This commit was manufactured by cvs2git to create tag 'tb_20250414'.tb_20250414

author: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
committer: cvs2svn <admin@example.com> 2025-04-14 17:32:06 +0000
commit: eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree: edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/ecdh/ecdh.c
parent: 247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download: openbsd-tb_20250414.tar.gz
openbsd-tb_20250414.tar.bz2
openbsd-tb_20250414.zip
1 files changed, 0 insertions, 281 deletions
diff --git a/src/lib/libcrypto/ecdh/ecdh.c b/src/lib/libcrypto/ecdh/ecdh.c
deleted file mode 100644
index dbb91f1991..0000000000
--- a/src/lib/libcrypto/ecdh/ecdh.c
+++ /dev/null
@@ -1,281 +0,0 @@
-/* $OpenBSD: ecdh.c,v 1.11 2025/02/17 09:25:45 tb Exp $ */
-/* ====================================================================
- * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
- *
- * The Elliptic Curve Public-Key Crypto Library (ECC Code) included
- * herein is developed by SUN MICROSYSTEMS, INC., and is contributed
- * to the OpenSSL project.
- *
- * The ECC Code is licensed pursuant to the OpenSSL open source
- * license provided below.
- *
- * The ECDH software is originally written by Douglas Stebila of
- * Sun Microsystems Laboratories.
- *
- */
-/* ====================================================================
- * Copyright (c) 1998-2003 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <limits.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/bn.h>
-#include <openssl/ec.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include "ec_local.h"
-/*
- * Key derivation function from X9.63/SECG.
- */
-/* Way more than we will ever need */
-#define ECDH_KDF_MAX    (1 << 30)
-int
-ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z,
-    size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md)
-{
-        EVP_MD_CTX *mctx = NULL;
-        unsigned int i;
-        size_t mdlen;
-        unsigned char ctr[4];
-        int rv = 0;
-        if (sinfolen > ECDH_KDF_MAX || outlen > ECDH_KDF_MAX ||
-            Zlen > ECDH_KDF_MAX)
-                return 0;
-        mctx = EVP_MD_CTX_new();
-        if (mctx == NULL)
-                return 0;
-        mdlen = EVP_MD_size(md);
-        for (i = 1;; i++) {
-                unsigned char mtmp[EVP_MAX_MD_SIZE];
-                if (!EVP_DigestInit_ex(mctx, md, NULL))
-                        goto err;
-                ctr[3] = i & 0xFF;
-                ctr[2] = (i >> 8) & 0xFF;
-                ctr[1] = (i >> 16) & 0xFF;
-                ctr[0] = (i >> 24) & 0xFF;
-                if (!EVP_DigestUpdate(mctx, Z, Zlen))
-                        goto err;
-                if (!EVP_DigestUpdate(mctx, ctr, sizeof(ctr)))
-                        goto err;
-                if (!EVP_DigestUpdate(mctx, sinfo, sinfolen))
-                        goto err;
-                if (outlen >= mdlen) {
-                        if (!EVP_DigestFinal(mctx, out, NULL))
-                                goto err;
-                        outlen -= mdlen;
-                        if (outlen == 0)
-                                break;
-                        out += mdlen;
-                } else {
-                        if (!EVP_DigestFinal(mctx, mtmp, NULL))
-                                goto err;
-                        memcpy(out, mtmp, outlen);
-                        explicit_bzero(mtmp, mdlen);
-                        break;
-                }
-        }
-        rv = 1;
- err:
-        EVP_MD_CTX_free(mctx);
-        return rv;
-}
-/*
- * Based on the ECKAS-DH1 and ECSVDP-DH primitives in the IEEE 1363 standard.
