Merge pull request #187 from libtom/pr/ecc-asn1-part

ECC-step3: extra import/export (ASN.1 related)

libtomcrypt_VS2008.vcproj

@@ -2278,6 +2278,10 @@
 					RelativePath="src\pk\ecc\ecc_export.c"
 					>
 				</File>
+				<File
+					RelativePath="src\pk\ecc\ecc_export_openssl.c"
+					>
+				</File>
 				<File
 					RelativePath="src\pk\ecc\ecc_free.c"
 					>
@@ -2302,6 +2306,14 @@
 					RelativePath="src\pk\ecc\ecc_import.c"
 					>
 				</File>
+				<File
+					RelativePath="src\pk\ecc\ecc_import_openssl.c"
+					>
+				</File>
+				<File
+					RelativePath="src\pk\ecc\ecc_import_x509.c"
+					>
+				</File>
 				<File
 					RelativePath="src\pk\ecc\ecc_make_key.c"
 					>

makefile.mingw

@@ -177,11 +177,12 @@ src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o
 src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
 src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
 src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
-src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o \
-src/pk/ecc/ecc_get_oid_str.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
-src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o src/pk/ecc/ecc_set_dp_internal.o \
-src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
-src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_openssl.o src/pk/ecc/ecc_free.o \
+src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o src/pk/ecc/ecc_get_oid_str.o \
+src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_openssl.o \
+src/pk/ecc/ecc_import_x509.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o \
+src/pk/ecc/ecc_set_dp_internal.o src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o \
+src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
 src/pk/ecc/ltc_ecc_export_point.o src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \
 src/pk/ecc/ltc_ecc_is_point_at_infinity.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
 src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \

makefile.msvc

@@ -170,11 +170,12 @@ src/pk/dsa/dsa_make_key.obj src/pk/dsa/dsa_set.obj src/pk/dsa/dsa_set_pqg_dsapar
 src/pk/dsa/dsa_shared_secret.obj src/pk/dsa/dsa_sign_hash.obj src/pk/dsa/dsa_verify_hash.obj \
 src/pk/dsa/dsa_verify_key.obj src/pk/ecc/ecc.obj src/pk/ecc/ecc_ansi_x963_export.obj \
 src/pk/ecc/ecc_ansi_x963_import.obj src/pk/ecc/ecc_decrypt_key.obj src/pk/ecc/ecc_encrypt_key.obj \
-src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_free.obj src/pk/ecc/ecc_get_curve.obj src/pk/ecc/ecc_get_key.obj \
-src/pk/ecc/ecc_get_oid_str.obj src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj \
-src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_set_dp.obj src/pk/ecc/ecc_set_dp_internal.obj \
-src/pk/ecc/ecc_set_key.obj src/pk/ecc/ecc_shared_secret.obj src/pk/ecc/ecc_sign_hash.obj \
-src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
+src/pk/ecc/ecc_export.obj src/pk/ecc/ecc_export_openssl.obj src/pk/ecc/ecc_free.obj \
+src/pk/ecc/ecc_get_curve.obj src/pk/ecc/ecc_get_key.obj src/pk/ecc/ecc_get_oid_str.obj \
+src/pk/ecc/ecc_get_size.obj src/pk/ecc/ecc_import.obj src/pk/ecc/ecc_import_openssl.obj \
+src/pk/ecc/ecc_import_x509.obj src/pk/ecc/ecc_make_key.obj src/pk/ecc/ecc_set_dp.obj \
+src/pk/ecc/ecc_set_dp_internal.obj src/pk/ecc/ecc_set_key.obj src/pk/ecc/ecc_shared_secret.obj \
+src/pk/ecc/ecc_sign_hash.obj src/pk/ecc/ecc_sizes.obj src/pk/ecc/ecc_test.obj src/pk/ecc/ecc_verify_hash.obj \
 src/pk/ecc/ltc_ecc_export_point.obj src/pk/ecc/ltc_ecc_import_point.obj src/pk/ecc/ltc_ecc_is_point.obj \
 src/pk/ecc/ltc_ecc_is_point_at_infinity.obj src/pk/ecc/ltc_ecc_map.obj src/pk/ecc/ltc_ecc_mul2add.obj \
 src/pk/ecc/ltc_ecc_mulmod.obj src/pk/ecc/ltc_ecc_mulmod_timing.obj src/pk/ecc/ltc_ecc_points.obj \

makefile.unix

@@ -187,11 +187,12 @@ src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o
 src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
 src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
 src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
-src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o \
-src/pk/ecc/ecc_get_oid_str.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
-src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o src/pk/ecc/ecc_set_dp_internal.o \
-src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
-src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_openssl.o src/pk/ecc/ecc_free.o \
+src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o src/pk/ecc/ecc_get_oid_str.o \
+src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_openssl.o \
+src/pk/ecc/ecc_import_x509.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o \
+src/pk/ecc/ecc_set_dp_internal.o src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o \
+src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
 src/pk/ecc/ltc_ecc_export_point.o src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \
 src/pk/ecc/ltc_ecc_is_point_at_infinity.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
 src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \

makefile_include.mk

@@ -347,11 +347,12 @@ src/pk/dsa/dsa_make_key.o src/pk/dsa/dsa_set.o src/pk/dsa/dsa_set_pqg_dsaparam.o
 src/pk/dsa/dsa_shared_secret.o src/pk/dsa/dsa_sign_hash.o src/pk/dsa/dsa_verify_hash.o \
 src/pk/dsa/dsa_verify_key.o src/pk/ecc/ecc.o src/pk/ecc/ecc_ansi_x963_export.o \
 src/pk/ecc/ecc_ansi_x963_import.o src/pk/ecc/ecc_decrypt_key.o src/pk/ecc/ecc_encrypt_key.o \
-src/pk/ecc/ecc_export.o src/pk/ecc/ecc_free.o src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o \
-src/pk/ecc/ecc_get_oid_str.o src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o \
-src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o src/pk/ecc/ecc_set_dp_internal.o \
-src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o src/pk/ecc/ecc_sign_hash.o \
-src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
+src/pk/ecc/ecc_export.o src/pk/ecc/ecc_export_openssl.o src/pk/ecc/ecc_free.o \
+src/pk/ecc/ecc_get_curve.o src/pk/ecc/ecc_get_key.o src/pk/ecc/ecc_get_oid_str.o \
+src/pk/ecc/ecc_get_size.o src/pk/ecc/ecc_import.o src/pk/ecc/ecc_import_openssl.o \
+src/pk/ecc/ecc_import_x509.o src/pk/ecc/ecc_make_key.o src/pk/ecc/ecc_set_dp.o \
+src/pk/ecc/ecc_set_dp_internal.o src/pk/ecc/ecc_set_key.o src/pk/ecc/ecc_shared_secret.o \
+src/pk/ecc/ecc_sign_hash.o src/pk/ecc/ecc_sizes.o src/pk/ecc/ecc_test.o src/pk/ecc/ecc_verify_hash.o \
 src/pk/ecc/ltc_ecc_export_point.o src/pk/ecc/ltc_ecc_import_point.o src/pk/ecc/ltc_ecc_is_point.o \
 src/pk/ecc/ltc_ecc_is_point_at_infinity.o src/pk/ecc/ltc_ecc_map.o src/pk/ecc/ltc_ecc_mul2add.o \
 src/pk/ecc/ltc_ecc_mulmod.o src/pk/ecc/ltc_ecc_mulmod_timing.o src/pk/ecc/ltc_ecc_points.o \

