自学教程：C++ EC_KEY_set_public_key函数代码示例

/* Retrieve EC point from cert into ec * return nonzero on error */static int pkcs11_get_point_cert(EC_KEY *ec, PKCS11_CERT *cert){	EVP_PKEY *pubkey = NULL;	EC_KEY *pubkey_ec;	const EC_POINT *point;	int rv = -1;	if (cert == NULL)		goto error;#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)	pubkey = X509_get0_pubkey(cert->x509);#else	pubkey = X509_get_pubkey(cert->x509);#endif	if (pubkey == NULL)		goto error;	pubkey_ec = EVP_PKEY_get0_EC_KEY(pubkey);	if (pubkey_ec == NULL)		goto error;	point = EC_KEY_get0_public_key(pubkey_ec);	if (point == NULL)		goto error;	if (EC_KEY_set_public_key(ec, point) == 0)		goto error;	rv = 0;error:#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)	EVP_PKEY_free(pubkey);#endif	return rv;}

static EC_KEY *mk_eckey(int nid, const char *str){    int ok = 0;    EC_KEY *k = NULL;    BIGNUM *priv = NULL;    EC_POINT *pub = NULL;    const EC_GROUP *grp;    k = EC_KEY_new_by_curve_name(nid);    if (!k)        goto err;    if(!BN_hex2bn(&priv, str))        goto err;    if (!priv)        goto err;    if (!EC_KEY_set_private_key(k, priv))        goto err;    grp = EC_KEY_get0_group(k);    pub = EC_POINT_new(grp);    if (!pub)        goto err;    if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))        goto err;    if (!EC_KEY_set_public_key(k, pub))        goto err;    ok = 1; err:    BN_clear_free(priv);    EC_POINT_free(pub);    if (ok)        return k;    EC_KEY_free(k);    return NULL;}

int_libssh2_ecdsa_curve_name_with_octal_new(libssh2_ecdsa_ctx ** ec_ctx,     const unsigned char *k,     size_t k_len, libssh2_curve_type curve){    int ret = 0;    const EC_GROUP *ec_group = NULL;    EC_KEY *ec_key = EC_KEY_new_by_curve_name(curve);    EC_POINT *point = NULL;    if(ec_key) {        ec_group = EC_KEY_get0_group(ec_key);        point = EC_POINT_new(ec_group);        ret = EC_POINT_oct2point(ec_group, point, k, k_len, NULL);        ret = EC_KEY_set_public_key(ec_key, point);        if(point != NULL)            EC_POINT_free(point);        if(ec_ctx != NULL)            *ec_ctx = ec_key;    }    return (ret == 1) ? 0 : -1;}

static EC_KEY *mk_eckey(int nid, const unsigned char *p, size_t plen){    int ok = 0;    EC_KEY *k = NULL;    BIGNUM *priv = NULL;    EC_POINT *pub = NULL;    const EC_GROUP *grp;    k = EC_KEY_new_by_curve_name(nid);    if (!k)        goto err;    priv = BN_bin2bn(p, plen, NULL);    if (!priv)        goto err;    if (!EC_KEY_set_private_key(k, priv))        goto err;    grp = EC_KEY_get0_group(k);    pub = EC_POINT_new(grp);    if (!pub)        goto err;    if (!EC_POINT_mul(grp, pub, priv, NULL, NULL, NULL))        goto err;    if (!EC_KEY_set_public_key(k, pub))        goto err;    ok = 1; err:    if (priv)        BN_clear_free(priv);    if (pub)        EC_POINT_free(pub);    if (ok)        return k;    else if (k)        EC_KEY_free(k);    return NULL;}

		// Generate a private key from just the secret parameter		bool EC_KEY_regenerate_key(EC_KEY *eckey, BIGNUM *priv_key)		{			bool success = false;			BN_CTX *ctx = nullptr;			EC_POINT *pub_key = nullptr;			if (!eckey)				return 0;			const EC_GROUP *group = EC_KEY_get0_group(eckey);			ctx = BN_CTX_new();			if (!ctx)				goto error;			pub_key = EC_POINT_new(group);			if (!pub_key)				goto error;			if (!EC_POINT_mul(group, pub_key, priv_key, nullptr, nullptr, ctx))				goto error;			EC_KEY_set_private_key(eckey, priv_key);			EC_KEY_set_public_key(eckey, pub_key);			success = true;		error:			if (pub_key)				EC_POINT_free(pub_key);			if (ctx)				BN_CTX_free(ctx);			return success;		}

