ec.h source code [flutter_engine/third_party/boringssl/src/include/openssl/ec.h]

1	/ Originally written by Bodo Moeller for the OpenSSL project.*
2	* ====================================================================
3	* Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved.
4	*
5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions
7	* are met:
8	*
9	* 1. Redistributions of source code must retain the above copyright
10	* notice, this list of conditions and the following disclaimer.
11	*
12	* 2. Redistributions in binary form must reproduce the above copyright
13	* notice, this list of conditions and the following disclaimer in
14	* the documentation and/or other materials provided with the
15	* distribution.
16	*
17	* 3. All advertising materials mentioning features or use of this
18	* software must display the following acknowledgment:
19	* "This product includes software developed by the OpenSSL Project
20	* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21	*
22	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23	* endorse or promote products derived from this software without
24	* prior written permission. For written permission, please contact
25	* openssl-core@openssl.org.
26	*
27	* 5. Products derived from this software may not be called "OpenSSL"
28	* nor may "OpenSSL" appear in their names without prior written
29	* permission of the OpenSSL Project.
30	*
31	* 6. Redistributions of any form whatsoever must retain the following
32	* acknowledgment:
33	* "This product includes software developed by the OpenSSL Project
34	* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35	*
36	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47	* OF THE POSSIBILITY OF SUCH DAMAGE.
48	* ====================================================================
49	*
50	* This product includes cryptographic software written by Eric Young
51	* (eay@cryptsoft.com). This product includes software written by Tim
52	* Hudson (tjh@cryptsoft.com).
53	*
54	*/
55	/ ====================================================================*
56	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
57	*
58	* Portions of the attached software ("Contribution") are developed by
59	* SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project.
60	*
61	* The Contribution is licensed pursuant to the OpenSSL open source
62	* license provided above.
63	*
64	* The elliptic curve binary polynomial software is originally written by
65	* Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems
66	* Laboratories. */
67
68	#ifndef OPENSSL_HEADER_EC_H
69	#define OPENSSL_HEADER_EC_H
70
71	#include <openssl/base.h>
72
73	#if defined(__cplusplus)
74	extern "C" {
75	#endif
76
77
78	// Low-level operations on elliptic curves.
79
80
81	// point_conversion_form_t enumerates forms, as defined in X9.62 (ECDSA), for
82	// the encoding of a elliptic curve point (x,y)
83	typedef enum {
84	// POINT_CONVERSION_COMPRESSED indicates that the point is encoded as z\|\|x,
85	// where the octet z specifies which solution of the quadratic equation y
86	// is.
87	POINT_CONVERSION_COMPRESSED = `2`,
88
89	// POINT_CONVERSION_UNCOMPRESSED indicates that the point is encoded as
90	// z\|\|x\|\|y, where z is the octet 0x04.
91	POINT_CONVERSION_UNCOMPRESSED = `4`,
92
93	// POINT_CONVERSION_HYBRID indicates that the point is encoded as z\|\|x\|\|y,
94	// where z specifies which solution of the quadratic equation y is. This is
95	// not supported by the code and has never been observed in use.
96	//
97	// TODO(agl): remove once node.js no longer references this.
98	POINT_CONVERSION_HYBRID = `6`,
99	} point_conversion_form_t;
100
101
102	// Elliptic curve groups.
103
104	// EC_GROUP_new_by_curve_name returns a fresh EC_GROUP object for the elliptic
105	// curve specified by \|nid\|, or NULL on unsupported NID or allocation failure.
106	//
107	// The supported NIDs are:
108	// NID_secp224r1 (P-224),
109	// NID_X9_62_prime256v1 (P-256),
110	// NID_secp384r1 (P-384),
111	// NID_secp521r1 (P-521)
112	//
113	// If in doubt, use \|NID_X9_62_prime256v1\|, or see the curve25519.h header for
114	// more modern primitives.
115	OPENSSL_EXPORT EC_GROUP EC_GROUP_new_by_curve_name(int* nid);
116
117	// EC_GROUP_free releases a reference to \|group\|.
118	OPENSSL_EXPORT void EC_GROUP_free(EC_GROUP *group);
119
120	// EC_GROUP_dup takes a reference to \|a\| and returns it.