src/headers/tomcrypt_pk.h

@@ -270,6 +270,10 @@ int ecc_ansi_x963_export(const ecc_key *key, unsigned char *out, unsigned long *
 int ecc_ansi_x963_import(const unsigned char *in, unsigned long inlen, ecc_key *key);
 int ecc_ansi_x963_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, const ltc_ecc_curve *cu);
 
+int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key);
+int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key);
+int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key);
+
 int  ecc_shared_secret(const ecc_key *private_key, const ecc_key *public_key,
                        unsigned char *out, unsigned long *outlen);
 

src/headers/tomcrypt_private.h

@@ -195,6 +195,7 @@ int dh_check_pubkey(const dh_key *key);
 int ecc_set_dp_from_mpis(void *a, void *b, void *prime, void *order, void *gx, void *gy, unsigned long cofactor, ecc_key *key);
 int ecc_copy_dp(const ecc_key *srckey, ecc_key *key);
 int ecc_set_dp_by_size(int size, ecc_key *key);
+int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key);
 
 /* low level functions */
 ecc_point *ltc_ecc_new_point(void);

src/misc/pk_get_oid.c

@@ -19,6 +19,16 @@ static const oid_st dsa_oid = {
    6,
 };
 
+static const oid_st ec_oid = {
+   { 1, 2, 840, 10045, 2, 1 },
+   6,
+};
+
+static const oid_st ec_primef = {
+   { 1, 2, 840, 10045, 1, 1 },
+   6,
+};
+
 /*
    Returns the OID of the public key algorithm.
    @return CRYPT_OK if valid
@@ -32,6 +42,12 @@ int pk_get_oid(int pk, oid_st *st)
       case PKA_DSA:
          XMEMCPY(st, &dsa_oid, sizeof(*st));
          break;
+      case PKA_EC:
+         XMEMCPY(st, &ec_oid, sizeof(*st));
+         break;
+      case PKA_EC_PRIMEF:
+         XMEMCPY(st, &ec_primef, sizeof(*st));
+         break;
       default:
          return CRYPT_INVALID_ARG;
    }

