1 /* Written by Nils Larsch for the OpenSSL project. */
2 /* ====================================================================
3 * Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com). */
53
54 #include <openssl/ec.h>
55
56 #include <string.h>
57
58 #include <openssl/asn1.h>
59 #include <openssl/asn1t.h>
60 #include <openssl/bn.h>
61 #include <openssl/err.h>
62 #include <openssl/mem.h>
63 #include <openssl/obj.h>
64
65 #include "internal.h"
66
67
68 typedef struct x9_62_fieldid_st {
69 ASN1_OBJECT *fieldType;
70 union {
71 char *ptr;
72 /* NID_X9_62_prime_field */
73 ASN1_INTEGER *prime;
74 /* anything else */
75 ASN1_TYPE *other;
76 } p;
77 } X9_62_FIELDID;
78
79 ASN1_ADB_TEMPLATE(fieldID_def) = ASN1_SIMPLE(X9_62_FIELDID, p.other, ASN1_ANY);
80
81 ASN1_ADB(X9_62_FIELDID) = {
82 ADB_ENTRY(NID_X9_62_prime_field, ASN1_SIMPLE(X9_62_FIELDID, p.prime, ASN1_INTEGER)),
83 } ASN1_ADB_END(X9_62_FIELDID, 0, fieldType, 0, &fieldID_def_tt, NULL);
84
85 ASN1_SEQUENCE(X9_62_FIELDID) = {
86 ASN1_SIMPLE(X9_62_FIELDID, fieldType, ASN1_OBJECT),
87 ASN1_ADB_OBJECT(X9_62_FIELDID)
88 } ASN1_SEQUENCE_END(X9_62_FIELDID);
89
90 typedef struct x9_62_curve_st {
91 ASN1_OCTET_STRING *a;
92 ASN1_OCTET_STRING *b;
93 ASN1_BIT_STRING *seed;
94 } X9_62_CURVE;
95
96 ASN1_SEQUENCE(X9_62_CURVE) = {
97 ASN1_SIMPLE(X9_62_CURVE, a, ASN1_OCTET_STRING),
98 ASN1_SIMPLE(X9_62_CURVE, b, ASN1_OCTET_STRING),
99 ASN1_OPT(X9_62_CURVE, seed, ASN1_BIT_STRING)
100 } ASN1_SEQUENCE_END(X9_62_CURVE);
101
102 typedef struct ec_parameters_st {
103 long version;
104 X9_62_FIELDID *fieldID;
105 X9_62_CURVE *curve;
106 ASN1_OCTET_STRING *base;
107 ASN1_INTEGER *order;
108 ASN1_INTEGER *cofactor;
109 } ECPARAMETERS;
110
111 DECLARE_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS);
112
113 ASN1_SEQUENCE(ECPARAMETERS) = {
114 ASN1_SIMPLE(ECPARAMETERS, version, LONG),
115 ASN1_SIMPLE(ECPARAMETERS, fieldID, X9_62_FIELDID),
116 ASN1_SIMPLE(ECPARAMETERS, curve, X9_62_CURVE),
117 ASN1_SIMPLE(ECPARAMETERS, base, ASN1_OCTET_STRING),
118 ASN1_SIMPLE(ECPARAMETERS, order, ASN1_INTEGER),
119 ASN1_OPT(ECPARAMETERS, cofactor, ASN1_INTEGER)
120 } ASN1_SEQUENCE_END(ECPARAMETERS);
121
122 IMPLEMENT_ASN1_ALLOC_FUNCTIONS(ECPARAMETERS);
123
124 typedef struct ecpk_parameters_st {
125 int type;
126 union {
127 ASN1_OBJECT *named_curve;
128 ECPARAMETERS *parameters;
129 } value;
130 } ECPKPARAMETERS;
131
132 /* SEC1 ECPrivateKey */
133 typedef struct ec_privatekey_st {
134 long version;
135 ASN1_OCTET_STRING *privateKey;
136 ECPKPARAMETERS *parameters;
137 ASN1_BIT_STRING *publicKey;
138 } EC_PRIVATEKEY;
139
140 DECLARE_ASN1_FUNCTIONS_const(ECPKPARAMETERS);
141 DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECPKPARAMETERS, ECPKPARAMETERS);
142
143 ASN1_CHOICE(ECPKPARAMETERS) = {
144 ASN1_SIMPLE(ECPKPARAMETERS, value.named_curve, ASN1_OBJECT),
145 ASN1_SIMPLE(ECPKPARAMETERS, value.parameters, ECPARAMETERS),
146 } ASN1_CHOICE_END(ECPKPARAMETERS);
147
148 IMPLEMENT_ASN1_FUNCTIONS_const(ECPKPARAMETERS);
149
150 DECLARE_ASN1_FUNCTIONS_const(EC_PRIVATEKEY);
151 DECLARE_ASN1_ENCODE_FUNCTIONS_const(EC_PRIVATEKEY, EC_PRIVATEKEY);
152
153 ASN1_SEQUENCE(EC_PRIVATEKEY) = {
154 ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG),
155 ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING),
156 ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0),
157 ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1),
158 } ASN1_SEQUENCE_END(EC_PRIVATEKEY);
159
160 IMPLEMENT_ASN1_FUNCTIONS_const(EC_PRIVATEKEY);
161
162
ec_asn1_group2pkparameters(const EC_GROUP * group,ECPKPARAMETERS * params)163 ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
164 ECPKPARAMETERS *params) {
165 int ok = 0, nid;
166 ECPKPARAMETERS *ret = params;
167
168 if (ret == NULL) {
169 ret = ECPKPARAMETERS_new();
170 if (ret == NULL) {
171 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