- */
-int
-ecdh_compute_key(unsigned char **out, size_t *out_len, const EC_POINT *pub_key,
-    const EC_KEY *ecdh)
-{
-        BN_CTX *ctx;
-        BIGNUM *x;
-        const BIGNUM *priv_key;
-        const EC_GROUP *group;
-        EC_POINT *point = NULL;
-        unsigned char *buf = NULL;
-        int buf_len = 0;
-        int ret = 0;
-        *out = NULL;
-        *out_len = 0;
-        if ((ctx = BN_CTX_new()) == NULL)
-                goto err;
-        BN_CTX_start(ctx);
-        if ((x = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((group = EC_KEY_get0_group(ecdh)) == NULL)
-                goto err;
-        if (EC_POINT_is_on_curve(group, pub_key, ctx) <= 0)
-                goto err;
-        if ((point = EC_POINT_new(group)) == NULL) {
-                ECerror(ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        if ((priv_key = EC_KEY_get0_private_key(ecdh)) == NULL) {
-                ECerror(EC_R_MISSING_PRIVATE_KEY);
-                goto err;
-        }
-        if (!EC_POINT_mul(group, point, NULL, pub_key, priv_key, ctx)) {
-                ECerror(EC_R_POINT_ARITHMETIC_FAILURE);
-                goto err;
-        }
-        if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, ctx)) {
-                ECerror(EC_R_POINT_ARITHMETIC_FAILURE);
-                goto err;
-        }
-        if ((buf_len = ECDH_size(ecdh)) < BN_num_bytes(x)) {
-                ECerror(ERR_R_INTERNAL_ERROR);
-                goto err;
-        }
-        if ((buf = calloc(1, buf_len)) == NULL) {
-                ECerror(ERR_R_MALLOC_FAILURE);
-                goto err;
-        }
-        if (BN_bn2binpad(x, buf, buf_len) != buf_len) {
-                ECerror(ERR_R_BN_LIB);
-                goto err;
-        }
-        *out = buf;
-        *out_len = buf_len;
-        buf = NULL;
-        buf_len = 0;
-        ret = 1;
- err:
-        EC_POINT_free(point);
-        BN_CTX_end(ctx);
-        BN_CTX_free(ctx);
-        freezero(buf, buf_len);
-        return ret;
-}
-int
-ECDH_compute_key(void *out, size_t out_len, const EC_POINT *pub_key,
-    EC_KEY *eckey,
-    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *out_len))
-{
-        unsigned char *secret = NULL;
-        size_t secret_len = 0;
-        int ret = 0;
-        if (eckey->meth->compute_key == NULL) {
-                ECerror(EC_R_NOT_IMPLEMENTED);
-                goto err;
-        }
-        if (out_len > INT_MAX) {
-                ECerror(EC_R_INVALID_OUTPUT_LENGTH);
-                goto err;
-        }
-        if (!eckey->meth->compute_key(&secret, &secret_len, pub_key, eckey))
-                goto err;
-        memset(out, 0, out_len);
-        if (KDF != NULL) {
-                if (KDF(secret, secret_len, out, &out_len) == NULL) {
-                        ECerror(EC_R_KDF_FAILED);
-                        goto err;
-                }
-        } else {
-                if (out_len < secret_len) {
-                        /* The resulting key would be truncated. */
-                        ECerror(EC_R_KEY_TRUNCATION);
-                        goto err;
-                }
-                out_len = secret_len;
-                memcpy(out, secret, out_len);
-        }
-        if (out_len > INT_MAX) {
-                ECerror(EC_R_INVALID_OUTPUT_LENGTH);
-                goto err;
-        }
-        ret = out_len;
- err:
-        freezero(secret, secret_len);
-        return ret;
-}
-LCRYPTO_ALIAS(ECDH_compute_key);
-int
-ECDH_size(const EC_KEY *eckey)
-{
-        return BN_num_bytes(eckey->group->p);
-}
-LCRYPTO_ALIAS(ECDH_size);
author	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
committer	cvs2svn <admin@example.com>	2025-04-14 17:32:06 +0000
commit	eb8dd9dca1228af0cd132f515509051ecfabf6f6 (patch)
tree	edb6da6af7e865d488dc1a29309f1e1ec226e603 /src/lib/libcrypto/ecdh/ecdh.c
parent	247f0352e0ed72a4f476db9dc91f4d982bc83eb2 (diff)
download	openbsd-tb_20250414.tar.gz openbsd-tb_20250414.tar.bz2 openbsd-tb_20250414.zip

diff --git a/src/lib/libcrypto/ecdh/ecdh.c b/src/lib/libcrypto/ecdh/ecdh.c deleted file mode 100644 index dbb91f1991..0000000000 --- a/src/lib/libcrypto/ecdh/ecdh.c +++ /dev/null
@@ -1,281 +0,0 @@
1	/* $OpenBSD: ecdh.c,v 1.11 2025/02/17 09:25:45 tb Exp $ */
2	/* ====================================================================
3	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4	*
5	* The Elliptic Curve Public-Key Crypto Library (ECC Code) included
6	* herein is developed by SUN MICROSYSTEMS, INC., and is contributed
7	* to the OpenSSL project.
