Partial port of EC_KEY_METHOD from OpenSSL 1.1.

This commit adds init/free, support for signing, setting and
getting the method, engine support as well as extra data.

from markus

5 files changed, 152 insertions, 4 deletions

diff --git a/lib/libcrypto/engine/eng_fat.c b/lib/libcrypto/engine/eng_fat.c
index c97695a7d3b..baf1a54883d 100644
--- a/lib/libcrypto/engine/eng_fat.c
+++ b/lib/libcrypto/engine/eng_fat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_fat.c,v 1.16 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: eng_fat.c,v 1.17 2019/01/19 01:07:00 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2001 The OpenSSL Project.  All rights reserved.
  *
@@ -93,6 +93,10 @@ ENGINE_set_default(ENGINE *e, unsigned int flags)
 	if ((flags & ENGINE_METHOD_ECDSA) && !ENGINE_set_default_ECDSA(e))
 		return 0;
 #endif
+#ifndef OPENSSL_NO_EC
+	if ((flags & ENGINE_METHOD_EC) && !ENGINE_set_default_EC(e))
+		return 0;
+#endif
 	if ((flags & ENGINE_METHOD_RAND) && !ENGINE_set_default_RAND(e))
 		return 0;
 	if ((flags & ENGINE_METHOD_PKEY_METHS) &&
@@ -123,6 +127,8 @@ int_def_cb(const char *alg, int len, void *arg)
 		*pflags |= ENGINE_METHOD_ECDSA;
 	else if (!strncmp(alg, "DH", len))
 		*pflags |= ENGINE_METHOD_DH;
+	else if (strncmp(alg, "EC", len) == 0)
+		*pflags |= ENGINE_METHOD_EC;
 	else if (!strncmp(alg, "RAND", len))
 		*pflags |= ENGINE_METHOD_RAND;
 	else if (!strncmp(alg, "CIPHERS", len))
@@ -174,6 +180,9 @@ ENGINE_register_complete(ENGINE *e)
 #ifndef OPENSSL_NO_ECDSA
 	ENGINE_register_ECDSA(e);
 #endif
+#ifndef OPENSSL_NO_EC
+	ENGINE_register_EC(e);
+#endif
 	ENGINE_register_RAND(e);
 	ENGINE_register_pkey_meths(e);
 	return 1;
diff --git a/lib/libcrypto/engine/eng_int.h b/lib/libcrypto/engine/eng_int.h
index dbb639949d3..298c0e327fa 100644
--- a/lib/libcrypto/engine/eng_int.h
+++ b/lib/libcrypto/engine/eng_int.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_int.h,v 1.9 2016/12/21 15:49:29 jsing Exp $ */
+/* $OpenBSD: eng_int.h,v 1.10 2019/01/19 01:07:00 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -159,6 +159,7 @@ struct engine_st {
 	const DH_METHOD *dh_meth;
 	const ECDH_METHOD *ecdh_meth;
 	const ECDSA_METHOD *ecdsa_meth;
+	const EC_KEY_METHOD *ec_meth;
 	const RAND_METHOD *rand_meth;
 	const STORE_METHOD *store_meth;
 	/* Cipher handling is via this callback */
diff --git a/lib/libcrypto/engine/eng_list.c b/lib/libcrypto/engine/eng_list.c
index 134866d2c69..b29b4102e40 100644
--- a/lib/libcrypto/engine/eng_list.c
+++ b/lib/libcrypto/engine/eng_list.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: eng_list.c,v 1.23 2018/08/24 19:25:31 tb Exp $ */
+/* $OpenBSD: eng_list.c,v 1.24 2019/01/19 01:07:00 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -316,6 +316,9 @@ engine_cpy(ENGINE *dest, const ENGINE *src)
 #ifndef OPENSSL_NO_ECDSA
 	dest->ecdsa_meth = src->ecdsa_meth;
 #endif
+#ifndef OPENSSL_NO_EC
+	dest->ec_meth = src->ec_meth;
+#endif
 	dest->rand_meth = src->rand_meth;
 	dest->store_meth = src->store_meth;
 	dest->ciphers = src->ciphers;
diff --git a/lib/libcrypto/engine/engine.h b/lib/libcrypto/engine/engine.h
index 0f603feaaf8..dc14be8e386 100644
--- a/lib/libcrypto/engine/engine.h
+++ b/lib/libcrypto/engine/engine.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: engine.h,v 1.32 2018/11/11 06:41:28 bcook Exp $ */
+/* $OpenBSD: engine.h,v 1.33 2019/01/19 01:07:00 tb Exp $ */
 /* Written by Geoff Thorpe (geoff@geoffthorpe.net) for the OpenSSL
  * project 2000.
  */
@@ -87,6 +87,9 @@
 #ifndef OPENSSL_NO_ECDSA
 #include <openssl/ecdsa.h>
 #endif
+#ifndef OPENSSL_NO_EC
+#include <openssl/ec.h>
+#endif
 #include <openssl/ui.h>
 #include <openssl/err.h>
 #endif
@@ -112,6 +115,7 @@ extern "C" {
 #define ENGINE_METHOD_STORE		(unsigned int)0x0100
 #define ENGINE_METHOD_PKEY_METHS	(unsigned int)0x0200
 #define ENGINE_METHOD_PKEY_ASN1_METHS	(unsigned int)0x0400
+#define ENGINE_METHOD_EC		(unsigned int)0x0800
 /* Obvious all-or-nothing cases. */
 #define ENGINE_METHOD_ALL		(unsigned int)0xFFFF
 #define ENGINE_METHOD_NONE		(unsigned int)0x0000
@@ -353,6 +357,10 @@ int ENGINE_register_ECDSA(ENGINE *e);
 void ENGINE_unregister_ECDSA(ENGINE *e);
 void ENGINE_register_all_ECDSA(void);
 