172 return NULL;
173 }
174 } else {
175 ASN1_OBJECT_free(ret->value.named_curve);
176 }
177
178 /* use the ASN.1 OID to describe the the elliptic curve parameters. */
179 nid = EC_GROUP_get_curve_name(group);
180 if (nid) {
181 ret->type = 0;
182 ret->value.named_curve = (ASN1_OBJECT*) OBJ_nid2obj(nid);
183 ok = ret->value.named_curve != NULL;
184 }
185
186 if (!ok) {
187 ECPKPARAMETERS_free(ret);
188 return NULL;
189 }
190
191 return ret;
192 }
193
ec_asn1_pkparameters2group(const ECPKPARAMETERS * params)194 EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) {
195 EC_GROUP *ret = NULL;
196 int nid = NID_undef;
197
198 if (params == NULL) {
199 OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS);
200 return NULL;
201 }
202
203 if (params->type == 0) {
204 nid = OBJ_obj2nid(params->value.named_curve);
205 } else if (params->type == 1) {
206 /* We don't support arbitary curves so we attempt to recognise it from the
207 * group order. */
208 const ECPARAMETERS *ecparams = params->value.parameters;
209 unsigned i;
210 const struct built_in_curve *curve;
211
212 for (i = 0; OPENSSL_built_in_curves[i].nid != NID_undef; i++) {
213 curve = &OPENSSL_built_in_curves[i];
214 const unsigned param_len = curve->data->param_len;
215 if ((unsigned) ecparams->order->length == param_len &&
216 memcmp(ecparams->order->data, &curve->data->data[param_len * 5],
217 param_len) == 0) {
218 nid = curve->nid;
219 break;
220 }
221 }
222 }
223
224 if (nid == NID_undef) {
225 OPENSSL_PUT_ERROR(EC, EC_R_NON_NAMED_CURVE);
226 return NULL;
227 }
228
229 ret = EC_GROUP_new_by_curve_name(nid);
230 if (ret == NULL) {
231 OPENSSL_PUT_ERROR(EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
232 return NULL;
233 }
234
235 return ret;
236 }
237
d2i_ECPKParameters(EC_GROUP ** groupp,const uint8_t ** inp,long len)238 static EC_GROUP *d2i_ECPKParameters(EC_GROUP **groupp, const uint8_t **inp,
239 long len) {
240 EC_GROUP *group = NULL;
241 ECPKPARAMETERS *params = NULL;
242 const uint8_t *in = *inp;
243
244 params = d2i_ECPKPARAMETERS(NULL, &in, len);
245 if (params == NULL) {
246 OPENSSL_PUT_ERROR(EC, EC_R_D2I_ECPKPARAMETERS_FAILURE);
247 ECPKPARAMETERS_free(params);
248 return NULL;
249 }
250
251 group = ec_asn1_pkparameters2group(params);
252 if (group == NULL) {
253 OPENSSL_PUT_ERROR(EC, EC_R_PKPARAMETERS2GROUP_FAILURE);
254 ECPKPARAMETERS_free(params);
255 return NULL;
256 }
257
258 if (groupp) {
259 EC_GROUP_free(*groupp);
260 *groupp = group;
261 }
262
263 ECPKPARAMETERS_free(params);
264 *inp = in;
265 return group;
266 }
267
i2d_ECPKParameters(const EC_GROUP * group,uint8_t ** outp)268 static int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) {
269 int ret = 0;
270 ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(group, NULL);
271 if (tmp == NULL) {
272 OPENSSL_PUT_ERROR(EC, EC_R_GROUP2PKPARAMETERS_FAILURE);
273 return 0;
274 }
275 ret = i2d_ECPKPARAMETERS(tmp, outp);
276 if (ret == 0) {
277 OPENSSL_PUT_ERROR(EC, EC_R_I2D_ECPKPARAMETERS_FAILURE);
278 ECPKPARAMETERS_free(tmp);
279 return 0;
280 }
281 ECPKPARAMETERS_free(tmp);
282 return ret;
283 }
284
d2i_ECPrivateKey(EC_KEY ** a,const uint8_t ** inp,long len)285 EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **inp, long len) {
286 int ok = 0;
287 EC_KEY *ret = NULL;
288 EC_PRIVATEKEY *priv_key = NULL;
289
290 const uint8_t *in = *inp;
291 priv_key = d2i_EC_PRIVATEKEY(NULL, &in, len);
292 if (priv_key == NULL) {
293 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
294 return NULL;
295 }
296
297 if (a == NULL || *a == NULL) {
298 ret = EC_KEY_new();
299 if (ret == NULL) {
300 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
301 goto err;
302 }
303 } else {
304 ret = *a;
305 }
306
307 if (priv_key->parameters) {
308 EC_GROUP_free(ret->group);
309 ret->group = ec_asn1_pkparameters2group(priv_key->parameters);