int verification(    const unsigned char m[SHORTHASH_BYTES],const unsigned long long mlen,    const unsigned char sm[SIGNATURE_BYTES],const unsigned long long smlen,    const unsigned char pk[PUBLICKEY_BYTES],const unsigned long long pklen    ){  unsigned char h[20];  EC_GROUP *group;  EC_KEY *k;  EC_POINT *kxy;  BIGNUM *kx;  BIGNUM *ky;  ECDSA_SIG *rs;  int len;  if (smlen != SIGNATURE_BYTES) return -1;  if (mlen > SHORTHASH_BYTES) return -1;  SHA1(m,mlen,h);  group = EC_GROUP_new_by_curve_name(NID);  if (!group) return -1;  kx = BN_new(); if (!kx) return -1;  ky = BN_new(); if (!ky) { BN_free(kx); return -1; }  kxy = EC_POINT_new(group); if (!kxy) { BN_free(ky); BN_free(kx); return -1; }  k = EC_KEY_new(); if (!k) { EC_POINT_free(kxy); BN_free(ky); BN_free(kx); return -1; }  rs = ECDSA_SIG_new(); if (!rs) { EC_KEY_free(k); EC_POINT_free(kxy); BN_free(ky); BN_free(kx); return -1; }  if (!EC_KEY_set_group(k,group)) goto error;  if (!BN_bin2bn(pk,PRIME_BYTES,kx)) goto error; pk += PRIME_BYTES;  if (!BN_bin2bn(pk,PRIME_BYTES,ky)) goto error;#ifdef PRIME_FIELD  if (!EC_POINT_set_affine_coordinates_GFp(group,kxy,kx,ky,0)) goto error;#else  if (!EC_POINT_set_affine_coordinates_GF2m(group,kxy,kx,ky,0)) goto error;#endif  if (!EC_KEY_set_public_key(k,kxy)) goto error;  if (!BN_bin2bn(sm,PRIME_BYTES,rs->r)) goto error; sm += PRIME_BYTES;  if (!BN_bin2bn(sm,PRIME_BYTES,rs->s)) goto error;  len = ECDSA_do_verify(h,20,rs,k);  ECDSA_SIG_free(rs);  EC_KEY_free(k);  EC_POINT_free(kxy);  BN_free(ky);  BN_free(kx);  if (len == 1) return 0;  if (len == 0) return -100;  return -1;  error:  ECDSA_SIG_free(rs);  EC_KEY_free(k);  EC_POINT_free(kxy);  BN_free(ky);  BN_free(kx);  return -1;}

static isc_result_tecdsa_check(EC_KEY *eckey, dst_key_t *pub){	isc_result_t ret = ISC_R_FAILURE;	EVP_PKEY *pkey;	EC_KEY *pubeckey = NULL;	const EC_POINT *pubkey;	if (pub == NULL)		return (ISC_R_SUCCESS);	pkey = pub->keydata.pkey;	if (pkey == NULL)		return (ISC_R_SUCCESS);	pubeckey = EVP_PKEY_get1_EC_KEY(pkey);	if (pubeckey == NULL)		return (ISC_R_SUCCESS);	pubkey = EC_KEY_get0_public_key(pubeckey);	if (pubkey == NULL)		DST_RET (ISC_R_SUCCESS);	if (EC_KEY_set_public_key(eckey, pubkey) != 1)		DST_RET (ISC_R_SUCCESS);	if (EC_KEY_check_key(eckey) == 1)		DST_RET (ISC_R_SUCCESS); err:	if (pubeckey != NULL)		EC_KEY_free(pubeckey);	return (ret);}

static int eckey_pub_decode(EVP_PKEY *out, CBS *params, CBS *key) {  // See RFC 5480, section 2.  // The parameters are a named curve.  EC_POINT *point = NULL;  EC_KEY *eckey = NULL;  EC_GROUP *group = EC_KEY_parse_curve_name(params);  if (group == NULL || CBS_len(params) != 0) {    OPENSSL_PUT_ERROR(EVP, EVP_R_DECODE_ERROR);    goto err;  }  eckey = EC_KEY_new();  if (eckey == NULL || !EC_KEY_set_group(eckey, group)) {    goto err;  }  point = EC_POINT_new(group);  if (point == NULL ||      !EC_POINT_oct2point(group, point, CBS_data(key), CBS_len(key), NULL) ||      !EC_KEY_set_public_key(eckey, point)) {    goto err;  }  EC_GROUP_free(group);  EC_POINT_free(point);  EVP_PKEY_assign_EC_KEY(out, eckey);  return 1;err:  EC_GROUP_free(group);  EC_POINT_free(point);  EC_KEY_free(eckey);  return 0;}

// Generate a private key from just the secret parameterint EC_KEY_regenerate_key(EC_KEY *eckey, BIGNUM *priv_key){    int ok = 0;    BN_CTX *ctx = NULL;    EC_POINT *pub_key = NULL;    if (!eckey) return 0;    const EC_GROUP *group = EC_KEY_get0_group(eckey);    if ((ctx = BN_CTX_new()) == NULL)        goto err;    pub_key = EC_POINT_new(group);    if (pub_key == NULL)        goto err;    if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx))        goto err;    EC_KEY_set_private_key(eckey,priv_key);    EC_KEY_set_public_key(eckey,pub_key);    ok = 1;err:    if (pub_key)        EC_POINT_free(pub_key);    if (ctx != NULL)        BN_CTX_free(ctx);    return(ok);}

intsshbuf_get_eckey(struct sshbuf *buf, EC_KEY *v){	EC_POINT *pt = EC_POINT_new(EC_KEY_get0_group(v));	int r;	const u_char *d;	size_t len;	if (pt == NULL) {		SSHBUF_DBG(("SSH_ERR_ALLOC_FAIL"));		return SSH_ERR_ALLOC_FAIL;	}	if ((r = sshbuf_peek_string_direct(buf, &d, &len)) < 0) {		EC_POINT_free(pt);		return r;	}	if ((r = get_ec(d, len, pt, EC_KEY_get0_group(v))) != 0) {		EC_POINT_free(pt);		return r;	}	if (EC_KEY_set_public_key(v, pt) != 1) {		EC_POINT_free(pt);		return SSH_ERR_ALLOC_FAIL; /* XXX assumption */	}	EC_POINT_free(pt);	/* Skip string */	if (sshbuf_get_string_direct(buf, NULL, NULL) != 0) {		/* Shouldn't happen */		SSHBUF_DBG(("SSH_ERR_INTERNAL_ERROR"));		SSHBUF_ABORT();		return SSH_ERR_INTERNAL_ERROR;	}	return 0;	}

