Remove DEBUG_SIGN code. Make sure gost_key_unwrap_crypto_pro() returns failure

instead of a printf and a success return, when the operation fails.
author: miod <> 2014-11-09 19:28:44 +0000
committer: miod <> 2014-11-09 19:28:44 +0000
commit: c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4 (patch)
tree: 903ef5867d57997815b9f551b8efea49085c2766
parent: f2c42fa634a7a6cdbdccd6ae03f6cb947aaad95e (diff)
download: openbsd-c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4.tar.gz
openbsd-c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4.tar.bz2
openbsd-c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4.zip
4 files changed, 8 insertions, 38 deletions
diff --git a/src/lib/libcrypto/gost/gost89_keywrap.c b/src/lib/libcrypto/gost/gost89_keywrap.c
index fa7698d3f7..a754c4d56e 100644
--- a/src/lib/libcrypto/gost/gost89_keywrap.c
+++ b/src/lib/libcrypto/gost/gost89_keywrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gost89_keywrap.c,v 1.2 2014/11/09 19:27:29 miod Exp $ */
+/* $OpenBSD: gost89_keywrap.c,v 1.3 2014/11/09 19:28:44 miod Exp $ */
 /*
 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -129,10 +129,9 @@ gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
        Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);
        GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);
-        if (memcmp(cek_mac, wrappedKey + 40, 4)) {
+        if (memcmp(cek_mac, wrappedKey + 40, 4))
-                printf("IMIT Missmatch!\n");
                return 0;
-        }
        return 1;
 }
diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c
index c7001fc1fa..77a84a3657 100644
--- a/src/lib/libcrypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gostr341001_pmeth.c,v 1.3 2014/11/09 19:27:29 miod Exp $ */
+/* $OpenBSD: gostr341001_pmeth.c,v 1.4 2014/11/09 19:28:44 miod Exp $ */
 /*
 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -235,13 +235,6 @@ static int pkey_gost01_sign(EVP_PKEY_CTX * ctx, unsigned char *sig,
        OPENSSL_assert(tbs_len == 32 || tbs_len == 64);
        md = GOST_le2bn(tbs, tbs_len, NULL);
        unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);
-#ifdef DEBUG_SIGN
-        fprintf(stderr, "S.R=");
-        BN_print_fp(stderr, unpacked_sig->r);
-        fprintf(stderr, "\nS.S=");
-        BN_print_fp(stderr, unpacked_sig->s);
-        fprintf(stderr, "\n");
-#endif
        if (!unpacked_sig) {
                return 0;
        }
@@ -281,13 +274,6 @@ static int pkey_gost01_verify(EVP_PKEY_CTX * ctx, const unsigned char *sig,
        md = GOST_le2bn(tbs, tbs_len, NULL);
        if (!md)
                goto err;
-#ifdef DEBUG_SIGN
-        fprintf(stderr, "V.R=");
-        BN_print_fp(stderr, s->r);
-        fprintf(stderr, "\nV.S=");
-        BN_print_fp(stderr, s->s);
-        fprintf(stderr, "\n");
-#endif
        ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
 err:
diff --git a/src/lib/libssl/src/crypto/gost/gost89_keywrap.c b/src/lib/libssl/src/crypto/gost/gost89_keywrap.c
index fa7698d3f7..a754c4d56e 100644
--- a/src/lib/libssl/src/crypto/gost/gost89_keywrap.c
+++ b/src/lib/libssl/src/crypto/gost/gost89_keywrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gost89_keywrap.c,v 1.2 2014/11/09 19:27:29 miod Exp $ */
+/* $OpenBSD: gost89_keywrap.c,v 1.3 2014/11/09 19:28:44 miod Exp $ */
 /*
 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -129,10 +129,9 @@ gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
        Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);
        GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);
-        if (memcmp(cek_mac, wrappedKey + 40, 4)) {
+        if (memcmp(cek_mac, wrappedKey + 40, 4))
-                printf("IMIT Missmatch!\n");
                return 0;
-        }
        return 1;
 }
diff --git a/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c b/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
index c7001fc1fa..77a84a3657 100644
--- a/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
+++ b/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gostr341001_pmeth.c,v 1.3 2014/11/09 19:27:29 miod Exp $ */
+/* $OpenBSD: gostr341001_pmeth.c,v 1.4 2014/11/09 19:28:44 miod Exp $ */
 /*
 * Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
 * Copyright (c) 2005-2006 Cryptocom LTD
@@ -235,13 +235,6 @@ static int pkey_gost01_sign(EVP_PKEY_CTX * ctx, unsigned char *sig,
        OPENSSL_assert(tbs_len == 32 || tbs_len == 64);
        md = GOST_le2bn(tbs, tbs_len, NULL);
        unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);
-#ifdef DEBUG_SIGN
-        fprintf(stderr, "S.R=");
-        BN_print_fp(stderr, unpacked_sig->r);
-        fprintf(stderr, "\nS.S=");
-        BN_print_fp(stderr, unpacked_sig->s);
-        fprintf(stderr, "\n");
-#endif
        if (!unpacked_sig) {
                return 0;
        }
@@ -281,13 +274,6 @@ static int pkey_gost01_verify(EVP_PKEY_CTX * ctx, const unsigned char *sig,
        md = GOST_le2bn(tbs, tbs_len, NULL);
        if (!md)
                goto err;
-#ifdef DEBUG_SIGN
-        fprintf(stderr, "V.R=");
-        BN_print_fp(stderr, s->r);
-        fprintf(stderr, "\nV.S=");
-        BN_print_fp(stderr, s->s);
-        fprintf(stderr, "\n");
-#endif
        ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
 err:
author	miod <>	2014-11-09 19:28:44 +0000
committer	miod <>	2014-11-09 19:28:44 +0000
commit	c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4 (patch)
tree	903ef5867d57997815b9f551b8efea49085c2766
parent	f2c42fa634a7a6cdbdccd6ae03f6cb947aaad95e (diff)
download	openbsd-c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4.tar.gz openbsd-c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4.tar.bz2 openbsd-c1d9655f18e23bace3535b9cbbc0e5faa47eb6f4.zip