src/pk/ecc/ecc_export_openssl.c

@@ -0,0 +1,170 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt_private.h"
+
+#ifdef LTC_MECC
+
+/**
+  Export an ECC key as a binary packet
+  @param out     [out] Destination for the key
+  @param outlen  [in/out] Max size and resulting size of the exported key
+  @param type    The type of key you want to export (PK_PRIVATE or PK_PUBLIC)
+  @param key     The key to export
+  @return CRYPT_OK if successful
+*/
+
+int ecc_export_openssl(unsigned char *out, unsigned long *outlen, int type, const ecc_key *key)
+{
+   int           err;
+   void *prime, *order, *a, *b, *gx, *gy;
+   unsigned char bin_a[256], bin_b[256], bin_k[256], bin_g[512], bin_xy[512];
+   unsigned long len_a, len_b, len_k, len_g, len_xy;
+   unsigned long cofactor, one = 1;
+   oid_st oid;
+   ltc_asn1_list seq_fieldid[2], seq_curve[2], seq_ecparams[6], seq_priv[4], pub_xy, ecparams;
+   int flag_oid = type & PK_CURVEOID ? 1 : 0;
+   int flag_com = type & PK_COMPRESSED ? 1 : 0;
+   int flag_pri = type & PK_PRIVATE ? 1 : 0;
+
+   LTC_ARGCHK(out    != NULL);
+   LTC_ARGCHK(outlen != NULL);
+   LTC_ARGCHK(key    != NULL);
+
+   if (key->type != PK_PRIVATE && flag_pri) return CRYPT_PK_TYPE_MISMATCH;
+
+   prime = key->dp.prime;
+   order = key->dp.order;
+   b     = key->dp.B;
+   a     = key->dp.A;
+   gx    = key->dp.base.x;
+   gy    = key->dp.base.y;
+
+   /* curve param a */
+   len_a = mp_unsigned_bin_size(a);
+   if (len_a > sizeof(bin_a))                                   { err = CRYPT_BUFFER_OVERFLOW; goto error; }
+   if ((err = mp_to_unsigned_bin(a, bin_a)) != CRYPT_OK)        { goto error; }
+   if (len_a == 0) { len_a = 1; bin_a[0] = 0; } /* handle case a == 0 */
+
+   /* curve param b */
+   len_b = mp_unsigned_bin_size(b);
+   if (len_b > sizeof(bin_b))                                   { err = CRYPT_BUFFER_OVERFLOW; goto error; }
+   if ((err = mp_to_unsigned_bin(b, bin_b)) != CRYPT_OK)        { goto error; }
+   if (len_b == 0) { len_b = 1; bin_b[0] = 0; } /* handle case b == 0 */
+
+   /* base point - (un)compressed based on flag_com */
+   len_g = sizeof(bin_g);
+   err = ltc_ecc_export_point(bin_g, &len_g, gx, gy, key->dp.size, flag_com);
+   if (err != CRYPT_OK)                                         { goto error; }
+
+   /* public key - (un)compressed based on flag_com */
+   len_xy = sizeof(bin_xy);
+   err = ltc_ecc_export_point(bin_xy, &len_xy, key->pubkey.x, key->pubkey.y, key->dp.size, flag_com);
+   if (err != CRYPT_OK)                                         { goto error; }
+
+   /* co-factor */
+   cofactor = key->dp.cofactor;
+
+   /* we support only prime-field EC */
+   if ((err = pk_get_oid(PKA_EC_PRIMEF, &oid)) != CRYPT_OK)     { goto error; }
+
+   if (flag_oid) {
+      /* http://tools.ietf.org/html/rfc5912
+         ECParameters ::= CHOICE {
+           namedCurve      CURVE.&id({NamedCurve})                # OBJECT
+         }
+      */
+      if (key->dp.oidlen == 0)                                  { err = CRYPT_INVALID_ARG; goto error; }
+      LTC_SET_ASN1(&ecparams, 0, LTC_ASN1_OBJECT_IDENTIFIER, key->dp.oid, key->dp.oidlen);
+   }
+   else {
+      /* http://tools.ietf.org/html/rfc3279
+         ECParameters ::= SEQUENCE {                              # SEQUENCE
+           version         INTEGER { ecpVer1(1) } (ecpVer1)       # INTEGER       :01
+           FieldID ::= SEQUENCE {                                 # SEQUENCE
+             fieldType       FIELD-ID.&id({IOSet}),               # OBJECT        :prime-field
+             parameters      FIELD-ID.&Type({IOSet}{@fieldType})  # INTEGER
+           }
+           Curve ::= SEQUENCE {                                   # SEQUENCE
+             a               FieldElement ::= OCTET STRING        # OCTET STRING
+             b               FieldElement ::= OCTET STRING        # OCTET STRING
+             seed            BIT STRING      OPTIONAL
+           }
+           base            ECPoint ::= OCTET STRING               # OCTET STRING
+           order           INTEGER,                               # INTEGER
+           cofactor        INTEGER OPTIONAL                       # INTEGER
+         }
+      */
+
+      /* FieldID SEQUENCE */
+      LTC_SET_ASN1(seq_fieldid,  0, LTC_ASN1_OBJECT_IDENTIFIER, oid.OID,     oid.OIDlen);
+      LTC_SET_ASN1(seq_fieldid,  1, LTC_ASN1_INTEGER,           prime,       1UL);
+
+      /* Curve SEQUENCE */
+      LTC_SET_ASN1(seq_curve,    0, LTC_ASN1_OCTET_STRING,      bin_a,       len_a);
+      LTC_SET_ASN1(seq_curve,    1, LTC_ASN1_OCTET_STRING,      bin_b,       len_b);
+
+      /* ECParameters SEQUENCE */
+      LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER,     &one,        1UL);
+      LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE,          seq_fieldid, 2UL);
+      LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE,          seq_curve,   2UL);
+      LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING,      bin_g,       len_g);
+      LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER,           order,       1UL);
+      LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER,     &cofactor,   1UL);
+
+      /* ECParameters used by ECPrivateKey or SubjectPublicKeyInfo below */
+      LTC_SET_ASN1(&ecparams,    0, LTC_ASN1_SEQUENCE, seq_ecparams, 6UL);
+   }
+
+   if (flag_pri) {
+      /* http://tools.ietf.org/html/rfc5915
+         ECPrivateKey ::= SEQUENCE {                                    # SEQUENCE
+           version        INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1)  # INTEGER       :01
+           privateKey     OCTET STRING,                                 # OCTET STRING
+           [0] ECParameters                                             # see above
+           [1] publicKey                                                # BIT STRING
+         }
+      */
+
+      /* private key */
+      len_k = mp_unsigned_bin_size(key->k);
+      if (len_k > sizeof(bin_k))                                        { err = CRYPT_BUFFER_OVERFLOW; goto error; }
+      if ((err = mp_to_unsigned_bin(key->k, bin_k)) != CRYPT_OK)        { goto error; }
+
+      LTC_SET_ASN1(&pub_xy,  0, LTC_ASN1_RAW_BIT_STRING, bin_xy, 8*len_xy);
+      LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER,  &one,   1);
+      LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING,   bin_k,  len_k);
+      LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, &ecparams); /* context specific 0 */
+      LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, &pub_xy);   /* context specific 1 */
+
+      err = der_encode_sequence(seq_priv, 4, out, outlen);
+   }
+   else {
+      /* http://tools.ietf.org/html/rfc5480
+         SubjectPublicKeyInfo ::= SEQUENCE  {                           # SEQUENCE
+           AlgorithmIdentifier ::= SEQUENCE  {                          # SEQUENCE
+             algorithm OBJECT IDENTIFIER                                # OBJECT        :id-ecPublicKey
+             ECParameters                                               # see above
+           }
+           subjectPublicKey  BIT STRING                                 # BIT STRING
+         }
+      */
+      err = x509_encode_subject_public_key_info( out, outlen, PKA_EC, bin_xy, len_xy,
+                                                 ecparams.type, ecparams.data, ecparams.size );
+   }
+
+error:
+   return err;
+}
+
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/ecc/ecc_import_openssl.c

