diff --git a/libtomcrypt_VS2008.vcproj b/libtomcrypt_VS2008.vcproj
index 1d7da80af..da4fccab7 100644
--- a/libtomcrypt_VS2008.vcproj
+++ b/libtomcrypt_VS2008.vcproj
@@ -2278,6 +2278,10 @@
RelativePath="src\pk\ecc\ecc_export.c"
>
+
+
@@ -2302,6 +2306,14 @@
RelativePath="src\pk\ecc\ecc_import.c"
>
+
+
+
+
diff --git a/makefile.mingw b/makefile.mingw
index 6fd09a2a3..894b0422a 100644
--- a/makefile.mingw
+++ b/makefile.mingw
@@ -177,11 +177,12 @@ src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o
src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
-src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o \
-src/pk/ecc/ecc_get_oid_str.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
-src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o src/pk/ecc/ecc_set_dp_internal.o \
-src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
-src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_openssl.o src/pk/ecc/ecc_free.o \
+src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o src/pk/ecc/ecc_get_oid_str.o \
+src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_openssl.o \
+src/pk/ecc/ecc_import_x509.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o \
+src/pk/ecc/ecc_set_dp_internal.o src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o \
+src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_export_point.o src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \
src/pk/ecc/ltc_ecc_is_point_at_infinity.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
diff --git a/makefile.msvc b/makefile.msvc
index a87863e0a..9e039034d 100644
--- a/makefile.msvc
+++ b/makefile.msvc
@@ -170,11 +170,12 @@ src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_set.obj src/pk/dsa/dsa_set_pqg_dsapar
src/pk/dsa/dsa_shared_secret.obj src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj \
src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj src/pk/ecc/ecc_ansi_x963_export.obj \
src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj src/pk/ecc/ecc_encrypt_key.obj \
-src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_free.obj src/pk/ecc/ecc_get_curve.obj src/pk/ecc/ecc_get_key.obj \
-src/pk/ecc/ecc_get_oid_str.obj src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj \
-src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_set_dp.obj src/pk/ecc/ecc_set_dp_internal.obj \
-src/pk/ecc/ecc_set_key.obj src/pk/ecc/ecc_shared_secret.obj src/pk/ecc/ecc_sign_hash.obj \
-src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
+src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_export_openssl.obj src/pk/ecc/ecc_free.obj \
+src/pk/ecc/ecc_get_curve.obj src/pk/ecc/ecc_get_key.obj src/pk/ecc/ecc_get_oid_str.obj \
+src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj src/pk/ecc/ecc_import_openssl.obj \
+src/pk/ecc/ecc_import_x509.obj src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_set_dp.obj \
+src/pk/ecc/ecc_set_dp_internal.obj src/pk/ecc/ecc_set_key.obj src/pk/ecc/ecc_shared_secret.obj \
+src/pk/ecc/ecc_sign_hash.obj src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
src/pk/ecc/ltc_ecc_export_point.obj src/pk/ecc/ltc_ecc_import_point.obj src/pk/ecc/ltc_ecc_is_point.obj \
src/pk/ecc/ltc_ecc_is_point_at_infinity.obj src/pk/ecc/ltc_ecc_map.obj src/pk/ecc/ltc_ecc_mul2add.obj \
src/pk/ecc/ltc_ecc_mulmod.obj src/pk/ecc/ltc_ecc_mulmod_timing.obj src/pk/ecc/ltc_ecc_points.obj \
diff --git a/makefile.unix b/makefile.unix
index c712d168e..4fa6ac732 100644
--- a/makefile.unix
+++ b/makefile.unix
@@ -187,11 +187,12 @@ src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o
src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
-src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o \
-src/pk/ecc/ecc_get_oid_str.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
-src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o src/pk/ecc/ecc_set_dp_internal.o \
-src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
-src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_openssl.o src/pk/ecc/ecc_free.o \
+src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o src/pk/ecc/ecc_get_oid_str.o \
+src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_openssl.o \
+src/pk/ecc/ecc_import_x509.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o \
+src/pk/ecc/ecc_set_dp_internal.o src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o \
+src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_export_point.o src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \
src/pk/ecc/ltc_ecc_is_point_at_infinity.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
diff --git a/makefile_include.mk b/makefile_include.mk
index 6feb4a063..b03f76d10 100644
--- a/makefile_include.mk
+++ b/makefile_include.mk
@@ -347,11 +347,12 @@ src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o
src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
-src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o \
-src/pk/ecc/ecc_get_oid_str.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
-src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o src/pk/ecc/ecc_set_dp_internal.o \
-src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
-src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_openssl.o src/pk/ecc/ecc_free.o \
+src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o src/pk/ecc/ecc_get_oid_str.o \
+src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_openssl.o \
+src/pk/ecc/ecc_import_x509.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o \
+src/pk/ecc/ecc_set_dp_internal.o src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o \
+src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
src/pk/ecc/ltc_ecc_export_point.o src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \
src/pk/ecc/ltc_ecc_is_point_at_infinity.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \
diff --git a/src/headers/tomcrypt_pk.h b/src/headers/tomcrypt_pk.h
index 66ffd7463..4ad3005f1 100644
--- a/src/headers/tomcrypt_pk.h
+++ b/src/headers/tomcrypt_pk.h
@@ -270,6 +270,10 @@ int ecc_ansi_x963_export(const ecc_key *key, unsigned char *out, unsigned long *
int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu);
+int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key);
+int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key);
+int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key);
+
int ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key,
unsigned char *out, unsigned long *outlen);
diff --git a/src/headers/tomcrypt_private.h b/src/headers/tomcrypt_private.h
index 865b7ad2b..eeabfc230 100644
--- a/src/headers/tomcrypt_private.h
+++ b/src/headers/tomcrypt_private.h
@@ -195,6 +195,7 @@ int dh_check_pubkey(const dh_key *key);
int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key);
int ecc_copy_dp(const ecc_key *srckey, ecc_key *key);
int ecc_set_dp_by_size(int size, ecc_key *key);
+int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key);
/* low level functions */
ecc_point *ltc_ecc_new_point(void);
diff --git a/src/misc/pk_get_oid.c b/src/misc/pk_get_oid.c
index 587c75cc9..35e35d6b1 100644
--- a/src/misc/pk_get_oid.c
+++ b/src/misc/pk_get_oid.c
@@ -19,6 +19,16 @@ static const oid_st dsa_oid = {
6,
};
+static const oid_st ec_oid = {
+ { 1, 2, 840, 10045, 2, 1 },
+ 6,
+};
+
+static const oid_st ec_primef = {
+ { 1, 2, 840, 10045, 1, 1 },
+ 6,
+};
+
/*
Returns the OID of the public key algorithm.