diff --git a/src/lib/libcrypto/gost/gost89_keywrap.c b/src/lib/libcrypto/gost/gost89_keywrap.c index fa7698d3f7..a754c4d56e 100644 --- a/src/lib/libcrypto/gost/gost89_keywrap.c +++ b/src/lib/libcrypto/gost/gost89_keywrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gost89_keywrap.c,v 1.2 2014/11/09 19:27:29 miod Exp $ */	1	/* $OpenBSD: gost89_keywrap.c,v 1.3 2014/11/09 19:28:44 miod Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>	3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4	* Copyright (c) 2005-2006 Cryptocom LTD	4	* Copyright (c) 2005-2006 Cryptocom LTD
@@ -129,10 +129,9 @@ gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
129	Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);	129	Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);
130		130
131	GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);	131	GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);
132	if (memcmp(cek_mac, wrappedKey + 40, 4)) {	132	if (memcmp(cek_mac, wrappedKey + 40, 4))
133	printf("IMIT Missmatch!\n");
134	return 0;	133	return 0;
135	}	134
136	return 1;	135	return 1;
137	}	136	}
138		137


diff --git a/src/lib/libcrypto/gost/gostr341001_pmeth.c b/src/lib/libcrypto/gost/gostr341001_pmeth.c index c7001fc1fa..77a84a3657 100644 --- a/src/lib/libcrypto/gost/gostr341001_pmeth.c +++ b/src/lib/libcrypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gostr341001_pmeth.c,v 1.3 2014/11/09 19:27:29 miod Exp $ */	1	/* $OpenBSD: gostr341001_pmeth.c,v 1.4 2014/11/09 19:28:44 miod Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>	3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4	* Copyright (c) 2005-2006 Cryptocom LTD	4	* Copyright (c) 2005-2006 Cryptocom LTD
@@ -235,13 +235,6 @@ static int pkey_gost01_sign(EVP_PKEY_CTX * ctx, unsigned char *sig,
235	OPENSSL_assert(tbs_len == 32 \|\| tbs_len == 64);	235	OPENSSL_assert(tbs_len == 32 \|\| tbs_len == 64);
236	md = GOST_le2bn(tbs, tbs_len, NULL);	236	md = GOST_le2bn(tbs, tbs_len, NULL);
237	unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);	237	unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);
238	#ifdef DEBUG_SIGN
239	fprintf(stderr, "S.R=");
240	BN_print_fp(stderr, unpacked_sig->r);
241	fprintf(stderr, "\nS.S=");
242	BN_print_fp(stderr, unpacked_sig->s);
243	fprintf(stderr, "\n");
244	#endif
245	if (!unpacked_sig) {	238	if (!unpacked_sig) {
246	return 0;	239	return 0;
247	}	240	}
@@ -281,13 +274,6 @@ static int pkey_gost01_verify(EVP_PKEY_CTX * ctx, const unsigned char *sig,
281	md = GOST_le2bn(tbs, tbs_len, NULL);	274	md = GOST_le2bn(tbs, tbs_len, NULL);
282	if (!md)	275	if (!md)
283	goto err;	276	goto err;
284	#ifdef DEBUG_SIGN
285	fprintf(stderr, "V.R=");
286	BN_print_fp(stderr, s->r);
287	fprintf(stderr, "\nV.S=");
288	BN_print_fp(stderr, s->s);
289	fprintf(stderr, "\n");
290	#endif
291	ok = gost2001_do_verify(md, s, pub_key->pkey.gost);	277	ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
292		278
293	err:	279	err:


