ((ret_ecdsa = d2i_ECDSAParameters(&ret_ecdsa, (const unsigned char **)&pp, 
+			buf_len)) == NULL) goto err;
+	ECDSAParameters_print(bio_err, ret_ecdsa);
+	if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
+	OPENSSL_free(buffer);
+	buffer = NULL;
+	ECDSA_free(ret_ecdsa);
+	ret_ecdsa = NULL;
+
+	/* i2d_ - d2i_ECDSAPrivateKey() */
+	BIO_printf(bio_err, "\nTesting i2d_ - d2i_ECDSAPrivateKey \n");
+	buf_len = i2d_ECDSAPrivateKey(ecdsa, NULL);
+	if (!buf_len || (buffer = OPENSSL_malloc(buf_len)) == NULL) goto err;
+	pp = buffer;
+	if (!i2d_ECDSAPrivateKey(ecdsa, &pp)) goto err;
+	pp = buffer;
+	if ((ret_ecdsa = d2i_ECDSAPrivateKey(&ret_ecdsa, (const unsigned char**)&pp, 
+			buf_len)) == NULL) goto err;
+	ECDSA_print(bio_err, ret_ecdsa, 0);
+	if (ecdsa_cmp(ecdsa, ret_ecdsa)) goto err;
+	ECDSA_free(ret_ecdsa);
+	ret_ecdsa = NULL;
+	OPENSSL_free(buffer);
+	buffer = NULL;
+
+	/* X509_PUBKEY_set() &  X509_PUBKEY_get() */	
+
+	BIO_printf(bio_err, "\nTesting X509_PUBKEY_{get,set}            : ");
+	if ((pkey = EVP_PKEY_new()) == NULL) goto err;
+	EVP_PKEY_assign_ECDSA(pkey, ecdsa);
+	if ((x509_pubkey = X509_PUBKEY_new()) == NULL) goto err;
+	if (!X509_PUBKEY_set(&x509_pubkey, pkey)) goto err;
+
+	if ((ret_pkey = X509_PUBKEY_get(x509_pubkey)) == NULL) goto err;
+	ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+	EVP_PKEY_free(ret_pkey);
+	ret_pkey = NULL;
+
+	if (ecdsa_cmp(ecdsa, ret_ecdsa)) 
+	{
+		BIO_printf(bio_err, "TEST FAILED \n");
+		goto err;
+	}
+	else BIO_printf(bio_err, "TEST OK \n");
+	X509_PUBKEY_free(x509_pubkey);
+	x509_pubkey = NULL;
+	ECDSA_free(ret_ecdsa);
+	ret_ecdsa = NULL;
+
+	/* Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY */
+	BIO_printf(bio_err, "Testing PKCS8_PRIV_KEY_INFO <-> EVP_PKEY : \n");
+	BIO_printf(bio_err, "PKCS8_OK              : ");
+	if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_OK)) == NULL) goto err;
+	if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
+	ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+	if (ecdsa_cmp(ecdsa, ret_ecdsa))
+	{
+		BIO_printf(bio_err, "TEST FAILED \n");
+		goto err;
+	}
+	else BIO_printf(bio_err, "TEST OK \n");
+	EVP_PKEY_free(ret_pkey);
+	ret_pkey = NULL;
+	ECDSA_free(ret_ecdsa);
+	ret_ecdsa = NULL;
+	PKCS8_PRIV_KEY_INFO_free(pkcs8);
+	BIO_printf(bio_err, "PKCS8_NO_OCTET        : ");
+        if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NO_OCTET)) == NULL) goto err;
+        if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
+        ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+        if (ecdsa_cmp(ecdsa, ret_ecdsa))
+        {
+                BIO_printf(bio_err, "TEST FAILED \n");
+                goto err;
+        }
+        else BIO_printf(bio_err, "TEST OK \n");
+        EVP_PKEY_free(ret_pkey);
+        ret_pkey = NULL;
+        ECDSA_free(ret_ecdsa);
+        ret_ecdsa = NULL;
+	PKCS8_PRIV_KEY_INFO_free(pkcs8);
+	BIO_printf(bio_err, "PKCS8_EMBEDDED_PARAM  : ");
+        if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_EMBEDDED_PARAM)) == NULL) goto err;
+        if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
+        ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+        if (ecdsa_cmp(ecdsa, ret_ecdsa))
+        {
+                BIO_printf(bio_err, "TEST FAILED \n");
+                goto err;
+        }
+        else BIO_printf(bio_err, "TEST OK \n");
+        EVP_PKEY_free(ret_pkey);
+        ret_pkey = NULL;
+        ECDSA_free(ret_ecdsa);
+        ret_ecdsa = NULL;
+	PKCS8_PRIV_KEY_INFO_free(pkcs8);
+        BIO_printf(bio_err, "PKCS8_NS_DB           : ");
+        if ((pkcs8 = EVP_PKEY2PKCS8_broken(pkey, PKCS8_NS_DB)) == NULL) goto err;
+        if ((ret_pkey = EVP_PKCS82PKEY(pkcs8)) == NULL) goto err;
+        ret_ecdsa = EVP_PKEY_get1_ECDSA(ret_pkey);
+        if (ecdsa_cmp(ecdsa, ret_ecdsa))
+        {
+                BIO_printf(bio_err, "TEST FAILED \n");
+                goto err;
+        }
+        else BIO_printf(bio_err, "TEST OK \n");
+        EVP_PKEY_free(ret_pkey);
+        ret_pkey = NULL;
+        ECDSA_free(ret_ecdsa);
+        ret_ecdsa = NULL;
+	EVP_PKEY_free(pkey);
+	pkey  = NULL;
+	ecdsa = NULL;
+	PKCS8_PRIV_KEY_INFO_free(pkcs8);
+	pkcs8 = NULL;
+
+	/* sign and verify tests */
+	if ((d = BN_new()) == NULL) goto err;
+ 
+        if (!BN_dec2bn(&d, "968236873715988614170569073515315707566766479517")) goto err;
+        dgst_len = BN_num_bytes(d);
+	if ((dgst = OPENSSL_malloc(dgst_len)) == NULL) goto err;
+        if (!BN_bn2bin(d, dgst)) goto err;
+
+        BIO_printf(bio_err, "Performing tests based on examples H.3.1 and H.3.2 of X9.62 \n");
+ 
+        BIO_printf(bio_err, "PRIME_192_V1 : ");
+	if ((ecdsa = ECDSA_new()) == NULL) goto err;
+        if (!set_p192_param(ecdsa)) goto err;
+        if (!test_x962_sig_vrf(ecdsa, dgst, "6140507067065001063065065565667405560006161556565665656654",
+                               "3342403536405981729393488334694600415596881826869351677613",
+                               "5735822328888155254683894997897571951568553642892029982342"))
+                goto err;
+        else
+                BIO_printf(bio_err, "OK\n");
+        BIO_printf(bio_err, "PRIME_239_V1 : ");
+        if (!set_p239_param(ecdsa))
+                goto err;
+        if (!test_x962_sig_vrf(ecdsa, dgst, "700000017569056646655505781757157107570501575775705779575555657156756655",
+                               "308636143175167811492622547300668018854959378758531778147462058306432176",
+                               "323813553209797357708078776831250505931891051755007842781978505179448783"))
+                goto err;
+        else
+                BIO_printf(bio_err, "OK\n");
+
+	ECDSA_free(ecdsa);
+	ecdsa = NULL;
+	OPENSSL_free(dgst);
+	dgst = NULL;
+
+
+	/* NIST PRIME CURVES TESTS */
+	/* EC_GROUP_NIST_PRIME_192 */
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+		if (!RAND_bytes(digest[i], 20)) goto err;	
+
+ 	BIO_printf(bio_err, "\nTesting sign & verify with NIST Prime-Curve P-192 : \n");
+	ECDSA_free(ecdsa);
+	if ((ecdsa = ECDSA_new()) == NULL) goto err;
+	if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_192)) == NULL) goto err;
+	if (!ECDSA_generate_key(ecdsa)) goto err;
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
+        tim = clock() - tim;
+	tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
+		, ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
+	tim = clock();
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+		if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
+	tim = clock() - tim;
+	tim_d = (double)tim / CLOCKS_PER_SEC;
+	BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+	{
+		ECDSA_SIG_free(signatures[i]);
+		signatures[i] = NULL;
+	}
+
+	/* EC_GROUP_NIST_PRIME_224 */
+	BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-224 : \n");
+        ECDSA_free(ecdsa);
+        if ((ecdsa = ECDSA_new()) == NULL) goto err;
+        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_224)) == NULL) goto err;
+        if (!ECDSA_generate_key(ecdsa)) goto err;
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+	{
+		ECDSA_SIG_free(signatures[i]);
+		signatures[i] = NULL;
+	}
+
+	/* EC_GROUP_NIST_PRIME_256 */
+        BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-256 : \n");
+        ECDSA_free(ecdsa);
+        if ((ecdsa = ECDSA_new()) == NULL) goto err;
+        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_256)) == NULL) goto err;
+        if (!ECDSA_generate_key(ecdsa)) goto err;
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+	{
+		ECDSA_SIG_free(signatures[i]);
+		signatures[i] = NULL;
+	}
+
+	/* EC_GROUP_NIST_PRIME_384 */
+        BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-384 : \n");
+        ECDSA_free(ecdsa);
+        if ((ecdsa = ECDSA_new()) == NULL) goto err;
+        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_384)) == NULL) goto err;
+        if (!ECDSA_generate_key(ecdsa)) goto err;
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+	{
+		ECDSA_SIG_free(signatures[i]);
+		signatures[i] = NULL;
+	}
+
+	/* EC_GROUP_NIST_PRIME_521 */
+        BIO_printf(bio_err, "Testing sign & verify with NIST Prime-Curve P-521 : \n");
+        ECDSA_free(ecdsa);
+        if ((ecdsa = ECDSA_new()) == NULL) goto err;
+        if ((ecdsa->group = EC_GROUP_new_by_name(EC_GROUP_NIST_PRIME_521)) == NULL) goto err;
+        if (!ECDSA_generate_key(ecdsa)) goto err;
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if ((signatures[i] = ECDSA_do_sign(digest[i], 20, ecdsa)) == NULL) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_sign()   in %.2f"UNIT" => average time for ECDSA_do_sign()   %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d / ECDSA_NIST_TESTS);
+        tim = clock();
+        for (i=0; i<ECDSA_NIST_TESTS; i++)
+                if (!ECDSA_do_verify(digest[i], 20, signatures[i], ecdsa)) goto err;
+        tim = clock() - tim;
+        tim_d = (double)tim / CLOCKS_PER_SEC;
+        BIO_printf(bio_err, "%d x ECDSA_do_verify() in %.2f"UNIT" => average time for ECDSA_do_verify() %.4f"UNIT"\n"
+                , ECDSA_NIST_TESTS, tim_d, tim_d/ECDSA_NIST_TESTS);
+	ECDSA_free(ecdsa);
+	ecdsa = NULL;
+	for (i=0; i<ECDSA_NIST_TESTS; i++)
+	{
+		ECDSA_SIG_free(signatures[i]);
+		signatures[i] = NULL;
+	}
+
+	OPENSSL_free(buffer);
+	buffer = NULL;
+	EVP_PKEY_free(pkey);
+	pkey = NULL;
+	ecdsa = NULL;
+	
+	ret = 1;
+err:	if (!ret) 	
+		BIO_printf(bio_err, "TEST FAILED \n");
+	else 
+		BIO_printf(bio_err, "TEST PASSED \n");
+	if (!ret)
+		ERR_print_errors(bio_err);
+	if (ecdsa)	ECDSA_free(ecdsa);
+	if (d)		BN_free(d);
+	if (dgst)	OPENSSL_free(dgst);
+	if (md_ctx)	EVP_MD_CTX_destroy(md_ctx);
+	CRYPTO_cleanup_all_ex_data();
+	ERR_remove_state(0);
+	ERR_free_strings();
+	CRYPTO_mem_leaks(bio_err);
+	if (bio_err != NULL)
+	{
+		BIO_free(bio_err);
+		bio_err = NULL;
+	}
+	return(0);
+}	
+
+#endif

