diff options
| author | jsing <> | 2023-04-11 18:58:20 +0000 |
|---|---|---|
| committer | jsing <> | 2023-04-11 18:58:20 +0000 |
| commit | 28c1968b342ae3ee2e863c4a47a59d90c3d7da9c (patch) | |
| tree | 566c48c290ac86140f8df6c959b74661e1d596a7 /src/lib/libcrypto/ec/ec_check.c | |
| parent | d64e2f3567e88a542a225f4ab620c2851bd7f9e7 (diff) | |
| download | openbsd-28c1968b342ae3ee2e863c4a47a59d90c3d7da9c.tar.gz openbsd-28c1968b342ae3ee2e863c4a47a59d90c3d7da9c.tar.bz2 openbsd-28c1968b342ae3ee2e863c4a47a59d90c3d7da9c.zip | |
Handle BN_CTX at the EC API boundary.
The EC API allows callers to optionally pass in a BN_CTX, which means that
any code needing a BN_CTX has to check if one was provided, allocate one if
not, then free it again. Rather than doing this dance throughout the EC
code, handle the BN_CTX existance at the EC API boundary. This means that
lower level implementation code can simply assume that the BN_CTX is
available.
ok tb@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_check.c | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/src/lib/libcrypto/ec/ec_check.c b/src/lib/libcrypto/ec/ec_check.c index 5c6165e129..4e065c739a 100644 --- a/src/lib/libcrypto/ec/ec_check.c +++ b/src/lib/libcrypto/ec/ec_check.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_check.c,v 1.12 2022/11/26 16:08:52 tb Exp $ */ | 1 | /* $OpenBSD: ec_check.c,v 1.13 2023/04/11 18:58:20 jsing Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -57,21 +57,20 @@ | |||
| 57 | #include <openssl/err.h> | 57 | #include <openssl/err.h> |
| 58 | 58 | ||
| 59 | int | 59 | int |
| 60 | EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) | 60 | EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx_in) |
| 61 | { | 61 | { |
| 62 | int ret = 0; | 62 | BN_CTX *ctx; |
| 63 | BIGNUM *order; | 63 | BIGNUM *order; |
| 64 | BN_CTX *new_ctx = NULL; | ||
| 65 | EC_POINT *point = NULL; | 64 | EC_POINT *point = NULL; |
| 65 | int ret = 0; | ||
| 66 | |||
| 67 | if ((ctx = ctx_in) == NULL) | ||
| 68 | ctx = BN_CTX_new(); | ||
| 69 | if (ctx == NULL) | ||
| 70 | goto err; | ||
| 66 | 71 | ||
| 67 | if (ctx == NULL) { | ||
| 68 | ctx = new_ctx = BN_CTX_new(); | ||
| 69 | if (ctx == NULL) { | ||
| 70 | ECerror(ERR_R_MALLOC_FAILURE); | ||
| 71 | goto err; | ||
| 72 | } | ||
| 73 | } | ||
| 74 | BN_CTX_start(ctx); | 72 | BN_CTX_start(ctx); |
| 73 | |||
| 75 | if ((order = BN_CTX_get(ctx)) == NULL) | 74 | if ((order = BN_CTX_get(ctx)) == NULL) |
| 76 | goto err; | 75 | goto err; |
| 77 | 76 | ||
| @@ -104,12 +103,16 @@ EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx) | |||
| 104 | ECerror(EC_R_INVALID_GROUP_ORDER); | 103 | ECerror(EC_R_INVALID_GROUP_ORDER); |
| 105 | goto err; | 104 | goto err; |
| 106 | } | 105 | } |
| 106 | |||
| 107 | ret = 1; | 107 | ret = 1; |
| 108 | 108 | ||
| 109 | err: | 109 | err: |
| 110 | if (ctx != NULL) | 110 | BN_CTX_end(ctx); |
| 111 | BN_CTX_end(ctx); | 111 | |
| 112 | BN_CTX_free(new_ctx); | 112 | if (ctx != ctx_in) |
| 113 | BN_CTX_free(ctx); | ||
| 114 | |||
| 113 | EC_POINT_free(point); | 115 | EC_POINT_free(point); |
| 116 | |||
| 114 | return ret; | 117 | return ret; |
| 115 | } | 118 | } |