diff options
| author | tb <> | 2023-07-05 14:39:05 +0000 |
|---|---|---|
| committer | tb <> | 2023-07-05 14:39:05 +0000 |
| commit | 6cf5bfab4153327648043102cb95aa0fb7b6d33a (patch) | |
| tree | ec531bad0a8e313114621e8f29d7afbf9cd0615c /src/lib | |
| parent | 260f77cf028addd36215686a4f82ebf72c34f238 (diff) | |
| download | openbsd-6cf5bfab4153327648043102cb95aa0fb7b6d33a.tar.gz openbsd-6cf5bfab4153327648043102cb95aa0fb7b6d33a.tar.bz2 openbsd-6cf5bfab4153327648043102cb95aa0fb7b6d33a.zip | |
ECDHerror() and ECDSAerror will go away
Move some trivial ones to ECerror().
discussed with jsing
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/ecdh/ecdh.c | 16 | ||||
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecdsa.c | 74 |
2 files changed, 45 insertions, 45 deletions
diff --git a/src/lib/libcrypto/ecdh/ecdh.c b/src/lib/libcrypto/ecdh/ecdh.c index d2de3a09af..d0486777e3 100644 --- a/src/lib/libcrypto/ecdh/ecdh.c +++ b/src/lib/libcrypto/ecdh/ecdh.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecdh.c,v 1.1 2023/07/05 12:31:14 tb Exp $ */ | 1 | /* $OpenBSD: ecdh.c,v 1.2 2023/07/05 14:39:05 tb Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. | 3 | * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. |
| 4 | * | 4 | * |
| @@ -161,7 +161,7 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh | |||
| 161 | 161 | ||
| 162 | if (outlen > INT_MAX) { | 162 | if (outlen > INT_MAX) { |
| 163 | /* Sort of, anyway. */ | 163 | /* Sort of, anyway. */ |
| 164 | ECDHerror(ERR_R_MALLOC_FAILURE); | 164 | ECerror(ERR_R_MALLOC_FAILURE); |
| 165 | return -1; | 165 | return -1; |
| 166 | } | 166 | } |
| 167 | 167 | ||
| @@ -182,7 +182,7 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh | |||
| 182 | goto err; | 182 | goto err; |
| 183 | 183 | ||
| 184 | if ((point = EC_POINT_new(group)) == NULL) { | 184 | if ((point = EC_POINT_new(group)) == NULL) { |
| 185 | ECDHerror(ERR_R_MALLOC_FAILURE); | 185 | ECerror(ERR_R_MALLOC_FAILURE); |
| 186 | goto err; | 186 | goto err; |
| 187 | } | 187 | } |
| 188 | 188 | ||
| @@ -193,11 +193,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh | |||
| 193 | 193 | ||
| 194 | if ((EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) != 0) { | 194 | if ((EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) != 0) { |
| 195 | if (!EC_GROUP_get_cofactor(group, cofactor, NULL)) { | 195 | if (!EC_GROUP_get_cofactor(group, cofactor, NULL)) { |
| 196 | ECDHerror(ERR_R_EC_LIB); | 196 | ECerror(ERR_R_EC_LIB); |
| 197 | goto err; | 197 | goto err; |
| 198 | } | 198 | } |
| 199 | if (!BN_mul(cofactor, cofactor, priv_key, ctx)) { | 199 | if (!BN_mul(cofactor, cofactor, priv_key, ctx)) { |
| 200 | ECDHerror(ERR_R_BN_LIB); | 200 | ECerror(ERR_R_BN_LIB); |
| 201 | goto err; | 201 | goto err; |
| 202 | } | 202 | } |
| 203 | priv_key = cofactor; | 203 | priv_key = cofactor; |
| @@ -214,7 +214,7 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh | |||
| 214 | } | 214 | } |
| 215 | 215 | ||
| 216 | if ((buflen = ECDH_size(ecdh)) < BN_num_bytes(x)) { | 216 | if ((buflen = ECDH_size(ecdh)) < BN_num_bytes(x)) { |
| 217 | ECDHerror(ERR_R_INTERNAL_ERROR); | 217 | ECerror(ERR_R_INTERNAL_ERROR); |
| 218 | goto err; | 218 | goto err; |
| 219 | } | 219 | } |
| 220 | if (KDF == NULL && outlen < buflen) { | 220 | if (KDF == NULL && outlen < buflen) { |