crypto/ecdsa/ecs_asn1.c

@@ -0,0 +1,677 @@
+/* crypto/ecdsa/ecs_asn1.c */
+/* ====================================================================
+ * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "cryptlib.h"
+#include "ecs_locl.h"
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+ASN1_SEQUENCE(ECDSA_SIG) = {
+	ASN1_SIMPLE(ECDSA_SIG, r, CBIGNUM),
+	ASN1_SIMPLE(ECDSA_SIG, s, CBIGNUM)
+} ASN1_SEQUENCE_END(ECDSA_SIG)
+
+IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG)
+
+ASN1_SEQUENCE(X9_62_FIELDID) = {
+	ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
+	ASN1_SIMPLE(X9_62_FIELDID, parameters, ASN1_ANY)
+} ASN1_SEQUENCE_END(X9_62_FIELDID)
+
+DECLARE_ASN1_FUNCTIONS_const(X9_62_FIELDID)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_FIELDID, X9_62_FIELDID)
+IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_FIELDID)
+
+ASN1_SEQUENCE(X9_62_CURVE) = {
+	ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
+	ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
+	ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(X9_62_CURVE)
+
+DECLARE_ASN1_FUNCTIONS_const(X9_62_CURVE)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_CURVE, X9_62_CURVE)
+IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_CURVE)
+
+ASN1_SEQUENCE(X9_62_EC_PARAMETERS) = {
+	ASN1_SIMPLE(X9_62_EC_PARAMETERS, version, ASN1_INTEGER),
+	ASN1_SIMPLE(X9_62_EC_PARAMETERS, fieldID, X9_62_FIELDID),
+	ASN1_SIMPLE(X9_62_EC_PARAMETERS, curve, X9_62_CURVE),
+	ASN1_SIMPLE(X9_62_EC_PARAMETERS, base, ASN1_OCTET_STRING),
+	ASN1_SIMPLE(X9_62_EC_PARAMETERS, order, ASN1_INTEGER),
+	ASN1_SIMPLE(X9_62_EC_PARAMETERS, cofactor, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(X9_62_EC_PARAMETERS)
+
+DECLARE_ASN1_FUNCTIONS_const(X9_62_EC_PARAMETERS)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(X9_62_EC_PARAMETERS, X9_62_EC_PARAMETERS)
+IMPLEMENT_ASN1_FUNCTIONS_const(X9_62_EC_PARAMETERS)
+
+ASN1_CHOICE(EC_PARAMETERS) = {
+	ASN1_SIMPLE(EC_PARAMETERS, value.named_curve, ASN1_OBJECT),
+	ASN1_SIMPLE(EC_PARAMETERS, value.parameters, X9_62_EC_PARAMETERS),
+	ASN1_SIMPLE(EC_PARAMETERS, value.implicitlyCA, ASN1_NULL)
+} ASN1_CHOICE_END(EC_PARAMETERS)
+
+DECLARE_ASN1_FUNCTIONS_const(EC_PARAMETERS)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PARAMETERS, EC_PARAMETERS)
+IMPLEMENT_ASN1_FUNCTIONS_const(EC_PARAMETERS)
+             
+ASN1_SEQUENCE(ECDSAPrivateKey) = {
+	ASN1_SIMPLE(ECDSAPrivateKey, version, LONG),
+	ASN1_SIMPLE(ECDSAPrivateKey, parameters, EC_PARAMETERS),
+	ASN1_SIMPLE(ECDSAPrivateKey, pub_key, ASN1_OCTET_STRING),
+	ASN1_SIMPLE(ECDSAPrivateKey, priv_key, BIGNUM)
+} ASN1_SEQUENCE_END(ECDSAPrivateKey)
+
+DECLARE_ASN1_FUNCTIONS_const(ECDSAPrivateKey)
+DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSAPrivateKey, ecdsaPrivateKey)
+IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(ECDSAPrivateKey, ECDSAPrivateKey, ECDSAPrivateKey)
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(ECDSAPrivateKey, ECDSAPrivateKey, ecdsaPrivateKey)
+
+
+X9_62_FIELDID 	*ECDSA_get_X9_62_FIELDID(const ECDSA *ecdsa, X9_62_FIELDID *field)
+{
+	/* TODO : characteristic two */
+	int	ok=0, reason=ERR_R_ASN1_LIB;
+	X9_62_FIELDID *ret=NULL;
+	BIGNUM  *tmp=NULL;
+	
+	if (!ecdsa || !ecdsa->group)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
+	if (field == NULL)
+	{
+		if ((ret = X9_62_FIELDID_new()) == NULL) return NULL;
+	}
+	else
+	{	
+		ret = field;
+		if (ret->fieldType != NULL)	ASN1_OBJECT_free(ret->fieldType);
+		if (ret->parameters != NULL)	ASN1_TYPE_free(ret->parameters);
+	}
+	if ((tmp = BN_new()) == NULL) 
+		OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
+	if ((ret->fieldType = OBJ_nid2obj(NID_X9_62_prime_field)) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_OBJ_LIB)
+	if ((ret->parameters = ASN1_TYPE_new()) == NULL) goto err;
+	ret->parameters->type = V_ASN1_INTEGER;
+	if (!EC_GROUP_get_curve_GFp(ecdsa->group, tmp, NULL, NULL, NULL))
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+	if ((ret->parameters->value.integer = BN_to_ASN1_INTEGER(tmp, NULL)) == NULL) goto err;
+	ok = 1;
+err :	if (!ok)
+	{
+		if (ret && !field) X9_62_FIELDID_free(ret);
+		ret = NULL;
+		ECDSAerr(ECDSA_F_ECDSA_GET_X9_62_FIELDID, reason);
+	}
+	if (tmp) BN_free(tmp);
+	return(ret);
+}
+
+X9_62_CURVE   *ECDSA_get_X9_62_CURVE(const ECDSA *ecdsa, X9_62_CURVE *curve)
+{
+	int	ok=0, reason=ERR_R_BN_LIB, len1=0, len2=0;
+	X9_62_CURVE *ret=NULL;
+	BIGNUM      *tmp1=NULL, *tmp2=NULL;
+	unsigned char *buffer=NULL;
+	unsigned char char_buf = 0;
+
+	if (!ecdsa || !ecdsa->group)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
+	if ((tmp1 = BN_new()) == NULL || (tmp2 = BN_new()) == NULL) goto err;
+	if (curve == NULL)
+	{
+		if ((ret = X9_62_CURVE_new()) == NULL)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_X9_62_CURVE_NEW_FAILURE)
+	}
+	else
+	{
+		ret = curve;
+		if (ret->a)	ASN1_OCTET_STRING_free(ret->a);
+		if (ret->b)	ASN1_OCTET_STRING_free(ret->b);
+		if (ret->seed)	ASN1_BIT_STRING_free(ret->seed);
+	}
+	if (!EC_GROUP_get_curve_GFp(ecdsa->group, NULL, tmp1, tmp2, NULL))
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+
+	if ((ret->a = M_ASN1_OCTET_STRING_new()) == NULL || 
+	    (ret->b = M_ASN1_OCTET_STRING_new()) == NULL )
+		OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+
+	len1 = BN_num_bytes(tmp1);
+	len2 = BN_num_bytes(tmp2);
+
+	if ((buffer = OPENSSL_malloc(len1 > len2 ? len1 : len2)) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
+
+	if (len1 == 0) /* => a == 0 */
+	{
+		if (!M_ASN1_OCTET_STRING_set(ret->a, &char_buf, 1))
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+	}
+	else
+	{
+		if ((len1 = BN_bn2bin(tmp1, buffer)) == 0) goto err;
+		if (!M_ASN1_OCTET_STRING_set(ret->a, buffer, len1))
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+	}
+	if (len2 == 0) /* => b == 0 */
+	{
+		if (!M_ASN1_OCTET_STRING_set(ret->a, &char_buf, 1))
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+	}
+	else
+	{
+		if ((len2 = BN_bn2bin(tmp2, buffer)) == 0) goto err;
+		if (!M_ASN1_OCTET_STRING_set(ret->b, buffer, len2))
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+	}
+
+	if (ecdsa->seed)
+	{	
+		if ((ret->seed = ASN1_BIT_STRING_new()) == NULL) goto err;
+		if (!ASN1_BIT_STRING_set(ret->seed, ecdsa->seed, (int)ecdsa->seed_len))
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+	}
+	else
+		ret->seed = NULL;
+
+	ok = 1;
+err :	if (!ok)
+	{
+		if (ret && !curve) X9_62_CURVE_free(ret);
+		ret = NULL;
+		ECDSAerr(ECDSA_F_ECDSA_GET_X9_62_CURVE, reason);
+	}
+	if (buffer) OPENSSL_free(buffer);
+	if (tmp1)   BN_free(tmp1);
+	if (tmp2)   BN_free(tmp2);
+	return(ret);
+}
+
+X9_62_EC_PARAMETERS *ECDSA_get_X9_62_EC_PARAMETERS(const ECDSA *ecdsa, X9_62_EC_PARAMETERS *param)
+{
+	int	ok=0, reason=ERR_R_ASN1_LIB;
+	size_t  len=0;
+	X9_62_EC_PARAMETERS *ret=NULL;
+	BIGNUM	      *tmp=NULL;
+	unsigned char *buffer=NULL;
+	EC_POINT      *point=NULL;
+
+	if (!ecdsa || !ecdsa->group)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
+	if ((tmp = BN_new()) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
+	if (param == NULL)
+	{
+		if ((ret = X9_62_EC_PARAMETERS_new()) == NULL)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE)
+	}
+	else
+		ret = param;
+	if (ret->version == NULL && (ret->version = ASN1_INTEGER_new()) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
+	if (!ASN1_INTEGER_set(ret->version, (long)ecdsa->version)) goto err;
+	if ((ret->fieldID = ECDSA_get_X9_62_FIELDID(ecdsa, ret->fieldID)) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE)
+	if ((ret->curve = ECDSA_get_X9_62_CURVE(ecdsa, ret->curve)) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE)
+	if ((point = EC_GROUP_get0_generator(ecdsa->group)) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_CAN_NOT_GET_GENERATOR)
+	if (!(len = EC_POINT_point2oct(ecdsa->group, point, POINT_CONVERSION_COMPRESSED, NULL, len, NULL)))
+		OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_PARAMETER_LENGTH)
+	if ((buffer = OPENSSL_malloc(len)) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
+	if (!EC_POINT_point2oct(ecdsa->group, point, POINT_CONVERSION_COMPRESSED, buffer, len, NULL)) 
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+	if (ret->base == NULL && (ret->base = ASN1_OCTET_STRING_new()) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
+	if (!ASN1_OCTET_STRING_set(ret->base, buffer, len)) goto err;
+	if (!EC_GROUP_get_order(ecdsa->group, tmp, NULL))
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+	if ((ret->order = BN_to_ASN1_INTEGER(tmp, ret->order)) == NULL) goto err;
+	if (!EC_GROUP_get_cofactor(ecdsa->group, tmp, NULL))
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+	if ((ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor)) == NULL) goto err;
+	ok = 1;
+
+err :	if(!ok)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS, reason);
+		if (ret && !param) X9_62_EC_PARAMETERS_free(ret);
+		ret = NULL;
+	}
+	if (tmp)    BN_free(tmp);
+	if (buffer) OPENSSL_free(buffer);
+	return(ret);
+}
+
+EC_PARAMETERS *ECDSA_get_EC_PARAMETERS(const ECDSA *ecdsa, EC_PARAMETERS *params)
+{
+	int ok = 1;
+	int tmp = 0;
+	EC_PARAMETERS *ret = params;
+	if (ret == NULL)
+		if ((ret = EC_PARAMETERS_new()) == NULL)
+		{
+			ECDSAerr(ECDSA_F_ECDSA_GET_EC_PARAMETERS, ERR_R_MALLOC_FAILURE);
+			return NULL;
+		}
+	if (ecdsa == NULL)
+	{	/* missing parameter */
+		ECDSAerr(ECDSA_F_ECDSA_GET_EC_PARAMETERS, ECDSA_R_MISSING_PARAMETERS);
+		EC_PARAMETERS_free(params);
+		return NULL;
+	}
+	if (ecdsa->parameter_flags & ECDSA_FLAG_NAMED_CURVE)
+	{	/* use a named curve */
+		tmp = EC_GROUP_get_nid(ecdsa->group);
+		if (tmp)
+		{
+			ret->type = 0;
+			if ((ret->value.named_curve = OBJ_nid2obj(tmp)) == NULL)
+				ok = 0;
+		}
+		else
+		{
+			/* use the x9_64 ec_parameters structure */
+			ret->type = 1;
+			if ((ret->value.parameters = ECDSA_get_X9_62_EC_PARAMETERS(ecdsa, NULL)) == NULL)
+				ok = 0;
+		}
+	}
+	else if (ecdsa->parameter_flags & ECDSA_FLAG_IMPLICITLYCA)
+	{	/* use implicitlyCA */
+		ret->type = 2;
+		if ((ret->value.implicitlyCA = ASN1_NULL_new()) == NULL)
+			ok = 0;
+	}
+	else
+	{	/* use the x9_64 ec_parameters structure */
+		ret->type = 1;
+		if ((ret->value.parameters = ECDSA_get_X9_62_EC_PARAMETERS(ecdsa, NULL)) == NULL)
+			ok = 0;
+	}
+	if (!ok)
+	{
+		EC_PARAMETERS_free(ret);
+		return NULL;
+	}
+		return ret;
+}
+
