Send the function codes from the error functions to the bit bucket,

as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
author: beck <> 2017-01-29 17:49:23 +0000
committer: beck <> 2017-01-29 17:49:23 +0000
commit: d1f47bd292f36094480caa49ada36b99a69c59b0 (patch)
tree: 1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/ec/ec_mult.c
parent: f8c627888330b75c2eea8a3c27d0efe947a4f9da (diff)
download: openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.gz
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.bz2
openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.zip
1 files changed, 30 insertions, 30 deletions
diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c
index e428ac586b..e44104d21c 100644
--- a/src/lib/libcrypto/ec/ec_mult.c
+++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_mult.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: ec_mult.c,v 1.20 2017/01/29 17:49:23 beck Exp $ */
 /*
 * Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
 */
@@ -107,7 +107,7 @@ ec_pre_comp_new(const EC_GROUP * group)
        ret = malloc(sizeof(EC_PRE_COMP));
        if (!ret) {
-                ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                return ret;
        }
        ret->group = group;
@@ -205,7 +205,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
        if (BN_is_zero(scalar)) {
                r = malloc(1);
                if (!r) {
-                        ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+                        ECerror(ERR_R_MALLOC_FAILURE);
                        goto err;
                }
                r[0] = 0;
@@ -215,7 +215,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
        if (w <= 0 || w > 7) {
                /* 'signed char' can represent integers with
                 * absolute values less than 2^7 */
-                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                ECerror(ERR_R_INTERNAL_ERROR);
                goto err;
        }
        bit = 1 << w;           /* at most 128 */
@@ -226,7 +226,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
                sign = -1;
        }
        if (scalar->d == NULL || scalar->top == 0) {
-                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                ECerror(ERR_R_INTERNAL_ERROR);
                goto err;
        }
        len = BN_num_bits(scalar);
@@ -235,7 +235,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
                                 * set to the actual length, i.e. at most
                                 * BN_num_bits(scalar) + 1) */
        if (r == NULL) {
-                ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
        window_val = scalar->d[0] & mask;
@@ -269,7 +269,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
                        }
                        if (digit <= -bit || digit >= bit || !(digit & 1)) {
-                                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                                ECerror(ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
                        window_val -= digit;
@@ -280,7 +280,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
                         * be 2^w
                         */
                        if (window_val != 0 && window_val != next_bit && window_val != bit) {
-                                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                                ECerror(ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
                }
@@ -290,13 +290,13 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
                window_val += bit * BN_is_bit_set(scalar, j + w);
                if (window_val > next_bit) {
-                        ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                        ECerror(ERR_R_INTERNAL_ERROR);
                        goto err;
                }
        }
        if (j > len + 1) {
-                ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);
+                ECerror(ERR_R_INTERNAL_ERROR);
                goto err;
        }
        len = j;
@@ -363,7 +363,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
        int ret = 0;
        if (group->meth != r->meth) {
-                ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
+                ECerror(EC_R_INCOMPATIBLE_OBJECTS);
                return 0;
        }
        if ((scalar == NULL) && (num == 0)) {
@@ -371,7 +371,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
        }
        for (i = 0; i < num; i++) {
                if (group->meth != points[i]->meth) {
-                        ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);
+                        ECerror(EC_R_INCOMPATIBLE_OBJECTS);
                        return 0;
                }
        }
@@ -384,7 +384,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
        if (scalar != NULL) {
                generator = EC_GROUP_get0_generator(group);
                if (generator == NULL) {
-                        ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR);
+                        ECerror(EC_R_UNDEFINED_GENERATOR);
                        goto err;
                }
                /* look if we can use precomputed multiples of generator */
@@ -413,7 +413,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                        /* check that pre_comp looks sane */
                        if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
-                                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                                ECerror(ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
                } else {
@@ -429,7 +429,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
        /* includes space for pivot */
        wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
        if (wNAF == NULL) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
@@ -440,7 +440,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
        val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
        if (wsize == NULL || wNAF_len == NULL || val_sub == NULL) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
@@ -466,7 +466,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                if (pre_comp == NULL) {
                        if (num_scalar != 1) {
-                                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                                ECerror(ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