| @@ -223,11 +223,11 @@ ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh | |||
| 223 | goto err; | 223 | goto err; |
| 224 | } | 224 | } |
| 225 | if ((buf = malloc(buflen)) == NULL) { | 225 | if ((buf = malloc(buflen)) == NULL) { |
| 226 | ECDHerror(ERR_R_MALLOC_FAILURE); | 226 | ECerror(ERR_R_MALLOC_FAILURE); |
| 227 | goto err; | 227 | goto err; |
| 228 | } | 228 | } |
| 229 | if (BN_bn2binpad(x, buf, buflen) != buflen) { | 229 | if (BN_bn2binpad(x, buf, buflen) != buflen) { |
| 230 | ECDHerror(ERR_R_BN_LIB); | 230 | ECerror(ERR_R_BN_LIB); |
| 231 | goto err; | 231 | goto err; |
| 232 | } | 232 | } |
| 233 | 233 | ||
diff --git a/src/lib/libcrypto/ecdsa/ecdsa.c b/src/lib/libcrypto/ecdsa/ecdsa.c index b35f70688f..d256ff39a3 100644 --- a/src/lib/libcrypto/ecdsa/ecdsa.c +++ b/src/lib/libcrypto/ecdsa/ecdsa.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecdsa.c,v 1.7 2023/07/05 13:01:44 tb Exp $ */ | 1 | /* $OpenBSD: ecdsa.c,v 1.8 2023/07/05 14:39:05 tb Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -261,11 +261,11 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) | |||
| 261 | *out_r = NULL; | 261 | *out_r = NULL; |
| 262 | 262 | ||
| 263 | if (key == NULL) { | 263 | if (key == NULL) { |
| 264 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | 264 | ECerror(ERR_R_PASSED_NULL_PARAMETER); |
| 265 | goto err; | 265 | goto err; |
| 266 | } | 266 | } |
| 267 | if ((group = EC_KEY_get0_group(key)) == NULL) { | 267 | if ((group = EC_KEY_get0_group(key)) == NULL) { |
| 268 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | 268 | ECerror(ERR_R_PASSED_NULL_PARAMETER); |
| 269 | goto err; | 269 | goto err; |
| 270 | } | 270 | } |
| 271 | 271 | ||
| @@ -277,7 +277,7 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) | |||
| 277 | if ((ctx = in_ctx) == NULL) | 277 | if ((ctx = in_ctx) == NULL) |
| 278 | ctx = BN_CTX_new(); | 278 | ctx = BN_CTX_new(); |
| 279 | if (ctx == NULL) { | 279 | if (ctx == NULL) { |
| 280 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 280 | ECerror(ERR_R_MALLOC_FAILURE); |
| 281 | goto err; | 281 | goto err; |
| 282 | } | 282 | } |
| 283 | 283 | ||
| @@ -287,22 +287,22 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) | |||
| 287 | goto err; | 287 | goto err; |
| 288 | 288 | ||
| 289 | if ((point = EC_POINT_new(group)) == NULL) { | 289 | if ((point = EC_POINT_new(group)) == NULL) { |
| 290 | ECDSAerror(ERR_R_EC_LIB); | 290 | ECerror(ERR_R_EC_LIB); |
| 291 | goto err; | 291 | goto err; |
| 292 | } | 292 | } |
| 293 | if ((order = EC_GROUP_get0_order(group)) == NULL) { | 293 | if ((order = EC_GROUP_get0_order(group)) == NULL) { |
| 294 | ECDSAerror(ERR_R_EC_LIB); | 294 | ECerror(ERR_R_EC_LIB); |
| 295 | goto err; | 295 | goto err; |
| 296 | } | 296 | } |
| 297 | 297 | ||
| 298 | if (BN_cmp(order, BN_value_one()) <= 0) { | 298 | if (BN_cmp(order, BN_value_one()) <= 0) { |
| 299 | ECDSAerror(EC_R_INVALID_GROUP_ORDER); | 299 | ECerror(EC_R_INVALID_GROUP_ORDER); |
| 300 | goto err; | 300 | goto err; |
| 301 | } | 301 | } |
| 302 | 302 | ||
| 303 | /* Reject curves with an order that is smaller than 80 bits. */ | 303 | /* Reject curves with an order that is smaller than 80 bits. */ |
| 304 | if ((order_bits = BN_num_bits(order)) < 80) { | 304 | if ((order_bits = BN_num_bits(order)) < 80) { |
| 305 | ECDSAerror(EC_R_INVALID_GROUP_ORDER); | 305 | ECerror(EC_R_INVALID_GROUP_ORDER); |