+ECDSA         *ECDSA_x9_62parameters2ecdsa(const X9_62_EC_PARAMETERS *params, ECDSA *ecdsa)
+{
+	int	  ok=0, reason=ERR_R_EC_LIB, tmp;
+	ECDSA	  *ret=NULL;
+	const EC_METHOD *meth=NULL;
+	BIGNUM	  *tmp_1=NULL, *tmp_2=NULL, *tmp_3=NULL;
+	EC_POINT  *point=NULL;
+
+	if (!params) 
+		OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
+	if (ecdsa == NULL)
+	{
+		if ((ret = ECDSA_new()) == NULL) 
+			OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_NEW_FAILURE)
+	}
+	else
+	{
+		if (ecdsa->group)	EC_GROUP_free(ecdsa->group);
+		if (ecdsa->pub_key)	EC_POINT_free(ecdsa->pub_key);
+		ecdsa->pub_key = NULL;
+		if (ecdsa->priv_key)	BN_clear_free(ecdsa->priv_key);
+		ecdsa->priv_key = NULL;
+		if (ecdsa->seed)	OPENSSL_free(ecdsa->seed);
+		ecdsa->seed = NULL;
+		if (ecdsa->kinv)	
+		{
+			BN_clear_free(ecdsa->kinv);
+			ecdsa->kinv = NULL;
+		}
+		if (ecdsa->r)
+		{
+			BN_clear_free(ecdsa->r);
+			ecdsa->r = NULL;
+		}
+		ret = ecdsa;
+	}
+	/* TODO : characteristic two */
+	if (!params->fieldID || !params->fieldID->fieldType || !params->fieldID->parameters)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_NO_FIELD_SPECIFIED)
+	tmp = OBJ_obj2nid(params->fieldID->fieldType); 
+	if (tmp == NID_X9_62_characteristic_two_field)
+	{
+		OPENSSL_ECDSA_ABORT(ECDSA_R_NOT_SUPPORTED)
+	}
+	else if (tmp == NID_X9_62_prime_field)
+	{
+		/* TODO : optimal method for the curve */
+		meth = EC_GFp_mont_method();
+		if ((ret->group = EC_GROUP_new(meth)) == NULL) goto err;
+		if (params->fieldID->parameters->type != V_ASN1_INTEGER)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_ASN1_TYPE)
+		if (!params->fieldID->parameters->value.integer)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_PRIME_MISSING)
+		if ((tmp_1 = ASN1_INTEGER_to_BN(params->fieldID->parameters->value.integer, NULL)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+		if (!params->curve)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_NO_CURVE_SPECIFIED)
+		if (!params->curve->a || !params->curve->a->data)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED)
+		if ((tmp_2 = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
+		if (!params->curve->b || !params->curve->b->data)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED)
+		if ((tmp_3 = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
+		if (!EC_GROUP_set_curve_GFp(ret->group, tmp_1, tmp_2, tmp_3, NULL)) goto err;
+		if ((point = EC_POINT_new(ret->group)) == NULL) goto err;
+	}
+	else OPENSSL_ECDSA_ABORT(ECDSA_R_WRONG_FIELD_IDENTIFIER)
+	if (params->curve->seed != NULL)
+	{
+		if (ret->seed != NULL)
+			OPENSSL_free(ret->seed);
+		if ((ret->seed = OPENSSL_malloc(params->curve->seed->length)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
+		memcpy(ret->seed, params->curve->seed->data, params->curve->seed->length);
+		ret->seed_len = params->curve->seed->length;
+	}
+	if (params->version)
+	{
+		if ((ret->version = (int)ASN1_INTEGER_get(params->version)) < 0)
+			OPENSSL_ECDSA_ABORT(ECDSA_R_UNEXPECTED_VERSION_NUMER)
+	}
+	else
+		ret->version  = 1;
+	if (params->order && params->cofactor && params->base && params->base->data)
+	{
+		if ((tmp_1 = ASN1_INTEGER_to_BN(params->order, tmp_1)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+		if ((tmp_2 = ASN1_INTEGER_to_BN(params->cofactor, tmp_2)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+		if (!EC_POINT_oct2point(ret->group, point, params->base->data, 
+			        params->base->length, NULL)) goto err;
+		if (!EC_GROUP_set_generator(ret->group, point, tmp_1, tmp_2)) goto err;
+	}
+	ok = 1;
+
+err:	if (!ok)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_GET, reason);
+		if (ret && !ecdsa) ECDSA_free(ret);
+		ret = NULL;
+	}
+	if (tmp_1)	BN_free(tmp_1);
+	if (tmp_2)	BN_free(tmp_2);
+	if (tmp_3)	BN_free(tmp_3);
+	if (point)	EC_POINT_free(point);
+	return(ret);
+}
+
+ECDSA *ECDSA_ecparameters2ecdsa(const EC_PARAMETERS *params, ECDSA *ecdsa)
+{
+	ECDSA *ret = ecdsa;
+	int tmp = 0;
+	if (ret == NULL)
+		if ((ret = ECDSA_new()) == NULL)
+		{
+			ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ERR_R_MALLOC_FAILURE);
+			return NULL;
+		}
+	if (params == NULL)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ECDSA_R_MISSING_PARAMETERS);
+		ECDSA_free(ret);
+		return NULL;
+	}
+	if (params->type == 0)
+	{
+		if (ret->group)
+			EC_GROUP_free(ret->group);
+		tmp = OBJ_obj2nid(params->value.named_curve);
+		ret->parameter_flags |= ECDSA_FLAG_NAMED_CURVE;
+		if ((ret->group = EC_GROUP_new_by_name(tmp)) == NULL)
+		{
+			ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ECDSA_R_EC_GROUP_NID2CURVE_FAILURE);
+			ECDSA_free(ret);
+			return NULL;
+		}
+	}
+	else if (params->type == 1)
+	{
+		ret = ECDSA_x9_62parameters2ecdsa(params->value.parameters, ret);
+	}
+	else if (params->type == 2)
+	{
+		if (ret->group)
+			EC_GROUP_free(ret->group);
+		ret->group = NULL;
+		ret->parameter_flags |= ECDSA_FLAG_IMPLICITLYCA;		
+	}
+	else
+	{
+		ECDSAerr(ECDSA_F_ECDSA_GET_ECDSA, ECDSA_R_UNKNOWN_PARAMETERS_TYPE);
+		ECDSA_free(ret);
+		ret = NULL;
+	}
+	return ret;
+}
+
+ECDSA 	*d2i_ECDSAParameters(ECDSA **a, const unsigned char **in, long len)
+{
+	ECDSA		*ecdsa = (a && *a)? *a : NULL;
+	EC_PARAMETERS	*params = NULL;
+
+	if ((params = d2i_EC_PARAMETERS(NULL, in, len)) == NULL)
+	{
+		ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, ECDSA_R_D2I_EC_PARAMETERS_FAILURE);
+		EC_PARAMETERS_free(params);
+		return NULL;
+	}
+	if ((ecdsa = ECDSA_ecparameters2ecdsa(params, ecdsa)) == NULL)
+	{
+		ECDSAerr(ECDSA_F_D2I_ECDSAPARAMETERS, ECDSA_R_ECPARAMETERS2ECDSA_FAILURE);
+		return NULL; 
+	}
+	EC_PARAMETERS_free(params);
+	return(ecdsa);	
+}
+
+int	i2d_ECDSAParameters(ECDSA *a, unsigned char **out)
+{
+	int		ret=0;
+	EC_PARAMETERS	*tmp = ECDSA_get_EC_PARAMETERS(a, NULL);
+	if (tmp == NULL)
+	{
+		ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS, ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE);
+		return 0;
+	}
+	if ((ret = i2d_EC_PARAMETERS(tmp, out)) == 0)
+	{
+		ECDSAerr(ECDSA_F_I2D_ECDSAPARAMETERS, ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE);
+		EC_PARAMETERS_free(tmp);
+		return 0;
+	}	
+	EC_PARAMETERS_free(tmp);
+	return(ret);
+}
+
+ECDSA 	*d2i_ECDSAPrivateKey(ECDSA **a, const unsigned char **in, long len)
+{
+	int reason=ERR_R_BN_LIB, ok=0;
+	ECDSA *ret=NULL;
+	ECDSAPrivateKey *priv_key=NULL;
+
+	if ((priv_key = ECDSAPrivateKey_new()) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE)
+	if ((priv_key = d2i_ecdsaPrivateKey(&priv_key, in, len)) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE)
+	if ((ret = ECDSA_ecparameters2ecdsa(priv_key->parameters, NULL)) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_FAILURE)
+	ret->version = priv_key->version;
+	if (priv_key->priv_key)
+	{
+		if ((ret->priv_key = BN_dup(priv_key->priv_key)) == NULL)
+			OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
+	}
+	else
+		OPENSSL_ECDSA_ABORT(ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY)
+	if ((ret->pub_key = EC_POINT_new(ret->group)) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+	if (!EC_POINT_oct2point(ret->group, ret->pub_key, priv_key->pub_key->data, priv_key->pub_key->length, NULL))
+		OPENSSL_ECDSA_ABORT(ERR_R_EC_LIB)
+	ok = 1;
+err :	if (!ok)
+	{
+		if (ret) ECDSA_free(ret);
+		ret = NULL;
+		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, reason);
+	}
+	if (priv_key)	ECDSAPrivateKey_free(priv_key);
+	return(ret);
+}
+
+int	i2d_ECDSAPrivateKey(ECDSA *a, unsigned char **out)
+{
+	int ret=0, ok=0, reason=ERR_R_EC_LIB;
+	unsigned char   *buffer=NULL;
+	size_t		buf_len=0;
+	ECDSAPrivateKey *priv_key=NULL;
+
+	if (a == NULL || a->group == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_MISSING_PARAMETERS)
+	if ((priv_key = ECDSAPrivateKey_new()) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE)
+	if ((priv_key->parameters = ECDSA_get_EC_PARAMETERS(a, priv_key->parameters)) == NULL)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE)
+	priv_key->version      = a->version;
+	if (BN_copy(priv_key->priv_key, a->priv_key) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_BN_LIB)
+	buf_len = EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
+	if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
+		OPENSSL_ECDSA_ABORT(ERR_R_MALLOC_FAILURE)
+	if (!EC_POINT_point2oct(a->group, a->pub_key, POINT_CONVERSION_COMPRESSED,
+	                        buffer, buf_len, NULL)) goto err;
+	if (!M_ASN1_OCTET_STRING_set(priv_key->pub_key, buffer, buf_len))
+		OPENSSL_ECDSA_ABORT(ERR_R_ASN1_LIB)
+	if ((ret = i2d_ecdsaPrivateKey(priv_key, out)) == 0)
+		OPENSSL_ECDSA_ABORT(ECDSA_R_I2D_ECDSA_PRIVATEKEY)
+	ok=1;
+	
+err:	if (!ok)
+		ECDSAerr(ECDSA_F_I2D_ECDSAPRIVATEKEY, reason);
+	if (buffer)   OPENSSL_free(buffer);
+	if (priv_key) ECDSAPrivateKey_free(priv_key);	
+	return(ok?ret:0);
+}
+
+
+ECDSA 	*ECDSAPublicKey_set_octet_string(ECDSA **a, const unsigned char **in, long len)
+{
+	ECDSA *ret=NULL;
+
+	if (a == NULL || (*a) == NULL || (*a)->group == NULL)
+	{
+		/* sorry, but a EC_GROUP-structur is necessary
+                 * to set the public key */
+		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ECDSA_R_MISSING_PARAMETERS);
+		return 0;
+	}
+	ret = *a;
+	if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL)
+	{
+		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+		return 0;
+	}
+	if (!EC_POINT_oct2point(ret->group, ret->pub_key, *in, len, NULL))
+	{
+		ECDSAerr(ECDSA_F_D2I_ECDSAPRIVATEKEY, ERR_R_EC_LIB);
+		return 0;
+	}
+	ECDSA_set_conversion_form(ret, (point_conversion_form_t)(*in[0] & ~0x01));
+	return ret;
+}
+
+int 	ECDSAPublicKey_get_octet_string(ECDSA *a, unsigned char **out)
+{
+        size_t  buf_len=0;
+
+        if (a == NULL) 
+	{
+		ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ECDSA_R_MISSING_PARAMETERS);
+		return 0;
+	}
+        buf_len = EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a), NULL, 0, NULL);
+	if (out == NULL || buf_len == 0)
+	/* out == NULL => just return the length of the octet string */
+		return buf_len;
+	if (*out == NULL)
+		if ((*out = OPENSSL_malloc(buf_len)) == NULL)
+		{
+			ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_MALLOC_FAILURE);
+			return 0;
+		}
+        if (!EC_POINT_point2oct(a->group, a->pub_key, ECDSA_get_conversion_form(a),
+				*out, buf_len, NULL))
+	{
+		ECDSAerr(ECDSA_F_I2D_ECDSAPUBLICKEY, ERR_R_EC_LIB);
+		OPENSSL_free(*out);
+		*out = NULL;
+		return 0;
+	}
+	return buf_len;
+}