                        /* we have already generated a wNAF for 'scalar' */
@@ -474,7 +474,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                        size_t tmp_len = 0;
                        if (num_scalar != 0) {
-                                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                                ECerror(ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
                        /*
@@ -524,7 +524,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                                         */
                                        numblocks = (tmp_len + blocksize - 1) / blocksize;
                                        if (numblocks > pre_comp->numblocks) {
-                                                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                                                ECerror(ERR_R_INTERNAL_ERROR);
                                                goto err;
                                        }
                                        totalnum = num + numblocks;
@@ -537,7 +537,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                                        if (i < totalnum - 1) {
                                                wNAF_len[i] = blocksize;
                                                if (tmp_len < blocksize) {
-                                                        ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                                                        ECerror(ERR_R_INTERNAL_ERROR);
                                                        goto err;
                                                }
                                                tmp_len -= blocksize;
@@ -553,7 +553,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                                        wNAF[i + 1] = NULL;
                                        wNAF[i] = malloc(wNAF_len[i]);
                                        if (wNAF[i] == NULL) {
-                                                ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                                                ECerror(ERR_R_MALLOC_FAILURE);
                                                goto err;
                                        }
                                        memcpy(wNAF[i], pp, wNAF_len[i]);
@@ -561,7 +561,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                                                max_len = wNAF_len[i];
                                        if (*tmp_points == NULL) {
-                                                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                                                ECerror(ERR_R_INTERNAL_ERROR);
                                                goto err;
                                        }
                                        val_sub[i] = tmp_points;
@@ -579,7 +579,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
         */
        val = reallocarray(NULL, (num_val + 1), sizeof val[0]);
        if (val == NULL) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
        val[num_val] = NULL;    /* pivot element */
@@ -596,7 +596,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
                }
        }
        if (!(v == val + num_val)) {
-                ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);
+                ECerror(ERR_R_INTERNAL_ERROR);
                goto err;
        }
        if (!(tmp = EC_POINT_new(group)))
@@ -743,7 +743,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
        generator = EC_GROUP_get0_generator(group);
        if (generator == NULL) {
-                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR);
+                ECerror(EC_R_UNDEFINED_GENERATOR);
                goto err;
        }
        if (ctx == NULL) {
@@ -758,7 +758,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
        if (!EC_GROUP_get_order(group, order, ctx))
                goto err;
        if (BN_is_zero(order)) {
-                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER);
+                ECerror(EC_R_UNKNOWN_ORDER);
                goto err;
        }
        bits = BN_num_bits(order);
@@ -786,20 +786,20 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
        points = reallocarray(NULL, (num + 1), sizeof(EC_POINT *));
        if (!points) {
-                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
        var = points;
        var[num] = NULL;        /* pivot */
        for (i = 0; i < num; i++) {
                if ((var[i] = EC_POINT_new(group)) == NULL) {
-                        ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
+                        ECerror(ERR_R_MALLOC_FAILURE);
                        goto err;
                }
        }
        if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) {
-                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);
+                ECerror(ERR_R_MALLOC_FAILURE);
                goto err;
        }
        if (!EC_POINT_copy(base, generator))
@@ -829,7 +829,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
                        size_t k;
                        if (blocksize <= 2) {
-                                ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR);
+                                ECerror(ERR_R_INTERNAL_ERROR);
                                goto err;
                        }
                        if (!EC_POINT_dbl(group, base, tmp_point, ctx))
author	beck <>	2017-01-29 17:49:23 +0000
committer	beck <>	2017-01-29 17:49:23 +0000
commit	d1f47bd292f36094480caa49ada36b99a69c59b0 (patch)
tree	1a54abba678898ee5270ae4f3404a50ee9a92eea /src/lib/libcrypto/ec/ec_mult.c
parent	f8c627888330b75c2eea8a3c27d0efe947a4f9da (diff)
download	openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.gz openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.tar.bz2 openbsd-d1f47bd292f36094480caa49ada36b99a69c59b0.zip

diff --git a/src/lib/libcrypto/ec/ec_mult.c b/src/lib/libcrypto/ec/ec_mult.c index e428ac586b..e44104d21c 100644 --- a/src/lib/libcrypto/ec/ec_mult.c +++ b/src/lib/libcrypto/ec/ec_mult.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ec_mult.c,v 1.19 2015/09/10 15:56:25 jsing Exp $ */	1	/* $OpenBSD: ec_mult.c,v 1.20 2017/01/29 17:49:23 beck Exp $ */
2	/*	2	/*
3	* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.	3	* Originally written by Bodo Moeller and Nils Larsch for the OpenSSL project.
