diff options
| author | tb <> | 2023-07-28 08:49:43 +0000 |
|---|---|---|
| committer | tb <> | 2023-07-28 08:49:43 +0000 |
| commit | a60bb43ba730ae6d2d64a6568ee5fddecaf151e3 (patch) | |
| tree | efbe0438383ae81f0c511a990e4a656ecd91e76c /src/lib/libcrypto/ecdsa/ecdsa.h | |
| parent | 9c4fb33240afcde0c06cf9e4b12424a2cfa28418 (diff) | |
| download | openbsd-a60bb43ba730ae6d2d64a6568ee5fddecaf151e3.tar.gz openbsd-a60bb43ba730ae6d2d64a6568ee5fddecaf151e3.tar.bz2 openbsd-a60bb43ba730ae6d2d64a6568ee5fddecaf151e3.zip | |
Make extended ECDSA signing routines internal
ECDSA_sign_setup() permits precomputing the values of the inverse of the
random k and the corresponding r. These can then be fed into the signing
routines ECDSA_{do_,}sign_ex() multiple times if needed. This is not a
great idea and the interface adds a lot of unwanted complexity.
Not to mention that nothing ever used this correctly - if s works out to
0, a special error code is thrown requesting that the caller provide new
kinv and r values. Unsurprisingly, nobody ever checked for that special
error code.
ok jsing
This commit marks the start of a libcrypto major bump. Do not build the
tree until I bumped the shlib_version and synced file sets (in about 35
commits).
Diffstat (limited to 'src/lib/libcrypto/ecdsa/ecdsa.h')
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecdsa.h | 9 |
1 files changed, 1 insertions, 8 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.h b/src/lib/libcrypto/ecdsa/ecdsa.h index 2e6b672627..9960a4b1ea 100644 --- a/src/lib/libcrypto/ecdsa/ecdsa.h +++ b/src/lib/libcrypto/ecdsa/ecdsa.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecdsa.h,v 1.16 2023/06/19 09:12:41 tb Exp $ */ | 1 | /* $OpenBSD: ecdsa.h,v 1.17 2023/07/28 08:49:43 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Nils Larsch for the OpenSSL project | 3 | * Written by Nils Larsch for the OpenSSL project |
| 4 | */ | 4 | */ |
| @@ -108,8 +108,6 @@ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s); | |||
| 108 | 108 | ||
| 109 | ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, | 109 | ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, |
| 110 | EC_KEY *eckey); | 110 | EC_KEY *eckey); |
| 111 | ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen, | ||
| 112 | const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); | ||
| 113 | int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, | 111 | int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, |
| 114 | const ECDSA_SIG *sig, EC_KEY* eckey); | 112 | const ECDSA_SIG *sig, EC_KEY* eckey); |
| 115 | 113 | ||
| @@ -119,13 +117,8 @@ const ECDSA_METHOD *ECDSA_get_default_method(void); | |||
| 119 | int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); | 117 | int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth); |
| 120 | int ECDSA_size(const EC_KEY *eckey); | 118 | int ECDSA_size(const EC_KEY *eckey); |
| 121 | 119 | ||
| 122 | int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv, | ||
| 123 | BIGNUM **rp); | ||
| 124 | int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, | 120 | int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen, |
| 125 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); | 121 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey); |
| 126 | int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen, | ||
| 127 | unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, | ||
| 128 | const BIGNUM *rp, EC_KEY *eckey); | ||
| 129 | int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, | 122 | int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen, |
| 130 | const unsigned char *sig, int siglen, EC_KEY *eckey); | 123 | const unsigned char *sig, int siglen, EC_KEY *eckey); |
| 131 | 124 | ||