@@ -0,0 +1,130 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+
+#include "tomcrypt_private.h"
+
+#ifdef LTC_MECC
+
+static int _ecc_import_private_with_oid(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   ltc_asn1_list seq_priv[4], custom[2];
+   unsigned char bin_xy[2*ECC_MAXSIZE+2], bin_k[ECC_MAXSIZE];
+   unsigned long len, pkver = 0, curveoid[16];
+   char OID[256];
+   const ltc_ecc_curve *curve;
+   int err;
+
+   /* ### try to load private key - no curve parameters just curve OID */
+
+   /* ECPrivateKey SEQUENCE */
+   LTC_SET_ASN1(custom,   0, LTC_ASN1_OBJECT_IDENTIFIER, curveoid, 16UL);
+   LTC_SET_ASN1(custom,   1, LTC_ASN1_RAW_BIT_STRING,    bin_xy,   8u*sizeof(bin_xy));
+   LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER,     &pkver,   1UL);
+   LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING,      bin_k,    sizeof(bin_k));
+   LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom);     /* context specific 0 */
+   LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */
+
+   /* try to load private key */
+   err = der_decode_sequence(in, inlen, seq_priv, 4);
+   if (err == CRYPT_OK) {
+      /* load curve parameters for given curve OID */
+      len = sizeof(OID);
+      if ((err = pk_oid_num_to_str(curveoid, custom[0].size, OID, &len)) != CRYPT_OK) { goto error; }
+      if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK)                             { goto error; }
+      if ((err = ecc_set_dp(curve, key)) != CRYPT_OK)                                 { goto error; }
+      /* load private+public key */
+      err = ecc_set_key(bin_k, seq_priv[1].size, PK_PRIVATE, key);
+   }
+error:
+   return err;
+}
+
+static int _ecc_import_private_with_curve(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   void *prime, *order, *a, *b, *gx, *gy;
+   ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6], seq_priv[4], custom[2];
+   unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE], bin_k[ECC_MAXSIZE];
+   unsigned char bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128];
+   unsigned long len_a, len_b, len_k, len_g;
+   unsigned long cofactor = 0, ecver = 0, pkver = 0, tmpoid[16];
+   int err;
+
+   if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* ### try to load private key - curve parameters included */
+
+   /* ECPrivateKey SEQUENCE */
+   LTC_SET_ASN1(custom,   0, LTC_ASN1_SEQUENCE,       seq_ecparams, 6UL);
+   LTC_SET_ASN1(custom,   1, LTC_ASN1_RAW_BIT_STRING, bin_xy,       8u*sizeof(bin_xy));
+   LTC_SET_ASN1(seq_priv, 0, LTC_ASN1_SHORT_INTEGER,  &pkver,       1UL);
+   LTC_SET_ASN1(seq_priv, 1, LTC_ASN1_OCTET_STRING,   bin_k,        sizeof(bin_k));
+   LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 2, LTC_ASN1_CL_CONTEXT_SPECIFIC, 0, custom);     /* context specific 0 */
+   LTC_SET_ASN1_CUSTOM_CONSTRUCTED(seq_priv, 3, LTC_ASN1_CL_CONTEXT_SPECIFIC, 1, custom + 1); /* context specific 1 */
+   /* ECParameters SEQUENCE */
+   LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER, &ecver,      1UL);
+   LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE,      seq_fieldid, 2UL);
+   LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE,      seq_curve,   3UL);
+   LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING,  bin_g,       sizeof(bin_g));
+   LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER,       order,       1UL);
+   LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER, &cofactor,   1UL);
+   seq_ecparams[5].optional = 1;
+   /* FieldID SEQUENCE */
+   LTC_SET_ASN1(seq_fieldid,  0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, 16UL);
+   LTC_SET_ASN1(seq_fieldid,  1, LTC_ASN1_INTEGER,           prime,  1UL);
+   /* Curve SEQUENCE */
+   LTC_SET_ASN1(seq_curve,    0, LTC_ASN1_OCTET_STRING,      bin_a,    sizeof(bin_a));
+   LTC_SET_ASN1(seq_curve,    1, LTC_ASN1_OCTET_STRING,      bin_b,    sizeof(bin_b));
+   LTC_SET_ASN1(seq_curve,    2, LTC_ASN1_RAW_BIT_STRING,    bin_seed, sizeof(bin_seed));
+   seq_curve[2].optional = 1;
+   /* try to load private key */
+   err = der_decode_sequence(in, inlen, seq_priv, 4);
+   if (err == CRYPT_OK) {
+      len_k  = seq_priv[1].size;
+      len_a  = seq_curve[0].size;
+      len_b  = seq_curve[1].size;
+      len_g  = seq_ecparams[3].size;
+      /* create bignums */
+      if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK)                           { goto error; }
+      if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK)                           { goto error; }
+      if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK)         { goto error; }
+      /* load curve parameters */
+      if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
+      /* load private+public key */
+      err = ecc_set_key(bin_k, len_k, PK_PRIVATE, key);
+   }
+error:
+   mp_clear_multi(prime, order, a, b, gx, gy, NULL);
+   return err;
+}
+
+int ecc_import_openssl(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   int err;
+
+   if ((err = ecc_import_subject_public_key_info(in, inlen, key)) == CRYPT_OK) {
+      goto success;
+   }
+
+   if ((err = _ecc_import_private_with_oid(in, inlen, key)) == CRYPT_OK) {
+      goto success;
+   }
+
+   err = _ecc_import_private_with_curve(in, inlen, key);
+
+success:
+   return err;
+}
+
+#endif
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