| 306 | goto err; | 306 | goto err; |
| 307 | } | 307 | } |
| 308 | 308 | ||
| @@ -343,25 +343,25 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) | |||
| 343 | 343 | ||
| 344 | /* Step 5: P = k * G. */ | 344 | /* Step 5: P = k * G. */ |
| 345 | if (!EC_POINT_mul(group, point, k, NULL, NULL, ctx)) { | 345 | if (!EC_POINT_mul(group, point, k, NULL, NULL, ctx)) { |
| 346 | ECDSAerror(ERR_R_EC_LIB); | 346 | ECerror(ERR_R_EC_LIB); |
| 347 | goto err; | 347 | goto err; |
| 348 | } | 348 | } |
| 349 | /* Steps 6 (and 7): from P = (x, y) retain the x-coordinate. */ | 349 | /* Steps 6 (and 7): from P = (x, y) retain the x-coordinate. */ |
| 350 | if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, | 350 | if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, |
| 351 | ctx)) { | 351 | ctx)) { |
| 352 | ECDSAerror(ERR_R_EC_LIB); | 352 | ECerror(ERR_R_EC_LIB); |
| 353 | goto err; | 353 | goto err; |
| 354 | } | 354 | } |
| 355 | /* Step 8: r = x (mod order). */ | 355 | /* Step 8: r = x (mod order). */ |
| 356 | if (!BN_nnmod(r, x, order, ctx)) { | 356 | if (!BN_nnmod(r, x, order, ctx)) { |
| 357 | ECDSAerror(ERR_R_BN_LIB); | 357 | ECerror(ERR_R_BN_LIB); |
| 358 | goto err; | 358 | goto err; |
| 359 | } | 359 | } |
| 360 | } while (BN_is_zero(r)); | 360 | } while (BN_is_zero(r)); |
| 361 | 361 | ||
| 362 | /* Step 4: calculate kinv. */ | 362 | /* Step 4: calculate kinv. */ |
| 363 | if (BN_mod_inverse_ct(k, k, order, ctx) == NULL) { | 363 | if (BN_mod_inverse_ct(k, k, order, ctx) == NULL) { |
| 364 | ECDSAerror(ERR_R_BN_LIB); | 364 | ECerror(ERR_R_BN_LIB); |
| 365 | goto err; | 365 | goto err; |
| 366 | } | 366 | } |
| 367 | 367 | ||
| @@ -406,15 +406,15 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, | |||
| 406 | BN_CTX_start(ctx); | 406 | BN_CTX_start(ctx); |
| 407 | 407 | ||
| 408 | if ((group = EC_KEY_get0_group(key)) == NULL) { | 408 | if ((group = EC_KEY_get0_group(key)) == NULL) { |
| 409 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | 409 | ECerror(ERR_R_PASSED_NULL_PARAMETER); |
| 410 | goto err; | 410 | goto err; |
| 411 | } | 411 | } |
| 412 | if ((order = EC_GROUP_get0_order(group)) == NULL) { | 412 | if ((order = EC_GROUP_get0_order(group)) == NULL) { |
| 413 | ECDSAerror(ERR_R_EC_LIB); | 413 | ECerror(ERR_R_EC_LIB); |
| 414 | goto err; | 414 | goto err; |
| 415 | } | 415 | } |
| 416 | if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { | 416 | if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { |
| 417 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | 417 | ECerror(ERR_R_PASSED_NULL_PARAMETER); |
| 418 | goto err; | 418 | goto err; |
| 419 | } | 419 | } |
| 420 | 420 | ||
| @@ -441,39 +441,39 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, | |||
| 441 | } | 441 | } |
| 442 | 442 | ||
| 443 | if (!bn_rand_interval(b, BN_value_one(), order)) { | 443 | if (!bn_rand_interval(b, BN_value_one(), order)) { |
| 444 | ECDSAerror(ERR_R_BN_LIB); | 444 | ECerror(ERR_R_BN_LIB); |
| 445 | goto err; | 445 | goto err; |
| 446 | } | 446 | } |
| 447 | 447 | ||
| 448 | if (BN_mod_inverse_ct(binv, b, order, ctx) == NULL) { | 448 | if (BN_mod_inverse_ct(binv, b, order, ctx) == NULL) { |
| 449 | ECDSAerror(ERR_R_BN_LIB); | 449 | ECerror(ERR_R_BN_LIB); |
| 450 | goto err; | 450 | goto err; |
| 451 | } | 451 | } |
| 452 | 452 | ||
