new function EC_GROUP_cmp() (used by EVP_PKEY_cmp())

Submitted by: Nils Larsch

new function EC_GROUP_cmp() (used by EVP_PKEY_cmp())
Submitted by: Nils Larsch
ada0e717 · Bodo Möller · 2c789c82 · ada0e717 · ada0e717 · ada0e717
隐藏空白更改
内联并排

Showing with 87 addition and 0 deletion

crypto/ec/ec.h crypto/ec/ec.h +3 -0

crypto/ec/ec_lib.c crypto/ec/ec_lib.c +75 -0

crypto/evp/p_lib.c crypto/evp/p_lib.c +9 -0

未找到文件。
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -166,6 +166,9 @@ int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
 * elliptic curve is not zero, 0 otherwise */
 int EC_GROUP_check_discriminant(const EC_GROUP *, BN_CTX *);

+/* EC_GROUP_cmp() returns 0 if both groups are equal and 1 otherwise */
+int EC_GROUP_cmp(const EC_GROUP *, const EC_GROUP *, BN_CTX *);
+
 /* EC_GROUP_new_GF*() calls EC_GROUP_new() and EC_GROUP_set_GF*()
 * after choosing an appropriate EC_METHOD */
 EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *);

--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -470,6 +470,81 @@ int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 	}


+int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx)
+	{
+	int    r = 0;
+	BIGNUM *a1, *a2, *a3, *b1, *b2, *b3;
+	BN_CTX *ctx_new = NULL;
+
+	/* compare the field types*/
+	if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
+	    EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
+		return 1;
+	/* compare the curve name (if present) */
+	if (EC_GROUP_get_nid(a) && EC_GROUP_get_nid(b) &&
+	    EC_GROUP_get_nid(a) == EC_GROUP_get_nid(b))
+		return 0;
+
+	if (!ctx)
+		ctx_new = ctx = BN_CTX_new();
+	if (!ctx)
+		return -1;
+	
+	BN_CTX_start(ctx);
+	a1 = BN_CTX_get(ctx);
+	a2 = BN_CTX_get(ctx);
+	a3 = BN_CTX_get(ctx);
+	b1 = BN_CTX_get(ctx);
+	b2 = BN_CTX_get(ctx);
+	b3 = BN_CTX_get(ctx);
+	if (!b3)
+		{
+		BN_CTX_end(ctx);
+		if (ctx_new)
+			BN_CTX_free(ctx);
+		return -1;
+		}
+
+	/* XXX This approach assumes that the external representation
+	 * of curves over the same field type is the same.
+	 */
+	if (!a->meth->group_get_curve(a, a1, a2, a3, ctx) ||
+	    !b->meth->group_get_curve(b, b1, b2, b3, ctx))
+		r = 1;
+
+	if (r || BN_cmp(a1, b2) || BN_cmp(a2, b2) || BN_cmp(a3, b3))
+		r = 1;
+
+	/* XXX EC_POINT_cmp() assumes that the methods are equal */
+	if (r || EC_POINT_cmp(a, EC_GROUP_get0_generator(a),
+	    EC_GROUP_get0_generator(b), ctx))
+		r = 1;
+
+	if (!r)
+		{
+		/* compare the order and cofactor */
+		if (!EC_GROUP_get_order(a, a1, ctx) ||
+		    !EC_GROUP_get_order(b, b1, ctx) ||
+		    !EC_GROUP_get_cofactor(a, a2, ctx) ||
+		    !EC_GROUP_get_cofactor(b, b2, ctx))
+			{
+			BN_CTX_end(ctx);
+			if (ctx_new)
+				BN_CTX_free(ctx);
+			return -1;
+			}
+		if (BN_cmp(a1, b1) || BN_cmp(a2, b2))
+			r = 1;
+		}
+
+	BN_CTX_end(ctx);
+	if (ctx_new)
+		BN_CTX_free(ctx);
+
+	return r;
+	}
+
+
 /* this has 'package' visibility */
 int EC_GROUP_set_extra_data(EC_GROUP *group, void *data,
 	void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))

--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -233,6 +233,15 @@ int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
 		else
 			return(1);
 		}
+#endif
+#ifndef OPENSSL_NO_EC
+	if (a->type == EVP_PKEY_EC && b->type == EVP_PKEY_EC)
+		{
+		if (EC_GROUP_cmp(a->pkey.eckey->group, b->pkey.eckey->group, NULL))
+			return 0;
+		else
+			return 1;
+		}
 #endif
 	return(-1);
 	}