summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ecdsa/ecdsa.c
diff options
context:
space:
mode:
authortb <>2023-07-05 17:10:10 +0000
committertb <>2023-07-05 17:10:10 +0000
commit2a76217befc26467e87c42042da9454d58534279 (patch)
treebe7dc4e8b1becfb90622fefb3c36d1fdf7944ecd /src/lib/libcrypto/ecdsa/ecdsa.c
parentc4bfc0e4179fecf1860de6c28fc5231081bad078 (diff)
downloadopenbsd-2a76217befc26467e87c42042da9454d58534279.tar.gz
openbsd-2a76217befc26467e87c42042da9454d58534279.tar.bz2
openbsd-2a76217befc26467e87c42042da9454d58534279.zip
Mop up last uses of ECDHerror() and ECDSAerror()
ok jsing
Diffstat (limited to 'src/lib/libcrypto/ecdsa/ecdsa.c')
-rw-r--r--src/lib/libcrypto/ecdsa/ecdsa.c32
1 files changed, 15 insertions, 17 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.c b/src/lib/libcrypto/ecdsa/ecdsa.c
index 5d6175a787..b9c7ea6381 100644
--- a/src/lib/libcrypto/ecdsa/ecdsa.c
+++ b/src/lib/libcrypto/ecdsa/ecdsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecdsa.c,v 1.9 2023/07/05 14:41:18 tb Exp $ */ 1/* $OpenBSD: ecdsa.c,v 1.10 2023/07/05 17:10:10 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -315,10 +315,8 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r)
315 /* Step 11: repeat until r != 0. */ 315 /* Step 11: repeat until r != 0. */
316 do { 316 do {
317 /* Step 3: generate random k. */ 317 /* Step 3: generate random k. */
318 if (!bn_rand_interval(k, BN_value_one(), order)) { 318 if (!bn_rand_interval(k, BN_value_one(), order))
319 ECDSAerror(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
320 goto err; 319 goto err;
321 }
322 320
323 /* 321 /*
324 * We do not want timing information to leak the length of k, 322 * We do not want timing information to leak the length of k,
@@ -436,7 +434,7 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv,
436 * can't rely on this being the case. 434 * can't rely on this being the case.
437 */ 435 */
438 if (BN_cmp(r, BN_value_one()) < 0 || BN_cmp(r, order) >= 0) { 436 if (BN_cmp(r, BN_value_one()) < 0 || BN_cmp(r, order) >= 0) {
439 ECDSAerror(ECDSA_R_BAD_SIGNATURE); 437 ECerror(EC_R_BAD_SIGNATURE);
440 goto err; 438 goto err;
441 } 439 }
442 440
@@ -552,7 +550,7 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
552 /* Steps 3-8: calculate kinv and r. */ 550 /* Steps 3-8: calculate kinv and r. */
553 if (!caller_supplied_values) { 551 if (!caller_supplied_values) {
554 if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) { 552 if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) {
555 ECDSAerror(ERR_R_ECDSA_LIB); 553 ECerror(ERR_R_EC_LIB);
556 goto err; 554 goto err;
557 } 555 }
558 } 556 }
@@ -566,7 +564,7 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
566 break; 564 break;
567 565
568 if (caller_supplied_values) { 566 if (caller_supplied_values) {
569 ECDSAerror(ECDSA_R_NEED_NEW_SETUP_VALUES); 567 ECerror(EC_R_NEED_NEW_SETUP_VALUES);
570 goto err; 568 goto err;
571 } 569 }
572 570
@@ -648,15 +646,15 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len,
648 int ret = -1; 646 int ret = -1;
649 647
650 if (key == NULL || sig == NULL) { 648 if (key == NULL || sig == NULL) {
651 ECDSAerror(ECDSA_R_MISSING_PARAMETERS); 649 ECerror(EC_R_MISSING_PARAMETERS);
652 goto err; 650 goto err;
653 } 651 }
654 if ((group = EC_KEY_get0_group(key)) == NULL) { 652 if ((group = EC_KEY_get0_group(key)) == NULL) {
655 ECDSAerror(ECDSA_R_MISSING_PARAMETERS); 653 ECerror(EC_R_MISSING_PARAMETERS);
656 goto err; 654 goto err;
657 } 655 }
658 if ((pub_key = EC_KEY_get0_public_key(key)) == NULL) { 656 if ((pub_key = EC_KEY_get0_public_key(key)) == NULL) {
