Extended EC_METHOD customisation support.

Add support for optional overrides of various private key operations
in EC_METHOD.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>

1 files changed, 24 insertions, 0 deletions

diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c
index c382e7e..e488523 100644
--- a/crypto/ec/ec_key.c
+++ b/crypto/ec/ec_key.c
@@ -111,6 +111,9 @@ void EC_KEY_free(EC_KEY *r)
     ENGINE_finish(r->engine);
 #endif
 
+    if (r->group && r->group->meth->keyfinish)
+        r->group->meth->keyfinish(r);
+
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data);
     EC_GROUP_free(r->group);
     EC_POINT_free(r->pub_key);
@@ -128,6 +131,8 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src)
     if (src->meth != dest->meth) {
         if (dest->meth->finish != NULL)
             dest->meth->finish(dest);
+        if (dest->group && dest->group->meth->keyfinish)
+            dest->group->meth->keyfinish(dest);
 #ifndef OPENSSL_NO_ENGINE
         if (ENGINE_finish(dest->engine) == 0)
             return 0;
@@ -163,8 +168,12 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, EC_KEY *src)
         }
         if (!BN_copy(dest->priv_key, src->priv_key))
             return NULL;
+        if (src->group->meth->keycopy
+            && src->group->meth->keycopy(dest, src) == 0)
+            return NULL;
     }
 
+
     /* copy the rest */
     dest->enc_flag = src->enc_flag;
     dest->conv_form = src->conv_form;
@@ -231,6 +240,9 @@ int ossl_ec_key_gen(EC_KEY *eckey)
     const BIGNUM *order = NULL;
     EC_POINT *pub_key = NULL;
 
+    if (eckey->group->meth->keygen != NULL)
+        return eckey->group->meth->keygen(eckey);
+
     if ((ctx = BN_CTX_new()) == NULL)
         goto err;
 
@@ -286,6 +298,9 @@ int EC_KEY_check_key(const EC_KEY *eckey)
         return 0;
     }
 
+    if (eckey->group->meth->keycheck)
+        return eckey->group->meth->keycheck(eckey);
+
     if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) {
         ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_AT_INFINITY);
         goto err;
@@ -442,6 +457,11 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key)
 
 int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key)
 {
+    if (key->group == NULL || key->group->meth == NULL)
+        return 0;
+    if (key->group->meth->set_private
+        && key->meth->set_private(key, priv_key) == 0)
+        return 0;
     if (key->meth->set_private != NULL
         && key->meth->set_private(key, priv_key) == 0)
         return 0;
@@ -540,6 +560,8 @@ size_t EC_KEY_priv2oct(const EC_KEY *eckey, unsigned char *buf, size_t len)
     size_t buf_len;
     if (eckey->group == NULL || eckey->group->meth == NULL)
         return 0;
+    if (eckey->group->meth->priv2oct)
+        return eckey->group->meth->priv2oct(eckey, buf, len);
 
     buf_len = (EC_GROUP_get_degree(eckey->group) + 7) / 8;
     if (eckey->priv_key == NULL)
@@ -563,6 +585,8 @@ int EC_KEY_oct2priv(EC_KEY *eckey, unsigned char *buf, size_t len)
 {
     if (eckey->group == NULL || eckey->group->meth == NULL)
         return 0;
+    if (eckey->group->meth->oct2priv)
+        return eckey->group->meth->oct2priv(eckey, buf, len);
 
     if (eckey->priv_key == NULL)
         eckey->priv_key = BN_secure_new();