EC support: introduce data type dedicated to EC parameters ...

EC parameters can be presented in a three forms: namedCurve, OID and implicit data.
This new data type will facilitate manipulation of ec-parameters in the OpenSC tools and library.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5386 c6295689-39f2-0310-b995-f0e70906c6a9

src/libopensc/pkcs15-piv.c

@@ -751,7 +751,7 @@ static int sc_pkcs15emu_piv_init(sc_pkcs15_card_t *p15card)
 				ckis[i].pubkey_len = cert_out->key->u.rsa.modulus.len * 8;
 				break;
 			case SC_ALGORITHM_EC:
-				ckis[i].pubkey_len = cert_out->key->u.ec.field_length;
+				ckis[i].pubkey_len = cert_out->key->u.ec.params.field_length;
 				break;
 			default:
 				sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Unsuported key.algorithm %d", cert_out->key->algorithm);
@@ -895,7 +895,7 @@ sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "DEE Adding pin %d label=%s",i, label);
 					break;
 				case SC_ALGORITHM_EC:
 					ckis[i].key_alg = SC_ALGORITHM_EC;
-					ckis[i].pubkey_len = p15_key->u.ec.field_length;
+					ckis[i].pubkey_len = p15_key->u.ec.params.field_length;
 					ckis[i].pubkey_found = 1;
 					ckis[i].pubkey_from_file = 1;
 					break;

src/libopensc/pkcs15-pubkey.c

@@ -523,7 +523,7 @@ sc_pkcs15_decode_pubkey_ec(sc_context_t *ctx,
 	if (r < 0)
 		SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, "ASN.1 encoding failed");
 
-sc_debug(ctx, SC_LOG_DEBUG_NORMAL,"DEE-EC key=%p, buf=%p, buflen=%d", key, buf, buflen);
+	sc_debug(ctx, SC_LOG_DEBUG_NORMAL,"DEE-EC key=%p, buf=%p, buflen=%d", key, buf, buflen);
 	key->ecpointQ.value = malloc(buflen);
 	if (key->ecpointQ.value == NULL)
 		return SC_ERROR_OUT_OF_MEMORY;
@@ -535,7 +535,7 @@ sc_debug(ctx, SC_LOG_DEBUG_NORMAL,"DEE-EC key=%p, buf=%p, buflen=%d", key, buf,
 	 * The 04 indicates uncompressed
 	 * x and y are same size, and field_length = sizeof(x) in bits. */
 	/* TODO: -DEE  support more then uncompressed */
-	key->field_length = (ecpoint_len - 1)/2 * 8; 
+	key->params.field_length = (ecpoint_len - 1)/2 * 8; 
 	if (ecpoint_data)
 		free (ecpoint_data);
 
@@ -755,8 +755,10 @@ void sc_pkcs15_erase_pubkey(struct sc_pkcs15_pubkey *key)
 			free(key->u.gostr3410.xy.data);
 		break;
 	case SC_ALGORITHM_EC:
-		if (key->u.ec.ecparameters.value)
-			free(key->u.ec.ecparameters.value);
+		if (key->u.ec.params.der.value)
+			free(key->u.ec.params.der.value);
+		if (key->u.ec.params.named_curve)
+			free(key->u.ec.params.named_curve);
 		if (key->u.ec.ecpointQ.value)
 			free(key->u.ec.ecpointQ.value);
 		break;

src/libopensc/pkcs15.h

@@ -149,18 +149,26 @@ struct sc_pkcs15_prkey_dsa {
 	sc_pkcs15_bignum_t priv;
 };
 