659 ECDSAerror(ECDSA_R_MISSING_PARAMETERS); 657 ECerror(EC_R_MISSING_PARAMETERS);
660 goto err; 658 goto err;
661 } 659 }
662 660
@@ -685,12 +683,12 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len,
685 683
686 /* Step 1: verify that r and s are in the range [1, order). */ 684 /* Step 1: verify that r and s are in the range [1, order). */
687 if (BN_cmp(sig->r, BN_value_one()) < 0 || BN_cmp(sig->r, order) >= 0) { 685 if (BN_cmp(sig->r, BN_value_one()) < 0 || BN_cmp(sig->r, order) >= 0) {
688 ECDSAerror(ECDSA_R_BAD_SIGNATURE); 686 ECerror(EC_R_BAD_SIGNATURE);
689 ret = 0; 687 ret = 0;
690 goto err; 688 goto err;
691 } 689 }
692 if (BN_cmp(sig->s, BN_value_one()) < 0 || BN_cmp(sig->s, order) >= 0) { 690 if (BN_cmp(sig->s, BN_value_one()) < 0 || BN_cmp(sig->s, order) >= 0) {
693 ECDSAerror(ECDSA_R_BAD_SIGNATURE); 691 ECerror(EC_R_BAD_SIGNATURE);
694 ret = 0; 692 ret = 0;
695 goto err; 693 goto err;
696 } 694 }
@@ -759,7 +757,7 @@ ECDSA_do_sign_ex(const unsigned char *digest, int digest_len,
759 const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key) 757 const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key)
760{ 758{
761 if (key->meth->sign_sig == NULL) { 759 if (key->meth->sign_sig == NULL) {
762 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 760 ECerror(EC_R_NOT_IMPLEMENTED);
763 return 0; 761 return 0;
764 } 762 }
765 return key->meth->sign_sig(digest, digest_len, kinv, out_r, key); 763 return key->meth->sign_sig(digest, digest_len, kinv, out_r, key);
@@ -779,7 +777,7 @@ ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len,
779 const BIGNUM *r, EC_KEY *key) 777 const BIGNUM *r, EC_KEY *key)
780{ 778{
781 if (key->meth->sign == NULL) { 779 if (key->meth->sign == NULL) {
782 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 780 ECerror(EC_R_NOT_IMPLEMENTED);
783 return 0; 781 return 0;
784 } 782 }
785 return key->meth->sign(type, digest, digest_len, signature, 783 return key->meth->sign(type, digest, digest_len, signature,
@@ -791,7 +789,7 @@ ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
791 BIGNUM **out_r) 789 BIGNUM **out_r)
792{ 790{
793 if (key->meth->sign_setup == NULL) { 791 if (key->meth->sign_setup == NULL) {
794 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 792 ECerror(EC_R_NOT_IMPLEMENTED);
795 return 0; 793 return 0;
796 } 794 }
797 return key->meth->sign_setup(key, in_ctx, out_kinv, out_r); 795 return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
@@ -802,7 +800,7 @@ ECDSA_do_verify(const unsigned char *digest, int digest_len,
802 const ECDSA_SIG *sig, EC_KEY *key) 800 const ECDSA_SIG *sig, EC_KEY *key)
803{ 801{
804 if (key->meth->verify_sig == NULL) { 802 if (key->meth->verify_sig == NULL) {
805 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 803 ECerror(EC_R_NOT_IMPLEMENTED);
806 return 0; 804 return 0;
807 } 805 }
808 return key->meth->verify_sig(digest, digest_len, sig, key); 806 return key->meth->verify_sig(digest, digest_len, sig, key);
@@ -813,7 +811,7 @@ ECDSA_verify(int type, const unsigned char *digest, int digest_len,
813 const unsigned char *sigbuf, int sig_len, EC_KEY *key) 811 const unsigned char *sigbuf, int sig_len, EC_KEY *key)
814{ 812{
815 if (key->meth->verify == NULL) { 813 if (key->meth->verify == NULL) {
816 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 814 ECerror(EC_R_NOT_IMPLEMENTED);
817 return 0; 815 return 0;
818 } 816 }
819 return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key); 817 return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 05:50:28 +0000