diff options
| author | tb <> | 2023-07-03 07:28:05 +0000 |
|---|---|---|
| committer | tb <> | 2023-07-03 07:28:05 +0000 |
| commit | f0653b5aa22cb4244de7397a0020c37a8297d07d (patch) | |
| tree | e51010d4ffd92a3c34946d382c6e4b79416a0d61 | |
| parent | 7ff067a06a4219e0119ba4cfcadd91922b9696f7 (diff) | |
| download | openbsd-f0653b5aa22cb4244de7397a0020c37a8297d07d.tar.gz openbsd-f0653b5aa22cb4244de7397a0020c37a8297d07d.tar.bz2 openbsd-f0653b5aa22cb4244de7397a0020c37a8297d07d.zip | |
Switch ECDSA code to using EC_GROUP_get0_order()
ok jsing
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecs_ossl.c | 42 |
1 files changed, 17 insertions, 25 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c index 0a2482daa6..abf6b3b385 100644 --- a/src/lib/libcrypto/ecdsa/ecs_ossl.c +++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecs_ossl.c,v 1.47 2023/07/03 05:48:18 tb Exp $ */ | 1 | /* $OpenBSD: ecs_ossl.c,v 1.48 2023/07/03 07:28:05 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Nils Larsch for the OpenSSL project | 3 | * Written by Nils Larsch for the OpenSSL project |
| 4 | */ | 4 | */ |
| @@ -70,11 +70,11 @@ | |||
| 70 | #include "ecs_local.h" | 70 | #include "ecs_local.h" |
| 71 | 71 | ||
| 72 | static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, | 72 | static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, |
| 73 | BIGNUM *order, BIGNUM *ret); | 73 | const BIGNUM *order, BIGNUM *ret); |
| 74 | 74 | ||
| 75 | static int | 75 | static int |
| 76 | ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, BIGNUM *order, | 76 | ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, |
| 77 | BIGNUM *ret) | 77 | const BIGNUM *order, BIGNUM *ret) |
| 78 | { | 78 | { |
| 79 | int dgst_bits, order_bits; | 79 | int dgst_bits, order_bits; |
| 80 | 80 | ||
| @@ -129,7 +129,8 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, | |||
| 129 | EC_POINT *point = NULL; | 129 | EC_POINT *point = NULL; |
| 130 | BN_CTX *ctx = NULL; | 130 | BN_CTX *ctx = NULL; |
| 131 | BIGNUM *k = NULL, *r = NULL; | 131 | BIGNUM *k = NULL, *r = NULL; |
| 132 | BIGNUM *order, *x; | 132 | const BIGNUM *order; |
| 133 | BIGNUM *x; | ||
| 133 | int order_bits; | 134 | int order_bits; |
| 134 | int ret = 0; | 135 | int ret = 0; |
| 135 | 136 | ||
| @@ -158,8 +159,6 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, | |||
| 158 | 159 | ||
| 159 | BN_CTX_start(ctx); | 160 | BN_CTX_start(ctx); |
| 160 | 161 | ||
| 161 | if ((order = BN_CTX_get(ctx)) == NULL) | ||
| 162 | goto err; | ||
| 163 | if ((x = BN_CTX_get(ctx)) == NULL) | 162 | if ((x = BN_CTX_get(ctx)) == NULL) |
| 164 | goto err; | 163 | goto err; |
| 165 | 164 | ||
| @@ -167,7 +166,7 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, | |||
| 167 | ECDSAerror(ERR_R_EC_LIB); | 166 | ECDSAerror(ERR_R_EC_LIB); |
| 168 | goto err; | 167 | goto err; |
| 169 | } | 168 | } |
| 170 | if (!EC_GROUP_get_order(group, order, ctx)) { | 169 | if ((order = EC_GROUP_get0_order(group)) == NULL) { |
| 171 | ECDSAerror(ERR_R_EC_LIB); | 170 | ECDSAerror(ERR_R_EC_LIB); |
| 172 | goto err; | 171 | goto err; |
| 173 | } | 172 | } |
| @@ -270,8 +269,8 @@ ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, | |||
| 270 | const EC_GROUP *group; | 269 | const EC_GROUP *group; |
| 271 | BN_CTX *ctx = NULL; | 270 | BN_CTX *ctx = NULL; |
| 272 | BIGNUM *kinv = NULL, *r = NULL, *s = NULL; | 271 | BIGNUM *kinv = NULL, *r = NULL, *s = NULL; |
| 273 | BIGNUM *b, *binv, *bm, *bxr, *m, *order; | 272 | BIGNUM *b, *binv, *bm, *bxr, *m; |
| 274 | const BIGNUM *ckinv, *priv_key; | 273 | const BIGNUM *ckinv, *order, *priv_key; |
| 275 | int attempts = 0; | 274 | int attempts = 0; |
| 276 | ECDSA_SIG *sig = NULL; | 275 | ECDSA_SIG *sig = NULL; |
| 277 | 276 | ||