@return CRYPT_OK if valid
@@ -32,6 +42,12 @@ int pk_get_oid(int pk, oid_st *st)
case PKA_DSA:
XMEMCPY(st, &dsa_oid, sizeof(*st));
break;
+ case PKA_EC:
+ XMEMCPY(st, &ec_oid, sizeof(*st));
+ break;
+ case PKA_EC_PRIMEF:
+ XMEMCPY(st, &ec_primef, sizeof(*st));
+ break;
default:
return CRYPT_INVALID_ARG;
}
diff --git a/src/pk/ecc/ecc_export_openssl.c b/src/pk/ecc/ecc_export_openssl.c
new file mode 100644
index 000000000..08056fea1
--- /dev/null
+++ b/src/pk/ecc/ecc_export_openssl.c
@@ -0,0 +1,170 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt_private.h"
+
+#ifdef LTC_MECC
+
+/**
+ Export an ECC key as a binary packet
+ @param out [out] Destination for the key
+ @param outlen [in/out] Max size and resulting size of the exported key
+ @param type The type of key you want to export (PK_PRIVATE or PK_PUBLIC)
+ @param key The key to export
+ @return CRYPT_OK if successful
+*/
+
+int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key)
+{
+ int err;
+ void *prime, *order, *a, *b, *gx, *gy;
+ unsigned char bin_a[256], bin_b[256], bin_k[256], bin_g[512], bin_xy[512];
+ unsigned long len_a, len_b, len_k, len_g, len_xy;
+ unsigned long cofactor, one = 1;
+ oid_st oid;
+ ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams;
+ int flag_oid = type & PK_CURVEOID ? 1 : 0;
+ int flag_com = type & PK_COMPRESSED ? 1 : 0;
+ int flag_pri = type & PK_PRIVATE ? 1 : 0;
+
+ LTC_ARGCHK(out != NULL);
+ LTC_ARGCHK(outlen != NULL);
+ LTC_ARGCHK(key != NULL);
+
+ if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH;
+
+ prime = key->dp.prime;
+ order = key->dp.order;
+ b = key->dp.B;
+ a = key->dp.A;
+ gx = key->dp.base.x;
+ gy = key->dp.base.y;
+
+ /* curve param a */
+ len_a = mp_unsigned_bin_size(a);
+ if (len_a > sizeof(bin_a)) { err = CRYPT_BUFFER_OVERFLOW; goto error; }
+ if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK) { goto error; }
+ if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* handle case a == 0 */
+
+ /* curve param b */
+ len_b = mp_unsigned_bin_size(b);
+ if (len_b > sizeof(bin_b)) { err = CRYPT_BUFFER_OVERFLOW; goto error; }
+ if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK) { goto error; }
+ if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* handle case b == 0 */
+
+ /* base point - (un)compressed based on flag_com */
+ len_g = sizeof(bin_g);
+ err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com);
+ if (err != CRYPT_OK) { goto error; }
+
+ /* public key - (un)compressed based on flag_com */
+ len_xy = sizeof(bin_xy);
+ err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com);
+ if (err != CRYPT_OK) { goto error; }
+
+ /* co-factor */
+ cofactor = key->dp.cofactor;
+
+ /* we support only prime-field EC */
+ if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK) { goto error; }
+
+ if (flag_oid) {
+ /* http://tools.ietf.org/html/rfc5912
+ ECParameters ::= CHOICE {
+ namedCurve CURVE.&id({NamedCurve}) # OBJECT
+ }
+ */
+ if (key->dp.oidlen == 0) { err = CRYPT_INVALID_ARG; goto error; }
+ LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp.oid, key->dp.oidlen);
+ }
+ else {
+ /* http://tools.ietf.org/html/rfc3279
+ ECParameters ::= SEQUENCE { # SEQUENCE
+ version INTEGER { ecpVer1(1) } (ecpVer1) # INTEGER :01
+ FieldID ::= SEQUENCE { # SEQUENCE
+ fieldType FIELD-ID.&id({IOSet}), # OBJECT :prime-field
+ parameters FIELD-ID.&Type({IOSet}{@fieldType}) # INTEGER
+ }
+ Curve ::= SEQUENCE { # SEQUENCE
+ a FieldElement ::= OCTET STRING # OCTET STRING
+ b FieldElement ::= OCTET STRING # OCTET STRING
+ seed BIT STRING OPTIONAL
+ }
+ base ECPoint ::= OCTET STRING # OCTET STRING
+ order INTEGER, # INTEGER
+ cofactor INTEGER OPTIONAL # INTEGER
+ }
+ */
+
+ /* FieldID SEQUENCE */
+ LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, oid.OID, oid.OIDlen);
+ LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL);
+
+ /* Curve SEQUENCE */
+ LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, len_a);
+ LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, len_b);
+
+ /* ECParameters SEQUENCE */
+ LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &one, 1UL);
+ LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL);
+ LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 2UL);
+ LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, len_g);
+ LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL);
+ LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL);
+
+ /* ECParameters used by ECPrivateKey or SubjectPublicKeyInfo below */
+ LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL);
+ }
+
+ if (flag_pri) {
+ /* http://tools.ietf.org/html/rfc5915
+ ECPrivateKey ::= SEQUENCE { # SEQUENCE
+ version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1) # INTEGER :01
+ privateKey OCTET STRING, # OCTET STRING
+ [0] ECParameters # see above
+ [1] publicKey # BIT STRING
+ }
+ */
+
+ /* private key */
+ len_k = mp_unsigned_bin_size(key->k);
+ if (len_k > sizeof(bin_k)) { err = CRYPT_BUFFER_OVERFLOW; goto error; }
+ if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK) { goto error; }
+
+ LTC_SET_ASN1(&pub_xy, 0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy);
+ LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &one, 1);
+ LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, len_k);
+ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, &ecparams); /* context specific 0 */
+ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, &pub_xy); /* context specific 1 */
+
+ err = der_encode_sequence(seq_priv, 4, out, outlen);
+ }
+ else {
+ /* http://tools.ietf.org/html/rfc5480
+ SubjectPublicKeyInfo ::= SEQUENCE { # SEQUENCE
+ AlgorithmIdentifier ::= SEQUENCE { # SEQUENCE
+ algorithm OBJECT IDENTIFIER # OBJECT :id-ecPublicKey
+ ECParameters # see above
+ }
+ subjectPublicKey BIT STRING # BIT STRING
+ }
+ */
+ err = x509_encode_subject_public_key_info( out, outlen, PKA_EC, bin_xy, len_xy,
+ ecparams.type, ecparams.data, ecparams.size );
+ }
+
+error:
+ return err;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/ecc/ecc_import_openssl.c b/src/pk/ecc/ecc_import_openssl.c
new file mode 100644
index 000000000..428205881
--- /dev/null
+++ b/src/pk/ecc/ecc_import_openssl.c
@@ -0,0 +1,130 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt_private.h"
+
+#ifdef LTC_MECC
+
+static int _ecc_import_private_with_oid(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ ltc_asn1_list seq_priv[4], custom[2];
+ unsigned char bin_xy[2*ECC_MAXSIZE+2], bin_k[ECC_MAXSIZE];
+ unsigned long len, pkver = 0, curveoid[16];
+ char OID[256];
+ const ltc_ecc_curve *curve;
+ int err;
+
+ /* ### try to load private key - no curve parameters just curve OID */
+
+ /* ECPrivateKey SEQUENCE */
+ LTC_SET_ASN1(custom, 0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL);
+ LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8u*sizeof(bin_xy));
+ LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL);
+ LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, sizeof(bin_k));
+ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); /* context specific 0 */
+ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */
+
+ /* try to load private key */
+ err = der_decode_sequence(in, inlen, seq_priv, 4);
+ if (err == CRYPT_OK) {
+ /* load curve parameters for given curve OID */
+ len = sizeof(OID);
+ if ((err = pk_oid_num_to_str(curveoid, custom[0].size, OID, &len)) != CRYPT_OK) { goto error; }
+ if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; }
+ if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; }
+ /* load private+public key */
+ err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key);
+ }
+error:
+ return err;
+}
+
+static int _ecc_import_private_with_curve(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ void *prime, *order, *a, *b, *gx, *gy;
+ ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4], custom[2];
+ unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE];
+ unsigned char bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128];
+ unsigned long len_a, len_b, len_k, len_g;
+ unsigned long cofactor = 0, ecver = 0, pkver = 0, tmpoid[16];
+ int err;
+
+ if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) {
+ return err;
+ }
+
+ /* ### try to load private key - curve parameters included */
+
+ /* ECPrivateKey SEQUENCE */
+ LTC_SET_ASN1(custom, 0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL);
+ LTC_SET_ASN1(custom, 1, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8u*sizeof(bin_xy));
+ LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER, &pkver, 1UL);
+ LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING, bin_k, sizeof(bin_k));
+ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom); /* context specific 0 */
+ LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */
+ /* ECParameters SEQUENCE */
+ LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL);
+ LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL);
+ LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL);
+ LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, sizeof(bin_g));
+ LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL);
+ LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL);
+ seq_ecparams[5].optional = 1;
+ /* FieldID SEQUENCE */
+ LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL);
+ LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL);
+ /* Curve SEQUENCE */
+ LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, sizeof(bin_a));
+ LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, sizeof(bin_b));
+ LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, sizeof(bin_seed));
+ seq_curve[2].optional = 1;
+ /* try to load private key */
+ err = der_decode_sequence(in, inlen, seq_priv, 4);
+ if (err == CRYPT_OK) {
+ len_k = seq_priv[1].size;
+ len_a = seq_curve[0].size;
+ len_b = seq_curve[1].size;
+ len_g = seq_ecparams[3].size;
+ /* create bignums */
+ if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; }
+ if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; }
+ if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; }
+ /* load curve parameters */
+ if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
+ /* load private+public key */
+ err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key);
+ }
+error:
+ mp_clear_multi(prime, order, a, b, gx, gy, NULL);
+ return err;
+}
+
+int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ int err;
+
+ if ((err = ecc_import_subject_public_key_info(in, inlen, key)) == CRYPT_OK) {
+ goto success;
+ }
+
+ if ((err = _ecc_import_private_with_oid(in, inlen, key)) == CRYPT_OK) {
+ goto success;
+ }
+
+ err = _ecc_import_private_with_curve(in, inlen, key);
+
+success:
+ return err;
+}
+
+#endif
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/src/pk/ecc/ecc_import_x509.c b/src/pk/ecc/ecc_import_x509.c