4	*/	4	*/
@@ -107,7 +107,7 @@ ec_pre_comp_new(const EC_GROUP * group)
107		107
108	ret = malloc(sizeof(EC_PRE_COMP));	108	ret = malloc(sizeof(EC_PRE_COMP));
109	if (!ret) {	109	if (!ret) {
110	ECerr(EC_F_EC_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE);	110	ECerror(ERR_R_MALLOC_FAILURE);
111	return ret;	111	return ret;
112	}	112	}
113	ret->group = group;	113	ret->group = group;
@@ -205,7 +205,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
205	if (BN_is_zero(scalar)) {	205	if (BN_is_zero(scalar)) {
206	r = malloc(1);	206	r = malloc(1);
207	if (!r) {	207	if (!r) {
208	ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);	208	ECerror(ERR_R_MALLOC_FAILURE);
209	goto err;	209	goto err;
210	}	210	}
211	r[0] = 0;	211	r[0] = 0;
@@ -215,7 +215,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
215	if (w <= 0 \|\| w > 7) {	215	if (w <= 0 \|\| w > 7) {
216	/* 'signed char' can represent integers with	216	/* 'signed char' can represent integers with
217	* absolute values less than 2^7 */	217	* absolute values less than 2^7 */
218	ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);	218	ECerror(ERR_R_INTERNAL_ERROR);
219	goto err;	219	goto err;
220	}	220	}
221	bit = 1 << w; /* at most 128 */	221	bit = 1 << w; /* at most 128 */
@@ -226,7 +226,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
226	sign = -1;	226	sign = -1;
227	}	227	}
228	if (scalar->d == NULL \|\| scalar->top == 0) {	228	if (scalar->d == NULL \|\| scalar->top == 0) {
229	ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);	229	ECerror(ERR_R_INTERNAL_ERROR);
230	goto err;	230	goto err;
231	}	231	}
232	len = BN_num_bits(scalar);	232	len = BN_num_bits(scalar);
@@ -235,7 +235,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
235	* set to the actual length, i.e. at most	235	* set to the actual length, i.e. at most
236	* BN_num_bits(scalar) + 1) */	236	* BN_num_bits(scalar) + 1) */
237	if (r == NULL) {	237	if (r == NULL) {
238	ECerr(EC_F_COMPUTE_WNAF, ERR_R_MALLOC_FAILURE);	238	ECerror(ERR_R_MALLOC_FAILURE);
239	goto err;	239	goto err;
240	}	240	}
241	window_val = scalar->d[0] & mask;	241	window_val = scalar->d[0] & mask;
@@ -269,7 +269,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
269	}	269	}
270		270
271	if (digit <= -bit \|\| digit >= bit \|\| !(digit & 1)) {	271	if (digit <= -bit \|\| digit >= bit \|\| !(digit & 1)) {
272	ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);	272	ECerror(ERR_R_INTERNAL_ERROR);
273	goto err;	273	goto err;
274	}	274	}
275	window_val -= digit;	275	window_val -= digit;
@@ -280,7 +280,7 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
280	* be 2^w	280	* be 2^w
281	*/	281	*/
282	if (window_val != 0 && window_val != next_bit && window_val != bit) {	282	if (window_val != 0 && window_val != next_bit && window_val != bit) {
283	ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);	283	ECerror(ERR_R_INTERNAL_ERROR);
284	goto err;	284	goto err;
285	}	285	}
286	}	286	}
@@ -290,13 +290,13 @@ compute_wNAF(const BIGNUM * scalar, int w, size_t * ret_len)
290	window_val += bit * BN_is_bit_set(scalar, j + w);	290	window_val += bit * BN_is_bit_set(scalar, j + w);
291		291
292	if (window_val > next_bit) {	292	if (window_val > next_bit) {
293	ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);	293	ECerror(ERR_R_INTERNAL_ERROR);
294	goto err;	294	goto err;
295	}	295	}
296	}	296	}
297		297
298	if (j > len + 1) {	298	if (j > len + 1) {
299	ECerr(EC_F_COMPUTE_WNAF, ERR_R_INTERNAL_ERROR);	299	ECerror(ERR_R_INTERNAL_ERROR);
300	goto err;	300	goto err;
301	}	301	}
302	len = j;	302	len = j;
@@ -363,7 +363,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
363	int ret = 0;	363	int ret = 0;
364		364
365	if (group->meth != r->meth) {	365	if (group->meth != r->meth) {
366	ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);	366	ECerror(EC_R_INCOMPATIBLE_OBJECTS);
367	return 0;	367	return 0;
368	}	368	}
369	if ((scalar == NULL) && (num == 0)) {	369	if ((scalar == NULL) && (num == 0)) {
@@ -371,7 +371,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