310 }
311
312 if (ret->group == NULL) {
313 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
314 goto err;
315 }
316
317 ret->version = priv_key->version;
318
319 if (priv_key->privateKey) {
320 ret->priv_key =
321 BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey),
322 M_ASN1_STRING_length(priv_key->privateKey), ret->priv_key);
323 if (ret->priv_key == NULL) {
324 OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
325 goto err;
326 }
327 } else {
328 OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PRIVATE_KEY);
329 goto err;
330 }
331
332 if (BN_cmp(ret->priv_key, EC_GROUP_get0_order(ret->group)) >= 0) {
333 OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER);
334 goto err;
335 }
336
337 EC_POINT_free(ret->pub_key);
338 ret->pub_key = EC_POINT_new(ret->group);
339 if (ret->pub_key == NULL) {
340 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
341 goto err;
342 }
343
344 if (priv_key->publicKey) {
345 const uint8_t *pub_oct;
346 int pub_oct_len;
347
348 pub_oct = M_ASN1_STRING_data(priv_key->publicKey);
349 pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey);
350 /* The first byte (the point conversion form) must be present. */
351 if (pub_oct_len <= 0) {
352 OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL);
353 goto err;
354 }
355 /* Save the point conversion form. */
356 ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01);
357 if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len,
358 NULL)) {
359 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
360 goto err;
361 }
362 } else {
363 if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL,
364 NULL)) {
365 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
366 goto err;
367 }
368 /* Remember the original private-key-only encoding. */
369 ret->enc_flag |= EC_PKEY_NO_PUBKEY;
370 }
371
372 if (a) {
373 *a = ret;
374 }
375 *inp = in;
376 ok = 1;
377
378 err:
379 if (!ok) {
380 if (a == NULL || *a != ret) {
381 EC_KEY_free(ret);
382 }
383 ret = NULL;
384 }
385
386 EC_PRIVATEKEY_free(priv_key);
387
388 return ret;
389 }
390
i2d_ECPrivateKey(const EC_KEY * key,uint8_t ** outp)391 int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) {
392 int ret = 0, ok = 0;
393 uint8_t *buffer = NULL;
394 size_t buf_len = 0, tmp_len;
395 EC_PRIVATEKEY *priv_key = NULL;
396
397 if (key == NULL || key->group == NULL || key->priv_key == NULL) {
398 OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
399 goto err;
400 }
401
402 priv_key = EC_PRIVATEKEY_new();
403 if (priv_key == NULL) {
404 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
405 goto err;
406 }
407
408 priv_key->version = key->version;
409
410 buf_len = BN_num_bytes(&key->group->order);
411 buffer = OPENSSL_malloc(buf_len);
412 if (buffer == NULL) {
413 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
414 goto err;
415 }
416
417 if (!BN_bn2bin_padded(buffer, buf_len, key->priv_key)) {
418 OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB);
419 goto err;
420 }
421
422 if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) {
423 OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB);
424 goto err;
425 }
426
427 /* TODO(fork): replace this flexibility with key sensible default? */
428 if (!(key->enc_flag & EC_PKEY_NO_PARAMETERS)) {
429 if ((priv_key->parameters = ec_asn1_group2pkparameters(
430 key->group, priv_key->parameters)) == NULL) {
431 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
432 goto err;
433 }
434 }
435
436 /* TODO(fork): replace this flexibility with key sensible default? */
437 if (!(key->enc_flag & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) {
438 priv_key->publicKey = M_ASN1_BIT_STRING_new();
439 if (priv_key->publicKey == NULL) {
440 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
441 goto err;
442 }
443