new file mode 100644
index 000000000..2e7eb10c5
--- /dev/null
+++ b/src/pk/ecc/ecc_import_x509.c
@@ -0,0 +1,152 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt_private.h"
+
+#ifdef LTC_MECC
+
+static int _ecc_import_x509_with_oid(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ unsigned char bin_xy[2*ECC_MAXSIZE+2];
+ unsigned long curveoid[16];
+ unsigned long len_xy, len_oid, len;
+ char OID[256];
+ const ltc_ecc_curve *curve;
+ int err;
+
+ len_xy = sizeof(bin_xy);
+ len_oid = 16;
+ err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy,
+ LTC_ASN1_OBJECT_IDENTIFIER, (void *)curveoid, &len_oid);
+ if (err == CRYPT_OK) {
+ /* load curve parameters for given curve OID */
+ len = sizeof(OID);
+ if ((err = pk_oid_num_to_str(curveoid, len_oid, OID, &len)) != CRYPT_OK) { goto error; }
+ if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK) { goto error; }
+ if ((err = ecc_set_dp(curve, key)) != CRYPT_OK) { goto error; }
+ /* load public key */
+ err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key);
+ }
+error:
+ return err;
+}
+
+static int _ecc_import_x509_with_curve(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ void *prime, *order, *a, *b, *gx, *gy;
+ ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6];
+ unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE];
+ unsigned char bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128];
+ unsigned long len_a, len_b, len_g, len_xy, len;
+ unsigned long cofactor = 0, ecver = 0, tmpoid[16];
+ int err;
+
+ if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) {
+ return err;
+ }
+
+ /* ECParameters SEQUENCE */
+ LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver, 1UL);
+ LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE, seq_fieldid, 2UL);
+ LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE, seq_curve, 3UL);
+ LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING, bin_g, sizeof(bin_g));
+ LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER, order, 1UL);
+ LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor, 1UL);
+ seq_ecparams[5].optional = 1;
+ /* FieldID SEQUENCE */
+ LTC_SET_ASN1(seq_fieldid, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL);
+ LTC_SET_ASN1(seq_fieldid, 1, LTC_ASN1_INTEGER, prime, 1UL);
+ /* Curve SEQUENCE */
+ LTC_SET_ASN1(seq_curve, 0, LTC_ASN1_OCTET_STRING, bin_a, sizeof(bin_a));
+ LTC_SET_ASN1(seq_curve, 1, LTC_ASN1_OCTET_STRING, bin_b, sizeof(bin_b));
+ LTC_SET_ASN1(seq_curve, 2, LTC_ASN1_RAW_BIT_STRING, bin_seed, 8u*sizeof(bin_seed));
+ seq_curve[2].optional = 1;
+ /* try to load public key */
+ len_xy = sizeof(bin_xy);
+ len = 6;
+ err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_SEQUENCE, seq_ecparams, &len);
+
+ if (err == CRYPT_OK) {
+ len_a = seq_curve[0].size;
+ len_b = seq_curve[1].size;
+ len_g = seq_ecparams[3].size;
+ /* create bignums */
+ if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK) { goto error; }
+ if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK) { goto error; }
+ if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK) { goto error; }
+ /* load curve parameters */
+ if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
+ /* load public key */
+ err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key);
+ }
+error:
+ mp_clear_multi(prime, order, a, b, gx, gy, NULL);
+ return err;
+}
+
+int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ int err;
+
+ if ((err = _ecc_import_x509_with_oid(in, inlen, key)) == CRYPT_OK) {
+ goto success;
+ }
+
+ err = _ecc_import_x509_with_curve(in, inlen, key);
+
+success:
+ return err;
+}
+
+/**
+ Import an ECC key from a X.509 certificate
+ @param in The packet to import from
+ @param inlen It's length (octets)
+ @param key [out] Destination for newly imported key
+ @return CRYPT_OK if successful, upon error allocated memory is freed
+*/
+int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+ int err;
+ unsigned long len;
+ ltc_asn1_list *decoded_list = NULL, *l;
+
+ LTC_ARGCHK(in != NULL);
+ LTC_ARGCHK(key != NULL);
+
+ len = inlen;
+ if ((err = der_decode_sequence_flexi(in, &len, &decoded_list)) == CRYPT_OK) {
+ err = CRYPT_ERROR;
+ l = decoded_list;
+ if (l->type == LTC_ASN1_SEQUENCE &&
+ l->child && l->child->type == LTC_ASN1_SEQUENCE) {
+ l = l->child->child;
+ while (l) {
+ if (l->type == LTC_ASN1_SEQUENCE && l->data &&
+ l->child && l->child->type == LTC_ASN1_SEQUENCE &&
+ l->child->child && l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER &&
+ l->child->next && l->child->next->type == LTC_ASN1_BIT_STRING) {
+ err = ecc_import_subject_public_key_info(l->data, l->size, key);
+ goto LBL_DONE;
+ }
+ l = l->next;
+ }
+ }
+ }
+
+LBL_DONE:
+ if (decoded_list) der_free_sequence_flexi(decoded_list);
+ return err;
+}
+
+#endif /* LTC_MECC */
+
+
+/* ref: $Format:%D$ */
+/* git commit: $Format:%H$ */
+/* commit time: $Format:%ai$ */
diff --git a/tests/ecc_test.c b/tests/ecc_test.c
index 8a85c2490..f86703ea2 100644
--- a/tests/ecc_test.c
+++ b/tests/ecc_test.c
@@ -519,10 +519,390 @@ int _ecc_new_api(void)
return CRYPT_OK;
}
+int _ecc_key_cmp(const int should_type, const ecc_key *should, const ecc_key *is)
+{
+ if (should_type != is->type) return CRYPT_ERROR;
+ if (should_type == PK_PRIVATE) {
+ if (mp_cmp(should->k, is->k) != LTC_MP_EQ) return CRYPT_ERROR;
+ }
+ if (mp_cmp(should->dp.prime, is->dp.prime) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->dp.A, is->dp.A) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->dp.B, is->dp.B) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->dp.order, is->dp.order) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->dp.base.x, is->dp.base.x) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->dp.base.y, is->dp.base.y) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->pubkey.x, is->pubkey.x) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (mp_cmp(should->pubkey.y, is->pubkey.y) != LTC_MP_EQ) return CRYPT_ERROR;
+ if (should->dp.size != is->dp.size) return CRYPT_ERROR;
+ if (should->dp.cofactor != is->dp.cofactor) return CRYPT_ERROR;
+ return CRYPT_OK;
+}
+
+int _ecc_import_export(void) {
+ const ltc_ecc_curve *cu;
+ ecc_key key, pri, pub;
+ unsigned char out[300];
+ unsigned long outlen;
+
+ /* the following test keys were generated by:
+ # no password
+ openssl ecparam -name secp256k1 -genkey -out main-key.pem
+ openssl ec -in main-key.pem -param_enc explicit -out long_pri.der -outform DER
+ openssl ec -in main-key.pem -param_enc explicit -conv_form compressed -out long_pric.der -outform DER
+ openssl ec -in main-key.pem -param_enc explicit -pubout -out long_pub.der -outform DER
+ openssl ec -in main-key.pem -param_enc explicit -pubout -conv_form compressed -out long_pubc.der -outform DER
+ openssl ec -in main-key.pem -param_enc named_curve -out short_pri.der -outform DER
+ openssl ec -in main-key.pem -param_enc named_curve -conv_form compressed -out short_pric.der -outform DER
+ openssl ec -in main-key.pem -param_enc named_curve -pubout -out short_pub.der -outform DER
+ openssl ec -in main-key.pem -param_enc named_curve -pubout -conv_form compressed -out short_pubc.der -outform DER
+ # X.509 EC certificates
+ openssl req -new -x509 -keyform der -key long_pri.der -sha512 -subj '/CN=Test Cert EC' -out x509_cert_long.der -outform der -days 365000
+ openssl req -new -x509 -keyform der -key long_pric.der -sha512 -subj '/CN=Test Cert EC' -out x509_cert_longc.der -outform der -days 365000
+ openssl req -new -x509 -keyform der -key short_pri.der -sha512 -subj '/CN=Test Cert EC' -out x509_cert_short.der -outform der -days 365000
+ openssl req -new -x509 -keyform der -key short_pric.der -sha512 -subj '/CN=Test Cert EC' -out x509_cert_shortc.der -outform der -days 365000
+ */
+ static const unsigned char long_pri[] = { /* private + long public, explicit curve params */
+ 0x30, 0x82, 0x01, 0x13, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91,
+ 0x1b, 0xba, 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d,
+ 0x9f, 0x5f, 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x81, 0xa5, 0x30, 0x81, 0xa2, 0x02,
+ 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f,
+ 0x30, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x41, 0x04, 0x79, 0xbe, 0x66, 0x7e, 0xf9,
+ 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d,
+ 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x48, 0x3a, 0xda, 0x77, 0x26,
+ 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6,
+ 0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 0x02, 0x21, 0x00, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae,
+ 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01,
+ 0x01, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1,
+ 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5,
+ 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7,
+ 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e,
+ 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+ };
+ static const unsigned char long_pric[] = { /* private + compressed public, explicit curve params */
+ 0x30, 0x81, 0xd3, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b,
+ 0xba, 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f,
+ 0x5f, 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x81, 0x85, 0x30, 0x81, 0x82, 0x02, 0x01,
+ 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 0x30,
+ 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x21, 0x02, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc,
+ 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce,
+ 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc,
+ 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01, 0x01,
+ 0xa1, 0x24, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf,
+ 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9,
+ 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+ };
+ static const unsigned char long_pub[] = { /* long public, explicit curve params */
+ 0x30, 0x81, 0xf5, 0x30, 0x81, 0xae, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30,
+ 0x81, 0xa2, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01,
+ 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff,
+ 0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x41, 0x04, 0x79, 0xbe,
+ 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b,
+ 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x48, 0x3a,
+ 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17,
+ 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 0x02, 0x21,
+ 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41,
+ 0x41, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+ 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+ 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a,
+ 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5,