diff --git a/src/lib/libssl/src/crypto/gost/gost89_keywrap.c b/src/lib/libssl/src/crypto/gost/gost89_keywrap.c index fa7698d3f7..a754c4d56e 100644 --- a/src/lib/libssl/src/crypto/gost/gost89_keywrap.c +++ b/src/lib/libssl/src/crypto/gost/gost89_keywrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gost89_keywrap.c,v 1.2 2014/11/09 19:27:29 miod Exp $ */	1	/* $OpenBSD: gost89_keywrap.c,v 1.3 2014/11/09 19:28:44 miod Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>	3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4	* Copyright (c) 2005-2006 Cryptocom LTD	4	* Copyright (c) 2005-2006 Cryptocom LTD
@@ -129,10 +129,9 @@ gost_key_unwrap_crypto_pro(int nid, const unsigned char *keyExchangeKey,
129	Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);	129	Gost2814789_decrypt(wrappedKey + 8 + 24, sessionKey + 24, &ctx);
130		130
131	GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);	131	GOST2814789IMIT(sessionKey, 32, cek_mac, nid, kek_ukm, wrappedKey);
132	if (memcmp(cek_mac, wrappedKey + 40, 4)) {	132	if (memcmp(cek_mac, wrappedKey + 40, 4))
133	printf("IMIT Missmatch!\n");
134	return 0;	133	return 0;
135	}	134
136	return 1;	135	return 1;
137	}	136	}
138		137


diff --git a/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c b/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c index c7001fc1fa..77a84a3657 100644 --- a/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c +++ b/src/lib/libssl/src/crypto/gost/gostr341001_pmeth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gostr341001_pmeth.c,v 1.3 2014/11/09 19:27:29 miod Exp $ */	1	/* $OpenBSD: gostr341001_pmeth.c,v 1.4 2014/11/09 19:28:44 miod Exp $ */
2	/*	2	/*
3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>	3	* Copyright (c) 2014 Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
4	* Copyright (c) 2005-2006 Cryptocom LTD	4	* Copyright (c) 2005-2006 Cryptocom LTD
@@ -235,13 +235,6 @@ static int pkey_gost01_sign(EVP_PKEY_CTX * ctx, unsigned char *sig,
235	OPENSSL_assert(tbs_len == 32 \|\| tbs_len == 64);	235	OPENSSL_assert(tbs_len == 32 \|\| tbs_len == 64);
236	md = GOST_le2bn(tbs, tbs_len, NULL);	236	md = GOST_le2bn(tbs, tbs_len, NULL);
237	unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);	237	unpacked_sig = gost2001_do_sign(md, pkey->pkey.gost);
238	#ifdef DEBUG_SIGN
239	fprintf(stderr, "S.R=");
240	BN_print_fp(stderr, unpacked_sig->r);
241	fprintf(stderr, "\nS.S=");
242	BN_print_fp(stderr, unpacked_sig->s);
243	fprintf(stderr, "\n");
244	#endif
245	if (!unpacked_sig) {	238	if (!unpacked_sig) {
246	return 0;	239	return 0;
247	}	240	}
@@ -281,13 +274,6 @@ static int pkey_gost01_verify(EVP_PKEY_CTX * ctx, const unsigned char *sig,
281	md = GOST_le2bn(tbs, tbs_len, NULL);	274	md = GOST_le2bn(tbs, tbs_len, NULL);
282	if (!md)	275	if (!md)
283	goto err;	276	goto err;
284	#ifdef DEBUG_SIGN
285	fprintf(stderr, "V.R=");
286	BN_print_fp(stderr, s->r);
287	fprintf(stderr, "\nV.S=");
288	BN_print_fp(stderr, s->s);
289	fprintf(stderr, "\n");
290	#endif
291	ok = gost2001_do_verify(md, s, pub_key->pkey.gost);	277	ok = gost2001_do_verify(md, s, pub_key->pkey.gost);
292		278
293	err:	279	err: