Merge pull request #342
7914a6e
Make lax_der_privatekey_parsing.h not depend on internal code (Pieter Wuille)
This commit is contained in:
commit
d7eb1ae96d
|
@ -73,12 +73,11 @@ static SECP256K1_WARN_UNUSED_RESULT int secp256k1_ec_privkey_import_der(
|
||||||
size_t privkeylen
|
size_t privkeylen
|
||||||
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
|
) SECP256K1_ARG_NONNULL(1) SECP256K1_ARG_NONNULL(2) SECP256K1_ARG_NONNULL(3);
|
||||||
|
|
||||||
static int secp256k1_eckey_privkey_parse(secp256k1_scalar *key, const unsigned char *privkey, size_t privkeylen) {
|
static int secp256k1_ec_privkey_import_der(const secp256k1_context* ctx, unsigned char *out32, const unsigned char *privkey, size_t privkeylen) {
|
||||||
unsigned char c[32] = {0};
|
|
||||||
const unsigned char *end = privkey + privkeylen;
|
const unsigned char *end = privkey + privkeylen;
|
||||||
int lenb = 0;
|
int lenb = 0;
|
||||||
int len = 0;
|
int len = 0;
|
||||||
int overflow = 0;
|
memset(out32, 0, 32);
|
||||||
/* sequence header */
|
/* sequence header */
|
||||||
if (end < privkey+1 || *privkey != 0x30) {
|
if (end < privkey+1 || *privkey != 0x30) {
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -110,18 +109,21 @@ static int secp256k1_eckey_privkey_parse(secp256k1_scalar *key, const unsigned c
|
||||||
if (end < privkey+2 || privkey[0] != 0x04 || privkey[1] > 0x20 || end < privkey+2+privkey[1]) {
|
if (end < privkey+2 || privkey[0] != 0x04 || privkey[1] > 0x20 || end < privkey+2+privkey[1]) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
memcpy(c + 32 - privkey[1], privkey + 2, privkey[1]);
|
memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
|
||||||
secp256k1_scalar_set_b32(key, c, &overflow);
|
if (!secp256k1_ec_seckey_verify(ctx, out32)) {
|
||||||
memset(c, 0, 32);
|
memset(out32, 0, 32);
|
||||||
return !overflow;
|
return 0;
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int secp256k1_eckey_privkey_serialize(const secp256k1_ecmult_gen_context *ctx, unsigned char *privkey, size_t *privkeylen, const secp256k1_scalar *key, int compressed) {
|
static int secp256k1_ec_privkey_export_der(const secp256k1_context *ctx, unsigned char *privkey, size_t *privkeylen, const unsigned char *key32, int compressed) {
|
||||||
secp256k1_gej rp;
|
secp256k1_pubkey pubkey;
|
||||||
secp256k1_ge r;
|
|
||||||
size_t pubkeylen = 0;
|
size_t pubkeylen = 0;
|
||||||
secp256k1_ecmult_gen(ctx, &rp, key);
|
if (!secp256k1_ec_pubkey_create(ctx, &pubkey, key32)) {
|
||||||
secp256k1_ge_set_gej(&r, &rp);
|
*privkeylen = 0;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
if (compressed) {
|
if (compressed) {
|
||||||
static const unsigned char begin[] = {
|
static const unsigned char begin[] = {
|
||||||
0x30,0x81,0xD3,0x02,0x01,0x01,0x04,0x20
|
0x30,0x81,0xD3,0x02,0x01,0x01,0x04,0x20
|
||||||
|
@ -139,11 +141,9 @@ static int secp256k1_eckey_privkey_serialize(const secp256k1_ecmult_gen_context
|
||||||
};
|
};
|
||||||
unsigned char *ptr = privkey;
|
unsigned char *ptr = privkey;
|
||||||
memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
|
memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
|
||||||
secp256k1_scalar_get_b32(ptr, key); ptr += 32;
|
memcpy(ptr, key32, 32); ptr += 32;
|
||||||
memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
|
memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
|
||||||
if (!secp256k1_eckey_pubkey_serialize(&r, ptr, &pubkeylen, 1)) {
|
secp256k1_ec_pubkey_serialize(ctx, ptr, &pubkeylen, &pubkey, SECP256K1_EC_COMPRESSED);
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
ptr += pubkeylen;
|
ptr += pubkeylen;
|
||||||
*privkeylen = ptr - privkey;
|
*privkeylen = ptr - privkey;
|
||||||
} else {
|
} else {
|
||||||
|
@ -165,45 +165,13 @@ static int secp256k1_eckey_privkey_serialize(const secp256k1_ecmult_gen_context
|
||||||
};
|
};
|
||||||
unsigned char *ptr = privkey;
|
unsigned char *ptr = privkey;
|
||||||
memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
|
memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
|
||||||
secp256k1_scalar_get_b32(ptr, key); ptr += 32;
|
memcpy(ptr, key32, 32); ptr += 32;
|
||||||
memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