+ 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+ };
+ static const unsigned char long_pubc[] = { /* compressed public, explicit curve params */
+ 0x30, 0x81, 0xb5, 0x30, 0x81, 0x8e, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30,
+ 0x81, 0x82, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01,
+ 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff,
+ 0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x21, 0x02, 0x79, 0xbe,
+ 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b,
+ 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x02, 0x21,
+ 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41,
+ 0x41, 0x02, 0x01, 0x01, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+ 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+ 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+ };
+ static const unsigned char short_pri[] = { /* private + long public, curve by OID */
+ 0x30, 0x74, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b, 0xba,
+ 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f, 0x5f,
+ 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x07, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a,
+ 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf,
+ 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9,
+ 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c,
+ 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b,
+ 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+ };
+ static const unsigned char short_pric[] = { /* private + compressed public, curve by OID */
+ 0x30, 0x54, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b, 0xba,
+ 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f, 0x5f,
+ 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x07, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a,
+ 0xa1, 0x24, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf,
+ 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9,
+ 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+ };
+ static const unsigned char short_pub[] = { /* long public, curve by OID */
+ 0x30, 0x56, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b,
+ 0x81, 0x04, 0x00, 0x0a, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+ 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+ 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a,
+ 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5,
+ 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+ };
+ static const unsigned char short_pubc[] = { /* compressed public, curve by OID */
+ 0x30, 0x36, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b,
+ 0x81, 0x04, 0x00, 0x0a, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+ 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+ 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+ };
+ static const unsigned char raw_pri[] = { /* raw private key */
+ 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b, 0xba, 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7,
+ 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f, 0x5f, 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23
+ };
+ static const unsigned char raw_pub[] = { /* raw public key - long form */
+ 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba,
+ 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5,
+ 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63,
+ 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79,
+ 0x4d
+ };
+ static const unsigned char raw_pubc[] = { /* raw public key - compressed form */
+ 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba,
+ 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5,
+ 0x16
+ };
+ static const unsigned char x509_cert_long[] = { /* X.509 cert, long pubkey, explicit curve params */
+ 0x30, 0x82, 0x02, 0x13, 0x30, 0x82, 0x01, 0xba, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+ 0xaf, 0x14, 0xe3, 0x53, 0x36, 0x06, 0x79, 0x34, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+ 0x3d, 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+ 0x0c, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17,
+ 0x0d, 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f,
+ 0x33, 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30,
+ 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74,
+ 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x81, 0xf5, 0x30, 0x81, 0xae, 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0xa2, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06,
+ 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00,
+ 0x04, 0x01, 0x07, 0x04, 0x41, 0x04, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0,
+ 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2,
+ 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4,
+ 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47,
+ 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0,
+ 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04,
+ 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6,
+ 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16,
+ 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62,
+ 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d,
+ 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x66,
+ 0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85, 0x70,
+ 0xf9, 0x1f, 0x2c, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
+ 0x66, 0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85,