| 453 | if (!BN_mod_mul(bxr, b, priv_key, order, ctx)) { | 453 | if (!BN_mod_mul(bxr, b, priv_key, order, ctx)) { |
| 454 | ECDSAerror(ERR_R_BN_LIB); | 454 | ECerror(ERR_R_BN_LIB); |
| 455 | goto err; | 455 | goto err; |
| 456 | } | 456 | } |
| 457 | if (!BN_mod_mul(bxr, bxr, r, order, ctx)) { | 457 | if (!BN_mod_mul(bxr, bxr, r, order, ctx)) { |
| 458 | ECDSAerror(ERR_R_BN_LIB); | 458 | ECerror(ERR_R_BN_LIB); |
| 459 | goto err; | 459 | goto err; |
| 460 | } | 460 | } |
| 461 | if (!BN_mod_mul(be, b, e, order, ctx)) { | 461 | if (!BN_mod_mul(be, b, e, order, ctx)) { |
| 462 | ECDSAerror(ERR_R_BN_LIB); | 462 | ECerror(ERR_R_BN_LIB); |
| 463 | goto err; | 463 | goto err; |
| 464 | } | 464 | } |
| 465 | if (!BN_mod_add(s, be, bxr, order, ctx)) { | 465 | if (!BN_mod_add(s, be, bxr, order, ctx)) { |
| 466 | ECDSAerror(ERR_R_BN_LIB); | 466 | ECerror(ERR_R_BN_LIB); |
| 467 | goto err; | 467 | goto err; |
| 468 | } | 468 | } |
| 469 | /* s = b(e + xr)k^-1 */ | 469 | /* s = b(e + xr)k^-1 */ |
| 470 | if (!BN_mod_mul(s, s, kinv, order, ctx)) { | 470 | if (!BN_mod_mul(s, s, kinv, order, ctx)) { |
| 471 | ECDSAerror(ERR_R_BN_LIB); | 471 | ECerror(ERR_R_BN_LIB); |
| 472 | goto err; | 472 | goto err; |
| 473 | } | 473 | } |
| 474 | /* s = (e + xr)k^-1 */ | 474 | /* s = (e + xr)k^-1 */ |
| 475 | if (!BN_mod_mul(s, s, binv, order, ctx)) { | 475 | if (!BN_mod_mul(s, s, binv, order, ctx)) { |
| 476 | ECDSAerror(ERR_R_BN_LIB); | 476 | ECerror(ERR_R_BN_LIB); |
| 477 | goto err; | 477 | goto err; |
| 478 | } | 478 | } |
| 479 | 479 | ||
| @@ -517,7 +517,7 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, | |||
| 517 | ECDSA_SIG *sig = NULL; | 517 | ECDSA_SIG *sig = NULL; |
| 518 | 518 | ||
| 519 | if ((ctx = BN_CTX_new()) == NULL) { | 519 | if ((ctx = BN_CTX_new()) == NULL) { |
| 520 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 520 | ECerror(ERR_R_MALLOC_FAILURE); |
| 521 | goto err; | 521 | goto err; |
| 522 | } | 522 | } |
| 523 | 523 | ||
| @@ -539,11 +539,11 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, | |||
| 539 | caller_supplied_values = 1; | 539 | caller_supplied_values = 1; |
| 540 | 540 | ||
| 541 | if ((kinv = BN_dup(in_kinv)) == NULL) { | 541 | if ((kinv = BN_dup(in_kinv)) == NULL) { |
| 542 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 542 | ECerror(ERR_R_MALLOC_FAILURE); |
| 543 | goto err; | 543 | goto err; |
| 544 | } | 544 | } |
| 545 | if ((r = BN_dup(in_r)) == NULL) { | 545 | if ((r = BN_dup(in_r)) == NULL) { |
| 546 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 546 | ECerror(ERR_R_MALLOC_FAILURE); |
| 547 | goto err; | 547 | goto err; |
| 548 | } | 548 | } |
| 549 | } | 549 | } |
| @@ -571,14 +571,14 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len, | |||
| 571 | } | 571 | } |
| 572 | 572 | ||
| 573 | if (++attempts > ECDSA_MAX_SIGN_ITERATIONS) { | 573 | if (++attempts > ECDSA_MAX_SIGN_ITERATIONS) { |
| 574 | ECDSAerror(EC_R_WRONG_CURVE_PARAMETERS); | 574 | ECerror(EC_R_WRONG_CURVE_PARAMETERS); |
| 575 | goto err; | 575 | goto err; |
| 576 | } | 576 | } |
| 577 | } while (1); | 577 | } while (1); |
| 578 | 578 | ||
| 579 | /* Step 12: output (r, s). */ | 579 | /* Step 12: output (r, s). */ |
| 580 | if ((sig = ECDSA_SIG_new()) == NULL) { | 580 | if ((sig = ECDSA_SIG_new()) == NULL) { |
| 581 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 581 | ECerror(ERR_R_MALLOC_FAILURE); |
| 582 | goto err; | 582 | goto err; |