|
memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
|
||||||
if (!secp256k1_eckey_pubkey_serialize(&r, ptr, &pubkeylen, 0)) {
|
secp256k1_ec_pubkey_serialize(ctx, ptr, &pubkeylen, &pubkey, SECP256K1_EC_UNCOMPRESSED);
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
ptr += pubkeylen;
|
ptr += pubkeylen;
|
||||||
*privkeylen = ptr - privkey;
|
*privkeylen = ptr - privkey;
|
||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int secp256k1_ec_privkey_export_der(const secp256k1_context* ctx, unsigned char *privkey, size_t *privkeylen, const unsigned char *seckey, int compressed) {
|
|
||||||
secp256k1_scalar key;
|
|
||||||
int ret = 0;
|
|
||||||
VERIFY_CHECK(ctx != NULL);
|
|
||||||
ARG_CHECK(seckey != NULL);
|
|
||||||
ARG_CHECK(privkey != NULL);
|
|
||||||
ARG_CHECK(privkeylen != NULL);
|
|
||||||
ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx));
|
|
||||||
|
|
||||||
secp256k1_scalar_set_b32(&key, seckey, NULL);
|
|
||||||
ret = secp256k1_eckey_privkey_serialize(&ctx->ecmult_gen_ctx, privkey, privkeylen, &key, compressed);
|
|
||||||
secp256k1_scalar_clear(&key);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int secp256k1_ec_privkey_import_der(const secp256k1_context* ctx, unsigned char *seckey, const unsigned char *privkey, size_t privkeylen) {
|
|
||||||
secp256k1_scalar key;
|
|
||||||
int ret = 0;
|
|
||||||
ARG_CHECK(seckey != NULL);
|
|
||||||
ARG_CHECK(privkey != NULL);
|
|
||||||
(void)ctx;
|
|
||||||
|
|
||||||
ret = secp256k1_eckey_privkey_parse(&key, privkey, privkeylen);
|
|
||||||
if (ret) {
|
|
||||||
secp256k1_scalar_get_b32(seckey, &key);
|
|
||||||
}
|
|
||||||
secp256k1_scalar_clear(&key);
|
|
||||||
return ret;
|
|
||||||
}
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -3410,13 +3410,13 @@ void run_ecdsa_edge_cases(void) {
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef ENABLE_OPENSSL_TESTS
|
#ifdef ENABLE_OPENSSL_TESTS
|
||||||
EC_KEY *get_openssl_key(const secp256k1_scalar *key) {
|
EC_KEY *get_openssl_key(const unsigned char *key32) {
|
||||||
unsigned char privkey[300];
|
unsigned char privkey[300];
|
||||||
size_t privkeylen;
|
size_t privkeylen;
|
||||||
const unsigned char* pbegin = privkey;
|
const unsigned char* pbegin = privkey;
|
||||||
int compr = secp256k1_rand_bits(1);
|
int compr = secp256k1_rand_bits(1);
|
||||||
EC_KEY *ec_key = EC_KEY_new_by_curve_name(NID_secp256k1);
|
EC_KEY *ec_key = EC_KEY_new_by_curve_name(NID_secp256k1);
|
||||||
CHECK(secp256k1_eckey_privkey_serialize(&ctx->ecmult_gen_ctx, privkey, &privkeylen, key, compr));
|
CHECK(secp256k1_ec_privkey_export_der(ctx, privkey, &privkeylen, key32, compr));
|
||||||
CHECK(d2i_ECPrivateKey(&ec_key, &pbegin, privkeylen));
|
CHECK(d2i_ECPrivateKey(&ec_key, &pbegin, privkeylen));
|
||||||
CHECK(EC_KEY_check_key(ec_key));
|
CHECK(EC_KEY_check_key(ec_key));
|
||||||
return ec_key;
|
return ec_key;
|
||||||
|
@ -3434,12 +3434,14 @@ void test_ecdsa_openssl(void) {
|
||||||
size_t secp_sigsize = 80;
|
size_t secp_sigsize = 80;
|
||||||
unsigned char message[32];
|
unsigned char message[32];
|
||||||
unsigned char signature[80];
|
unsigned char signature[80];
|
||||||
|
unsigned char key32[32];
|
||||||
secp256k1_rand256_test(message);
|
secp256k1_rand256_test(message);
|
||||||
secp256k1_scalar_set_b32(&msg, message, NULL);
|
secp256k1_scalar_set_b32(&msg, message, NULL);
|
||||||
random_scalar_order_test(&key);
|
random_scalar_order_test(&key);
|
||||||
|
secp256k1_scalar_get_b32(key32, &key);
|
||||||
secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &qj, &key);
|
secp256k1_ecmult_gen(&ctx->ecmult_gen_ctx, &qj, &key);
|
||||||
secp256k1_ge_set_gej(&q, &qj);
|
secp256k1_ge_set_gej(&q, &qj);
|
||||||
ec_key = get_openssl_key(&key);
|
ec_key = get_openssl_key(key32);
|
||||||
CHECK(ec_key != NULL);
|
CHECK(ec_key != NULL);
|
||||||
CHECK(ECDSA_sign(0, message, sizeof(message), signature, &sigsize, ec_key));
|
CHECK(ECDSA_sign(0, message, sizeof(message), signature, &sigsize, ec_key));
|
||||||
CHECK(secp256k1_ecdsa_sig_parse(&sigr, &sigs, signature, sigsize));
|
CHECK(secp256k1_ecdsa_sig_parse(&sigr, &sigs, signature, sigsize));
|
||||||
|
|
Loading…
Reference in New Issue