+ 0x70, 0xf9, 0x1f, 0x2c, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+ 0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x47,
+ 0x00, 0x30, 0x44, 0x02, 0x1f, 0x2a, 0x62, 0x64, 0x05, 0x67, 0xb0, 0x2c, 0xa0, 0xa3, 0xb8, 0x61,
+ 0x4e, 0x87, 0x06, 0x69, 0xf2, 0xda, 0x78, 0xd6, 0x0e, 0x8d, 0x9b, 0xf1, 0x43, 0x5f, 0xf6, 0x40,
+ 0x9d, 0x9d, 0xbd, 0xce, 0x02, 0x21, 0x00, 0xe9, 0x6f, 0x79, 0xb4, 0x4a, 0x00, 0xf7, 0xfa, 0x81,
+ 0x25, 0x29, 0xec, 0x79, 0xb2, 0xfa, 0x86, 0xf8, 0x84, 0xd1, 0x78, 0xe7, 0xf8, 0xfd, 0x76, 0x2d,
+ 0x4f, 0xfe, 0x02, 0x72, 0xba, 0x6c, 0xca
+ };
+ static const unsigned char x509_cert_longc[] = { /* X.509 cert, compressed pubkey, explicit curve params */
+ 0x30, 0x82, 0x01, 0xd3, 0x30, 0x82, 0x01, 0x7a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+ 0x90, 0x5b, 0x48, 0x32, 0x37, 0x4b, 0x72, 0x54, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+ 0x3d, 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+ 0x0c, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17,
+ 0x0d, 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f,
+ 0x33, 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30,
+ 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74,
+ 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x81, 0xb5, 0x30, 0x81, 0x8e, 0x06, 0x07,
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0x82, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06,
+ 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00,
+ 0x04, 0x01, 0x07, 0x04, 0x21, 0x02, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0,
+ 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2,
+ 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0,
+ 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01, 0x01, 0x03, 0x22, 0x00, 0x03,
+ 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6,
+ 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16,
+ 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xca,
+ 0x2a, 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6, 0x49,
+ 0x9f, 0x98, 0xcf, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
+ 0xca, 0x2a, 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6,
+ 0x49, 0x9f, 0x98, 0xcf, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+ 0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x47,
+ 0x00, 0x30, 0x44, 0x02, 0x20, 0x24, 0x7a, 0xc1, 0xb4, 0x7d, 0x1c, 0x3c, 0x23, 0xc6, 0xad, 0xea,
+ 0x04, 0x27, 0x27, 0x65, 0xb8, 0x72, 0x93, 0x46, 0xc9, 0xe9, 0x60, 0x8f, 0xca, 0x96, 0x30, 0x60,
+ 0xb3, 0x22, 0xf7, 0x3b, 0x01, 0x02, 0x20, 0x48, 0x30, 0x2a, 0x58, 0x18, 0x46, 0xdb, 0x50, 0x3e,
+ 0xad, 0xc3, 0xca, 0xcd, 0x6d, 0x83, 0xd4, 0xc3, 0xc4, 0xa4, 0x8f, 0x37, 0xc3, 0x1d, 0x83, 0x3c,
+ 0xd3, 0x1f, 0x8f, 0x38, 0x29, 0x75, 0x2c
+ };
+ static const unsigned char x509_cert_short[] = { /* X.509 cert, long pubkey, curve by OID */
+ 0x30, 0x82, 0x01, 0x74, 0x30, 0x82, 0x01, 0x1a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+ 0xbd, 0x81, 0x04, 0x29, 0x43, 0x12, 0x79, 0xce, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+ 0x3d, 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+ 0x0c, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17,
+ 0x0d, 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f,
+ 0x33, 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30,
+ 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74,
+ 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x56, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
+ 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a, 0x03, 0x42, 0x00, 0x04,
+ 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6,
+ 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16,
+ 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62,
+ 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d,
+ 0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x66,
+ 0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85, 0x70,
+ 0xf9, 0x1f, 0x2c, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
+ 0x66, 0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85,
+ 0x70, 0xf9, 0x1f, 0x2c, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+ 0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x48,
+ 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0x9b, 0x4e, 0xb2, 0x6a, 0xcc, 0xfa, 0x02, 0x69, 0x22, 0x6a,
+ 0x32, 0x9c, 0x0c, 0xaa, 0x4c, 0xdf, 0xbb, 0x9b, 0x22, 0xfb, 0xd6, 0xec, 0x5d, 0xf9, 0x87, 0x82,
+ 0xeb, 0x37, 0xb8, 0x32, 0x7c, 0xd6, 0x02, 0x20, 0x50, 0x8b, 0x9f, 0xc1, 0xa8, 0x4a, 0xff, 0x49,
+ 0x0d, 0x7e, 0x04, 0x2d, 0x93, 0x3e, 0xdb, 0x30, 0xbc, 0x93, 0xd1, 0x16, 0x1d, 0x99, 0xbd, 0x3f,
+ 0xfa, 0x2a, 0x6d, 0xe0, 0x2a, 0x83, 0x55, 0x5d
+ };
+ static const unsigned char x509_cert_shortc[] = { /* X.509 cert, compressed pubkey, curve by OID */
+ 0x30, 0x82, 0x01, 0x54, 0x30, 0x81, 0xfa, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x85,
+ 0x45, 0x77, 0x75, 0x02, 0x95, 0xf7, 0x06, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+ 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c,
+ 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17, 0x0d,
+ 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f, 0x33,
+ 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30, 0x17,
+ 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74, 0x20,
+ 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x36, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48,