src/pk/ecc/ecc_import_x509.c

@@ -0,0 +1,152 @@
+/* LibTomCrypt, modular cryptographic library -- Tom St Denis
+ *
+ * LibTomCrypt is a library that provides various cryptographic
+ * algorithms in a highly modular and flexible manner.
+ *
+ * The library is free for all purposes without any express
+ * guarantee it works.
+ */
+#include "tomcrypt_private.h"
+
+#ifdef LTC_MECC
+
+static int _ecc_import_x509_with_oid(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   unsigned char bin_xy[2*ECC_MAXSIZE+2];
+   unsigned long curveoid[16];
+   unsigned long len_xy, len_oid, len;
+   char OID[256];
+   const ltc_ecc_curve *curve;
+   int err;
+
+   len_xy = sizeof(bin_xy);
+   len_oid = 16;
+   err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy,
+                                             LTC_ASN1_OBJECT_IDENTIFIER, (void *)curveoid, &len_oid);
+   if (err == CRYPT_OK) {
+      /* load curve parameters for given curve OID */
+      len = sizeof(OID);
+      if ((err = pk_oid_num_to_str(curveoid, len_oid, OID, &len)) != CRYPT_OK) { goto error; }
+      if ((err = ecc_get_curve(OID, &curve)) != CRYPT_OK)                      { goto error; }
+      if ((err = ecc_set_dp(curve, key)) != CRYPT_OK)                          { goto error; }
+      /* load public key */
+      err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key);
+   }
+error:
+   return err;
+}
+
+static int _ecc_import_x509_with_curve(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   void *prime, *order, *a, *b, *gx, *gy;
+   ltc_asn1_list seq_fieldid[2], seq_curve[3], seq_ecparams[6];
+   unsigned char bin_a[ECC_MAXSIZE], bin_b[ECC_MAXSIZE];
+   unsigned char bin_g[2*ECC_MAXSIZE+1], bin_xy[2*ECC_MAXSIZE+2], bin_seed[128];
+   unsigned long len_a, len_b, len_g, len_xy, len;
+   unsigned long cofactor = 0, ecver = 0, tmpoid[16];
+   int err;
+
+   if ((err = mp_init_multi(&prime, &order, &a, &b, &gx, &gy, NULL)) != CRYPT_OK) {
+      return err;
+   }
+
+   /* ECParameters SEQUENCE */
+   LTC_SET_ASN1(seq_ecparams, 0, LTC_ASN1_SHORT_INTEGER,     &ecver,      1UL);
+   LTC_SET_ASN1(seq_ecparams, 1, LTC_ASN1_SEQUENCE,          seq_fieldid, 2UL);
+   LTC_SET_ASN1(seq_ecparams, 2, LTC_ASN1_SEQUENCE,          seq_curve,   3UL);
+   LTC_SET_ASN1(seq_ecparams, 3, LTC_ASN1_OCTET_STRING,      bin_g,       sizeof(bin_g));
+   LTC_SET_ASN1(seq_ecparams, 4, LTC_ASN1_INTEGER,           order,       1UL);
+   LTC_SET_ASN1(seq_ecparams, 5, LTC_ASN1_SHORT_INTEGER,     &cofactor,   1UL);
+   seq_ecparams[5].optional = 1;
+   /* FieldID SEQUENCE */
+   LTC_SET_ASN1(seq_fieldid,  0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid,      16UL);
+   LTC_SET_ASN1(seq_fieldid,  1, LTC_ASN1_INTEGER,           prime,       1UL);
+   /* Curve SEQUENCE */
+   LTC_SET_ASN1(seq_curve,    0, LTC_ASN1_OCTET_STRING,      bin_a,       sizeof(bin_a));
+   LTC_SET_ASN1(seq_curve,    1, LTC_ASN1_OCTET_STRING,      bin_b,       sizeof(bin_b));
+   LTC_SET_ASN1(seq_curve,    2, LTC_ASN1_RAW_BIT_STRING,    bin_seed,    8u*sizeof(bin_seed));
+   seq_curve[2].optional = 1;
+   /* try to load public key */
+   len_xy = sizeof(bin_xy);
+   len = 6;
+   err = x509_decode_subject_public_key_info(in, inlen, PKA_EC, bin_xy, &len_xy, LTC_ASN1_SEQUENCE, seq_ecparams, &len);
+
+   if (err == CRYPT_OK) {
+      len_a = seq_curve[0].size;
+      len_b = seq_curve[1].size;
+      len_g = seq_ecparams[3].size;
+      /* create bignums */
+      if ((err = mp_read_unsigned_bin(a, bin_a, len_a)) != CRYPT_OK)                           { goto error; }
+      if ((err = mp_read_unsigned_bin(b, bin_b, len_b)) != CRYPT_OK)                           { goto error; }
+      if ((err = ltc_ecc_import_point(bin_g, len_g, prime, a, b, gx, gy)) != CRYPT_OK)         { goto error; }
+      /* load curve parameters */
+      if ((err = ecc_set_dp_from_mpis(a, b, prime, order, gx, gy, cofactor, key)) != CRYPT_OK) { goto error; }
+      /* load public key */
+      err = ecc_set_key(bin_xy, len_xy, PK_PUBLIC, key);
+   }
+error:
+   mp_clear_multi(prime, order, a, b, gx, gy, NULL);
+   return err;
+}
+
+int ecc_import_subject_public_key_info(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   int err;
+
+   if ((err = _ecc_import_x509_with_oid(in, inlen, key)) == CRYPT_OK) {
+      goto success;
+   }
+
+   err = _ecc_import_x509_with_curve(in, inlen, key);
+
+success:
+   return err;
+}
+
+/**
+  Import an ECC key from a X.509 certificate
+  @param in      The packet to import from
+  @param inlen   It's length (octets)
+  @param key     [out] Destination for newly imported key
+  @return CRYPT_OK if successful, upon error allocated memory is freed
+*/
+int ecc_import_x509(const unsigned char *in, unsigned long inlen, ecc_key *key)
+{
+   int           err;
+   unsigned long len;
+   ltc_asn1_list *decoded_list = NULL, *l;
+
+   LTC_ARGCHK(in  != NULL);
+   LTC_ARGCHK(key != NULL);
+
+   len = inlen;
+   if ((err = der_decode_sequence_flexi(in, &len, &decoded_list)) == CRYPT_OK) {
+      err = CRYPT_ERROR;
+      l = decoded_list;
+      if (l->type == LTC_ASN1_SEQUENCE &&
+          l->child && l->child->type == LTC_ASN1_SEQUENCE) {
+         l = l->child->child;
+         while (l) {
+            if (l->type == LTC_ASN1_SEQUENCE && l->data &&
+                l->child && l->child->type == LTC_ASN1_SEQUENCE &&
+                l->child->child && l->child->child->type == LTC_ASN1_OBJECT_IDENTIFIER &&
+                l->child->next && l->child->next->type == LTC_ASN1_BIT_STRING) {
+               err = ecc_import_subject_public_key_info(l->data, l->size, key);
+               goto LBL_DONE;
+            }
+            l = l->next;
+         }
+      }
+   }
+
+LBL_DONE:
+   if (decoded_list) der_free_sequence_flexi(decoded_list);
+   return err;
+}
+
+#endif /* LTC_MECC */
+
+
+/* ref:         $Format:%D$ */
+/* git commit:  $Format:%H$ */
+/* commit time: $Format:%ai$ */

