Merge branch 'master' of git.openssl.org:openssl
Gah, I hate when I forget to pull before merging.
Reviewed-by: rsalz
diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c
index bede19b..a149bf6 100644
--- a/crypto/ec/ec_ameth.c
+++ b/crypto/ec/ec_ameth.c
@@ -473,14 +473,16 @@
if (ktype > 0)
{
public_key = EC_KEY_get0_public_key(x);
- if ((pub_key = EC_POINT_point2bn(group, public_key,
- EC_KEY_get_conv_form(x), NULL, ctx)) == NULL)
+ if (public_key != NULL)
{
- reason = ERR_R_EC_LIB;
- goto err;
- }
- if (pub_key)
+ if ((pub_key = EC_POINT_point2bn(group, public_key,
+ EC_KEY_get_conv_form(x), NULL, ctx)) == NULL)
+ {
+ reason = ERR_R_EC_LIB;
+ goto err;
+ }
buf_len = (size_t)BN_num_bytes(pub_key);
+ }
}
if (ktype == 2)
diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index e94f34e..52d31c2 100644
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -1183,30 +1183,47 @@
goto err;
}
+ if (ret->pub_key)
+ EC_POINT_clear_free(ret->pub_key);
+ ret->pub_key = EC_POINT_new(ret->group);
+ if (ret->pub_key == NULL)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+
if (priv_key->publicKey)
{
const unsigned char *pub_oct;
- size_t pub_oct_len;
+ int pub_oct_len;
- if (ret->pub_key)
- EC_POINT_clear_free(ret->pub_key);
- ret->pub_key = EC_POINT_new(ret->group);
- if (ret->pub_key == NULL)
- {
- ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
- goto err;
- }
pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
- /* save the point conversion form */
+ /* The first byte - point conversion form - must be present. */
+ if (pub_oct_len <= 0)
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, EC_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+ /* Save the point conversion form. */
ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01);
if (!EC_POINT_oct2point(ret->group, ret->pub_key,
- pub_oct, pub_oct_len, NULL))
+ pub_oct, (size_t)(pub_oct_len), NULL))
{
ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
goto err;
}
}
+ else
+ {
+ if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL))
+ {
+ ECerr(EC_F_D2I_ECPRIVATEKEY, ERR_R_EC_LIB);
+ goto err;
+ }
+ /* Remember the original private-key-only encoding. */
+ ret->enc_flag |= EC_PKEY_NO_PUBKEY;
+ }
ok = 1;
err:
@@ -1230,7 +1247,8 @@
size_t buf_len=0, tmp_len;
EC_PRIVATEKEY *priv_key=NULL;
- if (a == NULL || a->group == NULL || a->priv_key == NULL)
+ if (a == NULL || a->group == NULL || a->priv_key == NULL ||
+ (!(a->enc_flag & EC_PKEY_NO_PUBKEY) && a->pub_key == NULL))
{
ECerr(EC_F_I2D_ECPRIVATEKEY,
ERR_R_PASSED_NULL_PARAMETER);
diff --git a/doc/crypto/EC_KEY_new.pod b/doc/crypto/EC_KEY_new.pod
index b762cbc..2027569 100644
--- a/doc/crypto/EC_KEY_new.pod
+++ b/doc/crypto/EC_KEY_new.pod
@@ -74,6 +74,11 @@
converted into ASN1 in a call to i2d_ECPrivateKey. If EC_PKEY_NO_PARAMETERS is set then the public parameters for the curve are not encoded
along with the private key. If EC_PKEY_NO_PUBKEY is set then the public key is not encoded along with the private key.
+When reading a private key encoded with EC_PKEY_NO_PUBKEY,
+d2i_ECPrivateKey generates the missing public key
+automatically. Private keys encoded with EC_PKEY_NO_PARAMETERS cannot
+be loaded using d2i_ECPrivateKey.
+
The functions EC_KEY_get_conv_form and EC_KEY_set_conv_form get and set the point_conversion_form for the B<key>. For a description
of point_conversion_forms please refer to L<EC_POINT_new(3)|EC_POINT_new(3)>.
