Move compressed coordinate setting into public API

Now that it is method-agnostic, we can remove the method and move the implementation to the body of the public API function. And another method goes away. We're soon down to the ones we really need. discussed with jsing
author: tb <> 2025-01-11 15:02:42 +0000
committer: tb <> 2025-01-11 15:02:42 +0000
commit: 8bbda20016e5c5fe4b795ed53292cc98a0c9232f (patch)
tree: 292a6d20431880d1a728f0dc021debd5765db59f /src/lib/libcrypto/ec/ecp_methods.c
parent: 793c33000da18d1042676e579534a57987870576 (diff)
download: openbsd-8bbda20016e5c5fe4b795ed53292cc98a0c9232f.tar.gz
openbsd-8bbda20016e5c5fe4b795ed53292cc98a0c9232f.tar.bz2
openbsd-8bbda20016e5c5fe4b795ed53292cc98a0c9232f.zip
1 files changed, 1 insertions, 97 deletions
diff --git a/src/lib/libcrypto/ec/ecp_methods.c b/src/lib/libcrypto/ec/ecp_methods.c
index 57efce0366..66bde292a8 100644
--- a/src/lib/libcrypto/ec/ecp_methods.c
+++ b/src/lib/libcrypto/ec/ecp_methods.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_methods.c,v 1.30 2025/01/11 14:53:46 tb Exp $ */
+/* $OpenBSD: ecp_methods.c,v 1.31 2025/01/11 15:02:42 tb Exp $ */
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * for the OpenSSL project.
 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -276,100 +276,6 @@ ec_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
 }
 static int
-ec_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point,
-    const BIGNUM *in_x, int y_bit, BN_CTX *ctx)
-{
-        BIGNUM *p, *a, *b, *w, *x, *y;
-        int ret = 0;
-        y_bit = (y_bit != 0);
-        BN_CTX_start(ctx);
-        if ((p = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((a = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((b = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((w = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((x = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((y = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        /*
-         * Weierstrass equation: y^2 = x^3 + ax + b, so y is one of the
-         * square roots of x^3 + ax + b. The y-bit indicates which one.
-         */
-        if (!EC_GROUP_get_curve(group, p, a, b, ctx))
-                goto err;
-        /* XXX - should we not insist on 0 <= x < p instead? */
-        if (!BN_nnmod(x, in_x, p, ctx))
-                goto err;
-        /* y = x^3 */
-        if (!BN_mod_sqr(y, x, p, ctx))
-                goto err;
-        if (!BN_mod_mul(y, y, x, p, ctx))
-                goto err;
-        /* y += ax */
-        if (group->a_is_minus3) {
-                if (!BN_mod_lshift1_quick(w, x, p))
-                        goto err;
-                if (!BN_mod_add_quick(w, w, x, p))
-                        goto err;
-                if (!BN_mod_sub_quick(y, y, w, p))
-                        goto err;
-        } else {
-                if (!BN_mod_mul(w, a, x, p, ctx))
-                        goto err;
-                if (!BN_mod_add_quick(y, y, w, p))
-                        goto err;
-        }
-        /* y += b */
-        if (!BN_mod_add_quick(y, y, b, p))
-                goto err;
-        if (!BN_mod_sqrt(y, y, p, ctx)) {
-                ECerror(EC_R_INVALID_COMPRESSED_POINT);
-                goto err;
-        }
-        if (y_bit == BN_is_odd(y))
-                goto done;
-        if (BN_is_zero(y)) {
-                ECerror(EC_R_INVALID_COMPRESSION_BIT);