8	*
9	* The ECC Code is licensed pursuant to the OpenSSL open source
10	* license provided below.
11	*
12	* The ECDH software is originally written by Douglas Stebila of
13	* Sun Microsystems Laboratories.
14	*
15	*/
16	/* ====================================================================
17	* Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
18	*
19	* Redistribution and use in source and binary forms, with or without
20	* modification, are permitted provided that the following conditions
21	* are met:
22	*
23	* 1. Redistributions of source code must retain the above copyright
24	* notice, this list of conditions and the following disclaimer.
25	*
26	* 2. Redistributions in binary form must reproduce the above copyright
27	* notice, this list of conditions and the following disclaimer in
28	* the documentation and/or other materials provided with the
29	* distribution.
30	*
31	* 3. All advertising materials mentioning features or use of this
32	* software must display the following acknowledgment:
33	* "This product includes software developed by the OpenSSL Project
34	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
35	*
36	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
37	* endorse or promote products derived from this software without
38	* prior written permission. For written permission, please contact
39	* openssl-core@OpenSSL.org.
40	*
41	* 5. Products derived from this software may not be called "OpenSSL"
42	* nor may "OpenSSL" appear in their names without prior written
43	* permission of the OpenSSL Project.
44	*
45	* 6. Redistributions of any form whatsoever must retain the following
46	* acknowledgment:
47	* "This product includes software developed by the OpenSSL Project
48	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
49	*
50	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
51	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
53	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
54	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
55	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
56	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
57	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
59	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
60	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
61	* OF THE POSSIBILITY OF SUCH DAMAGE.
62	* ====================================================================
63	*
64	* This product includes cryptographic software written by Eric Young
65	* (eay@cryptsoft.com). This product includes software written by Tim
66	* Hudson (tjh@cryptsoft.com).
67	*
68	*/
69
70	#include <limits.h>
71	#include <stdlib.h>
72	#include <string.h>
73
74	#include <openssl/bn.h>
75	#include <openssl/ec.h>
76	#include <openssl/err.h>
77	#include <openssl/evp.h>
78
79	#include "ec_local.h"
80
81	/*
82	* Key derivation function from X9.63/SECG.
83	*/
84
85	/* Way more than we will ever need */
86	#define ECDH_KDF_MAX (1 << 30)
87
88	int
89	ecdh_KDF_X9_63(unsigned char out, size_t outlen, const unsigned char Z,
90	size_t Zlen, const unsigned char sinfo, size_t sinfolen, const EVP_MD md)
91	{
92	EVP_MD_CTX *mctx = NULL;
93	unsigned int i;
94	size_t mdlen;
95	unsigned char ctr[4];
96	int rv = 0;
97
98	if (sinfolen > ECDH_KDF_MAX \|\| outlen > ECDH_KDF_MAX \|\|
99	Zlen > ECDH_KDF_MAX)
100	return 0;
101	mctx = EVP_MD_CTX_new();
102	if (mctx == NULL)
103	return 0;
104	mdlen = EVP_MD_size(md);
105	for (i = 1;; i++) {
106	unsigned char mtmp[EVP_MAX_MD_SIZE];
107	if (!EVP_DigestInit_ex(mctx, md, NULL))
108	goto err;
109	ctr[3] = i & 0xFF;
110	ctr[2] = (i >> 8) & 0xFF;
111	ctr[1] = (i >> 16) & 0xFF;
112	ctr[0] = (i >> 24) & 0xFF;
113	if (!EVP_DigestUpdate(mctx, Z, Zlen))
114	goto err;
115	if (!EVP_DigestUpdate(mctx, ctr, sizeof(ctr)))
116	goto err;
117	if (!EVP_DigestUpdate(mctx, sinfo, sinfolen))
118	goto err;
119	if (outlen >= mdlen) {
120	if (!EVP_DigestFinal(mctx, out, NULL))
121	goto err;
122	outlen -= mdlen;
123	if (outlen == 0)
124	break;
125	out += mdlen;
126	} else {
127	if (!EVP_DigestFinal(mctx, mtmp, NULL))
128	goto err;
129	memcpy(out, mtmp, outlen);
130	explicit_bzero(mtmp, mdlen);
131	break;
132	}
133	}
134	rv = 1;
135
136	err:
137	EVP_MD_CTX_free(mctx);
138
139	return rv;
140	}
141
142	/*
143	* Based on the ECKAS-DH1 and ECSVDP-DH primitives in the IEEE 1363 standard.