371	}	371	}
372	for (i = 0; i < num; i++) {	372	for (i = 0; i < num; i++) {
373	if (group->meth != points[i]->meth) {	373	if (group->meth != points[i]->meth) {
374	ECerr(EC_F_EC_WNAF_MUL, EC_R_INCOMPATIBLE_OBJECTS);	374	ECerror(EC_R_INCOMPATIBLE_OBJECTS);
375	return 0;	375	return 0;
376	}	376	}
377	}	377	}
@@ -384,7 +384,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
384	if (scalar != NULL) {	384	if (scalar != NULL) {
385	generator = EC_GROUP_get0_generator(group);	385	generator = EC_GROUP_get0_generator(group);
386	if (generator == NULL) {	386	if (generator == NULL) {
387	ECerr(EC_F_EC_WNAF_MUL, EC_R_UNDEFINED_GENERATOR);	387	ECerror(EC_R_UNDEFINED_GENERATOR);
388	goto err;	388	goto err;
389	}	389	}
390	/* look if we can use precomputed multiples of generator */	390	/* look if we can use precomputed multiples of generator */
@@ -413,7 +413,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
413		413
414	/* check that pre_comp looks sane */	414	/* check that pre_comp looks sane */
415	if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {	415	if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) {
416	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	416	ECerror(ERR_R_INTERNAL_ERROR);
417	goto err;	417	goto err;
418	}	418	}
419	} else {	419	} else {
@@ -429,7 +429,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
429	/* includes space for pivot */	429	/* includes space for pivot */
430	wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);	430	wNAF = reallocarray(NULL, (totalnum + 1), sizeof wNAF[0]);
431	if (wNAF == NULL) {	431	if (wNAF == NULL) {
432	ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);	432	ECerror(ERR_R_MALLOC_FAILURE);
433	goto err;	433	goto err;
434	}	434	}
435		435
@@ -440,7 +440,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
440	val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);	440	val_sub = reallocarray(NULL, totalnum, sizeof val_sub[0]);
441		441
442	if (wsize == NULL \|\| wNAF_len == NULL \|\| val_sub == NULL) {	442	if (wsize == NULL \|\| wNAF_len == NULL \|\| val_sub == NULL) {
443	ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);	443	ECerror(ERR_R_MALLOC_FAILURE);
444	goto err;	444	goto err;
445	}	445	}
446		446
@@ -466,7 +466,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
466		466
467	if (pre_comp == NULL) {	467	if (pre_comp == NULL) {
468	if (num_scalar != 1) {	468	if (num_scalar != 1) {
469	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	469	ECerror(ERR_R_INTERNAL_ERROR);
470	goto err;	470	goto err;
471	}	471	}
472	/* we have already generated a wNAF for 'scalar' */	472	/* we have already generated a wNAF for 'scalar' */
@@ -474,7 +474,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
474	size_t tmp_len = 0;	474	size_t tmp_len = 0;
475		475
476	if (num_scalar != 0) {	476	if (num_scalar != 0) {
477	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	477	ECerror(ERR_R_INTERNAL_ERROR);
478	goto err;	478	goto err;
479	}	479	}
480	/*	480	/*
@@ -524,7 +524,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
524	*/	524	*/
525	numblocks = (tmp_len + blocksize - 1) / blocksize;	525	numblocks = (tmp_len + blocksize - 1) / blocksize;
526	if (numblocks > pre_comp->numblocks) {	526	if (numblocks > pre_comp->numblocks) {
527	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	527	ECerror(ERR_R_INTERNAL_ERROR);
528	goto err;	528	goto err;
529	}	529	}
530	totalnum = num + numblocks;	530	totalnum = num + numblocks;
@@ -537,7 +537,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
537	if (i < totalnum - 1) {	537	if (i < totalnum - 1) {
538	wNAF_len[i] = blocksize;	538	wNAF_len[i] = blocksize;
539	if (tmp_len < blocksize) {	539	if (tmp_len < blocksize) {
540	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	540	ECerror(ERR_R_INTERNAL_ERROR);
541	goto err;	541	goto err;
542	}	542	}
543	tmp_len -= blocksize;	543	tmp_len -= blocksize;
@@ -553,7 +553,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
553	wNAF[i + 1] = NULL;	553	wNAF[i + 1] = NULL;