tests/ecc_test.c

@@ -519,10 +519,390 @@ int _ecc_new_api(void)
    return CRYPT_OK;
 }
 
+int _ecc_key_cmp(const int should_type, const ecc_key *should, const ecc_key *is)
+{
+   if (should_type != is->type)                               return CRYPT_ERROR;
+   if (should_type == PK_PRIVATE) {
+      if (mp_cmp(should->k, is->k) != LTC_MP_EQ)              return CRYPT_ERROR;
+   }
+   if (mp_cmp(should->dp.prime,  is->dp.prime)  != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->dp.A,      is->dp.A)      != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->dp.B,      is->dp.B)      != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->dp.order,  is->dp.order)  != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->dp.base.x, is->dp.base.x) != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->dp.base.y, is->dp.base.y) != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->pubkey.x,  is->pubkey.x)  != LTC_MP_EQ) return CRYPT_ERROR;
+   if (mp_cmp(should->pubkey.y,  is->pubkey.y)  != LTC_MP_EQ) return CRYPT_ERROR;
+   if (should->dp.size != is->dp.size)                        return CRYPT_ERROR;
+   if (should->dp.cofactor != is->dp.cofactor)                return CRYPT_ERROR;
+   return CRYPT_OK;
+}
+
+int _ecc_import_export(void) {
+   const ltc_ecc_curve *cu;
+   ecc_key key, pri, pub;
+   unsigned char out[300];
+   unsigned long outlen;
+
+   /* the following test keys were generated by:
+        # no password
+        openssl ecparam -name secp256k1 -genkey -out main-key.pem
+        openssl ec -in main-key.pem -param_enc explicit -out long_pri.der -outform DER
+        openssl ec -in main-key.pem -param_enc explicit -conv_form compressed -out long_pric.der -outform DER
+        openssl ec -in main-key.pem -param_enc explicit -pubout -out long_pub.der -outform DER
+        openssl ec -in main-key.pem -param_enc explicit -pubout -conv_form compressed -out long_pubc.der -outform DER
+        openssl ec -in main-key.pem -param_enc named_curve -out short_pri.der -outform DER
+        openssl ec -in main-key.pem -param_enc named_curve -conv_form compressed -out short_pric.der -outform DER
+        openssl ec -in main-key.pem -param_enc named_curve -pubout -out short_pub.der -outform DER
+        openssl ec -in main-key.pem -param_enc named_curve -pubout -conv_form compressed -out short_pubc.der -outform DER
+        # X.509 EC certificates
+        openssl req -new -x509 -keyform der -key long_pri.der   -sha512 -subj '/CN=Test Cert EC' -out x509_cert_long.der   -outform der -days 365000
+        openssl req -new -x509 -keyform der -key long_pric.der  -sha512 -subj '/CN=Test Cert EC' -out x509_cert_longc.der  -outform der -days 365000
+        openssl req -new -x509 -keyform der -key short_pri.der  -sha512 -subj '/CN=Test Cert EC' -out x509_cert_short.der  -outform der -days 365000
+        openssl req -new -x509 -keyform der -key short_pric.der -sha512 -subj '/CN=Test Cert EC' -out x509_cert_shortc.der -outform der -days 365000
+    */
+   static const unsigned char long_pri[] = { /* private + long public, explicit curve params */
+      0x30, 0x82, 0x01, 0x13, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91,
+      0x1b, 0xba, 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d,
+      0x9f, 0x5f, 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x81, 0xa5, 0x30, 0x81, 0xa2, 0x02,
+      0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f,
+      0x30, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x41, 0x04, 0x79, 0xbe, 0x66, 0x7e, 0xf9,
+      0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d,
+      0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x48, 0x3a, 0xda, 0x77, 0x26,
+      0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6,
+      0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 0x02, 0x21, 0x00, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae,
+      0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01,
+      0x01, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1,
+      0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5,
+      0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7,
+      0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e,
+      0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+   };
+   static const unsigned char long_pric[] = { /* private + compressed public, explicit curve params */
+      0x30, 0x81, 0xd3, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b,
+      0xba, 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f,
+      0x5f, 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x81, 0x85, 0x30, 0x81, 0x82, 0x02, 0x01,
+      0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 0x30,
+      0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x21, 0x02, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc,
+      0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce,
+      0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc,
+      0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01, 0x01,
+      0xa1, 0x24, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf,
+      0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9,
+      0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+   };
+   static const unsigned char long_pub[] = { /* long public, explicit curve params */
+      0x30, 0x81, 0xf5, 0x30, 0x81, 0xae, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30,
+      0x81, 0xa2, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01,
+      0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff,
+      0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x41, 0x04, 0x79, 0xbe,
+      0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b,
+      0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x48, 0x3a,
+      0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17,
+      0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 0x02, 0x21,
+      0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41,
+      0x41, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+      0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+      0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a,
+      0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5,
+      0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+   };
+   static const unsigned char long_pubc[] = { /* compressed public, explicit curve params */
+      0x30, 0x81, 0xb5, 0x30, 0x81, 0x8e, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30,
+      0x81, 0x82, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01,
+      0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff,
+      0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00, 0x04, 0x01, 0x07, 0x04, 0x21, 0x02, 0x79, 0xbe,
+      0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b,
+      0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x02, 0x21,
+      0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41,
+      0x41, 0x02, 0x01, 0x01, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+      0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+      0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+   };
+   static const unsigned char short_pri[] = { /* private + long public, curve by OID */
+      0x30, 0x74, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b, 0xba,
+      0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f, 0x5f,
+      0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x07, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a,
+      0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf,
+      0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9,
+      0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c,
+      0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b,
+      0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+   };
+   static const unsigned char short_pric[] = { /* private + compressed public, curve by OID */
+      0x30, 0x54, 0x02, 0x01, 0x01, 0x04, 0x20, 0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b, 0xba,
