Make extended ECDSA signing routines internal

ECDSA_sign_setup() permits precomputing the values of the inverse of the random k and the corresponding r. These can then be fed into the signing routines ECDSA_{do_,}sign_ex() multiple times if needed. This is not a great idea and the interface adds a lot of unwanted complexity. Not to mention that nothing ever used this correctly - if s works out to 0, a special error code is thrown requesting that the caller provide new kinv and r values. Unsurprisingly, nobody ever checked for that special error code. ok jsing This commit marks the start of a libcrypto major bump. Do not build the tree until I bumped the shlib_version and synced file sets (in about 35 commits).
author: tb <> 2023-07-28 08:49:43 +0000
committer: tb <> 2023-07-28 08:49:43 +0000
commit: 27bf20b08f028e09b36afd8b49d1fbaa87746bb6 (patch)
tree: efbe0438383ae81f0c511a990e4a656ecd91e76c /src/lib
parent: 783244ed4a6bd90016acb876b9752acd0db924be (diff)
download: openbsd-27bf20b08f028e09b36afd8b49d1fbaa87746bb6.tar.gz
openbsd-27bf20b08f028e09b36afd8b49d1fbaa87746bb6.tar.bz2
openbsd-27bf20b08f028e09b36afd8b49d1fbaa87746bb6.zip
5 files changed, 14 insertions, 25 deletions
diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 626cd78b3b..00d9cfa65e 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -1028,7 +1028,6 @@ ECDSA_SIG_it
 ECDSA_SIG_new
 ECDSA_SIG_set0
 ECDSA_do_sign
-ECDSA_do_sign_ex
 ECDSA_do_verify
 ECDSA_get_default_method
 ECDSA_get_ex_data
@@ -1037,8 +1036,6 @@ ECDSA_set_default_method
 ECDSA_set_ex_data
 ECDSA_set_method
 ECDSA_sign
-ECDSA_sign_ex
-ECDSA_sign_setup
 ECDSA_size
 ECDSA_verify
 ECPARAMETERS_free
diff --git a/src/lib/libcrypto/Symbols.namespace b/src/lib/libcrypto/Symbols.namespace
index 60d6195fac..186e065ba2 100644
--- a/src/lib/libcrypto/Symbols.namespace
+++ b/src/lib/libcrypto/Symbols.namespace
@@ -1429,16 +1429,13 @@ _libre_ECDSA_SIG_get0_r
 _libre_ECDSA_SIG_get0_s
 _libre_ECDSA_SIG_set0
 _libre_ECDSA_do_sign
-_libre_ECDSA_do_sign_ex
 _libre_ECDSA_do_verify
 _libre_ECDSA_OpenSSL
 _libre_ECDSA_set_default_method
 _libre_ECDSA_get_default_method
 _libre_ECDSA_set_method
 _libre_ECDSA_size
-_libre_ECDSA_sign_setup
 _libre_ECDSA_sign
-_libre_ECDSA_sign_ex
 _libre_ECDSA_verify
 _libre_ECDSA_get_ex_new_index
 _libre_ECDSA_set_ex_data
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.c b/src/lib/libcrypto/ecdsa/ecdsa.c
index e47ec21281..17f968f0cc 100644
--- a/src/lib/libcrypto/ecdsa/ecdsa.c
+++ b/src/lib/libcrypto/ecdsa/ecdsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.c,v 1.12 2023/07/10 19:10:51 tb Exp $ */
+/* $OpenBSD: ecdsa.c,v 1.13 2023/07/28 08:49:43 tb Exp $ */
 /* ====================================================================
 * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
 *
@@ -71,6 +71,14 @@
 #include "ec_local.h"
 #include "ecdsa_local.h"
+static ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
+    const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
+static int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
+    unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
+    const BIGNUM *rp, EC_KEY *eckey);
+static int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv,
+    BIGNUM **out_r);
 static const ASN1_TEMPLATE ECDSA_SIG_seq_tt[] = {
        {
                .flags = 0,
@@ -762,7 +770,7 @@ ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
 }
 LCRYPTO_ALIAS(ECDSA_do_sign);
-ECDSA_SIG *
+static ECDSA_SIG *
 ECDSA_do_sign_ex(const unsigned char *digest, int digest_len,
    const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key)
 {
@@ -772,7 +780,6 @@ ECDSA_do_sign_ex(const unsigned char *digest, int digest_len,
        }
        return key->meth->sign_sig(digest, digest_len, kinv, out_r, key);
 }