static int key_regenerate(struct key *k, const BIGNUM *bn) {  const EC_GROUP *grp;  EC_KEY *key = k->key;  EC_POINT *pub_key;  BN_CTX *ctx;  int res;  ASSERT(key);  grp = EC_KEY_get0_group(key);  ctx = BN_CTX_new();  ASSERT(grp);  ASSERT(ctx);  pub_key = EC_POINT_new(grp);  ASSERT(pub_key);  res = EC_POINT_mul(grp, pub_key, bn, NULL, NULL, ctx);  ASSERT(res == 1);  res = EC_KEY_set_private_key(key, bn);  ASSERT(res == 1);  res = EC_KEY_set_public_key(key, pub_key);  ASSERT(res == 1);  EC_POINT_free(pub_key);  BN_CTX_free(ctx);  return EC_KEY_check_key(k->key);}

static int pub_decode_gost01(EVP_PKEY *pk,X509_PUBKEY *pub)	{	X509_ALGOR *palg = NULL;	const unsigned char *pubkey_buf = NULL;	unsigned char *databuf;	ASN1_OBJECT *palgobj = NULL;	int pub_len,i,j;	EC_POINT *pub_key;	BIGNUM *X,*Y;	ASN1_OCTET_STRING *octet= NULL;	int len;	const EC_GROUP *group;	if (!X509_PUBKEY_get0_param(&palgobj,&pubkey_buf,&pub_len,			&palg, pub)) return 0;	EVP_PKEY_assign(pk,OBJ_obj2nid(palgobj),NULL);		if (!decode_gost_algor_params(pk,palg)) return 0;	group = EC_KEY_get0_group(EVP_PKEY_get0(pk));	octet = d2i_ASN1_OCTET_STRING(NULL,&pubkey_buf,pub_len);	if (!octet) 		{		GOSTerr(GOST_F_PUB_DECODE_GOST01,ERR_R_MALLOC_FAILURE);		return 0;		}		databuf = OPENSSL_malloc(octet->length);	for (i=0,j=octet->length-1;i<octet->length;i++,j--)		{		databuf[j]=octet->data[i];		}	len=octet->length/2;	ASN1_OCTET_STRING_free(octet);			Y= getbnfrombuf(databuf,len);	X= getbnfrombuf(databuf+len,len);	OPENSSL_free(databuf);	pub_key = EC_POINT_new(group);	if (!EC_POINT_set_affine_coordinates_GFp(group			,pub_key,X,Y,NULL))		{		GOSTerr(GOST_F_PUB_DECODE_GOST01,			ERR_R_EC_LIB);		EC_POINT_free(pub_key);		BN_free(X);		BN_free(Y);		return 0;		}		BN_free(X);	BN_free(Y);	if (!EC_KEY_set_public_key(EVP_PKEY_get0(pk),pub_key))		{		GOSTerr(GOST_F_PUB_DECODE_GOST01,			ERR_R_EC_LIB);		EC_POINT_free(pub_key);		return 0;		}		EC_POINT_free(pub_key);	return 1;	}

void OSSLECPublicKey::setQ(const ByteString& q){	ECPublicKey::setQ(q);	EC_POINT* pub = OSSL::byteString2pt(q, EC_KEY_get0_group(eckey));	EC_KEY_set_public_key(eckey, pub);	EC_POINT_free(pub);}

// BCPKICKey CKey::GetDerivedKey(std::vector<unsigned char> ticket) const{  BIGNUM *bn = BN_bin2bn(&ticket[0],ticket.size(),BN_new());  BN_CTX *ctx = NULL;  if ((ctx = BN_CTX_new()) == NULL)    throw key_error("CKey::DeriveKey() : BN_CTX_new failed");  CKey key;  if (HasPrivKey())    { // privkey = privkey + ticket      // snippet from ECDSA_SIG_recover_key_GFp      // TODO check this again      BIGNUM *order = NULL;      if ((order = BN_new()) == NULL)	throw key_error("CKey::DeriveKey() : BN_new failed");      //      BN_CTX_start(ctx);      //order = BN_CTX_get(ctx);      if (!EC_GROUP_get_order(EC_KEY_get0_group(pkey), order, ctx))       	throw key_error("CKey::DeriveKey() : EC_GROUP_get_order failed");      if (!BN_mod_add(bn, bn, EC_KEY_get0_private_key(pkey), order, ctx))      	throw key_error("CKey::DeriveKey() : BN_mod_add failed");      if (!EC_KEY_regenerate_key(key.pkey,bn)) // sets private AND public key        throw key_error("CKey::DeriveKey() : EC_KEY_regenerate_key failed");      //      if (!EC_KEY_set_private_key(key.pkey, bn))       //  throw key_error("CKey::DeriveKey() : EC_KEY_set_private_key failed");      if (!EC_KEY_check_key(key.pkey))	throw key_error("CKey::DeriveKey() : EC_KEY_check_key failed");    }  else    { // add to pub key      // begin snippet from EC_KEY_regenerate_key      EC_POINT *pub_key = NULL;      const EC_GROUP *group = EC_KEY_get0_group(pkey);      pub_key = EC_POINT_new(group);      if (pub_key == NULL)        throw key_error("CKey::DeriveKey() : EC_POINT_new failed");      if (!EC_POINT_mul(group, pub_key, bn, NULL, NULL, ctx))        throw key_error("CKey::DeriveKey() : EC_POINT_mul failed");      // end snippet from EC_KEY_regenerate_key      // now pub_key = ticket * basepoint      //const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *);      //int EC_POINT_add(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *);      if (!EC_POINT_add(group, pub_key, pub_key, EC_KEY_get0_public_key(pkey), ctx))        throw key_error("CKey::DeriveKey() : EC_POINT_add failed");      //int EC_KEY_set_public_key(EC_KEY *, const EC_POINT *);      if (!EC_KEY_set_public_key(key.pkey, pub_key))         throw key_error("CKey::DeriveKey() : EC_KEY_set_public_key failed");    };  key.fSet = true;  key.SetCompressedPubKey();  return key;};