| 583 | } | 583 | } |
| 584 | if (!ECDSA_SIG_set0(sig, r, s)) { | 584 | if (!ECDSA_SIG_set0(sig, r, s)) { |
| @@ -661,7 +661,7 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len, | |||
| 661 | } | 661 | } |
| 662 | 662 | ||
| 663 | if ((ctx = BN_CTX_new()) == NULL) { | 663 | if ((ctx = BN_CTX_new()) == NULL) { |
| 664 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 664 | ECerror(ERR_R_MALLOC_FAILURE); |
| 665 | goto err; | 665 | goto err; |
| 666 | } | 666 | } |
| 667 | 667 | ||
| @@ -679,7 +679,7 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len, | |||
| 679 | goto err; | 679 | goto err; |
| 680 | 680 | ||
| 681 | if ((order = EC_GROUP_get0_order(group)) == NULL) { | 681 | if ((order = EC_GROUP_get0_order(group)) == NULL) { |
| 682 | ECDSAerror(ERR_R_EC_LIB); | 682 | ECerror(ERR_R_EC_LIB); |
| 683 | goto err; | 683 | goto err; |
| 684 | } | 684 | } |
| 685 | 685 | ||
| @@ -701,16 +701,16 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len, | |||
| 701 | 701 | ||
| 702 | /* Step 4: compute the inverse of s modulo order. */ | 702 | /* Step 4: compute the inverse of s modulo order. */ |
| 703 | if (BN_mod_inverse_ct(sinv, sig->s, order, ctx) == NULL) { | 703 | if (BN_mod_inverse_ct(sinv, sig->s, order, ctx) == NULL) { |
| 704 | ECDSAerror(ERR_R_BN_LIB); | 704 | ECerror(ERR_R_BN_LIB); |
| 705 | goto err; | 705 | goto err; |
| 706 | } | 706 | } |
| 707 | /* Step 5: compute u = s^-1 * e and v = s^-1 * r (modulo order). */ | 707 | /* Step 5: compute u = s^-1 * e and v = s^-1 * r (modulo order). */ |
| 708 | if (!BN_mod_mul(u, e, sinv, order, ctx)) { | 708 | if (!BN_mod_mul(u, e, sinv, order, ctx)) { |
| 709 | ECDSAerror(ERR_R_BN_LIB); | 709 | ECerror(ERR_R_BN_LIB); |
| 710 | goto err; | 710 | goto err; |
| 711 | } | 711 | } |
| 712 | if (!BN_mod_mul(v, sig->r, sinv, order, ctx)) { | 712 | if (!BN_mod_mul(v, sig->r, sinv, order, ctx)) { |
| 713 | ECDSAerror(ERR_R_BN_LIB); | 713 | ECerror(ERR_R_BN_LIB); |
| 714 | goto err; | 714 | goto err; |
| 715 | } | 715 | } |
| 716 | 716 | ||
| @@ -720,20 +720,20 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len, | |||
| 720 | * the x coordinate. | 720 | * the x coordinate. |
| 721 | */ | 721 | */ |
| 722 | if ((point = EC_POINT_new(group)) == NULL) { | 722 | if ((point = EC_POINT_new(group)) == NULL) { |
| 723 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 723 | ECerror(ERR_R_MALLOC_FAILURE); |
| 724 | goto err; | 724 | goto err; |
| 725 | } | 725 | } |
| 726 | if (!EC_POINT_mul(group, point, u, pub_key, v, ctx)) { | 726 | if (!EC_POINT_mul(group, point, u, pub_key, v, ctx)) { |
| 727 | ECDSAerror(ERR_R_EC_LIB); | 727 | ECerror(ERR_R_EC_LIB); |
| 728 | goto err; | 728 | goto err; |
| 729 | } | 729 | } |
| 730 | if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, ctx)) { | 730 | if (!EC_POINT_get_affine_coordinates(group, point, x, NULL, ctx)) { |
| 731 | ECDSAerror(ERR_R_EC_LIB); | 731 | ECerror(ERR_R_EC_LIB); |
| 732 | goto err; | 732 | goto err; |
| 733 | } | 733 | } |
| 734 | /* Step 8: convert x to a number in [0, order). */ | 734 | /* Step 8: convert x to a number in [0, order). */ |
| 735 | if (!BN_nnmod(x, x, order, ctx)) { | 735 | if (!BN_nnmod(x, x, order, ctx)) { |
| 736 | ECDSAerror(ERR_R_BN_LIB); | 736 | ECerror(ERR_R_BN_LIB); |
| 737 | goto err; | 737 | goto err; |
| 738 | } | 738 | } |
| 739 | 739 | ||