+int ENGINE_register_EC(ENGINE *e);
+void ENGINE_unregister_EC(ENGINE *e);
+void ENGINE_register_all_EC(void);
+
 int ENGINE_register_DH(ENGINE *e);
 void ENGINE_unregister_DH(ENGINE *e);
 void ENGINE_register_all_DH(void);
@@ -447,6 +455,7 @@ int ENGINE_set_RSA(ENGINE *e, const RSA_METHOD *rsa_meth);
 int ENGINE_set_DSA(ENGINE *e, const DSA_METHOD *dsa_meth);
 int ENGINE_set_ECDH(ENGINE *e, const ECDH_METHOD *ecdh_meth);
 int ENGINE_set_ECDSA(ENGINE *e, const ECDSA_METHOD *ecdsa_meth);
+int ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth);
 int ENGINE_set_DH(ENGINE *e, const DH_METHOD *dh_meth);
 int ENGINE_set_RAND(ENGINE *e, const RAND_METHOD *rand_meth);
 int ENGINE_set_STORE(ENGINE *e, const STORE_METHOD *store_meth);
@@ -486,6 +495,7 @@ const RSA_METHOD *ENGINE_get_RSA(const ENGINE *e);
 const DSA_METHOD *ENGINE_get_DSA(const ENGINE *e);
 const ECDH_METHOD *ENGINE_get_ECDH(const ENGINE *e);
 const ECDSA_METHOD *ENGINE_get_ECDSA(const ENGINE *e);
+const EC_KEY_METHOD *ENGINE_get_EC(const ENGINE *e);
 const DH_METHOD *ENGINE_get_DH(const ENGINE *e);
 const RAND_METHOD *ENGINE_get_RAND(const ENGINE *e);
 const STORE_METHOD *ENGINE_get_STORE(const ENGINE *e);
@@ -553,6 +563,7 @@ ENGINE *ENGINE_get_default_RSA(void);
 ENGINE *ENGINE_get_default_DSA(void);
 ENGINE *ENGINE_get_default_ECDH(void);
 ENGINE *ENGINE_get_default_ECDSA(void);
+ENGINE *ENGINE_get_default_EC(void);
 ENGINE *ENGINE_get_default_DH(void);
 ENGINE *ENGINE_get_default_RAND(void);
 /* These functions can be used to get a functional reference to perform
@@ -572,6 +583,7 @@ int ENGINE_set_default_string(ENGINE *e, const char *def_list);
 int ENGINE_set_default_DSA(ENGINE *e);
 int ENGINE_set_default_ECDH(ENGINE *e);
 int ENGINE_set_default_ECDSA(ENGINE *e);
+int ENGINE_set_default_EC(ENGINE *e);
 int ENGINE_set_default_DH(ENGINE *e);
 int ENGINE_set_default_RAND(ENGINE *e);
 int ENGINE_set_default_ciphers(ENGINE *e);
diff --git a/lib/libcrypto/engine/tb_eckey.c b/lib/libcrypto/engine/tb_eckey.c
new file mode 100644
index 00000000000..dd30815788f
--- /dev/null
+++ b/lib/libcrypto/engine/tb_eckey.c
@@ -0,0 +1,123 @@
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include "eng_int.h"
+
+static ENGINE_TABLE *ec_table = NULL;
+static const int dummy_nid = 1;
+
+void
+ENGINE_unregister_EC(ENGINE *e)
+{
+	engine_table_unregister(&ec_table, e);
+}
+
+static void
+engine_unregister_all_EC(void)
+{
+	engine_table_cleanup(&ec_table);
+}
+
+int
+ENGINE_register_EC(ENGINE *e)
+{
+	if (e->ec_meth)
+		return engine_table_register(&ec_table,
+		    engine_unregister_all_EC, e, &dummy_nid, 1, 0);
+	return 1;
+}
+
+void
+ENGINE_register_all_EC(void)
+{
+	ENGINE *e;
+
+	for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e))
+		ENGINE_register_EC(e);
+}
+
+int
+ENGINE_set_default_EC(ENGINE *e)
+{
+	if (e->ec_meth != NULL)
+		return engine_table_register(&ec_table,
+		    engine_unregister_all_EC, e, &dummy_nid, 1, 1);
+	return 1;
+}
+
+/*
+ * Exposed API function to get a functional reference from the implementation
+ * table (ie. try to get a functional reference from the tabled structural
+ * references).
+ */
+ENGINE *
+ENGINE_get_default_EC(void)
+{
+	return engine_table_select(&ec_table, dummy_nid);
+}
+
+/* Obtains an EC_KEY implementation from an ENGINE functional reference */
+const EC_KEY_METHOD *
+ENGINE_get_EC(const ENGINE *e)
+{
+	return e->ec_meth;
+}
+
+/* Sets an EC_KEY implementation in an ENGINE structure */
+int
+ENGINE_set_EC(ENGINE *e, const EC_KEY_METHOD *ec_meth)
+{
+	e->ec_meth = ec_meth;
+	return 1;
+}