crypto/ecdsa/ecs_err.c

@@ -0,0 +1,155 @@
+/* crypto/ecdsa/ecs_err.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/* NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ecdsa.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+static ERR_STRING_DATA ECDSA_str_functs[]=
+	{
+{ERR_PACK(0,ECDSA_F_D2I_ECDSAPARAMETERS,0),	"d2i_ECDSAParameters"},
+{ERR_PACK(0,ECDSA_F_D2I_ECDSAPRIVATEKEY,0),	"d2i_ECDSAPrivateKey"},
+{ERR_PACK(0,ECDSA_F_ECDSAPARAMETERS_PRINT,0),	"ECDSAParameters_print"},
+{ERR_PACK(0,ECDSA_F_ECDSAPARAMETERS_PRINT_FP,0),	"ECDSAParameters_print_fp"},
+{ERR_PACK(0,ECDSA_F_ECDSA_DO_SIGN,0),	"ECDSA_do_sign"},
+{ERR_PACK(0,ECDSA_F_ECDSA_DO_VERIFY,0),	"ECDSA_do_verify"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GENERATE_KEY,0),	"ECDSA_generate_key"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET,0),	"ECDSA_GET"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET_CURVE_NID,0),	"ECDSA_GET_CURVE_NID"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET_ECDSA,0),	"ECDSA_GET_ECDSA"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET_EC_PARAMETERS,0),	"ECDSA_get_EC_PARAMETERS"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_CURVE,0),	"ECDSA_get_X9_62_CURVE"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_EC_PARAMETERS,0),	"ECDSA_get_X9_62_EC_PARAMETERS"},
+{ERR_PACK(0,ECDSA_F_ECDSA_GET_X9_62_FIELDID,0),	"ECDSA_get_X9_62_FIELDID"},
+{ERR_PACK(0,ECDSA_F_ECDSA_NEW,0),	"ECDSA_NEW"},
+{ERR_PACK(0,ECDSA_F_ECDSA_PRINT,0),	"ECDSA_print"},
+{ERR_PACK(0,ECDSA_F_ECDSA_PRINT_FP,0),	"ECDSA_print_fp"},
+{ERR_PACK(0,ECDSA_F_ECDSA_SET_GROUP_P,0),	"ECDSA_set_group_p"},
+{ERR_PACK(0,ECDSA_F_ECDSA_SET_PRIME_GROUP,0),	"ECDSA_SET_PRIME_GROUP"},
+{ERR_PACK(0,ECDSA_F_ECDSA_SIGN_SETUP,0),	"ECDSA_sign_setup"},
+{ERR_PACK(0,ECDSA_F_I2D_ECDSAPARAMETERS,0),	"i2d_ECDSAParameters"},
+{ERR_PACK(0,ECDSA_F_I2D_ECDSAPRIVATEKEY,0),	"i2d_ECDSAPrivateKey"},
+{ERR_PACK(0,ECDSA_F_I2D_ECDSAPUBLICKEY,0),	"i2d_ECDSAPublicKey"},
+{ERR_PACK(0,ECDSA_F_SIG_CB,0),	"SIG_CB"},
+{0,NULL}
+	};
+
+static ERR_STRING_DATA ECDSA_str_reasons[]=
+	{
+{ECDSA_R_BAD_SIGNATURE                   ,"bad signature"},
+{ECDSA_R_CAN_NOT_GET_GENERATOR           ,"can not get generator"},
+{ECDSA_R_D2I_ECDSAPRIVATEKEY_MISSING_PRIVATE_KEY,"d2i ecdsaprivatekey missing private key"},
+{ECDSA_R_D2I_ECDSA_PRIVATEKEY_FAILURE    ,"d2i ecdsa privatekey failure"},
+{ECDSA_R_D2I_EC_PARAMETERS_FAILURE       ,"d2i ec parameters failure"},
+{ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE ,"d2i x9 62 ec parameters failure"},
+{ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE     ,"data too large for key size"},
+{ECDSA_R_ECDSAPRIVATEKEY_NEW_FAILURE     ,"ecdsaprivatekey new failure"},
+{ECDSA_R_ECDSA_F_ECDSA_NEW               ,"ecdsa f ecdsa new"},
+{ECDSA_R_ECDSA_GET_EC_PARAMETERS_FAILURE ,"ecdsa get ec parameters failure"},
+{ECDSA_R_ECDSA_GET_FAILURE               ,"ecdsa get failure"},
+{ECDSA_R_ECDSA_GET_X9_62_CURVE_FAILURE   ,"ecdsa get x9 62 curve failure"},
+{ECDSA_R_ECDSA_GET_X9_62_EC_PARAMETERS_FAILURE,"ecdsa get x9 62 ec parameters failure"},
+{ECDSA_R_ECDSA_GET_X9_62_FIELDID_FAILURE ,"ecdsa get x9 62 fieldid failure"},
+{ECDSA_R_ECDSA_NEW_FAILURE               ,"ecdsa new failure"},
+{ECDSA_R_ECDSA_R_D2I_EC_PARAMETERS_FAILURE,"ecdsa r d2i ec parameters failure"},
+{ECDSA_R_ECDSA_R_D2I_X9_62_EC_PARAMETERS_FAILURE,"ecdsa r d2i x9 62 ec parameters failure"},
+{ECDSA_R_ECPARAMETERS2ECDSA_FAILURE      ,"ecparameters2ecdsa failure"},
+{ECDSA_R_EC_GROUP_NID2CURVE_FAILURE      ,"ec group nid2curve failure"},
+{ECDSA_R_ERR_EC_LIB                      ,"err ec lib"},
+{ECDSA_R_I2D_ECDSA_PRIVATEKEY            ,"i2d ecdsa privatekey"},
+{ECDSA_R_I2D_ECDSA_PUBLICKEY             ,"i2d ecdsa publickey"},
+{ECDSA_R_MISSING_PARAMETERS              ,"missing parameters"},
+{ECDSA_R_NOT_SUPPORTED                   ,"not supported"},
+{ECDSA_R_NO_CURVE_PARAMETER_A_SPECIFIED  ,"no curve parameter a specified"},
+{ECDSA_R_NO_CURVE_PARAMETER_B_SPECIFIED  ,"no curve parameter b specified"},
+{ECDSA_R_NO_CURVE_SPECIFIED              ,"no curve specified"},
+{ECDSA_R_NO_FIELD_SPECIFIED              ,"no field specified"},
+{ECDSA_R_PRIME_MISSING                   ,"prime missing"},
+{ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED ,"random number generation failed"},
+{ECDSA_R_SIGNATURE_MALLOC_FAILED         ,"signature malloc failed"},
+{ECDSA_R_UNEXPECTED_ASN1_TYPE            ,"unexpected asn1 type"},
+{ECDSA_R_UNEXPECTED_PARAMETER            ,"unexpected parameter"},
+{ECDSA_R_UNEXPECTED_PARAMETER_LENGTH     ,"unexpected parameter length"},
+{ECDSA_R_UNEXPECTED_VERSION_NUMER        ,"unexpected version numer"},
+{ECDSA_R_UNKNOWN_PARAMETERS_TYPE         ,"unknown parameters type"},
+{ECDSA_R_WRONG_FIELD_IDENTIFIER          ,"wrong field identifier"},
+{ECDSA_R_X9_62_CURVE_NEW_FAILURE         ,"x9 62 curve new failure"},
+{ECDSA_R_X9_62_EC_PARAMETERS_NEW_FAILURE ,"x9 62 ec parameters new failure"},
+{0,NULL}
+	};
+
+#endif
+
+void ERR_load_ECDSA_strings(void)
+	{
+	static int init=1;
+
+	if (init)
+		{
+		init=0;
+#ifndef OPENSSL_NO_ERR
+		ERR_load_strings(ERR_LIB_ECDSA,ECDSA_str_functs);
+		ERR_load_strings(ERR_LIB_ECDSA,ECDSA_str_reasons);
+#endif
+
+		}
+	}