444 tmp_len = EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, NULL,
445 0, NULL);
446
447 if (tmp_len > buf_len) {
448 uint8_t *tmp_buffer = OPENSSL_realloc(buffer, tmp_len);
449 if (!tmp_buffer) {
450 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
451 goto err;
452 }
453 buffer = tmp_buffer;
454 buf_len = tmp_len;
455 }
456
457 if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, buffer,
458 buf_len, NULL)) {
459 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
460 goto err;
461 }
462
463 priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
464 priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
465 if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) {
466 OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB);
467 goto err;
468 }
469 }
470
471 ret = i2d_EC_PRIVATEKEY(priv_key, outp);
472 if (ret == 0) {
473 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
474 goto err;
475 }
476 ok = 1;
477
478 err:
479 OPENSSL_free(buffer);
480 EC_PRIVATEKEY_free(priv_key);
481 return (ok ? ret : 0);
482 }
483
i2d_ECParameters(const EC_KEY * key,uint8_t ** outp)484 int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) {
485 if (key == NULL) {
486 OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
487 return 0;
488 }
489 return i2d_ECPKParameters(key->group, outp);
490 }
491
d2i_ECParameters(EC_KEY ** key,const uint8_t ** inp,long len)492 EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) {
493 EC_KEY *ret;
494
495 if (inp == NULL || *inp == NULL) {
496 OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
497 return NULL;
498 }
499
500 if (key == NULL || *key == NULL) {
501 ret = EC_KEY_new();
502 if (ret == NULL) {
503 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
504 return NULL;
505 }
506 } else {
507 ret = *key;
508 }
509
510 if (!d2i_ECPKParameters(&ret->group, inp, len)) {
511 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
512 if (key == NULL || *key == NULL) {
513 EC_KEY_free(ret);
514 }
515 return NULL;
516 }
517
518 if (key) {
519 *key = ret;
520 }
521 return ret;
522 }
523
o2i_ECPublicKey(EC_KEY ** keyp,const uint8_t ** inp,long len)524 EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) {
525 EC_KEY *ret = NULL;
526
527 if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) {
528 OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
529 return 0;
530 }
531 ret = *keyp;
532 if (ret->pub_key == NULL &&
533 (ret->pub_key = EC_POINT_new(ret->group)) == NULL) {
534 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
535 return 0;
536 }
537 if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) {
538 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
539 return 0;
540 }
541 /* save the point conversion form */
542 ret->conv_form = (point_conversion_form_t)(*inp[0] & ~0x01);
543 *inp += len;
544 return ret;
545 }
546
i2o_ECPublicKey(const EC_KEY * key,uint8_t ** outp)547 int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) {
548 size_t buf_len = 0;
549 int new_buffer = 0;
550
551 if (key == NULL) {
552 OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER);
553 return 0;
554 }
555
556 buf_len = EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, NULL,
557 0, NULL);
558
559 if (outp == NULL || buf_len == 0) {
560 /* out == NULL => just return the length of the octet string */
561 return buf_len;
562 }
563
564 if (*outp == NULL) {
565 *outp = OPENSSL_malloc(buf_len);
566 if (*outp == NULL) {
567 OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE);
568 return 0;
569 }
570 new_buffer = 1;
571 }
572 if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp,
573 buf_len, NULL)) {
574 OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB);
575 if (new_buffer) {
576 OPENSSL_free(*outp);
577 *outp = NULL;
578 }
579 return 0;
580 }
581
582 if (!new_buffer) {
583 *outp += buf_len;
584 }
585 return buf_len;
586 }
587