121	OPENSSL_EXPORT EC_GROUP EC_GROUP_dup(const* EC_GROUP *a);
122
123	// EC_GROUP_cmp returns zero if \|a\| and \|b\| are the same group and non-zero
124	// otherwise.
125	OPENSSL_EXPORT int EC_GROUP_cmp(const EC_GROUP a, const* EC_GROUP *b,
126	BN_CTX *ignored);
127
128	// EC_GROUP_get0_generator returns a pointer to the internal \|EC_POINT\| object
129	// in \|group\| that specifies the generator for the group.
130	OPENSSL_EXPORT const EC_POINT EC_GROUP_get0_generator(const* EC_GROUP *group);
131
132	// EC_GROUP_get0_order returns a pointer to the internal \|BIGNUM\| object in
133	// \|group\| that specifies the order of the group.
134	OPENSSL_EXPORT const BIGNUM EC_GROUP_get0_order(const* EC_GROUP *group);
135
136	// EC_GROUP_order_bits returns the number of bits of the order of \|group\|.
137	OPENSSL_EXPORT int EC_GROUP_order_bits(const EC_GROUP *group);
138
139	// EC_GROUP_get_cofactor sets \|cofactor\| to the cofactor of \|group\| using*
140	// \|ctx\|, if it's not NULL. It returns one on success and zero otherwise.
141	OPENSSL_EXPORT int EC_GROUP_get_cofactor(const EC_GROUP *group,
142	BIGNUM cofactor, BN_CTX ctx);
143
144	// EC_GROUP_get_curve_GFp gets various parameters about a group. It sets
145	// \|out_p\| to the order of the coordinate field and \|out_a\| and \|out_b\| to*
146	// the parameters of the curve when expressed as y² = x³ + ax + b. Any of the
147	// output parameters can be NULL. It returns one on success and zero on
148	// error.
149	OPENSSL_EXPORT int EC_GROUP_get_curve_GFp(const EC_GROUP group, BIGNUM out_p,
150	BIGNUM out_a, BIGNUM out_b,
151	BN_CTX *ctx);
152
153	// EC_GROUP_get_curve_name returns a NID that identifies \|group\|.
154	OPENSSL_EXPORT int EC_GROUP_get_curve_name(const EC_GROUP *group);
155
156	// EC_GROUP_get_degree returns the number of bits needed to represent an
157	// element of the field underlying \|group\|.
158	OPENSSL_EXPORT unsigned EC_GROUP_get_degree(const EC_GROUP *group);
159
160	// EC_curve_nid2nist returns the NIST name of the elliptic curve specified by
161	// \|nid\|, or NULL if \|nid\| is not a NIST curve. For example, it returns "P-256"
162	// for \|NID_X9_62_prime256v1\|.
163	OPENSSL_EXPORT const char EC_curve_nid2nist(int* nid);
164
165	// EC_curve_nist2nid returns the NID of the elliptic curve specified by the NIST
166	// name \|name\|, or \|NID_undef\| if \|name\| is not a recognized name. For example,
167	// it returns \|NID_X9_62_prime256v1\| for "P-256".
168	OPENSSL_EXPORT int EC_curve_nist2nid(const char *name);
169
170
171	// Points on elliptic curves.
172
173	// EC_POINT_new returns a fresh \|EC_POINT\| object in the given group, or NULL
174	// on error.
175	OPENSSL_EXPORT EC_POINT EC_POINT_new(const* EC_GROUP *group);
176
177	// EC_POINT_free frees \|point\| and the data that it points to.
178	OPENSSL_EXPORT void EC_POINT_free(EC_POINT *point);
179
180	// EC_POINT_copy sets \|dest\| equal to \|src\|. It returns one on success and
181	// zero otherwise.
182	OPENSSL_EXPORT int EC_POINT_copy(EC_POINT dest, const* EC_POINT *src);
183
184	// EC_POINT_dup returns a fresh \|EC_POINT\| that contains the same values as
185	// \|src\|, or NULL on error.