crypto/ecdsa/ecs_gen.c

@@ -0,0 +1,81 @@
+/* crypto/ecdsa/ecs_gen.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* TODO: implementation of ecdsa parameter generation 
+ */
+#if 0
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include <openssl/evp.h>
+#include <openssl/bn.h>
+#include <openssl/ecdsa.h>
+#include <openssl/rand.h>
+#include <openssl/sha.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+ECDSA *ECDSA_generate_parameters(int bits,
+		unsigned char *seed_in, int seed_len,
+		int *counter_ret, unsigned long *h_ret,
+		void (*callback)(int, int, void *),
+		void *cb_arg)
+	{
+		return NULL;
+	}
+#ifdef  __cplusplus
+}
+#endif
+#endif

crypto/ecdsa/ecs_key.c

@@ -0,0 +1,143 @@
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include "cryptlib.h"
+#include <openssl/ecdsa.h>
+
+int ECDSA_generate_key(ECDSA *ecdsa)
+{	
+	int ok=0;
+	BN_CTX *ctx=NULL;
+	BIGNUM *priv_key=NULL,*order=NULL;
+	EC_POINT *pub_key=NULL;
+
+	if (!ecdsa || !ecdsa->group)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_GENERATE_KEY,ECDSA_R_MISSING_PARAMETERS);
+		return 0;
+	}
+
+	if ((order = BN_new()) == NULL) goto err;
+	if ((ctx = BN_CTX_new()) == NULL) goto err;
+
+	if (ecdsa->priv_key == NULL)
+	{
+		if ((priv_key = BN_new()) == NULL) goto err;
+	}
+	else
+		priv_key = ecdsa->priv_key;
+
+	if (!EC_GROUP_get_order(ecdsa->group, order, ctx)) goto err;
+	do
+		if (!BN_rand_range(priv_key, order)) goto err;
+	while (BN_is_zero(priv_key));
+
+	if (ecdsa->pub_key == NULL)
+	{
+		if ((pub_key = EC_POINT_new(ecdsa->group)) == NULL) goto err;
+	}
+	else
+		pub_key = ecdsa->pub_key;
+
+	if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(ecdsa->group))) goto err;
+	if (!EC_POINT_mul(ecdsa->group, pub_key, priv_key, NULL, NULL, ctx)) goto err;
+
+	ecdsa->priv_key = priv_key;
+	ecdsa->pub_key  = pub_key;
+	ok=1;
+err:	if (order)	BN_free(order);
+	if ((pub_key  != NULL) && (ecdsa->pub_key  == NULL)) EC_POINT_free(pub_key);
+	if ((priv_key != NULL) && (ecdsa->priv_key == NULL)) BN_free(priv_key);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	return(ok);
+}
+
+int ECDSA_check_key(ECDSA *ecdsa)
+{
+	int ok=0;
+	BN_CTX *ctx=NULL;
+	BIGNUM *order=NULL;
+	EC_POINT *point=NULL;
+
+	if (!ecdsa || !ecdsa->group || !ecdsa->pub_key)
+		return 0;
+	
+	if ((ctx = BN_CTX_new()) == NULL) goto err;
+	if ((order = BN_new()) == NULL) goto err;
+	if ((point = EC_POINT_new(ecdsa->group)) == NULL) goto err;
+
+	/* testing whether pub_key is a valid point on the elliptic curve */
+	if (!EC_POINT_is_on_curve(ecdsa->group,ecdsa->pub_key,ctx)) goto err;
+	/* testing whether pub_key * order is the point at infinity */
+	if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) goto err;
+	if (!EC_POINT_copy(point,ecdsa->pub_key)) goto err;
+	if (!EC_POINT_mul(ecdsa->group,point,order,NULL,NULL,ctx)) goto err;
+	if (!EC_POINT_is_at_infinity(ecdsa->group,point)) goto err;
+	/* in case the priv_key is present : check if generator * priv_key == pub_key */
+	if (ecdsa->priv_key)
+	{
+		if (BN_cmp(ecdsa->priv_key,order) >= 0) goto err;
+		if (!EC_POINT_copy(point,EC_GROUP_get0_generator(ecdsa->group))) goto err;
+		if (!EC_POINT_mul(ecdsa->group,point,ecdsa->priv_key,NULL,NULL,ctx)) goto err;
+		if (EC_POINT_cmp(ecdsa->group,point,ecdsa->pub_key,ctx) != 0) goto err;
+	}
+	ok = 1;
+err:
+	if (ctx   != NULL) BN_CTX_free(ctx);
+	if (order != NULL) BN_free(order);
+	if (point != NULL) EC_POINT_free(point);
+	return(ok);
+}

crypto/ecdsa/ecs_lib.c

@@ -0,0 +1,334 @@
+/* crypto/ecdsa/ecs_lib.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "cryptlib.h"
+#include "ecs_locl.h"
+#include <openssl/engine.h>
+
+const char *ECDSA_version="ECDSA" OPENSSL_VERSION_PTEXT;
+
+static const ECDSA_METHOD *default_ECDSA_method = NULL;
+
+void ECDSA_set_default_method(const ECDSA_METHOD *meth)
+{
+	default_ECDSA_method = meth;
+}
+
+const ECDSA_METHOD *ECDSA_get_default_method(void)
+{
+	if(!default_ECDSA_method) 
+		default_ECDSA_method = ECDSA_OpenSSL();
+	return default_ECDSA_method;
+}
+
+ECDSA *ECDSA_new(void)
+{
+	return ECDSA_new_method(NULL);
+}
+
+int ECDSA_set_method(ECDSA *ecdsa, const ECDSA_METHOD *meth)
+{
+        const ECDSA_METHOD *mtmp;
+        mtmp = ecdsa->meth;
+        if (mtmp->finish) mtmp->finish(ecdsa);
+	if (ecdsa->engine)
+	{
+		ENGINE_finish(ecdsa->engine);
+		ecdsa->engine = NULL;
+	}
+        ecdsa->meth = meth;
+        if (meth->init) meth->init(ecdsa);
+        return 1;
+}
+
+ECDSA *ECDSA_new_method(ENGINE *engine)
+{
+	ECDSA *ret;
+
+	ret=(ECDSA *)OPENSSL_malloc(sizeof(ECDSA));
+	if (ret == NULL)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_NEW,ERR_R_MALLOC_FAILURE);
+		return(NULL);
+	}
+
+	ret->meth = ECDSA_get_default_method();
+	ret->engine = engine;
+	if (!ret->engine)
+		ret->engine = ENGINE_get_default_ECDSA();
+	if (ret->engine)
+	{
+		ret->meth = ENGINE_get_ECDSA(ret->engine);
+		if (!ret->meth)
+		{
+			ECDSAerr(ECDSA_R_ECDSA_F_ECDSA_NEW, ERR_R_ENGINE_LIB);
+			ENGINE_finish(ret->engine);
+			OPENSSL_free(ret);
+			return NULL;
+		}
+	}
+
+	ret->version = 1;
+	ret->conversion_form = ECDSA_get_default_conversion_form();
+	ret->group = NULL;
+
+	ret->pub_key = NULL;
+	ret->priv_key = NULL;
+
+	ret->kinv = NULL;
+	ret->r = NULL;
+
+	ret->seed = NULL;
+	ret->seed_len = 0;
+
+	ret->parameter_flags = 0;
+
+	ret->references = 1;
+	ret->flags = ret->meth->flags;
+	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
+	if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+	{
+		CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, ret, &ret->ex_data);
+		OPENSSL_free(ret);
+		ret=NULL;
+	}
+	
+	return(ret);
+}
+
+void ECDSA_free(ECDSA *r)
+{
+	int i;
+
+	if (r == NULL) return;
+
+	i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_ECDSA);
+#ifdef REF_PRINT
+	REF_PRINT("ECDSA",r);
+#endif
+	if (i > 0) return;
+#ifdef REF_CHECK
+	if (i < 0)
+	{
+		fprintf(stderr,"ECDSA_free, bad reference count\n");
+		abort();
+	}
+#endif
+
+	if (r->meth->finish)
+		r->meth->finish(r);
+	if (r->engine)
+		ENGINE_finish(r->engine);
+
+	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDSA, r, &r->ex_data);
+
+	if (r->group    != NULL) EC_GROUP_free(r->group);
+	if (r->pub_key  != NULL) EC_POINT_free(r->pub_key);
+	if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+	if (r->kinv != NULL) BN_clear_free(r->kinv);
+	if (r->r    != NULL) BN_clear_free(r->r);
+	if (r->seed != NULL) OPENSSL_free(r->seed);
+	OPENSSL_free(r);
+}
+
+int ECDSA_size(const ECDSA *r)
+{
+	int ret,i;
+	ASN1_INTEGER bs;
+	BIGNUM	*order=NULL;
+	unsigned char buf[4];
+
+	if (r == NULL || r->group == NULL)
+		return 0;
+	if ((order = BN_new()) == NULL) return 0;
+	if (!EC_GROUP_get_order(r->group,order,NULL))
+	{
+		BN_clear_free(order);
+		return 0;
+	} 
+	i=BN_num_bits(order);
+	bs.length=(i+7)/8;
+	bs.data=buf;
+	bs.type=V_ASN1_INTEGER;
+	/* If the top bit is set the asn1 encoding is 1 larger. */
+	buf[0]=0xff;	
+
+	i=i2d_ASN1_INTEGER(&bs,NULL);
+	i+=i; /* r and s */
+	ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+	BN_clear_free(order);
+	return(ret);
+}
+
+int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
+	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
+{
+	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDSA, argl, argp,
+				new_func, dup_func, free_func);
+}
+
+int ECDSA_set_ex_data(ECDSA *d, int idx, void *arg)
+{
+	return(CRYPTO_set_ex_data(&d->ex_data,idx,arg));
+}
+
+void *ECDSA_get_ex_data(ECDSA *d, int idx)
+{
+	return(CRYPTO_get_ex_data(&d->ex_data,idx));
+}
+
+int ECDSA_up_ref(ECDSA *ecdsa)
+{
+	int i = CRYPTO_add(&ecdsa->references, 1, CRYPTO_LOCK_ECDSA);
+#ifdef REF_PRINT
+	REF_PRINT("ECDSA",r);
+#endif	
+#ifdef REF_CHECK
+	if (i < 2)
+	{
+	        fprintf(stderr, "ECDSA_up_ref, bad reference count\n");
+                abort();
+        }
+#endif
+        return ((i > 1) ? 1 : 0);
+}
+        
+void ECDSA_set_parameter_flags(ECDSA *ecdsa, int flag)
+{
+	ecdsa->parameter_flags = flag;
+}
+
+int ECDSA_get_parameter_flags(const ECDSA *ecdsa)
+{
+	return ecdsa->parameter_flags;
+}
+
+void	ECDSA_set_conversion_form(ECDSA *ecdsa, const point_conversion_form_t form)
+{
+	if (ecdsa) ecdsa->conversion_form = form;
+}
+
+point_conversion_form_t ECDSA_get_conversion_form(const ECDSA *ecdsa)
+{
+	return ecdsa ? ecdsa->conversion_form : 0;
+}
+
+static point_conversion_form_t default_conversion_form = POINT_CONVERSION_COMPRESSED;
+
+void	ECDSA_set_default_conversion_form(const point_conversion_form_t form)
+{
+	default_conversion_form = form;
+}
+
+point_conversion_form_t ECDSA_get_default_conversion_form(void)
+{
+	return default_conversion_form;
+}