static int EC_KEY_generate_key_part(EC_KEY *eckey){  int ok = 0;  BN_CTX  *ctx = NULL;  BIGNUM  *priv_key = NULL, *order = NULL;  EC_POINT *pub_key = NULL;  const EC_GROUP *group;  if (!eckey)  {    return 0;  }  group = EC_KEY_get0_group(eckey);  if ((order = BN_new()) == NULL) goto err;  if ((ctx = BN_CTX_new()) == NULL) goto err;  priv_key = (BIGNUM*)EC_KEY_get0_private_key(eckey);  if (priv_key == NULL)  {    goto err;  }  if (!EC_GROUP_get_order(group, order, ctx))    goto err;  if (BN_is_zero(priv_key))    goto err;  pub_key = (EC_POINT *)EC_KEY_get0_public_key(eckey);  if (pub_key == NULL)  {    pub_key = EC_POINT_new(group);    if (pub_key == NULL)      goto err;  }  if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx))    goto err;  {    EC_POINT_make_affine(EC_KEY_get0_group(eckey),                         (EC_POINT *)EC_KEY_get0_public_key(eckey),                         NULL);  }  EC_KEY_set_private_key(eckey, priv_key);  EC_KEY_set_public_key(eckey, pub_key);  ok = 1;err:  if (order)    BN_free(order);  if (ctx != NULL)    BN_CTX_free(ctx);  return (ok);}

u2fs_rc decode_user_key(const unsigned char *data, u2fs_EC_KEY_t ** key){  if (key == NULL)    return U2FS_MEMORY_ERROR;  EC_GROUP *ecg = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);  *key = (u2fs_EC_KEY_t *) EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);  EC_POINT *point = EC_POINT_new(ecg);  point_conversion_form_t pcf = POINT_CONVERSION_UNCOMPRESSED;  EC_GROUP_set_point_conversion_form(ecg, pcf);  if (EC_POINT_oct2point(ecg, point, data, U2FS_PUBLIC_KEY_LEN, NULL) == 0) {    if (debug) {      unsigned long err = 0;      err = ERR_get_error();      fprintf(stderr, "Error: %s, %s, %s/n",              ERR_lib_error_string(err),              ERR_func_error_string(err), ERR_reason_error_string(err));    }    *key = NULL;    EC_GROUP_free(ecg);    ecg = NULL;    EC_POINT_free(point);    point = NULL;    return U2FS_CRYPTO_ERROR;  }  EC_GROUP_free(ecg);  ecg = NULL;  if (EC_KEY_set_public_key((EC_KEY *) * key, point) == 0) {    if (debug) {      unsigned long err = 0;      err = ERR_get_error();      fprintf(stderr, "Error: %s, %s, %s/n",              ERR_lib_error_string(err),              ERR_func_error_string(err), ERR_reason_error_string(err));    }    *key = NULL;    EC_POINT_free(point);    point = NULL;    return U2FS_CRYPTO_ERROR;  }  EC_POINT_free(point);  point = NULL;  return U2FS_OK;}

static BOOL SATOSHI_SCRIPT_checksig(SATOSHI_OP_STACK_t * s, const unsigned char * message, uint32_t cbMessage){	BOOL rc = FALSE;			if(NULL == message || cbMessage == 0) return FALSE;		SATOSHI_OP_STACK_DATA_t * pubkey = NULL, * sig = NULL;	pubkey = SATOSHI_OP_STACK_pop(s);		sig = SATOSHI_OP_STACK_pop(s);			if(NULL == pubkey || NULL == sig)	{		if(NULL != pubkey) SATOSHI_OP_STACK_DATA_free(pubkey);		if(NULL != sig) SATOSHI_OP_STACK_DATA_free(sig);		return FALSE;	}		// verify sig	EC_KEY * p_key = EC_KEY_new_by_curve_name(NID_secp256k1);	BN_CTX * ctx = BN_CTX_new();	assert(NULL != p_key && NULL != ctx);	const EC_GROUP * G = EC_KEY_get0_group(p_key);	EC_POINT * Q = EC_POINT_new(G);	EC_POINT_oct2point(G, Q, pubkey->data, pubkey->cb, ctx);	EC_KEY_set_public_key(p_key, Q);		rc = ECDSA_verify(0, message, cbMessage, sig->data, sig->cb, p_key);	if(rc != 1)	{		if(-1 == rc)		{			// openssl error.			ERR_print_errors_fp(stderr);				}		rc = 0;	}		if(rc)	{		SATOSHI_OP_STACK_push_boolean(s, rc, sizeof(BOOL));			}		EC_KEY_free(p_key);	BN_CTX_free(ctx);		SATOSHI_OP_STACK_DATA_free(pubkey);	SATOSHI_OP_STACK_DATA_free(sig);	return rc;}

void serialize_ec_point (ec_point const& point, std::uint8_t* ptr){    ec_key key = ec_key_new_secp256k1_compressed();    if (EC_KEY_set_public_key((EC_KEY*) key.get(), point.get()) <= 0)    {        throw std::runtime_error ("EC_KEY_set_public_key() failed");    }    int const size = i2o_ECPublicKey ((EC_KEY*) key.get(), &ptr);    assert (size <= 33);    (void) size;}