186	OPENSSL_EXPORT EC_POINT EC_POINT_dup(const* EC_POINT *src,
187	const EC_GROUP *group);
188
189	// EC_POINT_set_to_infinity sets \|point\| to be the "point at infinity" for the
190	// given group.
191	OPENSSL_EXPORT int EC_POINT_set_to_infinity(const EC_GROUP *group,
192	EC_POINT *point);
193
194	// EC_POINT_is_at_infinity returns one iff \|point\| is the point at infinity and
195	// zero otherwise.
196	OPENSSL_EXPORT int EC_POINT_is_at_infinity(const EC_GROUP *group,
197	const EC_POINT *point);
198
199	// EC_POINT_is_on_curve returns one if \|point\| is an element of \|group\| and
200	// and zero otherwise or when an error occurs. This is different from OpenSSL,
201	// which returns -1 on error. If \|ctx\| is non-NULL, it may be used.
202	OPENSSL_EXPORT int EC_POINT_is_on_curve(const EC_GROUP *group,
203	const EC_POINT point, BN_CTX ctx);
204
205	// EC_POINT_cmp returns zero if \|a\| is equal to \|b\|, greater than zero if
206	// not equal and -1 on error. If \|ctx\| is not NULL, it may be used.
207	OPENSSL_EXPORT int EC_POINT_cmp(const EC_GROUP group, const* EC_POINT *a,
208	const EC_POINT b, BN_CTX ctx);
209
210
211	// Point conversion.
212
213	// EC_POINT_get_affine_coordinates_GFp sets \|x\| and \|y\| to the affine value of
214	// \|point\| using \|ctx\|, if it's not NULL. It returns one on success and zero
215	// otherwise.
216	//
217	// Either \|x\| or \|y\| may be NULL to skip computing that coordinate. This is
218	// slightly faster in the common case where only the x-coordinate is needed.
219	OPENSSL_EXPORT int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group,
220	const EC_POINT *point,
221	BIGNUM x, BIGNUM y,
222	BN_CTX *ctx);
223
224	// EC_POINT_get_affine_coordinates is an alias of
225	// \|EC_POINT_get_affine_coordinates_GFp\|.
226	OPENSSL_EXPORT int EC_POINT_get_affine_coordinates(const EC_GROUP *group,
227	const EC_POINT *point,
228	BIGNUM x, BIGNUM y,
229	BN_CTX *ctx);
230
231	// EC_POINT_set_affine_coordinates_GFp sets the value of \|point\| to be
232	// (\|x\|, \|y\|). The \|ctx\| argument may be used if not NULL. It returns one
233	// on success or zero on error. It's considered an error if the point is not on
234	// the curve.
235	//
236	// Note that the corresponding function in OpenSSL versions prior to 1.0.2s does
237	// not check if the point is on the curve. This is a security-critical check, so
238	// code additionally supporting OpenSSL should repeat the check with
239	// \|EC_POINT_is_on_curve\| or check for older OpenSSL versions with
240	// \|OPENSSL_VERSION_NUMBER\|.
241	OPENSSL_EXPORT int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group,
242	EC_POINT *point,
243	const BIGNUM *x,
244	const BIGNUM *y,
245	BN_CTX *ctx);
246
247	// EC_POINT_set_affine_coordinates is an alias of
248	// \|EC_POINT_set_affine_coordinates_GFp\|.
249	OPENSSL_EXPORT int EC_POINT_set_affine_coordinates(const EC_GROUP *group,
250	EC_POINT *point,
251	const BIGNUM *x,
252	const BIGNUM *y,
253	BN_CTX *ctx);
254
255	// EC_POINT_point2oct serialises \|point\| into the X9.62 form given by \|form\|
256	// into, at most, \|max_out\| bytes at \|buf\|. It returns the number of bytes
257	// written or zero on error if \|buf\| is non-NULL, else the number of bytes
258	// needed. The \|ctx\| argument may be used if not NULL.
