summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto
diff options
context:
space:
mode:
authortb <>2023-05-01 12:39:38 +0000
committertb <>2023-05-01 12:39:38 +0000
commitf2fa8523cb2ce36a768f458ca1c0b5fe0f884fe4 (patch)
tree6b4d0cbea7c3f9ba9b61840ac0ef8b7c4b3656c2 /src/lib/libcrypto
parent91be51df7110ce3afe81606c55fc7641f43f9cf3 (diff)
downloadopenbsd-f2fa8523cb2ce36a768f458ca1c0b5fe0f884fe4.tar.gz
openbsd-f2fa8523cb2ce36a768f458ca1c0b5fe0f884fe4.tar.bz2
openbsd-f2fa8523cb2ce36a768f458ca1c0b5fe0f884fe4.zip
Simplify ec_group_new_from_data() further
We have a BN_CTX available, so we may as well use it. This simplifies the cleanup path at the cost of a bit more code in the setup. Also use an extra BIGNUM for the cofactor. Reusing x for this is just silly. If you were really going to avoid extra allocations, this entire function could easily have been written with three BIGNUMs. ok jsing
Diffstat (limited to 'src/lib/libcrypto')
-rw-r--r--src/lib/libcrypto/ec/ec_curve.c71
1 files changed, 55 insertions, 16 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c
index 61d6c01048..2179924666 100644
--- a/src/lib/libcrypto/ec/ec_curve.c
+++ b/src/lib/libcrypto/ec/ec_curve.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ec_curve.c,v 1.31 2023/05/01 08:16:17 tb Exp $ */ 1/* $OpenBSD: ec_curve.c,v 1.32 2023/05/01 12:39:38 tb Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project. 3 * Written by Nils Larsch for the OpenSSL project.
4 */ 4 */
@@ -2113,7 +2113,7 @@ ec_group_new_from_data(const ec_list_element curve)
2113 EC_GROUP *group = NULL; 2113 EC_GROUP *group = NULL;
2114 EC_POINT *P = NULL; 2114 EC_POINT *P = NULL;
2115 BN_CTX *ctx = NULL; 2115 BN_CTX *ctx = NULL;
2116 BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL; 2116 BIGNUM *p, *a, *b, *x, *y, *order, *cofactor;
2117 int ok = 0; 2117 int ok = 0;
2118 int seed_len, param_len; 2118 int seed_len, param_len;
2119 const EC_CURVE_DATA *data; 2119 const EC_CURVE_DATA *data;
@@ -2123,15 +2123,52 @@ ec_group_new_from_data(const ec_list_element curve)
2123 ECerror(ERR_R_MALLOC_FAILURE); 2123 ECerror(ERR_R_MALLOC_FAILURE);
2124 goto err; 2124 goto err;
2125 } 2125 }
2126 BN_CTX_start(ctx);
2127
2128 if ((p = BN_CTX_get(ctx)) == NULL) {
2129 ECerror(ERR_R_BN_LIB);
2130 goto err;
2131 }
2132 if ((a = BN_CTX_get(ctx)) == NULL) {
2133 ECerror(ERR_R_BN_LIB);
2134 goto err;
2135 }
2136 if ((b = BN_CTX_get(ctx)) == NULL) {
2137 ECerror(ERR_R_BN_LIB);
2138 goto err;
2139 }
2140 if ((x = BN_CTX_get(ctx)) == NULL) {
2141 ECerror(ERR_R_BN_LIB);
2142 goto err;
2143 }
2144 if ((y = BN_CTX_get(ctx)) == NULL) {
2145 ECerror(ERR_R_BN_LIB);
2146 goto err;
2147 }
2148 if ((order = BN_CTX_get(ctx)) == NULL) {
2149 ECerror(ERR_R_BN_LIB);
2150 goto err;
2151 }
2152 if ((cofactor = BN_CTX_get(ctx)) == NULL) {
2153 ECerror(ERR_R_BN_LIB);
2154 goto err;
2155 }
2156
2126 data = curve.data; 2157 data = curve.data;
2127 seed_len = data->seed_len; 2158 seed_len = data->seed_len;
2128 param_len = data->param_len; 2159 param_len = data->param_len;
2129 params = (const unsigned char *) (data + 1); /* skip header */ 2160 params = (const unsigned char *) (data + 1); /* skip header */
2130 params += seed_len; /* skip seed */ 2161 params += seed_len; /* skip seed */
2131 2162
2132 if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) || 2163 if (BN_bin2bn(params + 0 * param_len, param_len, p) == NULL) {
2133 !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) || 2164 ECerror(ERR_R_BN_LIB);
2134 !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) { 2165 goto err;
2166 }
2167 if (BN_bin2bn(params + 1 * param_len, param_len, a) == NULL) {
2168 ECerror(ERR_R_BN_LIB);
2169 goto err;
2170 }
2171 if (BN_bin2bn(params + 2 * param_len, param_len, b) == NULL) {
2135 ECerror(ERR_R_BN_LIB); 2172 ECerror(ERR_R_BN_LIB);
2136 goto err; 2173 goto err;
2137 } 2174 }
@@ -2146,8 +2183,11 @@ ec_group_new_from_data(const ec_list_element curve)
2146 ECerror(ERR_R_EC_LIB); 2183 ECerror(ERR_R_EC_LIB);
2147 goto err; 2184 goto err;
2148 } 2185 }
2149 if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) 2186 if (BN_bin2bn(params + 3 * param_len, param_len, x) == NULL) {
2150 || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) { 2187 ECerror(ERR_R_BN_LIB);
2188 goto err;
2189 }
2190 if (BN_bin2bn(params + 4 * param_len, param_len, y) == NULL) {
2151 ECerror(ERR_R_BN_LIB); 2191 ECerror(ERR_R_BN_LIB);
2152 goto err; 2192 goto err;
2153 } 2193 }
@@ -2155,12 +2195,15 @@ ec_group_new_from_data(const ec_list_element curve)
2155 ECerror(ERR_R_EC_LIB); 2195 ECerror(ERR_R_EC_LIB);
2156 goto err; 2196 goto err;
2157 } 2197 }
2158 if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) 2198 if (BN_bin2bn(params + 5 * param_len, param_len, order) == NULL) {
2159 || !BN_set_word(x, (BN_ULONG) data->cofactor)) {
2160 ECerror(ERR_R_BN_LIB); 2199 ECerror(ERR_R_BN_LIB);
2161 goto err; 2200 goto err;
2162 } 2201 }
2163 if (!EC_GROUP_set_generator(group, P, order, x)) { 2202 if (!BN_set_word(cofactor, data->cofactor)) {
2203 ECerror(ERR_R_BN_LIB);
2204 goto err;
2205 }
2206 if (!EC_GROUP_set_generator(group, P, order, cofactor)) {
2164 ECerror(ERR_R_EC_LIB); 2207 ECerror(ERR_R_EC_LIB);
2165 goto err; 2208 goto err;
2166 } 2209 }
@@ -2177,13 +2220,9 @@ ec_group_new_from_data(const ec_list_element curve)
2177 group = NULL; 2220 group = NULL;
2178 } 2221 }
2179 EC_POINT_free(P); 2222 EC_POINT_free(P);
2223 BN_CTX_end(ctx);
2180 BN_CTX_free(ctx); 2224 BN_CTX_free(ctx);
2181 BN_free(p); 2225
2182 BN_free(a);
2183 BN_free(b);
2184 BN_free(order);
2185 BN_free(x);
2186 BN_free(y);
2187 return group; 2226 return group;
2188} 2227}
2189 2228
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 23:11:48 +0000