+      0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7, 0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f, 0x5f,
+      0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23, 0xa0, 0x07, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a,
+      0xa1, 0x24, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf,
+      0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9,
+      0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+   };
+   static const unsigned char short_pub[] = { /* long public, curve by OID */
+      0x30, 0x56, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b,
+      0x81, 0x04, 0x00, 0x0a, 0x03, 0x42, 0x00, 0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+      0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+      0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a,
+      0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5,
+      0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d
+   };
+   static const unsigned char short_pubc[] = { /* compressed public, curve by OID */
+      0x30, 0x36, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b,
+      0x81, 0x04, 0x00, 0x0a, 0x03, 0x22, 0x00, 0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e,
+      0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e,
+      0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16
+   };
+   static const unsigned char raw_pri[] = { /* raw private key */
+      0x0c, 0xf1, 0xad, 0x2f, 0x03, 0xf7, 0x91, 0x1b, 0xba, 0x03, 0xcf, 0x23, 0x37, 0xc8, 0xf2, 0xf7,
+      0x36, 0xce, 0x65, 0xf1, 0x84, 0x2d, 0x7d, 0x9f, 0x5f, 0x9e, 0x21, 0xd9, 0x5e, 0x49, 0xbd, 0x23
+   };
+   static const unsigned char raw_pub[] = { /* raw public key - long form */
+      0x04, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba,
+      0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5,
+      0x16, 0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63,
+      0x62, 0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79,
+      0x4d
+   };
+   static const unsigned char raw_pubc[] = { /* raw public key - compressed form */
+      0x03, 0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba,
+      0xb6, 0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5,
+      0x16
+   };
+   static const unsigned char x509_cert_long[] = { /* X.509 cert, long pubkey, explicit curve params */
+      0x30, 0x82, 0x02, 0x13, 0x30, 0x82, 0x01, 0xba, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+      0xaf, 0x14, 0xe3, 0x53, 0x36, 0x06, 0x79, 0x34, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+      0x3d, 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+      0x0c, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17,
+      0x0d, 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f,
+      0x33, 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30,
+      0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74,
+      0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x81, 0xf5, 0x30, 0x81, 0xae, 0x06, 0x07,
+      0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0xa2, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06,
+      0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00,
+      0x04, 0x01, 0x07, 0x04, 0x41, 0x04, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0,
+      0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2,
+      0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4,
+      0xfb, 0xfc, 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, 0x9c, 0x47,
+      0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0,
+      0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01, 0x01, 0x03, 0x42, 0x00, 0x04,
+      0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6,
+      0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16,
+      0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62,
+      0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d,
+      0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x66,
+      0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85, 0x70,
+      0xf9, 0x1f, 0x2c, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
+      0x66, 0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85,
+      0x70, 0xf9, 0x1f, 0x2c, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+      0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x47,
+      0x00, 0x30, 0x44, 0x02, 0x1f, 0x2a, 0x62, 0x64, 0x05, 0x67, 0xb0, 0x2c, 0xa0, 0xa3, 0xb8, 0x61,
+      0x4e, 0x87, 0x06, 0x69, 0xf2, 0xda, 0x78, 0xd6, 0x0e, 0x8d, 0x9b, 0xf1, 0x43, 0x5f, 0xf6, 0x40,
+      0x9d, 0x9d, 0xbd, 0xce, 0x02, 0x21, 0x00, 0xe9, 0x6f, 0x79, 0xb4, 0x4a, 0x00, 0xf7, 0xfa, 0x81,
+      0x25, 0x29, 0xec, 0x79, 0xb2, 0xfa, 0x86, 0xf8, 0x84, 0xd1, 0x78, 0xe7, 0xf8, 0xfd, 0x76, 0x2d,
+      0x4f, 0xfe, 0x02, 0x72, 0xba, 0x6c, 0xca
+   };
+   static const unsigned char x509_cert_longc[] = { /* X.509 cert, compressed pubkey, explicit curve params */
+      0x30, 0x82, 0x01, 0xd3, 0x30, 0x82, 0x01, 0x7a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+      0x90, 0x5b, 0x48, 0x32, 0x37, 0x4b, 0x72, 0x54, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+      0x3d, 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+      0x0c, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17,
+      0x0d, 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f,
+      0x33, 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30,
+      0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74,
+      0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x81, 0xb5, 0x30, 0x81, 0x8e, 0x06, 0x07,
+      0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x30, 0x81, 0x82, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06,
+      0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xff, 0xff, 0xfc, 0x2f, 0x30, 0x06, 0x04, 0x01, 0x00,
+      0x04, 0x01, 0x07, 0x04, 0x21, 0x02, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0,
+      0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2,
+      0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+      0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0,
+      0x3b, 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, 0x02, 0x01, 0x01, 0x03, 0x22, 0x00, 0x03,
+      0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6,
+      0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16,
+      0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xca,
+      0x2a, 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6, 0x49,
+      0x9f, 0x98, 0xcf, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
+      0xca, 0x2a, 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6,
+      0x49, 0x9f, 0x98, 0xcf, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+      0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x47,
+      0x00, 0x30, 0x44, 0x02, 0x20, 0x24, 0x7a, 0xc1, 0xb4, 0x7d, 0x1c, 0x3c, 0x23, 0xc6, 0xad, 0xea,
+      0x04, 0x27, 0x27, 0x65, 0xb8, 0x72, 0x93, 0x46, 0xc9, 0xe9, 0x60, 0x8f, 0xca, 0x96, 0x30, 0x60,
+      0xb3, 0x22, 0xf7, 0x3b, 0x01, 0x02, 0x20, 0x48, 0x30, 0x2a, 0x58, 0x18, 0x46, 0xdb, 0x50, 0x3e,
+      0xad, 0xc3, 0xca, 0xcd, 0x6d, 0x83, 0xd4, 0xc3, 0xc4, 0xa4, 0x8f, 0x37, 0xc3, 0x1d, 0x83, 0x3c,
+      0xd3, 0x1f, 0x8f, 0x38, 0x29, 0x75, 0x2c
+   };
+   static const unsigned char x509_cert_short[] = { /* X.509 cert, long pubkey, curve by OID */
+      0x30, 0x82, 0x01, 0x74, 0x30, 0x82, 0x01, 0x1a, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00,
+      0xbd, 0x81, 0x04, 0x29, 0x43, 0x12, 0x79, 0xce, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce,
+      0x3d, 0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c,
+      0x0c, 0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17,
+      0x0d, 0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f,
+      0x33, 0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30,
+      0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74,
+      0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x56, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86,