259	OPENSSL_EXPORT size_t EC_POINT_point2oct(const EC_GROUP *group,
260	const EC_POINT *point,
261	point_conversion_form_t form,
262	uint8_t *buf, size_t max_out,
263	BN_CTX *ctx);
264
265	// EC_POINT_point2buf serialises \|point\| into the X9.62 form given by \|form\| to
266	// a newly-allocated buffer and sets \|out_buf\| to point to it. It returns the*
267	// length of the result on success or zero on error. The caller must release
268	// \|out_buf\| with \|OPENSSL_free\| when done.*
269	OPENSSL_EXPORT size_t EC_POINT_point2buf(const EC_GROUP *group,
270	const EC_POINT *point,
271	point_conversion_form_t form,
272	uint8_t *out_buf, BN_CTX ctx);
273
274	// EC_POINT_point2cbb behaves like \|EC_POINT_point2oct\| but appends the
275	// serialised point to \|cbb\|. It returns one on success and zero on error.
276	OPENSSL_EXPORT int EC_POINT_point2cbb(CBB out, const* EC_GROUP *group,
277	const EC_POINT *point,
278	point_conversion_form_t form,
279	BN_CTX *ctx);
280
281	// EC_POINT_oct2point sets \|point\| from \|len\| bytes of X9.62 format
282	// serialisation in \|buf\|. It returns one on success and zero on error. The
283	// \|ctx\| argument may be used if not NULL. It's considered an error if \|buf\|
284	// does not represent a point on the curve.
285	OPENSSL_EXPORT int EC_POINT_oct2point(const EC_GROUP group, EC_POINT point,
286	const uint8_t *buf, size_t len,
287	BN_CTX *ctx);
288
289	// EC_POINT_set_compressed_coordinates_GFp sets \|point\| to equal the point with
290	// the given \|x\| coordinate and the y coordinate specified by \|y_bit\| (see
291	// X9.62). It returns one on success and zero otherwise.
292	OPENSSL_EXPORT int EC_POINT_set_compressed_coordinates_GFp(
293	const EC_GROUP group, EC_POINT point, const BIGNUM x, int* y_bit,
294	BN_CTX *ctx);
295
296
297	// Group operations.
298
299	// EC_POINT_add sets \|r\| equal to \|a\| plus \|b\|. It returns one on success and
300	// zero otherwise. If \|ctx\| is not NULL, it may be used.
301	OPENSSL_EXPORT int EC_POINT_add(const EC_GROUP group, EC_POINT r,
302	const EC_POINT a, const* EC_POINT *b,
303	BN_CTX *ctx);
304
305	// EC_POINT_dbl sets \|r\| equal to \|a\| plus \|a\|. It returns one on success and
306	// zero otherwise. If \|ctx\| is not NULL, it may be used.
307	OPENSSL_EXPORT int EC_POINT_dbl(const EC_GROUP group, EC_POINT r,
308	const EC_POINT a, BN_CTX ctx);
309
310	// EC_POINT_invert sets \|a\| equal to minus \|a\|. It returns one on success and
311	// zero otherwise. If \|ctx\| is not NULL, it may be used.
312	OPENSSL_EXPORT int EC_POINT_invert(const EC_GROUP group, EC_POINT a,
313	BN_CTX *ctx);
314
315	// EC_POINT_mul sets r = generatorn + qm. It returns one on success and zero
316	// otherwise. If \|ctx\| is not NULL, it may be used.
317	OPENSSL_EXPORT int EC_POINT_mul(const EC_GROUP group, EC_POINT r,
318	const BIGNUM n, const* EC_POINT *q,
319	const BIGNUM m, BN_CTX ctx);
320
321
322	// Hash-to-curve.
323	//
324	// The following functions implement primitives from
325	// draft-irtf-cfrg-hash-to-curve-16. The \|dst\| parameter in each function is the
326	// domain separation tag and must be unique for each protocol and between the
327	// \|hash_to_curve\| and \|hash_to_scalar\| variants. See section 3.1 of the spec
328	// for additional guidance on this parameter.
329
330	// EC_hash_to_curve_p256_xmd_sha256_sswu hashes \|msg\| to a point on \|group\| and
331	// writes the result to \|out\|, implementing the P256_XMD:SHA-256_SSWU_RO_ suite
332	// from draft-irtf-cfrg-hash-to-curve-16. It returns one on success and zero on
333	// error.