-	/* The ecParameters are kept in DER format
-	 * as certificates, and pkcs11 process them as DER 
-	 * If needed, they can be parsed
-	 */ 
+/* 
+ * The ecParameters can be presented as
+ * - named curve;
+ * - OID of named curve;
+ * - implicit parameters.
+ */
+struct sc_pkcs15_ec_parameters {
+	char *named_curve;
+	struct sc_object_id id;
+	sc_pkcs15_der_t der;
+	size_t field_length; /* in bits */
+};
+
 struct sc_pkcs15_pubkey_ec {
-	sc_pkcs15_der_t		ecparameters;
+	struct sc_pkcs15_ec_parameters params;
 	sc_pkcs15_der_t		ecpointQ; /* note this is der */
-	size_t 				field_length; /* in bits */
 };
 
 struct sc_pkcs15_prkey_ec {
-	sc_pkcs15_der_t     ecparameters;
+	struct sc_pkcs15_ec_parameters params;
 	sc_pkcs15_bignum_t	privateD; /* note this is bignum */
 };
 

src/pkcs11/framework-pkcs15.c

@@ -2484,7 +2484,7 @@ static CK_RV pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session,
 		switch (prkey->prv_p15obj->type) {
 			case SC_PKCS15_TYPE_PRKEY_EC:
 				if (key)
-					*(CK_ULONG *) attr->pValue = key->u.ec.field_length; 
+					*(CK_ULONG *) attr->pValue = key->u.ec.params.field_length; 
 				else 
 					*(CK_ULONG *) attr->pValue = 384; /* TODO -DEE needs work */
 				return CKR_OK;

src/pkcs15init/pkcs15-init.h

@@ -197,13 +197,6 @@ struct sc_pkcs15init_keyarg_gost_params {
 	unsigned char gostr3410, gostr3411, gost28147;
 };
 
-struct sc_pkcs15init_keyarg_ec_params {
-	const char *curve;
-	struct sc_object_id id;
-	struct sc_pkcs15_der der;
-	size_t size_bits;
-};
-
 struct sc_pkcs15init_prkeyargs {
 	struct sc_pkcs15_id	id;
 	struct sc_pkcs15_id	auth_id;
@@ -215,7 +208,7 @@ struct sc_pkcs15init_prkeyargs {
 
 	union {
 		struct sc_pkcs15init_keyarg_gost_params gost;
-		struct sc_pkcs15init_keyarg_ec_params ec;
+		struct sc_pkcs15_ec_parameters ec;
 	} params;
 
 	struct sc_pkcs15_prkey	key;
@@ -240,7 +233,7 @@ struct sc_pkcs15init_pubkeyargs {
 
 	union {
 		struct sc_pkcs15init_keyarg_gost_params gost;
-		struct sc_pkcs15init_keyarg_ec_params ec;
+		struct sc_pkcs15_ec_parameters ec;
 	} params;
 
 	struct sc_pkcs15_pubkey	key;

src/pkcs15init/pkcs15-lib.c

@@ -1424,7 +1424,7 @@ sc_pkcs15init_store_public_key(struct sc_pkcs15_card *p15card,
 		type = SC_PKCS15_TYPE_PUBKEY_GOSTR3410; 
 		break;
 	case SC_ALGORITHM_EC:
-		keybits = key.u.ec.field_length;
+		keybits = key.u.ec.params.field_length;
 		type = SC_PKCS15_TYPE_PUBKEY_EC; 
 		break;
 	default:
@@ -1847,7 +1847,7 @@ check_keygen_params_consistency(struct sc_card *card, struct sc_pkcs15init_keyge
 	int i;
 
 	if (!keybits && ( alg == SC_ALGORITHM_EC))
-		keybits = get_keybits_from_curve_name(params->prkey_args.params.ec.curve);
+		keybits = get_keybits_from_curve_name(params->prkey_args.params.ec.named_curve);
 
 	if (out_keybits)
 		*out_keybits = keybits;

src/tools/pkcs15-init.c

@@ -1469,7 +1469,7 @@ do_generate_key(struct sc_profile *profile, const char *spec)
 
 	if (*spec)   {
 		if (isalpha(*spec) && keygen_args.prkey_args.key.algorithm == SC_ALGORITHM_EC)   {
-			keygen_args.prkey_args.params.ec.curve = spec;
+			keygen_args.prkey_args.params.ec.named_curve = strdup(spec);
 			keybits = 0;
 		}
 		else {