crypto/ecdsa/ecs_locl.h

@@ -0,0 +1,117 @@
+/* crypto/ecdsa/ecs_locl.h */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "ecdsa.h"
+
+#ifndef HEADER_ECS_LOCL_H
+#define HEADER_ECS_LOCL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define OPENSSL_ECDSA_ABORT(r) { reason = (r); goto err; }
+
+/* some structures needed for the asn1 encoding */
+typedef struct x9_62_fieldid_st {
+        ASN1_OBJECT *fieldType;
+        ASN1_TYPE   *parameters;
+        } X9_62_FIELDID;
+
+typedef struct x9_62_curve_st {
+        ASN1_OCTET_STRING *a;
+        ASN1_OCTET_STRING *b;
+        ASN1_BIT_STRING   *seed;
+        } X9_62_CURVE;
+
+typedef struct x9_62_ec_parameters {
+        ASN1_INTEGER      *version;
+        X9_62_FIELDID     *fieldID;
+        X9_62_CURVE       *curve;
+        ASN1_OCTET_STRING *base;
+        ASN1_INTEGER      *order;
+        ASN1_INTEGER      *cofactor;
+        } X9_62_EC_PARAMETERS;
+
+typedef struct ec_parameters {
+	int	type;
+	union {
+		ASN1_OBJECT 	    *named_curve;
+		X9_62_EC_PARAMETERS *parameters;
+		ASN1_NULL	    *implicitlyCA;
+	} value;
+	} EC_PARAMETERS;
+
+typedef struct ecdsa_priv_key_st {
+        int               version;
+        EC_PARAMETERS	  *parameters;
+	ASN1_OBJECT	  *named_curve;
+        ASN1_OCTET_STRING *pub_key;
+        BIGNUM            *priv_key;
+        } ECDSAPrivateKey;
+
+
+X9_62_FIELDID *ECDSA_get_X9_62_FIELDID(const ECDSA *ecdsa, X9_62_FIELDID *field);
+X9_62_CURVE   *ECDSA_get_X9_62_CURVE(const ECDSA *ecdsa, X9_62_CURVE *curve);
+X9_62_EC_PARAMETERS *ECDSA_get_X9_62_EC_PARAMETERS(const ECDSA *ecdsa, X9_62_EC_PARAMETERS *params);
+EC_PARAMETERS *ECDSA_get_EC_PARAMETERS(const ECDSA *ecdsa, EC_PARAMETERS *params);
+
+ECDSA	*ECDSA_x9_62parameters2ecdsa(const X9_62_EC_PARAMETERS *params, ECDSA *ecdsa);
+ECDSA	*ECDSA_ecparameters2ecdsa(const EC_PARAMETERS *params, ECDSA *ecdsa);
+
+#ifdef  __cplusplus
+}
+#endif
+#endif

crypto/ecdsa/ecs_ossl.c

@@ -0,0 +1,385 @@
+/* crypto/ecdsa/ecs_ossl.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include "cryptlib.h"
+#include <openssl/ecdsa.h>
+
+/* TODO : general case */
+#define	EC_POINT_get_affine_coordinates EC_POINT_get_affine_coordinates_GFp
+
+static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa);
+static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp);
+static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig,
+		           ECDSA *ecdsa);
+
+static ECDSA_METHOD openssl_ecdsa_meth = {
+"OpenSSL ECDSA method",
+ecdsa_do_sign,
+ecdsa_sign_setup,
+ecdsa_do_verify,
+0,
+NULL
+};
+
+const ECDSA_METHOD *ECDSA_OpenSSL(void)
+{
+	return &openssl_ecdsa_meth;
+}
+
+static int ecdsa_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+{
+	BN_CTX   *ctx = NULL;
+	BIGNUM	 k,*kinv=NULL,*r=NULL,*order=NULL,*X=NULL;
+	EC_POINT *tmp_point=NULL;
+	int 	 ret = 0,reason = ERR_R_BN_LIB;
+	if (!ecdsa  || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+	{
+		reason = ECDSA_R_MISSING_PARAMETERS;
+		return 0;
+	}
+	if (ctx_in == NULL) 
+	{
+		if ((ctx=BN_CTX_new()) == NULL) goto err;
+	}
+	else
+		ctx=ctx_in;
+
+	if ((r = BN_new()) == NULL) goto err;
+	if ((order = BN_new()) == NULL) goto err;
+	if ((X = BN_new()) == NULL) goto err;
+	if ((tmp_point = EC_POINT_new(ecdsa->group)) == NULL)
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	if (!EC_POINT_copy(tmp_point,EC_GROUP_get0_generator(ecdsa->group)))
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	if (!EC_GROUP_get_order(ecdsa->group,order,ctx))
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	
+	do
+	{
+		/* get random k */	
+		BN_init(&k);
+		do
+			if (!BN_rand_range(&k,order))
+			{
+				reason = ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED;
+				goto err;
+			}
+		while (BN_is_zero(&k));
+
+		/* compute r the x-coordinate of generator * k */
+		if (!EC_POINT_mul(ecdsa->group,tmp_point,&k,NULL,NULL,ctx) 
+		    || !EC_POINT_get_affine_coordinates(ecdsa->group,tmp_point,X,NULL,ctx))
+		{
+			reason = ERR_R_EC_LIB;
+			goto err;
+		}
+		if (!BN_nnmod(r,X,order,ctx)) goto err;
+	}
+	while (BN_is_zero(r));
+
+	/* compute the inverse of k */
+	if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL) goto err;
+
+	if (*rp == NULL)
+		BN_clear_free(*rp);
+	*rp = r;
+	if (*kinvp == NULL) 
+		BN_clear_free(*kinvp);
+	*kinvp = kinv;
+	kinv = NULL;
+	ret = 1;
+err:
+	if (!ret)
+	{
+		ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,reason);
+		if (kinv != NULL) BN_clear_free(kinv);
+		if (r != NULL) BN_clear_free(r);
+	}
+	if (ctx_in == NULL) 
+		BN_CTX_free(ctx);
+	if (kinv != NULL)
+		BN_clear_free(kinv);
+	if (order != NULL)
+		BN_clear_free(order);
+	if (tmp_point != NULL) 
+		EC_POINT_free(tmp_point);
+	if (X)	BN_clear_free(X);
+	BN_clear_free(&k);
+	return(ret);
+}
+
+
+static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len, ECDSA *ecdsa)
+{
+	BIGNUM *kinv=NULL,*r=NULL,*s=NULL,*m=NULL,*tmp=NULL,*order=NULL;
+	BIGNUM xr;
+	BN_CTX *ctx=NULL;
+	int reason=ERR_R_BN_LIB;
+	ECDSA_SIG *ret=NULL;
+
+	if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !ecdsa->priv_key)
+	{
+		reason = ECDSA_R_MISSING_PARAMETERS;
+		goto err;
+	}
+	BN_init(&xr);
+
+	if ((ctx = BN_CTX_new()) == NULL) goto err;
+	if ((order = BN_new()) == NULL) goto err;
+	if ((tmp = BN_new()) == NULL) goto err;
+	if ((m = BN_new()) == NULL) goto err;
+	if ((s = BN_new()) == NULL) goto err;
+
+	if (!EC_GROUP_get_order(ecdsa->group,order,ctx))
+	{
+		reason = ECDSA_R_ERR_EC_LIB;
+		goto err;
+	}
+	if (dgst_len > BN_num_bytes(order))
+	{
+		reason = ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
+		goto err;
+	}
+
+	if (BN_bin2bn(dgst,dgst_len,m) == NULL) goto err;
+	do
+	{
+		if ((ecdsa->kinv == NULL) || (ecdsa->r == NULL))
+		{
+			if (!ECDSA_sign_setup(ecdsa,ctx,&kinv,&r)) goto err;
+		}
+		else
+		{
+			kinv = ecdsa->kinv;
+			ecdsa->kinv = NULL;
+			r = ecdsa->r;
+			ecdsa->r = NULL;
+		}
+
+		if (!BN_mod_mul(tmp,ecdsa->priv_key,r,order,ctx)) goto err;
+		if (!BN_add(s,tmp,m)) goto err;
+		if (BN_cmp(s,order) > 0)
+			BN_sub(s,s,order);
+		if (!BN_mod_mul(s,s,kinv,order,ctx)) goto err;
+	}
+	while (BN_is_zero(s));
+
+	if ((ret = ECDSA_SIG_new()) == NULL)
+	{
+		reason = ECDSA_R_SIGNATURE_MALLOC_FAILED;
+		goto err;
+	}
+	if (BN_copy(ret->r, r) == NULL || BN_copy(ret->s, s) == NULL)
+	{
+		ECDSA_SIG_free(ret);
+		ret = NULL;
+		reason = ERR_R_BN_LIB;
+	}
+	
+err:
+	if (!ret)
+		{
+		ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,reason);
+		}
+	if (r     != NULL) BN_clear_free(r);
+	if (s     != NULL) BN_clear_free(s);
+	if (ctx   != NULL) BN_CTX_free(ctx);
+	if (m     != NULL) BN_clear_free(m);
+	if (tmp   != NULL) BN_clear_free(tmp);
+	if (order != NULL) BN_clear_free(order);
+	if (kinv  != NULL) BN_clear_free(kinv);
+	return(ret);
+}
+
+static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig,
+		  	   ECDSA *ecdsa)
+{
+	BN_CTX *ctx;
+	BIGNUM *order=NULL,*u1=NULL,*u2=NULL,*m=NULL,*X=NULL;
+	EC_POINT *point=NULL;
+	int ret = -1,reason = ERR_R_BN_LIB;
+	if (!ecdsa || !ecdsa->group || !ecdsa->pub_key || !sig)
+	{
+		reason = ECDSA_R_MISSING_PARAMETERS;
+		return -1;
+	}
+
+	if ((ctx = BN_CTX_new()) == NULL) goto err;
+	if ((order = BN_new()) == NULL) goto err;
+	if ((u1 = BN_new()) == NULL) goto err;
+	if ((u2 = BN_new()) == NULL) goto err;
+	if ((m  = BN_new()) == NULL) goto err;
+	if ((X  = BN_new()) == NULL) goto err;
+	if (!EC_GROUP_get_order(ecdsa->group,order,ctx)) goto err;
+
+	if (BN_is_zero(sig->r) || sig->r->neg || BN_ucmp(sig->r, order) >= 0)
+	{
+		reason = ECDSA_R_BAD_SIGNATURE;
+		ret = 0;
+		goto err;
+	}
+	if (BN_is_zero(sig->s) || sig->s->neg || BN_ucmp(sig->s, order) >= 0)
+	{
+		reason = ECDSA_R_BAD_SIGNATURE;
+		ret = 0;
+		goto err;
+	}
+
+	/* calculate tmp1 = inv(S) mod order */
+	if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL) goto err;
+	/* digest -> m */
+	if (BN_bin2bn(dgst,dgst_len,m) == NULL) goto err;
+	/* u1 = m * tmp mod order */
+	if (!BN_mod_mul(u1,m,u2,order,ctx)) goto err;
+	/* u2 = r * w mod q */
+	if (!BN_mod_mul(u2,sig->r,u2,order,ctx)) goto err;
+
+	if ((point = EC_POINT_new(ecdsa->group)) == NULL)
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	if (!EC_POINT_copy(point,EC_GROUP_get0_generator(ecdsa->group)))
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	if (!EC_POINT_mul(ecdsa->group,point,u1,ecdsa->pub_key,u2,ctx)
+	    || !EC_POINT_get_affine_coordinates(ecdsa->group,point,X,NULL,ctx))
+	{
+		reason = ERR_R_EC_LIB;
+		goto err;
+	}
+	if (!BN_nnmod(u1,X,order,ctx)) goto err;
+
+	/*  is now in u1.  If the signature is correct, it will be
+	 * equal to R. */
+	ret = (BN_ucmp(u1,sig->r) == 0);
+
+	err:
+	if (ret != 1) ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY,reason);
+	if (ctx != NULL) BN_CTX_free(ctx);
+	if (u1  != NULL) BN_clear_free(u1);
+	if (u2  != NULL) BN_clear_free(u2);
+	if (m   != NULL) BN_clear_free(m);
+	if (X   != NULL) BN_clear_free(X);
+	if (order != NULL) BN_clear_free(order);
+	if (point != NULL) EC_POINT_free(point);
+	return(ret);
+}