334	OPENSSL_EXPORT int EC_hash_to_curve_p256_xmd_sha256_sswu(
335	const EC_GROUP group, EC_POINT out, const uint8_t *dst, size_t dst_len,
336	const uint8_t *msg, size_t msg_len);
337
338	// EC_hash_to_curve_p384_xmd_sha384_sswu hashes \|msg\| to a point on \|group\| and
339	// writes the result to \|out\|, implementing the P384_XMD:SHA-384_SSWU_RO_ suite
340	// from draft-irtf-cfrg-hash-to-curve-16. It returns one on success and zero on
341	// error.
342	OPENSSL_EXPORT int EC_hash_to_curve_p384_xmd_sha384_sswu(
343	const EC_GROUP group, EC_POINT out, const uint8_t *dst, size_t dst_len,
344	const uint8_t *msg, size_t msg_len);
345
346
347	// Deprecated functions.
348
349	// EC_GROUP_new_curve_GFp creates a new, arbitrary elliptic curve group based
350	// on the equation y² = x³ + a·x + b. It returns the new group or NULL on
351	// error.
352	//
353	// This new group has no generator. It is an error to use a generator-less group
354	// with any functions except for \|EC_GROUP_free\|, \|EC_POINT_new\|,
355	// \|EC_POINT_set_affine_coordinates_GFp\|, and \|EC_GROUP_set_generator\|.
356	//
357	// \|EC_GROUP\|s returned by this function will always compare as unequal via
358	// \|EC_GROUP_cmp\| (even to themselves). \|EC_GROUP_get_curve_name\| will always
359	// return \|NID_undef\|.
360	//
361	// This function is provided for compatibility with some legacy applications
362	// only. Avoid using arbitrary curves and use \|EC_GROUP_new_by_curve_name\|
363	// instead. This ensures the result meets preconditions necessary for
364	// elliptic curve algorithms to function correctly and securely.
365	//
366	// Given invalid parameters, this function may fail or it may return an
367	// \|EC_GROUP\| which breaks these preconditions. Subsequent operations may then
368	// return arbitrary, incorrect values. Callers should not pass
369	// attacker-controlled values to this function.
370	OPENSSL_EXPORT EC_GROUP EC_GROUP_new_curve_GFp(const* BIGNUM *p,
371	const BIGNUM *a,
372	const BIGNUM b, BN_CTX ctx);
373
374	// EC_GROUP_set_generator sets the generator for \|group\| to \|generator\|, which
375	// must have the given order and cofactor. It may only be used with \|EC_GROUP\|
376	// objects returned by \|EC_GROUP_new_curve_GFp\| and may only be used once on
377	// each group. \|generator\| must have been created using \|group\|.
378	OPENSSL_EXPORT int EC_GROUP_set_generator(EC_GROUP *group,
379	const EC_POINT *generator,
380	const BIGNUM *order,
381	const BIGNUM *cofactor);
382
383	// EC_GROUP_get_order sets \|order\| to the order of \|group\|, if it's not*
384	// NULL. It returns one on success and zero otherwise. \|ctx\| is ignored. Use
385	// \|EC_GROUP_get0_order\| instead.
386	OPENSSL_EXPORT int EC_GROUP_get_order(const EC_GROUP group, BIGNUM order,
387	BN_CTX *ctx);
388
389	#define OPENSSL_EC_EXPLICIT_CURVE 0
390	#define OPENSSL_EC_NAMED_CURVE 1
391
392	// EC_GROUP_set_asn1_flag does nothing.
393	OPENSSL_EXPORT void EC_GROUP_set_asn1_flag(EC_GROUP group, int* flag);
394
395	// EC_GROUP_get_asn1_flag returns \|OPENSSL_EC_NAMED_CURVE\|.
396	OPENSSL_EXPORT int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
397
398	typedef struct ec_method_st EC_METHOD;
399
400	// EC_GROUP_method_of returns a dummy non-NULL pointer.
401	OPENSSL_EXPORT const EC_METHOD EC_GROUP_method_of(const* EC_GROUP *group);
402
403	// EC_METHOD_get_field_type returns NID_X9_62_prime_field.