/* * Computes GOST R 34.10-2001 public key * or GOST R 34.10-2012 public key * */int gost_ec_compute_public(EC_KEY *ec){    const EC_GROUP *group = (ec) ? EC_KEY_get0_group(ec) : NULL;    EC_POINT *pub_key = NULL;    const BIGNUM *priv_key = NULL;    BN_CTX *ctx = NULL;    int ok = 0;    if (!group) {        GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, GOST_R_KEY_IS_NOT_INITIALIZED);        return 0;    }    ctx = BN_CTX_new();    if (!ctx) {        GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);        return 0;    }    BN_CTX_start(ctx);    priv_key = EC_KEY_get0_private_key(ec);    if (!priv_key) {        GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_EC_LIB);        goto err;    }    pub_key = EC_POINT_new(group);    if (!pub_key) {        GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);        goto err;    }    if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx)) {        GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_EC_LIB);        goto err;    }    if (!EC_KEY_set_public_key(ec, pub_key)) {        GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_EC_LIB);        goto err;    }    ok = 1; err:    if (pub_key)        EC_POINT_free(pub_key);    BN_CTX_end(ctx);    BN_CTX_free(ctx);    return ok;}

openssl::Key BackendOpenSsl::internal_private_key(const ecdsa256::PrivateKey& generic) const{    openssl::Key key(NID_X9_62_prime256v1);    openssl::BigNumber prv(generic.key);    EC_KEY_set_private_key(key, prv);    // OpenSSL requires public key, so we recreate it from private key    openssl::BigNumberContext ctx;    const EC_GROUP* group = EC_KEY_get0_group(key);    openssl::Point pub(group);    openssl::check(EC_POINT_mul(group, pub, prv, nullptr, nullptr, ctx));    EC_KEY_set_public_key(key, pub);    openssl::check(EC_KEY_check_key(key));    return key;}

//    public_key public_key::mult( const fc::sha256& digest ) const//    {//        // get point from this public key//        const EC_POINT* master_pub   = EC_KEY_get0_public_key( my->_key );//        ec_group group(EC_GROUP_new_by_curve_name(NID_secp256k1));////        ssl_bignum z;//        BN_bin2bn((unsigned char*)&digest, sizeof(digest), z);////        // multiply by digest//        ssl_bignum one;//        BN_one(one);//        bn_ctx ctx(BN_CTX_new());////        ec_point result(EC_POINT_new(group));//        EC_POINT_mul(group, result, z, master_pub, one, ctx);////        public_key rtn;//        rtn.my->_key = EC_KEY_new_by_curve_name( NID_secp256k1 );//        EC_KEY_set_public_key(rtn.my->_key,result);////        return rtn;//    }    public_key public_key::add( const fc::sha256& digest )const    {      try {        ec_group group(EC_GROUP_new_by_curve_name(NID_secp256k1));        bn_ctx ctx(BN_CTX_new());        fc::bigint digest_bi( (char*)&digest, sizeof(digest) );        ssl_bignum order;        EC_GROUP_get_order(group, order, ctx);        if( digest_bi > fc::bigint(order) )        {          FC_THROW_EXCEPTION( exception, "digest > group order" );        }        public_key digest_key = private_key::regenerate(digest).get_public_key();        const EC_POINT* digest_point   = EC_KEY_get0_public_key( digest_key.my->_key );        // get point from this public key        const EC_POINT* master_pub   = EC_KEY_get0_public_key( my->_key );//        ssl_bignum z;//        BN_bin2bn((unsigned char*)&digest, sizeof(digest), z);        // multiply by digest//        ssl_bignum one;//        BN_one(one);        ec_point result(EC_POINT_new(group));        EC_POINT_add(group, result, digest_point, master_pub, ctx);        if (EC_POINT_is_at_infinity(group, result))        {          FC_THROW_EXCEPTION( exception, "point at  infinity" );        }        public_key rtn;        rtn.my->_key = EC_KEY_new_by_curve_name( NID_secp256k1 );        EC_KEY_set_public_key(rtn.my->_key,result);        return rtn;      } FC_RETHROW_EXCEPTIONS( debug, "digest: ${digest}", ("digest",digest) );    }