crypto/ecdsa/ecs_sign.c

@@ -0,0 +1,138 @@
+/* crypto/ecdsa/ecdsa_sign.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include "cryptlib.h"
+#include <openssl/ecdsa.h>
+#include <openssl/engine.h>
+
+ECDSA_SIG * ECDSA_do_sign(const unsigned char *dgst, int dlen, ECDSA *ecdsa)
+{
+	return ecdsa->meth->ecdsa_do_sign(dgst, dlen, ecdsa);
+}
+
+int ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig,
+	     unsigned int *siglen, ECDSA *ecdsa)
+{
+	ECDSA_SIG *s;
+	s=ECDSA_do_sign(dgst,dlen,ecdsa);
+	if (s == NULL)
+	{
+		*siglen=0;
+		return(0);
+	}
+	*siglen=i2d_ECDSA_SIG(s,&sig);
+	ECDSA_SIG_free(s);
+	return(1);
+}
+
+int ECDSA_sign_setup(ECDSA *ecdsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+{
+	return ecdsa->meth->ecdsa_sign_setup(ecdsa, ctx_in, kinvp, rp);
+}

crypto/ecdsa/ecs_vrf.c

@@ -0,0 +1,141 @@
+/* crypto/ecdsa/ecdsa_vrf.c */
+/* ====================================================================
+ * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ * 
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to.  The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ * 
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *    "This product includes cryptographic software written by
+ *     Eric Young (eay@cryptsoft.com)"
+ *    The word 'cryptographic' can be left out if the rouines from the library
+ *    being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from 
+ *    the apps directory (application code) you must include an acknowledgement:
+ *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ * 
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ * 
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed.  i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <openssl/ecdsa.h>
+#include <openssl/engine.h>
+
+/* returns
+ *      1: correct signature
+ *      0: incorrect signature
+ *     -1: error
+ */
+int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG *sig, ECDSA *ecdsa)
+	{
+	return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, ecdsa);
+	}
+
+/* returns
+ *      1: correct signature
+ *      0: incorrect signature
+ *     -1: error
+ */
+int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, const unsigned char *sigbuf, int sig_len, ECDSA *ecdsa)
+ 	{
+	ECDSA_SIG *s;
+	int ret=-1;
+
+	s = ECDSA_SIG_new();
+	if (s == NULL) return(ret);
+	if (d2i_ECDSA_SIG(&s,&sigbuf,sig_len) == NULL) goto err;
+	ret=ECDSA_do_verify(dgst,dgst_len,s,ecdsa);
+err:
+	ECDSA_SIG_free(s);
+	return(ret);
+	}

crypto/engine/Makefile.ssl

@@ -25,13 +25,13 @@ APPS=
 LIB=$(TOP)/libcrypto.a
 LIBSRC= eng_err.c eng_lib.c eng_list.c eng_init.c eng_ctrl.c \
 	eng_table.c eng_pkey.c eng_fat.c eng_all.c \
-	tb_rsa.c tb_dsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
+	tb_rsa.c tb_dsa.c tb_ecdsa.c tb_dh.c tb_rand.c tb_cipher.c tb_digest.c \
 	eng_openssl.c eng_dyn.c eng_cnf.c \
 	hw_atalla.c hw_cswift.c hw_ncipher.c hw_nuron.c hw_ubsec.c \
 	hw_openbsd_dev_crypto.c hw_aep.c hw_sureware.c hw_4758_cca.c
 LIBOBJ= eng_err.o eng_lib.o eng_list.o eng_init.o eng_ctrl.o \
 	eng_table.o eng_pkey.o eng_fat.o eng_all.o \
-	tb_rsa.o tb_dsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
+	tb_rsa.o tb_dsa.o tb_ecdsa.o tb_dh.o tb_rand.o tb_cipher.o tb_digest.o \
 	eng_openssl.o eng_dyn.o eng_cnf.o \
 	hw_atalla.o hw_cswift.o hw_ncipher.o hw_nuron.o hw_ubsec.o \
 	hw_openbsd_dev_crypto.o hw_aep.o hw_sureware.o hw_4758_cca.o
@@ -74,7 +74,7 @@ tags:
 
 errors:
 	$(PERL) $(TOP)/util/mkerr.pl -conf hw.ec \
-		-nostatic -staticloader -write hw_*.c
+		-nostatic -staticloader -write hw_*.c; \
 
 tests:
 