404	OPENSSL_EXPORT int EC_METHOD_get_field_type(const EC_METHOD *meth);
405
406	// EC_GROUP_set_point_conversion_form aborts the process if \|form\| is not
407	// \|POINT_CONVERSION_UNCOMPRESSED\| and otherwise does nothing.
408	OPENSSL_EXPORT void EC_GROUP_set_point_conversion_form(
409	EC_GROUP *group, point_conversion_form_t form);
410
411	// EC_builtin_curve describes a supported elliptic curve.
412	typedef struct {
413	int nid;
414	const char *comment;
415	} EC_builtin_curve;
416
417	// EC_get_builtin_curves writes at most \|max_num_curves\| elements to
418	// \|out_curves\| and returns the total number that it would have written, had
419	// \|max_num_curves\| been large enough.
420	//
421	// The \|EC_builtin_curve\| items describe the supported elliptic curves.
422	OPENSSL_EXPORT size_t EC_get_builtin_curves(EC_builtin_curve *out_curves,
423	size_t max_num_curves);
424
425	// EC_POINT_clear_free calls \|EC_POINT_free\|.
426	OPENSSL_EXPORT void EC_POINT_clear_free(EC_POINT *point);
427
428
429	#if defined(__cplusplus)
430	} // extern C
431	#endif
432
433	// Old code expects to get EC_KEY from ec.h.
434	#include <openssl/ec_key.h>
435
436	#if defined(__cplusplus)
437	extern "C++" {
438
439	BSSL_NAMESPACE_BEGIN
440
441	BORINGSSL_MAKE_DELETER(EC_POINT, EC_POINT_free)
442	BORINGSSL_MAKE_DELETER(EC_GROUP, EC_GROUP_free)
443
444	BSSL_NAMESPACE_END
445
446	} // extern C++
447
448	#endif
449
450	#define EC_R_BUFFER_TOO_SMALL 100
451	#define EC_R_COORDINATES_OUT_OF_RANGE 101
452	#define EC_R_D2I_ECPKPARAMETERS_FAILURE 102
453	#define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 103
454	#define EC_R_GROUP2PKPARAMETERS_FAILURE 104
455	#define EC_R_I2D_ECPKPARAMETERS_FAILURE 105
456	#define EC_R_INCOMPATIBLE_OBJECTS 106
457	#define EC_R_INVALID_COMPRESSED_POINT 107
458	#define EC_R_INVALID_COMPRESSION_BIT 108
459	#define EC_R_INVALID_ENCODING 109
460	#define EC_R_INVALID_FIELD 110
461	#define EC_R_INVALID_FORM 111
462	#define EC_R_INVALID_GROUP_ORDER 112
463	#define EC_R_INVALID_PRIVATE_KEY 113
464	#define EC_R_MISSING_PARAMETERS 114
465	#define EC_R_MISSING_PRIVATE_KEY 115
466	#define EC_R_NON_NAMED_CURVE 116
467	#define EC_R_NOT_INITIALIZED 117
468	#define EC_R_PKPARAMETERS2GROUP_FAILURE 118
469	#define EC_R_POINT_AT_INFINITY 119
470	#define EC_R_POINT_IS_NOT_ON_CURVE 120
471	#define EC_R_SLOT_FULL 121
472	#define EC_R_UNDEFINED_GENERATOR 122
473	#define EC_R_UNKNOWN_GROUP 123
474	#define EC_R_UNKNOWN_ORDER 124
475	#define EC_R_WRONG_ORDER 125
476	#define EC_R_BIGNUM_OUT_OF_RANGE 126
477	#define EC_R_WRONG_CURVE_PARAMETERS 127
478	#define EC_R_DECODE_ERROR 128
479	#define EC_R_ENCODE_ERROR 129
480	#define EC_R_GROUP_MISMATCH 130
481	#define EC_R_INVALID_COFACTOR 131
482	#define EC_R_PUBLIC_KEY_VALIDATION_FAILED 132
483	#define EC_R_INVALID_SCALAR 133
484
485	#endif // OPENSSL_HEADER_EC_H
486

source code of flutter_engine/third_party/boringssl/src/include/openssl/ec.h