| @@ -299,8 +298,6 @@ ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, | |||
| 299 | 298 | ||
| 300 | BN_CTX_start(ctx); | 299 | BN_CTX_start(ctx); |
| 301 | 300 | ||
| 302 | if ((order = BN_CTX_get(ctx)) == NULL) | ||
| 303 | goto err; | ||
| 304 | if ((b = BN_CTX_get(ctx)) == NULL) | 301 | if ((b = BN_CTX_get(ctx)) == NULL) |
| 305 | goto err; | 302 | goto err; |
| 306 | if ((binv = BN_CTX_get(ctx)) == NULL) | 303 | if ((binv = BN_CTX_get(ctx)) == NULL) |
| @@ -312,7 +309,7 @@ ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, | |||
| 312 | if ((m = BN_CTX_get(ctx)) == NULL) | 309 | if ((m = BN_CTX_get(ctx)) == NULL) |
| 313 | goto err; | 310 | goto err; |
| 314 | 311 | ||
| 315 | if (!EC_GROUP_get_order(group, order, ctx)) { | 312 | if ((order = EC_GROUP_get0_order(group)) == NULL) { |
| 316 | ECDSAerror(ERR_R_EC_LIB); | 313 | ECDSAerror(ERR_R_EC_LIB); |
| 317 | goto err; | 314 | goto err; |
| 318 | } | 315 | } |
| @@ -454,10 +451,11 @@ ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG * | |||
| 454 | EC_KEY *eckey) | 451 | EC_KEY *eckey) |
| 455 | { | 452 | { |
| 456 | BN_CTX *ctx; | 453 | BN_CTX *ctx; |
| 457 | BIGNUM *order, *u1, *u2, *m, *x; | 454 | BIGNUM *u1, *u2, *m, *x; |
| 458 | EC_POINT *point = NULL; | 455 | EC_POINT *point = NULL; |
| 459 | const EC_GROUP *group; | 456 | const EC_GROUP *group; |
| 460 | const EC_POINT *pub_key; | 457 | const EC_POINT *pub_key; |
| 458 | const BIGNUM *order; | ||
| 461 | int ret = -1; | 459 | int ret = -1; |
| 462 | 460 | ||
| 463 | if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || | 461 | if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || |
| @@ -471,7 +469,6 @@ ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG * | |||
| 471 | return -1; | 469 | return -1; |
| 472 | } | 470 | } |
| 473 | BN_CTX_start(ctx); | 471 | BN_CTX_start(ctx); |
| 474 | order = BN_CTX_get(ctx); | ||
| 475 | u1 = BN_CTX_get(ctx); | 472 | u1 = BN_CTX_get(ctx); |
| 476 | u2 = BN_CTX_get(ctx); | 473 | u2 = BN_CTX_get(ctx); |
| 477 | m = BN_CTX_get(ctx); | 474 | m = BN_CTX_get(ctx); |
| @@ -481,7 +478,7 @@ ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG * | |||
| 481 | goto err; | 478 | goto err; |
| 482 | } | 479 | } |
| 483 | 480 | ||
| 484 | if (!EC_GROUP_get_order(group, order, ctx)) { | 481 | if ((order = EC_GROUP_get0_order(group)) == NULL) { |
| 485 | ECDSAerror(ERR_R_EC_LIB); | 482 | ECDSAerror(ERR_R_EC_LIB); |
| 486 | goto err; | 483 | goto err; |
| 487 | } | 484 | } |
| @@ -611,7 +608,7 @@ int | |||
| 611 | ECDSA_size(const EC_KEY *r) | 608 | ECDSA_size(const EC_KEY *r) |
| 612 | { | 609 | { |
| 613 | const EC_GROUP *group; | 610 | const EC_GROUP *group; |
| 614 | BIGNUM *order = NULL; | 611 | const BIGNUM *order = NULL; |
| 615 | ECDSA_SIG signature; | 612 | ECDSA_SIG signature; |
| 616 | int ret = 0; | 613 | int ret = 0; |
| 617 | 614 | ||
| @@ -621,20 +618,15 @@ ECDSA_size(const EC_KEY *r) | |||
| 621 | if ((group = EC_KEY_get0_group(r)) == NULL) | 618 | if ((group = EC_KEY_get0_group(r)) == NULL) |
| 622 | goto err; | 619 | goto err; |
| 623 | 620 | ||
| 624 | if ((order = BN_new()) == NULL) | 621 | if ((order = EC_GROUP_get0_order(group)) == NULL) |
| 625 | goto err; | 622 | goto err; |
| 626 | 623 | ||
| 627 | if (!EC_GROUP_get_order(group, order, NULL)) | 624 | signature.r = (BIGNUM *)order; |
| 628 | goto err; | 625 | signature.s = (BIGNUM *)order; |
| 629 | |||
| 630 | signature.r = order; | ||
| 631 | signature.s = order; | ||
| 632 | 626 | ||
| 633 | if ((ret = i2d_ECDSA_SIG(&signature, NULL)) < 0) | 627 | if ((ret = i2d_ECDSA_SIG(&signature, NULL)) < 0) |
| 634 | ret = 0; | 628 | ret = 0; |
| 635 | 629 | ||
| 636 | err: | 630 | err: |
| 637 | BN_free(order); | ||
| 638 | |||
| 639 | return ret; | 631 | return ret; |
| 640 | } | 632 | } |