int main(int argc, char **argv){	unsigned char ecprot[128];	unsigned char pbuf[1024];	EC_KEY *pkey;	EC_POINT *ptnew, *ptmpk, *ptz;	BIGNUM z;	unsigned char *pend = (unsigned char *) pbuf, *px;	unsigned char hash1[32], hashz[32];	int n, zlen;		if(argc < 3) {		printf("Usage: %s <mpk> <seq>/n", argv[0]);		exit(1);		}	OpenSSL_add_all_algorithms();		strcpy(pbuf, argv[2]);	strcat(pbuf, ":0:");	zlen = strlen(pbuf);	px = pbuf + zlen;	for(n=0; n < 64; n++)		px[n] = hex(argv[1][n*2])*16 + hex(argv[1][n*2+1]);	SHA256(pbuf, zlen+64, hash1);	SHA256(hash1, sizeof(hash1), hashz);	BN_init(&z);	BN_bin2bn(hashz, 32, &z);		pkey = EC_KEY_new_by_curve_name(NID_secp256k1);	ptmpk = EC_POINT_new(EC_KEY_get0_group(pkey));	pbuf[zlen-1] = 0x04;	EC_POINT_oct2point(EC_KEY_get0_group(pkey), ptmpk, pbuf+zlen-1, 65, NULL);	ptz = EC_POINT_new(EC_KEY_get0_group(pkey));	EC_POINT_mul(EC_KEY_get0_group(pkey), ptz, NULL, EC_GROUP_get0_generator(EC_KEY_get0_group(pkey)), &z, NULL);	ptnew = EC_POINT_new(EC_KEY_get0_group(pkey));	EC_POINT_add(EC_KEY_get0_group(pkey), ptnew, ptmpk, ptz, NULL);	EC_KEY_set_public_key(pkey, ptnew);	i2o_ECPublicKey(pkey, &pend);	b58encode_address(EC_KEY_get0_public_key(pkey), EC_KEY_get0_group(pkey), 0, ecprot);	printf("%s/n", ecprot);}

int VNEcdsa_ORG_LoadPubKey( VNAsymCryptCtx_t * ctx,	const struct vn_iovec * hexPubKey ){	EC_POINT * point = NULL;	VNEcdsa_ORG_Ctx_t * orgCtx = VN_CONTAINER_OF( ctx, VNEcdsa_ORG_Ctx_t, mCtx );	assert( VN_TYPE_VNEcdsaSign_ORG == ctx->mType );	point = EC_POINT_new( EC_KEY_get0_group( orgCtx->mEcKey ) );	EC_POINT_hex2point( EC_KEY_get0_group( orgCtx->mEcKey ), hexPubKey->i.iov_base,		point, NULL );	EC_KEY_set_public_key( orgCtx->mEcKey, point );	EC_POINT_free( point );	return 0;}

/* *  call-seq: *     key.public_key = ec_point * *  See the OpenSSL documentation for EC_KEY_set_public_key() */static VALUE ossl_ec_key_set_public_key(VALUE self, VALUE public_key){    EC_KEY *ec;    EC_POINT *point = NULL;    Require_EC_KEY(self, ec);    if (!NIL_P(public_key))        SafeRequire_EC_POINT(public_key, point);    switch (EC_KEY_set_public_key(ec, point)) {    case 1:        break;    case 0:        if (point == NULL)            break;    default:        ossl_raise(eECError, "EC_KEY_set_public_key");    }    return public_key;}

int pki_pubkey_build_ecdsa(ssh_key key, int nid, ssh_string e){    EC_POINT *p;    const EC_GROUP *g;    int ok;    key->ecdsa_nid = nid;    key->type_c = pki_key_ecdsa_nid_to_name(nid);    key->ecdsa = EC_KEY_new_by_curve_name(key->ecdsa_nid);    if (key->ecdsa == NULL) {        return -1;    }    g = EC_KEY_get0_group(key->ecdsa);    p = EC_POINT_new(g);    if (p == NULL) {        return -1;    }    ok = EC_POINT_oct2point(g,                            p,                            ssh_string_data(e),                            ssh_string_len(e),                            NULL);    if (!ok) {        EC_POINT_free(p);        return -1;    }    /* EC_KEY_set_public_key duplicates p */    ok = EC_KEY_set_public_key(key->ecdsa, p);    EC_POINT_free(p);    if (!ok) {        return -1;    }    return 0;}

bool CECKey::TweakPublic(const unsigned char vchTweak[32]) {    bool ret = true;    BN_CTX *ctx = BN_CTX_new();    BN_CTX_start(ctx);    BIGNUM *bnTweak = BN_CTX_get(ctx);    BIGNUM *bnOrder = BN_CTX_get(ctx);    BIGNUM *bnOne = BN_CTX_get(ctx);    const EC_GROUP *group = EC_KEY_get0_group(pkey);    EC_GROUP_get_order(group, bnOrder, ctx); // what a grossly inefficient way to get the (constant) group order...    BN_bin2bn(vchTweak, 32, bnTweak);    if (BN_cmp(bnTweak, bnOrder) >= 0)        ret = false; // extremely unlikely    EC_POINT *point = EC_POINT_dup(EC_KEY_get0_public_key(pkey), group);    BN_one(bnOne);    EC_POINT_mul(group, point, bnTweak, point, bnOne, ctx);    if (EC_POINT_is_at_infinity(group, point))        ret = false; // ridiculously unlikely    EC_KEY_set_public_key(pkey, point);    EC_POINT_free(point);    BN_CTX_end(ctx);    BN_CTX_free(ctx);    return ret;}

// Get the AlphaCrypt default PEER public KeyEC_POINT * CAlphaCrypt::GetAlphaCryptPublicKey() {	EC_KEY * lpPublicCurve = NULL;				// Curve that contains the public key	EC_POINT * pubKey = NULL;					// Public key generated from the 2 coordinates	const LPSTR XCoordHex = "46668077A4449322CA896BD64901DE333156B6FEAE75ABE5D4922A039B3CD013";	const LPSTR YCoordHex = "304AB8B3F15F498094F14058A1D1EBE823BEF512D44210CC50BBD94128D2CD05";	BIGNUM * pBnX = NULL, * pBnY = NULL;	int iRet = 0;	// Allocate the 2 points structures	pBnX = BN_new(); pBnY = BN_new();	// Get X and Y Coordinate	BN_hex2bn(&pBnX, XCoordHex);	BN_hex2bn(&pBnY, YCoordHex);	// Create the curve that contains the public key 	lpPublicCurve = EC_KEY_new_by_curve_name(NID_secp256k1);	// Create the generator 	pubKey = EC_POINT_new(lpPublicCurve->group);	// Generate the Public key and verify it	EC_POINT_set_affine_coordinates_GFp(lpPublicCurve->group, pubKey, pBnX, pBnY, NULL);	EC_KEY_set_public_key(lpPublicCurve, pubKey);	iRet = EC_KEY_check_key(lpPublicCurve);	// Cleanup	EC_KEY_free(lpPublicCurve);	BN_free(pBnX); BN_free(pBnY);	if (iRet)		return pubKey;	else 		EC_POINT_free(pubKey);	return NULL;}

// Perform ECDSA key recovery (see SEC1 4.1.6) for curves over (mod p)-fields// recid selects which key is recovered// if check is nonzero, additional checks are performedint ECDSA_SIG_recover_key_GFp(EC_KEY *eckey, ECDSA_SIG *ecsig, const unsigned char *msg, int msglen, int recid, int check){    if (!eckey) return 0;    int ret = 0;    BN_CTX *ctx = NULL;    BIGNUM *x = NULL;    BIGNUM *e = NULL;    BIGNUM *order = NULL;    BIGNUM *sor = NULL;    BIGNUM *eor = NULL;    BIGNUM *field = NULL;    EC_POINT *R = NULL;    EC_POINT *O = NULL;    EC_POINT *Q = NULL;    BIGNUM *rr = NULL;    BIGNUM *zero = NULL;    int n = 0;    int i = recid / 2;    const EC_GROUP *group = EC_KEY_get0_group(eckey);    if ((ctx = BN_CTX_new()) == NULL) { ret = -1; goto err; }    BN_CTX_start(ctx);    order = BN_CTX_get(ctx);    if (!EC_GROUP_get_order(group, order, ctx)) { ret = -2; goto err; }    x = BN_CTX_get(ctx);    if (!BN_copy(x, order)) { ret=-1; goto err; }    if (!BN_mul_word(x, i)) { ret=-1; goto err; }    if (!BN_add(x, x, ecsig->r)) { ret=-1; goto err; }    field = BN_CTX_get(ctx);    if (!EC_GROUP_get_curve_GFp(group, field, NULL, NULL, ctx)) { ret=-2; goto err; }    if (BN_cmp(x, field) >= 0) { ret=0; goto err; }    if ((R = EC_POINT_new(group)) == NULL) { ret = -2; goto err; }    if (!EC_POINT_set_compressed_coordinates_GFp(group, R, x, recid % 2, ctx)) { ret=0; goto err; }    if (check)    {        if ((O = EC_POINT_new(group)) == NULL) { ret = -2; goto err; }        if (!EC_POINT_mul(group, O, NULL, R, order, ctx)) { ret=-2; goto err; }        if (!EC_POINT_is_at_infinity(group, O)) { ret = 0; goto err; }    }    if ((Q = EC_POINT_new(group)) == NULL) { ret = -2; goto err; }    n = EC_GROUP_get_degree(group);    e = BN_CTX_get(ctx);    if (!BN_bin2bn(msg, msglen, e)) { ret=-1; goto err; }    if (8*msglen > n) BN_rshift(e, e, 8-(n & 7));    zero = BN_CTX_get(ctx);    if (!BN_zero(zero)) { ret=-1; goto err; }    if (!BN_mod_sub(e, zero, e, order, ctx)) { ret=-1; goto err; }    rr = BN_CTX_get(ctx);    if (!BN_mod_inverse(rr, ecsig->r, order, ctx)) { ret=-1; goto err; }    sor = BN_CTX_get(ctx);    if (!BN_mod_mul(sor, ecsig->s, rr, order, ctx)) { ret=-1; goto err; }    eor = BN_CTX_get(ctx);    if (!BN_mod_mul(eor, e, rr, order, ctx)) { ret=-1; goto err; }    if (!EC_POINT_mul(group, Q, eor, R, sor, ctx)) { ret=-2; goto err; }    if (!EC_KEY_set_public_key(eckey, Q)) { ret=-2; goto err; }    ret = 1;err:    if (ctx) {        BN_CTX_end(ctx);        BN_CTX_free(ctx);    }    if (R != NULL) EC_POINT_free(R);    if (O != NULL) EC_POINT_free(O);    if (Q != NULL) EC_POINT_free(Q);    return ret;}

//.........这里部分代码省略.........      plen = param->value.sequence->length;      if (!(eckey = d2i_ECParameters(NULL, &cp, plen)))      {        EVPerr(EVP_F_EVP_PKCS82PKEY,          EVP_R_DECODE_ERROR);        goto ecerr;      }    }    else    {      EC_GROUP *group;      cp = p = param->value.object->data;      plen = param->value.object->length;      /* type == V_ASN1_OBJECT => the parameters are given       * by an asn1 OID       */      if ((eckey = EC_KEY_new()) == NULL)      {        EVPerr(EVP_F_EVP_PKCS82PKEY,          ERR_R_MALLOC_FAILURE);        goto ecerr;      }      group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object));      if (group == NULL)        goto ecerr;      EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);      if (EC_KEY_set_group(eckey, group) == 0)        goto ecerr;      EC_GROUP_free(group);    }    /* We have parameters now set private key */    if (!d2i_ECPrivateKey(&eckey, &p_tmp, pkeylen))    {      EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_DECODE_ERROR);      goto ecerr;    }    /* calculate public key (if necessary) */    if (EC_KEY_get0_public_key(eckey) == NULL)    {      const BIGNUM *priv_key;      const EC_GROUP *group;      EC_POINT *pub_key;      /* the public key was not included in the SEC1 private       * key => calculate the public key */      group   = EC_KEY_get0_group(eckey);      pub_key = EC_POINT_new(group);      if (pub_key == NULL)      {        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);        goto ecerr;      }      if (!EC_POINT_copy(pub_key, EC_GROUP_get0_generator(group)))      {        EC_POINT_free(pub_key);        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);        goto ecerr;      }      priv_key = EC_KEY_get0_private_key(eckey);      if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx))      {        EC_POINT_free(pub_key);        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);        goto ecerr;      }      if (EC_KEY_set_public_key(eckey, pub_key) == 0)      {        EC_POINT_free(pub_key);        EVPerr(EVP_F_EVP_PKCS82PKEY, ERR_R_EC_LIB);        goto ecerr;      }      EC_POINT_free(pub_key);    }    EVP_PKEY_assign_EC_KEY(pkey, eckey);    if (ctx)      BN_CTX_free(ctx);    break;ecerr:    if (ctx)      BN_CTX_free(ctx);    if (eckey)      EC_KEY_free(eckey);    if (pkey)      EVP_PKEY_free(pkey);    return NULL;#endif    default:    EVPerr(EVP_F_EVP_PKCS82PKEY, EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM);    if (!a->algorithm) BUF_strlcpy (obj_tmp, "NULL", sizeof obj_tmp);    else i2t_ASN1_OBJECT(obj_tmp, 80, a->algorithm);    ERR_add_error_data(2, "TYPE=", obj_tmp);    EVP_PKEY_free (pkey);    return NULL;  }  return pkey;}

Key *key_private_deserialize(buffer_t *blob){	int success = 0;	char *type_name = NULL;	Key *k = NULL;	unsigned int pklen, sklen;	int type;	type_name = buffer_get_string_msg(blob, NULL);	if (type_name == NULL)		goto error;	type = get_keytype_from_name(type_name);	k = key_new_private(type);	switch (type) {		case KEY_RSA:			buffer_get_bignum2_msg(blob, k->rsa->n);			buffer_get_bignum2_msg(blob, k->rsa->e);			buffer_get_bignum2_msg(blob, k->rsa->d);			buffer_get_bignum2_msg(blob, k->rsa->iqmp);			buffer_get_bignum2_msg(blob, k->rsa->p);			buffer_get_bignum2_msg(blob, k->rsa->q);			/* Generate additional parameters */			rsa_generate_additional_parameters(k->rsa);			break;		case KEY_DSA:			buffer_get_bignum2_msg(blob, k->dsa->p);			buffer_get_bignum2_msg(blob, k->dsa->q);			buffer_get_bignum2_msg(blob, k->dsa->g);			buffer_get_bignum2_msg(blob, k->dsa->pub_key);			buffer_get_bignum2_msg(blob, k->dsa->priv_key);			break;		case KEY_ECDSA256:		case KEY_ECDSA384:		case KEY_ECDSA521:			{			int success = 0;			unsigned int nid;			char *curve = NULL;			ssh_keytype skt;			BIGNUM *exponent = NULL;			EC_POINT *q = NULL;			nid = keytype_to_cipher_nid(type);			curve = buffer_get_string_msg(blob, NULL);			skt = key_curve_name_to_keytype(curve);			if (nid != keytype_to_cipher_nid(skt))				goto ecdsa_error;			k->ecdsa = EC_KEY_new_by_curve_name(nid);			if (k->ecdsa == NULL)				goto ecdsa_error;			q = EC_POINT_new(EC_KEY_get0_group(k->ecdsa));			if (q == NULL)				goto ecdsa_error;			if ((exponent = BN_new()) == NULL)				goto ecdsa_error;			buffer_get_ecpoint_msg(blob,				EC_KEY_get0_group(k->ecdsa), q);			buffer_get_bignum2_msg(blob, exponent);			if (EC_KEY_set_public_key(k->ecdsa, q) != 1)				goto ecdsa_error;			if (EC_KEY_set_private_key(k->ecdsa, exponent) != 1)				goto ecdsa_error;			if (key_ec_validate_public(EC_KEY_get0_group(k->ecdsa),				EC_KEY_get0_public_key(k->ecdsa)) != 0)				goto ecdsa_error;			if (key_ec_validate_private(k->ecdsa) != 0)				goto ecdsa_error;			success = 1;ecdsa_error:			free(curve);			if (exponent)				BN_clear_free(exponent);			if (q)				EC_POINT_free(q);			if (success == 0)				goto error;			}			break;		case KEY_ED25519:			k->ed25519_pk = buffer_get_string_msg(blob, &pklen);			k->ed25519_sk = buffer_get_string_msg(blob, &sklen);			if (pklen != ED25519_PK_SZ) 				goto error;			if (sklen != ED25519_SK_SZ)				goto error;			break;		default:			goto error;//.........这里部分代码省略.........