+ 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a, 0x03, 0x22, 0x00, 0x03, 0x2a,
+ 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f,
+ 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0xa3,
+ 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xca, 0x2a,
+ 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6, 0x49, 0x9f,
+ 0x98, 0xcf, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xca,
+ 0x2a, 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6, 0x49,
+ 0x9f, 0x98, 0xcf, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+ 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x49, 0x00,
+ 0x30, 0x46, 0x02, 0x21, 0x00, 0xa4, 0xf9, 0x41, 0x2b, 0x4b, 0x56, 0xa5, 0xd4, 0x8c, 0xdf, 0xb0,
+ 0x14, 0xe3, 0xe7, 0xed, 0xcc, 0xc4, 0x46, 0x42, 0x04, 0xec, 0x15, 0x9f, 0xe1, 0xb2, 0x00, 0x07,
+ 0x8c, 0xc1, 0xf9, 0x25, 0xed, 0x02, 0x21, 0x00, 0x81, 0xd8, 0xc4, 0x3a, 0x9f, 0xdf, 0xc1, 0x70,
+ 0x9d, 0x7b, 0x70, 0x3e, 0xf5, 0x7d, 0xa4, 0xfd, 0x3c, 0xc6, 0x49, 0x93, 0xd3, 0x5b, 0xef, 0xc9,
+ 0xae, 0x97, 0xaf, 0x64, 0x64, 0xf9, 0x69, 0xd8
+ };
+
+ if (ltc_mp.sqrtmod_prime == NULL) return CRYPT_NOP; /* we need compressed points which requires sqrtmod_prime */
+
+ DO(ecc_import_openssl(short_pub, sizeof(short_pub), &pub));
+ DO(ecc_import_openssl(short_pri, sizeof(short_pri), &pri));
+ DO(ecc_get_curve("SECP256K1", &cu));
+
+ /* import - raw keys */
+ DO(ecc_set_dp(cu, &key));
+ DO(ecc_set_key(raw_pri, sizeof(raw_pri), PK_PRIVATE, &key));
+ DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+ ecc_free(&key);
+ DO(ecc_set_dp(cu, &key));
+ DO(ecc_set_key(raw_pub, sizeof(raw_pub), PK_PUBLIC, &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_set_dp(cu, &key));
+ DO(ecc_set_key(raw_pubc, sizeof(raw_pubc), PK_PUBLIC, &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+
+ /* import - openssl compatible DER format */
+ DO(ecc_import_openssl(long_pri, sizeof(long_pri), &key));
+ DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(long_pric, sizeof(long_pric), &key));
+ DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(long_pub, sizeof(long_pub), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(long_pubc, sizeof(long_pubc), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(short_pri, sizeof(short_pri), &key));
+ DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(short_pric, sizeof(short_pric), &key));
+ DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(short_pub, sizeof(short_pub), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_import_openssl(short_pubc, sizeof(short_pubc), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+
+ /* import - X.509 EC certificates */
+ DO(ecc_import_x509(x509_cert_long, sizeof(x509_cert_long), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_import_x509(x509_cert_longc, sizeof(x509_cert_longc), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_import_x509(x509_cert_short, sizeof(x509_cert_short), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+ DO(ecc_import_x509(x509_cert_shortc, sizeof(x509_cert_shortc), &key));
+ DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+ ecc_free(&key);
+
+ /* export - openssl compatible DER format */
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PRIVATE, &pri));
+ if (compare_testvector(out, outlen, long_pri, sizeof(long_pri), "e-long_pri", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PRIVATE|PK_COMPRESSED, &pri));
+ if (compare_testvector(out, outlen, long_pric, sizeof(long_pric), "e-long_pric", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PUBLIC, &pub));
+ if (compare_testvector(out, outlen, long_pub, sizeof(long_pub), "e-long_pub", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PUBLIC|PK_COMPRESSED, &pub));
+ if (compare_testvector(out, outlen, long_pubc, sizeof(long_pubc), "e-long_pubc", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PRIVATE|PK_CURVEOID, &pri));
+ if (compare_testvector(out, outlen, short_pri, sizeof(short_pri), "e-short_pri", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PRIVATE|PK_CURVEOID|PK_COMPRESSED, &pri));
+ if (compare_testvector(out, outlen, short_pric, sizeof(short_pric), "e-short_pric", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PUBLIC|PK_CURVEOID, &pub));
+ if (compare_testvector(out, outlen, short_pub, sizeof(short_pub), "e-short_pub", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_export_openssl(out, &outlen, PK_PUBLIC|PK_CURVEOID|PK_COMPRESSED, &pub));
+ if (compare_testvector(out, outlen, short_pubc, sizeof(short_pubc), "e-short_pubc", 0)) return CRYPT_ERROR;
+
+ /* export - raw keys */
+ outlen = sizeof(out);
+ DO(ecc_get_key(out, &outlen, PK_PRIVATE, &pri));
+ if (compare_testvector(out, outlen, raw_pri, sizeof(raw_pri), "e-raw_pri", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_get_key(out, &outlen, PK_PUBLIC, &pub));
+ if (compare_testvector(out, outlen, raw_pub, sizeof(raw_pub), "e-raw_pub", 0)) return CRYPT_ERROR;
+ outlen = sizeof(out);
+ DO(ecc_get_key(out, &outlen, PK_PUBLIC|PK_COMPRESSED, &pub));
+ if (compare_testvector(out, outlen, raw_pubc, sizeof(raw_pubc), "e-raw_pubc", 0)) return CRYPT_ERROR;
+
+ ecc_free(&pri);
+ ecc_free(&pub);
+ return CRYPT_OK;
+}
+
int ecc_tests(void)
{
DO(_ecc_old_api()); /* up to 1.18 */
DO(_ecc_new_api());
+ DO(_ecc_import_export());
DO(_ecc_test_mp());
DO(_ecc_issue108());
#ifdef LTC_ECC_SHAMIR