@@ -93,117 +93,131 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_all.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-eng_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_all.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_all.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_all.o: ../../include/openssl/ui.h eng_all.c eng_int.h
+eng_all.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+eng_all.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_all.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_all.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_all.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+eng_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_all.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_all.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_all.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_all.o: eng_all.c eng_int.h
 eng_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_cnf.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_cnf.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-eng_cnf.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-eng_cnf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-eng_cnf.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_cnf.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_cnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_cnf.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_cnf.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_cnf.o: ../cryptlib.h eng_cnf.c
+eng_cnf.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_cnf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+eng_cnf.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_cnf.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_cnf.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+eng_cnf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_cnf.o: ../../include/openssl/ui.h ../cryptlib.h eng_cnf.c
 eng_ctrl.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_ctrl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_ctrl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_ctrl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_ctrl.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_ctrl.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_ctrl.o: ../../include/openssl/opensslconf.h
+eng_ctrl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_ctrl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_ctrl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_ctrl.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_ctrl.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_ctrl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_ctrl.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 eng_ctrl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 eng_ctrl.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 eng_ctrl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 eng_ctrl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 eng_ctrl.o: ../cryptlib.h eng_ctrl.c eng_int.h
 eng_dyn.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_dyn.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_dyn.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_dyn.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_dyn.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-eng_dyn.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_dyn.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_dyn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_dyn.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_dyn.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_dyn.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_dyn.o: ../cryptlib.h eng_dyn.c eng_int.h
-eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-eng_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_err.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_err.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_err.o: ../../include/openssl/ui.h eng_err.c
+eng_dyn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_dyn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_dyn.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_dyn.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+eng_dyn.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_dyn.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_dyn.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_dyn.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_dyn.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+eng_dyn.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_dyn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_dyn.o: ../../include/openssl/ui.h ../cryptlib.h eng_dyn.c eng_int.h
+eng_err.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+eng_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_err.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_err.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_err.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+eng_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_err.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_err.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_err.o: eng_err.c
 eng_fat.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_fat.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_fat.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
-eng_fat.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
-eng_fat.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-eng_fat.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_fat.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-eng_fat.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-eng_fat.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-eng_fat.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-eng_fat.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-eng_fat.o: ../cryptlib.h eng_fat.c eng_int.h
+eng_fat.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_fat.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_fat.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
+eng_fat.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+eng_fat.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_fat.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_fat.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+eng_fat.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+eng_fat.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+eng_fat.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+eng_fat.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+eng_fat.o: ../../include/openssl/ui.h ../cryptlib.h eng_fat.c eng_int.h
 eng_init.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_init.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_init.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_init.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_init.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_init.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_init.o: ../../include/openssl/opensslconf.h
+eng_init.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_init.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_init.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_init.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_init.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_init.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_init.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 eng_init.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 eng_init.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 eng_init.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 eng_init.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 eng_init.o: ../cryptlib.h eng_init.c eng_int.h
 eng_lib.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-eng_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
-eng_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-eng_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-eng_lib.o: ../../include/openssl/ui.h ../cryptlib.h eng_int.h eng_lib.c
+eng_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_lib.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_lib.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+eng_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+eng_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+eng_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+eng_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+eng_lib.o: ../cryptlib.h eng_int.h eng_lib.c
 eng_list.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_list.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_list.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_list.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_list.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_list.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_list.o: ../../include/openssl/opensslconf.h
+eng_list.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_list.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_list.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_list.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_list.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_list.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_list.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 eng_list.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 eng_list.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 eng_list.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 eng_list.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 eng_list.o: ../cryptlib.h eng_int.h eng_list.c
 eng_openssl.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_openssl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_openssl.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_openssl.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_openssl.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-eng_openssl.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-eng_openssl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-eng_openssl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+eng_openssl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_openssl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_openssl.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_openssl.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+eng_openssl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+eng_openssl.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+eng_openssl.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+eng_openssl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+eng_openssl.o: ../../include/openssl/objects.h
 eng_openssl.o: ../../include/openssl/opensslconf.h
 eng_openssl.o: ../../include/openssl/opensslv.h
 eng_openssl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
@@ -215,24 +229,26 @@ eng_openssl.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 eng_openssl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 eng_openssl.o: ../cryptlib.h eng_openssl.c
 eng_pkey.o: ../../e_os.h ../../include/openssl/asn1.h
-eng_pkey.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-eng_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-eng_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-eng_pkey.o: ../../include/openssl/opensslconf.h
+eng_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+eng_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+eng_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_pkey.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 eng_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 eng_pkey.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 eng_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 eng_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 eng_pkey.o: ../cryptlib.h eng_int.h eng_pkey.c
-eng_table.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-eng_table.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-eng_table.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-eng_table.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-eng_table.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-eng_table.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-eng_table.o: ../../include/openssl/objects.h
+eng_table.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+eng_table.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+eng_table.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+eng_table.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+eng_table.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+eng_table.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+eng_table.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+eng_table.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 eng_table.o: ../../include/openssl/opensslconf.h
 eng_table.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 eng_table.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
@@ -240,13 +256,15 @@ eng_table.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 eng_table.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 eng_table.o: eng_int.h eng_table.c
 hw_4758_cca.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_4758_cca.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_4758_cca.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_4758_cca.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_4758_cca.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_4758_cca.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_4758_cca.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-hw_4758_cca.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hw_4758_cca.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_4758_cca.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_4758_cca.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_4758_cca.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_4758_cca.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_4758_cca.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_4758_cca.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hw_4758_cca.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hw_4758_cca.o: ../../include/openssl/objects.h
 hw_4758_cca.o: ../../include/openssl/opensslconf.h
 hw_4758_cca.o: ../../include/openssl/opensslv.h
 hw_4758_cca.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
@@ -256,24 +274,28 @@ hw_4758_cca.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 hw_4758_cca.o: ../../include/openssl/ui.h ../../include/openssl/x509.h
 hw_4758_cca.o: ../../include/openssl/x509_vfy.h ../cryptlib.h hw_4758_cca.c
 hw_4758_cca.o: hw_4758_cca_err.c hw_4758_cca_err.h vendor_defns/hw_4758_cca.h
-hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-hw_aep.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-hw_aep.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_aep.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_aep.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_aep.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-hw_aep.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-hw_aep.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-hw_aep.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-hw_aep.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h hw_aep.c
-hw_aep.o: hw_aep_err.c hw_aep_err.h vendor_defns/aep.h
+hw_aep.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+hw_aep.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+hw_aep.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_aep.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_aep.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_aep.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_aep.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+hw_aep.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+hw_aep.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+hw_aep.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+hw_aep.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+hw_aep.o: ../../include/openssl/ui.h hw_aep.c hw_aep_err.c hw_aep_err.h
+hw_aep.o: vendor_defns/aep.h
 hw_atalla.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_atalla.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_atalla.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_atalla.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_atalla.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_atalla.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_atalla.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_atalla.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_atalla.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_atalla.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_atalla.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_atalla.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_atalla.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_atalla.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+hw_atalla.o: ../../include/openssl/opensslconf.h
 hw_atalla.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 hw_atalla.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 hw_atalla.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@@ -281,12 +303,14 @@ hw_atalla.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 hw_atalla.o: ../cryptlib.h hw_atalla.c hw_atalla_err.c hw_atalla_err.h
 hw_atalla.o: vendor_defns/atalla.h
 hw_cswift.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_cswift.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_cswift.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_cswift.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_cswift.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_cswift.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_cswift.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_cswift.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_cswift.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_cswift.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_cswift.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_cswift.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_cswift.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_cswift.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+hw_cswift.o: ../../include/openssl/opensslconf.h
 hw_cswift.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 hw_cswift.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 hw_cswift.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
@@ -294,13 +318,15 @@ hw_cswift.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 hw_cswift.o: ../cryptlib.h hw_cswift.c hw_cswift_err.c hw_cswift_err.h
 hw_cswift.o: vendor_defns/cswift.h
 hw_ncipher.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_ncipher.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_ncipher.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_ncipher.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_ncipher.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_ncipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_ncipher.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-hw_ncipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hw_ncipher.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_ncipher.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_ncipher.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_ncipher.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_ncipher.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_ncipher.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_ncipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hw_ncipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hw_ncipher.o: ../../include/openssl/objects.h
 hw_ncipher.o: ../../include/openssl/opensslconf.h
 hw_ncipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 hw_ncipher.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
@@ -312,23 +338,28 @@ hw_ncipher.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 hw_ncipher.o: ../cryptlib.h hw_ncipher.c hw_ncipher_err.c hw_ncipher_err.h
 hw_ncipher.o: vendor_defns/hwcryptohook.h
 hw_nuron.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_nuron.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_nuron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_nuron.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_nuron.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_nuron.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_nuron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_nuron.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_nuron.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_nuron.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_nuron.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_nuron.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_nuron.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_nuron.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+hw_nuron.o: ../../include/openssl/opensslconf.h
 hw_nuron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 hw_nuron.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 hw_nuron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 hw_nuron.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 hw_nuron.o: ../cryptlib.h hw_nuron.c hw_nuron_err.c hw_nuron_err.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/asn1.h
+hw_openbsd_dev_crypto.o: ../../include/openssl/asn1t.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/conf.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/crypto.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/e_os2.h
+hw_openbsd_dev_crypto.o: ../../include/openssl/ec.h
+hw_openbsd_dev_crypto.o: ../../include/openssl/ecdsa.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/engine.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/err.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/evp.h
@@ -346,13 +377,15 @@ hw_openbsd_dev_crypto.o: ../../include/openssl/symhacks.h
 hw_openbsd_dev_crypto.o: ../../include/openssl/ui.h ../evp/evp_locl.h eng_int.h
 hw_openbsd_dev_crypto.o: hw_openbsd_dev_crypto.c
 hw_sureware.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_sureware.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_sureware.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_sureware.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_sureware.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_sureware.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_sureware.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
-hw_sureware.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+hw_sureware.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_sureware.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_sureware.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_sureware.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_sureware.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_sureware.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_sureware.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+hw_sureware.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+hw_sureware.o: ../../include/openssl/objects.h
 hw_sureware.o: ../../include/openssl/opensslconf.h
 hw_sureware.o: ../../include/openssl/opensslv.h
 hw_sureware.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
@@ -365,89 +398,111 @@ hw_sureware.o: ../../include/openssl/x509_vfy.h ../cryptlib.h eng_int.h
 hw_sureware.o: engine.h hw_sureware.c hw_sureware_err.c hw_sureware_err.h
 hw_sureware.o: vendor_defns/sureware.h
 hw_ubsec.o: ../../e_os.h ../../include/openssl/asn1.h
-hw_ubsec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-hw_ubsec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-hw_ubsec.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-hw_ubsec.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
-hw_ubsec.o: ../../include/openssl/engine.h ../../include/openssl/err.h
-hw_ubsec.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+hw_ubsec.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+hw_ubsec.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+hw_ubsec.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+hw_ubsec.o: ../../include/openssl/dsa.h ../../include/openssl/dso.h
+hw_ubsec.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+hw_ubsec.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h
+hw_ubsec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+hw_ubsec.o: ../../include/openssl/opensslconf.h
 hw_ubsec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 hw_ubsec.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 hw_ubsec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 hw_ubsec.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 hw_ubsec.o: ../cryptlib.h hw_ubsec.c hw_ubsec_err.c hw_ubsec_err.h
 hw_ubsec.o: vendor_defns/hw_ubsec.h
-tb_cipher.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-tb_cipher.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-tb_cipher.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-tb_cipher.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_cipher.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_cipher.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_cipher.o: ../../include/openssl/objects.h
+tb_cipher.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_cipher.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_cipher.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_cipher.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_cipher.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_cipher.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_cipher.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_cipher.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 tb_cipher.o: ../../include/openssl/opensslconf.h
 tb_cipher.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 tb_cipher.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 tb_cipher.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 tb_cipher.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 tb_cipher.o: eng_int.h tb_cipher.c
-tb_dh.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-tb_dh.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-tb_dh.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-tb_dh.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_dh.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_dh.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_dh.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_dh.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_dh.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-tb_dh.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_dh.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h eng_int.h
-tb_dh.o: tb_dh.c
-tb_digest.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-tb_digest.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-tb_digest.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-tb_digest.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_digest.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_digest.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_digest.o: ../../include/openssl/objects.h
+tb_dh.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_dh.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_dh.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_dh.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_dh.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_dh.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dh.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dh.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dh.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dh.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+tb_dh.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+tb_dh.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dh.o: ../../include/openssl/ui.h eng_int.h tb_dh.c
+tb_digest.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_digest.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_digest.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_digest.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_digest.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 tb_digest.o: ../../include/openssl/opensslconf.h
 tb_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
 tb_digest.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
 tb_digest.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
 tb_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
 tb_digest.o: eng_int.h tb_digest.c
-tb_dsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-tb_dsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-tb_dsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-tb_dsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_dsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_dsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_dsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_dsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_dsa.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-tb_dsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_dsa.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h eng_int.h
-tb_dsa.o: tb_dsa.c
-tb_rand.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-tb_rand.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-tb_rand.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-tb_rand.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_rand.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_rand.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_rand.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_rand.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_rand.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-tb_rand.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_rand.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-tb_rand.o: eng_int.h tb_rand.c
-tb_rsa.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-tb_rsa.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
-tb_rsa.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-tb_rsa.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h
-tb_rsa.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-tb_rsa.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-tb_rsa.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-tb_rsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
-tb_rsa.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
-tb_rsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-tb_rsa.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h eng_int.h
-tb_rsa.o: tb_rsa.c
+tb_dsa.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_dsa.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_dsa.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_dsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_dsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_dsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_dsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_dsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_dsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_dsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+tb_dsa.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+tb_dsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_dsa.o: ../../include/openssl/ui.h eng_int.h tb_dsa.c
+tb_ecdsa.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_ecdsa.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_ecdsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_ecdsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_ecdsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_ecdsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_ecdsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_ecdsa.o: ../../include/openssl/opensslconf.h
+tb_ecdsa.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+tb_ecdsa.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h
+tb_ecdsa.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+tb_ecdsa.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
+tb_ecdsa.o: eng_int.h tb_ecdsa.c
+tb_rand.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_rand.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_rand.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_rand.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_rand.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_rand.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_rand.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_rand.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_rand.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_rand.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+tb_rand.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+tb_rand.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rand.o: ../../include/openssl/ui.h eng_int.h tb_rand.c
+tb_rsa.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tb_rsa.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tb_rsa.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+tb_rsa.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+tb_rsa.o: ../../include/openssl/ec.h ../../include/openssl/ecdsa.h
+tb_rsa.o: ../../include/openssl/engine.h ../../include/openssl/err.h
+tb_rsa.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
+tb_rsa.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tb_rsa.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+tb_rsa.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h
+tb_rsa.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+tb_rsa.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tb_rsa.o: ../../include/openssl/ui.h eng_int.h tb_rsa.c

crypto/engine/eng_cnf.c

@@ -92,7 +92,7 @@ static int int_engine_init(ENGINE *e)
 	}
 	
 
-static int int_engine_configure(char *name, char *value, const CONF *cnf)
+int int_engine_configure(char *name, char *value, const CONF *cnf)
 	{
 	int i;
 	int ret = 0;