554	wNAF[i] = malloc(wNAF_len[i]);	554	wNAF[i] = malloc(wNAF_len[i]);
555	if (wNAF[i] == NULL) {	555	if (wNAF[i] == NULL) {
556	ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);	556	ECerror(ERR_R_MALLOC_FAILURE);
557	goto err;	557	goto err;
558	}	558	}
559	memcpy(wNAF[i], pp, wNAF_len[i]);	559	memcpy(wNAF[i], pp, wNAF_len[i]);
@@ -561,7 +561,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
561	max_len = wNAF_len[i];	561	max_len = wNAF_len[i];
562		562
563	if (*tmp_points == NULL) {	563	if (*tmp_points == NULL) {
564	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	564	ECerror(ERR_R_INTERNAL_ERROR);
565	goto err;	565	goto err;
566	}	566	}
567	val_sub[i] = tmp_points;	567	val_sub[i] = tmp_points;
@@ -579,7 +579,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
579	*/	579	*/
580	val = reallocarray(NULL, (num_val + 1), sizeof val[0]);	580	val = reallocarray(NULL, (num_val + 1), sizeof val[0]);
581	if (val == NULL) {	581	if (val == NULL) {
582	ECerr(EC_F_EC_WNAF_MUL, ERR_R_MALLOC_FAILURE);	582	ECerror(ERR_R_MALLOC_FAILURE);
583	goto err;	583	goto err;
584	}	584	}
585	val[num_val] = NULL; /* pivot element */	585	val[num_val] = NULL; /* pivot element */
@@ -596,7 +596,7 @@ ec_wNAF_mul(const EC_GROUP * group, EC_POINT * r, const BIGNUM * scalar,
596	}	596	}
597	}	597	}
598	if (!(v == val + num_val)) {	598	if (!(v == val + num_val)) {
599	ECerr(EC_F_EC_WNAF_MUL, ERR_R_INTERNAL_ERROR);	599	ECerror(ERR_R_INTERNAL_ERROR);
600	goto err;	600	goto err;
601	}	601	}
602	if (!(tmp = EC_POINT_new(group)))	602	if (!(tmp = EC_POINT_new(group)))
@@ -743,7 +743,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
743		743
744	generator = EC_GROUP_get0_generator(group);	744	generator = EC_GROUP_get0_generator(group);
745	if (generator == NULL) {	745	if (generator == NULL) {
746	ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNDEFINED_GENERATOR);	746	ECerror(EC_R_UNDEFINED_GENERATOR);
747	goto err;	747	goto err;
748	}	748	}
749	if (ctx == NULL) {	749	if (ctx == NULL) {
@@ -758,7 +758,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
758	if (!EC_GROUP_get_order(group, order, ctx))	758	if (!EC_GROUP_get_order(group, order, ctx))
759	goto err;	759	goto err;
760	if (BN_is_zero(order)) {	760	if (BN_is_zero(order)) {
761	ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, EC_R_UNKNOWN_ORDER);	761	ECerror(EC_R_UNKNOWN_ORDER);
762	goto err;	762	goto err;
763	}	763	}
764	bits = BN_num_bits(order);	764	bits = BN_num_bits(order);
@@ -786,20 +786,20 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
786		786
787	points = reallocarray(NULL, (num + 1), sizeof(EC_POINT *));	787	points = reallocarray(NULL, (num + 1), sizeof(EC_POINT *));
788	if (!points) {	788	if (!points) {
789	ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);	789	ECerror(ERR_R_MALLOC_FAILURE);
790	goto err;	790	goto err;
791	}	791	}
792	var = points;	792	var = points;
793	var[num] = NULL; /* pivot */	793	var[num] = NULL; /* pivot */
794	for (i = 0; i < num; i++) {	794	for (i = 0; i < num; i++) {
795	if ((var[i] = EC_POINT_new(group)) == NULL) {	795	if ((var[i] = EC_POINT_new(group)) == NULL) {
796	ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);	796	ECerror(ERR_R_MALLOC_FAILURE);
797	goto err;	797	goto err;
798	}	798	}
799	}	799	}
800		800
801	if (!(tmp_point = EC_POINT_new(group)) \|\| !(base = EC_POINT_new(group))) {	801	if (!(tmp_point = EC_POINT_new(group)) \|\| !(base = EC_POINT_new(group))) {
802	ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_MALLOC_FAILURE);	802	ECerror(ERR_R_MALLOC_FAILURE);
803	goto err;	803	goto err;
804	}	804	}
805	if (!EC_POINT_copy(base, generator))	805	if (!EC_POINT_copy(base, generator))
@@ -829,7 +829,7 @@ ec_wNAF_precompute_mult(EC_GROUP * group, BN_CTX * ctx)
829	size_t k;	829	size_t k;
830		830
831	if (blocksize <= 2) {	831	if (blocksize <= 2) {
832	ECerr(EC_F_EC_WNAF_PRECOMPUTE_MULT, ERR_R_INTERNAL_ERROR);	832	ECerror(ERR_R_INTERNAL_ERROR);
833	goto err;	833	goto err;
834	}	834	}
835	if (!EC_POINT_dbl(group, base, tmp_point, ctx))	835	if (!EC_POINT_dbl(group, base, tmp_point, ctx))