144	*/
145	int
146	ecdh_compute_key(unsigned char *out, size_t out_len, const EC_POINT *pub_key,
147	const EC_KEY *ecdh)
148	{
149	BN_CTX *ctx;
150	BIGNUM *x;
151	const BIGNUM *priv_key;
152	const EC_GROUP *group;
153	EC_POINT *point = NULL;
154	unsigned char *buf = NULL;
155	int buf_len = 0;
156	int ret = 0;
157
158	*out = NULL;
159	*out_len = 0;
160
161	if ((ctx = BN_CTX_new()) == NULL)
162	goto err;
163
164	BN_CTX_start(ctx);
165
166	if ((x = BN_CTX_get(ctx)) == NULL)
167	goto err;
168
169	if ((group = EC_KEY_get0_group(ecdh)) == NULL)
170	goto err;
171
172	if (EC_POINT_is_on_curve(group, pub_key, ctx) <= 0)
173	goto err;
174
175	if ((point = EC_POINT_new(group)) == NULL) {
176	ECerror(ERR_R_MALLOC_FAILURE);
177	goto err;
178	}
179
180	if ((priv_key = EC_KEY_get0_private_key(ecdh)) == NULL) {
181	ECerror(EC_R_MISSING_PRIVATE_KEY);
182	goto err;
183	}
184
185	if (!EC_POINT_mul(group, point, NULL, pub_key, priv_key, ctx)) {
186	ECerror(EC_R_POINT_ARITHMETIC_FAILURE);
187	goto err;
188	}
189
190	if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, ctx)) {
191	ECerror(EC_R_POINT_ARITHMETIC_FAILURE);
192	goto err;
193	}
194
195	if ((buf_len = ECDH_size(ecdh)) < BN_num_bytes(x)) {
196	ECerror(ERR_R_INTERNAL_ERROR);
197	goto err;
198	}
199	if ((buf = calloc(1, buf_len)) == NULL) {
200	ECerror(ERR_R_MALLOC_FAILURE);
201	goto err;
202	}
203	if (BN_bn2binpad(x, buf, buf_len) != buf_len) {
204	ECerror(ERR_R_BN_LIB);
205	goto err;
206	}
207
208	*out = buf;
209	*out_len = buf_len;
210	buf = NULL;
211	buf_len = 0;
212
213	ret = 1;
214
215	err:
216	EC_POINT_free(point);
217	BN_CTX_end(ctx);
218	BN_CTX_free(ctx);
219	freezero(buf, buf_len);
220
221	return ret;
222	}
223
224	int
225	ECDH_compute_key(void out, size_t out_len, const EC_POINT pub_key,
226	EC_KEY *eckey,
227	void (KDF)(const void in, size_t inlen, void out, size_t *out_len))
228	{
229	unsigned char *secret = NULL;
230	size_t secret_len = 0;
231	int ret = 0;
232
233	if (eckey->meth->compute_key == NULL) {
234	ECerror(EC_R_NOT_IMPLEMENTED);
235	goto err;
236	}
237
238	if (out_len > INT_MAX) {
239	ECerror(EC_R_INVALID_OUTPUT_LENGTH);
240	goto err;
241	}
242
243	if (!eckey->meth->compute_key(&secret, &secret_len, pub_key, eckey))
244	goto err;
245
246	memset(out, 0, out_len);
247	if (KDF != NULL) {
248	if (KDF(secret, secret_len, out, &out_len) == NULL) {
249	ECerror(EC_R_KDF_FAILED);
250	goto err;
251	}
252	} else {
253	if (out_len < secret_len) {
254	/* The resulting key would be truncated. */
255	ECerror(EC_R_KEY_TRUNCATION);
256	goto err;
257	}
258	out_len = secret_len;
259	memcpy(out, secret, out_len);
260	}
261
262	if (out_len > INT_MAX) {
263	ECerror(EC_R_INVALID_OUTPUT_LENGTH);
264	goto err;
265	}
266
267	ret = out_len;
268
269	err:
270	freezero(secret, secret_len);
271
272	return ret;
273	}
274	LCRYPTO_ALIAS(ECDH_compute_key);
275
276	int
277	ECDH_size(const EC_KEY *eckey)
278	{
279	return BN_num_bytes(eckey->group->p);
280	}
281	LCRYPTO_ALIAS(ECDH_size);