-                goto err;
-        }
-        if (!BN_usub(y, p, y))
-                goto err;
-        if (y_bit != BN_is_odd(y)) {
-                /* Can only happen if p is even and should not be reachable. */
-                ECerror(ERR_R_INTERNAL_ERROR);
-                goto err;
-        }
- done:
-        if (!EC_POINT_set_affine_coordinates(group, point, x, y, ctx))
-                goto err;
-        ret = 1;
- err:
-        BN_CTX_end(ctx);
-        return ret;
-}
-static int
 ec_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT **points,
    BN_CTX *ctx)
 {
@@ -1420,7 +1326,6 @@ static const EC_METHOD ec_GFp_simple_method = {
        .group_get_curve = ec_group_get_curve,
        .point_set_affine_coordinates = ec_point_set_affine_coordinates,
        .point_get_affine_coordinates = ec_point_get_affine_coordinates,
-        .point_set_compressed_coordinates = ec_set_compressed_coordinates,
        .points_make_affine = ec_points_make_affine,
        .add = ec_add,
        .dbl = ec_dbl,
@@ -1447,7 +1352,6 @@ static const EC_METHOD ec_GFp_mont_method = {
        .group_get_curve = ec_group_get_curve,
        .point_set_affine_coordinates = ec_point_set_affine_coordinates,
        .point_get_affine_coordinates = ec_point_get_affine_coordinates,
-        .point_set_compressed_coordinates = ec_set_compressed_coordinates,
        .points_make_affine = ec_points_make_affine,
        .add = ec_add,
        .dbl = ec_dbl,
author	tb <>	2025-01-11 15:02:42 +0000
committer	tb <>	2025-01-11 15:02:42 +0000
commit	8bbda20016e5c5fe4b795ed53292cc98a0c9232f (patch)
tree	292a6d20431880d1a728f0dc021debd5765db59f /src/lib/libcrypto/ec/ecp_methods.c
parent	793c33000da18d1042676e579534a57987870576 (diff)
download	openbsd-8bbda20016e5c5fe4b795ed53292cc98a0c9232f.tar.gz openbsd-8bbda20016e5c5fe4b795ed53292cc98a0c9232f.tar.bz2 openbsd-8bbda20016e5c5fe4b795ed53292cc98a0c9232f.zip

diff --git a/src/lib/libcrypto/ec/ecp_methods.c b/src/lib/libcrypto/ec/ecp_methods.c index 57efce0366..66bde292a8 100644 --- a/src/lib/libcrypto/ec/ecp_methods.c +++ b/src/lib/libcrypto/ec/ecp_methods.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ecp_methods.c,v 1.30 2025/01/11 14:53:46 tb Exp $ */	1	/* $OpenBSD: ecp_methods.c,v 1.31 2025/01/11 15:02:42 tb Exp $ */
2	/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>	2	/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3	* for the OpenSSL project.	3	* for the OpenSSL project.
4	* Includes code written by Bodo Moeller for the OpenSSL project.	4	* Includes code written by Bodo Moeller for the OpenSSL project.
@@ -276,100 +276,6 @@ ec_point_get_affine_coordinates(const EC_GROUP group, const EC_POINT point,
276	}	276	}
277		277
278	static int	278	static int
279	ec_set_compressed_coordinates(const EC_GROUP group, EC_POINT point,
280	const BIGNUM in_x, int y_bit, BN_CTX ctx)
281	{
282	BIGNUM p, a, b, w, x, y;
283	int ret = 0;
284
285	y_bit = (y_bit != 0);
286
287	BN_CTX_start(ctx);
288
289	if ((p = BN_CTX_get(ctx)) == NULL)
290	goto err;
291	if ((a = BN_CTX_get(ctx)) == NULL)
292	goto err;
293	if ((b = BN_CTX_get(ctx)) == NULL)
294	goto err;
295	if ((w = BN_CTX_get(ctx)) == NULL)
296	goto err;
297	if ((x = BN_CTX_get(ctx)) == NULL)
298	goto err;
299	if ((y = BN_CTX_get(ctx)) == NULL)
300	goto err;
301
302	/*
303	* Weierstrass equation: y^2 = x^3 + ax + b, so y is one of the
304	* square roots of x^3 + ax + b. The y-bit indicates which one.