-LCRYPTO_ALIAS(ECDSA_do_sign_ex);
 int
 ECDSA_sign(int type, const unsigned char *digest, int digest_len,
@@ -783,7 +790,7 @@ ECDSA_sign(int type, const unsigned char *digest, int digest_len,
 }
 LCRYPTO_ALIAS(ECDSA_sign);
-int
+static int
 ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len,
    unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
    const BIGNUM *r, EC_KEY *key)
@@ -795,9 +802,8 @@ ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len,
        return key->meth->sign(type, digest, digest_len, signature,
            signature_len, kinv, r, key);
 }
-LCRYPTO_ALIAS(ECDSA_sign_ex);
-int
+static int
 ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
    BIGNUM **out_r)
 {
@@ -807,7 +813,6 @@ ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
        }
        return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
 }
-LCRYPTO_ALIAS(ECDSA_sign_setup);
 int
 ECDSA_do_verify(const unsigned char *digest, int digest_len,
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.h b/src/lib/libcrypto/ecdsa/ecdsa.h
index 2e6b672627..9960a4b1ea 100644
--- a/src/lib/libcrypto/ecdsa/ecdsa.h
+++ b/src/lib/libcrypto/ecdsa/ecdsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.h,v 1.16 2023/06/19 09:12:41 tb Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.17 2023/07/28 08:49:43 tb Exp $ */
 /*
 * Written by Nils Larsch for the OpenSSL project
 */
@@ -108,8 +108,6 @@ int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
 ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
    EC_KEY *eckey);
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
-    const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
 int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
    const ECDSA_SIG *sig, EC_KEY* eckey);
@@ -119,13 +117,8 @@ const ECDSA_METHOD *ECDSA_get_default_method(void);
 int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
 int ECDSA_size(const EC_KEY *eckey);
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-    BIGNUM **rp);
 int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
    unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
-    unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
-    const BIGNUM *rp, EC_KEY *eckey);
 int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
    const unsigned char *sig, int siglen, EC_KEY *eckey);
diff --git a/src/lib/libcrypto/hidden/openssl/ecdsa.h b/src/lib/libcrypto/hidden/openssl/ecdsa.h
index ef8a789939..b2563ed37d 100644
--- a/src/lib/libcrypto/hidden/openssl/ecdsa.h
+++ b/src/lib/libcrypto/hidden/openssl/ecdsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.h,v 1.2 2023/07/07 19:37:54 beck Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.3 2023/07/28 08:49:43 tb Exp $ */
 /*
 * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
 *
@@ -34,16 +34,13 @@ LCRYPTO_USED(ECDSA_SIG_get0_r);
 LCRYPTO_USED(ECDSA_SIG_get0_s);
 LCRYPTO_USED(ECDSA_SIG_set0);
 LCRYPTO_USED(ECDSA_do_sign);
-LCRYPTO_USED(ECDSA_do_sign_ex);
 LCRYPTO_USED(ECDSA_do_verify);
 LCRYPTO_USED(ECDSA_OpenSSL);
 LCRYPTO_USED(ECDSA_set_default_method);
 LCRYPTO_USED(ECDSA_get_default_method);
 LCRYPTO_USED(ECDSA_set_method);
 LCRYPTO_USED(ECDSA_size);
-LCRYPTO_USED(ECDSA_sign_setup);
 LCRYPTO_USED(ECDSA_sign);
-LCRYPTO_USED(ECDSA_sign_ex);
 LCRYPTO_USED(ECDSA_verify);
 LCRYPTO_USED(ECDSA_get_ex_new_index);
 LCRYPTO_USED(ECDSA_set_ex_data);
author	tb <>	2023-07-28 08:49:43 +0000
committer	tb <>	2023-07-28 08:49:43 +0000
commit	27bf20b08f028e09b36afd8b49d1fbaa87746bb6 (patch)
tree	efbe0438383ae81f0c511a990e4a656ecd91e76c /src/lib
parent	783244ed4a6bd90016acb876b9752acd0db924be (diff)
download	openbsd-27bf20b08f028e09b36afd8b49d1fbaa87746bb6.tar.gz openbsd-27bf20b08f028e09b36afd8b49d1fbaa87746bb6.tar.bz2 openbsd-27bf20b08f028e09b36afd8b49d1fbaa87746bb6.zip