+      0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a, 0x03, 0x42, 0x00, 0x04,
+      0x2a, 0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6,
+      0x7f, 0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16,
+      0x91, 0xbd, 0xb2, 0xb9, 0x1b, 0x40, 0x10, 0x5a, 0xb7, 0x6c, 0x6e, 0x32, 0x5b, 0xf7, 0x63, 0x62,
+      0x94, 0x24, 0x24, 0xdb, 0xec, 0x3f, 0x8b, 0xe5, 0x6e, 0x4b, 0x64, 0x37, 0x31, 0x24, 0x79, 0x4d,
+      0xa3, 0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0x66,
+      0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85, 0x70,
+      0xf9, 0x1f, 0x2c, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14,
+      0x66, 0xc9, 0x90, 0x3c, 0x8a, 0x81, 0xa3, 0x1c, 0x20, 0x61, 0xd2, 0xf3, 0xf5, 0xae, 0xa8, 0x85,
+      0x70, 0xf9, 0x1f, 0x2c, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+      0x01, 0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x48,
+      0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0x9b, 0x4e, 0xb2, 0x6a, 0xcc, 0xfa, 0x02, 0x69, 0x22, 0x6a,
+      0x32, 0x9c, 0x0c, 0xaa, 0x4c, 0xdf, 0xbb, 0x9b, 0x22, 0xfb, 0xd6, 0xec, 0x5d, 0xf9, 0x87, 0x82,
+      0xeb, 0x37, 0xb8, 0x32, 0x7c, 0xd6, 0x02, 0x20, 0x50, 0x8b, 0x9f, 0xc1, 0xa8, 0x4a, 0xff, 0x49,
+      0x0d, 0x7e, 0x04, 0x2d, 0x93, 0x3e, 0xdb, 0x30, 0xbc, 0x93, 0xd1, 0x16, 0x1d, 0x99, 0xbd, 0x3f,
+      0xfa, 0x2a, 0x6d, 0xe0, 0x2a, 0x83, 0x55, 0x5d
+   };
+   static const unsigned char x509_cert_shortc[] = { /* X.509 cert, compressed pubkey, curve by OID */
+      0x30, 0x82, 0x01, 0x54, 0x30, 0x81, 0xfa, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x85,
+      0x45, 0x77, 0x75, 0x02, 0x95, 0xf7, 0x06, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
+      0x04, 0x03, 0x04, 0x30, 0x17, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c,
+      0x54, 0x65, 0x73, 0x74, 0x20, 0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x20, 0x17, 0x0d,
+      0x31, 0x37, 0x31, 0x32, 0x33, 0x30, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x18, 0x0f, 0x33,
+      0x30, 0x31, 0x37, 0x30, 0x35, 0x30, 0x32, 0x32, 0x30, 0x33, 0x33, 0x34, 0x31, 0x5a, 0x30, 0x17,
+      0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0c, 0x54, 0x65, 0x73, 0x74, 0x20,
+      0x43, 0x65, 0x72, 0x74, 0x20, 0x45, 0x43, 0x30, 0x36, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48,
+      0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a, 0x03, 0x22, 0x00, 0x03, 0x2a,
+      0xf9, 0x0b, 0xda, 0xbe, 0x71, 0x66, 0x9e, 0xd1, 0xcf, 0x12, 0xd0, 0x24, 0xaf, 0xba, 0xb6, 0x7f,
+      0xfb, 0x96, 0x27, 0x3e, 0x2f, 0xbd, 0x1e, 0xd5, 0xf9, 0x8d, 0x6c, 0x73, 0x9d, 0xc5, 0x16, 0xa3,
+      0x50, 0x30, 0x4e, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xca, 0x2a,
+      0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6, 0x49, 0x9f,
+      0x98, 0xcf, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, 0x14, 0xca,
+      0x2a, 0xa1, 0x12, 0x97, 0x96, 0x2c, 0x85, 0xd3, 0x1f, 0xb1, 0x34, 0x7c, 0x26, 0xe9, 0xd6, 0x49,
+      0x9f, 0x98, 0xcf, 0x30, 0x0c, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01,
+      0xff, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x04, 0x03, 0x49, 0x00,
+      0x30, 0x46, 0x02, 0x21, 0x00, 0xa4, 0xf9, 0x41, 0x2b, 0x4b, 0x56, 0xa5, 0xd4, 0x8c, 0xdf, 0xb0,
+      0x14, 0xe3, 0xe7, 0xed, 0xcc, 0xc4, 0x46, 0x42, 0x04, 0xec, 0x15, 0x9f, 0xe1, 0xb2, 0x00, 0x07,
+      0x8c, 0xc1, 0xf9, 0x25, 0xed, 0x02, 0x21, 0x00, 0x81, 0xd8, 0xc4, 0x3a, 0x9f, 0xdf, 0xc1, 0x70,
+      0x9d, 0x7b, 0x70, 0x3e, 0xf5, 0x7d, 0xa4, 0xfd, 0x3c, 0xc6, 0x49, 0x93, 0xd3, 0x5b, 0xef, 0xc9,
+      0xae, 0x97, 0xaf, 0x64, 0x64, 0xf9, 0x69, 0xd8
+   };
+
+   if (ltc_mp.sqrtmod_prime == NULL) return CRYPT_NOP; /* we need compressed points which requires sqrtmod_prime */
+
+   DO(ecc_import_openssl(short_pub, sizeof(short_pub), &pub));
+   DO(ecc_import_openssl(short_pri, sizeof(short_pri), &pri));
+   DO(ecc_get_curve("SECP256K1", &cu));
+
+   /* import - raw keys */
+   DO(ecc_set_dp(cu, &key));
+   DO(ecc_set_key(raw_pri, sizeof(raw_pri),  PK_PRIVATE, &key));
+   DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+   ecc_free(&key);
+   DO(ecc_set_dp(cu, &key));
+   DO(ecc_set_key(raw_pub, sizeof(raw_pub),  PK_PUBLIC,  &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_set_dp(cu, &key));
+   DO(ecc_set_key(raw_pubc, sizeof(raw_pubc), PK_PUBLIC,  &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+
+   /* import - openssl compatible DER format */
+   DO(ecc_import_openssl(long_pri, sizeof(long_pri),   &key));
+   DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(long_pric, sizeof(long_pric),  &key));
+   DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(long_pub, sizeof(long_pub),   &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(long_pubc, sizeof(long_pubc),  &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(short_pri, sizeof(short_pri),  &key));
+   DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(short_pric, sizeof(short_pric), &key));
+   DO(_ecc_key_cmp(PK_PRIVATE, &pri, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(short_pub, sizeof(short_pub),  &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_import_openssl(short_pubc, sizeof(short_pubc), &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+
+   /* import - X.509 EC certificates */
+   DO(ecc_import_x509(x509_cert_long,   sizeof(x509_cert_long),   &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_import_x509(x509_cert_longc,  sizeof(x509_cert_longc),  &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_import_x509(x509_cert_short,  sizeof(x509_cert_short),  &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+   DO(ecc_import_x509(x509_cert_shortc, sizeof(x509_cert_shortc), &key));
+   DO(_ecc_key_cmp(PK_PUBLIC, &pub, &key));
+   ecc_free(&key);
+
+   /* export - openssl compatible DER format */
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PRIVATE, &pri));
+   if (compare_testvector(out, outlen, long_pri, sizeof(long_pri),   "e-long_pri",   0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PRIVATE|PK_COMPRESSED, &pri));
+   if (compare_testvector(out, outlen, long_pric, sizeof(long_pric),  "e-long_pric",  0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PUBLIC, &pub));
+   if (compare_testvector(out, outlen, long_pub, sizeof(long_pub),   "e-long_pub",   0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PUBLIC|PK_COMPRESSED, &pub));
+   if (compare_testvector(out, outlen, long_pubc, sizeof(long_pubc),  "e-long_pubc",  0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PRIVATE|PK_CURVEOID, &pri));
+   if (compare_testvector(out, outlen, short_pri, sizeof(short_pri),  "e-short_pri",  0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PRIVATE|PK_CURVEOID|PK_COMPRESSED, &pri));
+   if (compare_testvector(out, outlen, short_pric, sizeof(short_pric), "e-short_pric", 0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PUBLIC|PK_CURVEOID,  &pub));
+   if (compare_testvector(out, outlen, short_pub, sizeof(short_pub),  "e-short_pub",  0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_export_openssl(out, &outlen, PK_PUBLIC|PK_CURVEOID|PK_COMPRESSED, &pub));
+   if (compare_testvector(out, outlen, short_pubc, sizeof(short_pubc), "e-short_pubc", 0)) return CRYPT_ERROR;
+
+   /* export - raw keys */
+   outlen = sizeof(out);
+   DO(ecc_get_key(out, &outlen, PK_PRIVATE, &pri));
+   if (compare_testvector(out, outlen, raw_pri, sizeof(raw_pri),    "e-raw_pri",    0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_get_key(out, &outlen, PK_PUBLIC, &pub));
+   if (compare_testvector(out, outlen, raw_pub, sizeof(raw_pub),    "e-raw_pub",    0)) return CRYPT_ERROR;
+   outlen = sizeof(out);
+   DO(ecc_get_key(out, &outlen, PK_PUBLIC|PK_COMPRESSED, &pub));
+   if (compare_testvector(out, outlen, raw_pubc, sizeof(raw_pubc),   "e-raw_pubc",   0)) return CRYPT_ERROR;
+
+   ecc_free(&pri);
+   ecc_free(&pub);
+   return CRYPT_OK;
+}
+
 int ecc_tests(void)
 {
    DO(_ecc_old_api()); /* up to 1.18 */
    DO(_ecc_new_api());
+   DO(_ecc_import_export());
    DO(_ecc_test_mp());
    DO(_ecc_issue108());
 #ifdef LTC_ECC_SHAMIR