305	*/
306
307	if (!EC_GROUP_get_curve(group, p, a, b, ctx))
308	goto err;
309
310	/* XXX - should we not insist on 0 <= x < p instead? */
311	if (!BN_nnmod(x, in_x, p, ctx))
312	goto err;
313
314	/* y = x^3 */
315	if (!BN_mod_sqr(y, x, p, ctx))
316	goto err;
317	if (!BN_mod_mul(y, y, x, p, ctx))
318	goto err;
319
320	/* y += ax */
321	if (group->a_is_minus3) {
322	if (!BN_mod_lshift1_quick(w, x, p))
323	goto err;
324	if (!BN_mod_add_quick(w, w, x, p))
325	goto err;
326	if (!BN_mod_sub_quick(y, y, w, p))
327	goto err;
328	} else {
329	if (!BN_mod_mul(w, a, x, p, ctx))
330	goto err;
331	if (!BN_mod_add_quick(y, y, w, p))
332	goto err;
333	}
334
335	/* y += b */
336	if (!BN_mod_add_quick(y, y, b, p))
337	goto err;
338
339	if (!BN_mod_sqrt(y, y, p, ctx)) {
340	ECerror(EC_R_INVALID_COMPRESSED_POINT);
341	goto err;
342	}
343
344	if (y_bit == BN_is_odd(y))
345	goto done;
346
347	if (BN_is_zero(y)) {
348	ECerror(EC_R_INVALID_COMPRESSION_BIT);
349	goto err;
350	}
351	if (!BN_usub(y, p, y))
352	goto err;
353
354	if (y_bit != BN_is_odd(y)) {
355	/* Can only happen if p is even and should not be reachable. */
356	ECerror(ERR_R_INTERNAL_ERROR);
357	goto err;
358	}
359
360	done:
361	if (!EC_POINT_set_affine_coordinates(group, point, x, y, ctx))
362	goto err;
363
364	ret = 1;
365
366	err:
367	BN_CTX_end(ctx);
368
369	return ret;
370	}
371
372	static int
373	ec_points_make_affine(const EC_GROUP group, size_t num, EC_POINT *points,	279	ec_points_make_affine(const EC_GROUP group, size_t num, EC_POINT *points,
374	BN_CTX *ctx)	280	BN_CTX *ctx)
375	{	281	{
@@ -1420,7 +1326,6 @@ static const EC_METHOD ec_GFp_simple_method = {
1420	.group_get_curve = ec_group_get_curve,	1326	.group_get_curve = ec_group_get_curve,
1421	.point_set_affine_coordinates = ec_point_set_affine_coordinates,	1327	.point_set_affine_coordinates = ec_point_set_affine_coordinates,
1422	.point_get_affine_coordinates = ec_point_get_affine_coordinates,	1328	.point_get_affine_coordinates = ec_point_get_affine_coordinates,
1423	.point_set_compressed_coordinates = ec_set_compressed_coordinates,
1424	.points_make_affine = ec_points_make_affine,	1329	.points_make_affine = ec_points_make_affine,
1425	.add = ec_add,	1330	.add = ec_add,
1426	.dbl = ec_dbl,	1331	.dbl = ec_dbl,
@@ -1447,7 +1352,6 @@ static const EC_METHOD ec_GFp_mont_method = {
1447	.group_get_curve = ec_group_get_curve,	1352	.group_get_curve = ec_group_get_curve,
1448	.point_set_affine_coordinates = ec_point_set_affine_coordinates,	1353	.point_set_affine_coordinates = ec_point_set_affine_coordinates,
1449	.point_get_affine_coordinates = ec_point_get_affine_coordinates,	1354	.point_get_affine_coordinates = ec_point_get_affine_coordinates,
1450	.point_set_compressed_coordinates = ec_set_compressed_coordinates,
1451	.points_make_affine = ec_points_make_affine,	1355	.points_make_affine = ec_points_make_affine,
1452	.add = ec_add,	1356	.add = ec_add,
1453	.dbl = ec_dbl,	1357	.dbl = ec_dbl,