diff options
| author | tb <> | 2023-07-04 10:14:37 +0000 |
|---|---|---|
| committer | tb <> | 2023-07-04 10:14:37 +0000 |
| commit | ad81d98d5d3a5d63a41af45b5757fb2df4df009f (patch) | |
| tree | 6ac4be3ceea401863b2b9ff379a70ddc337396c4 /src/lib | |
| parent | 86d9e2671a60a6d38eb68893276182e4e22b3828 (diff) | |
| download | openbsd-ad81d98d5d3a5d63a41af45b5757fb2df4df009f.tar.gz openbsd-ad81d98d5d3a5d63a41af45b5757fb2df4df009f.tar.bz2 openbsd-ad81d98d5d3a5d63a41af45b5757fb2df4df009f.zip | |
Normalize on digest and digest_len rather than dgst dlen dgstlen, etc.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecs_ossl.c | 62 |
1 files changed, 34 insertions, 28 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c index be74d3b95c..2d10e160a5 100644 --- a/src/lib/libcrypto/ecdsa/ecs_ossl.c +++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecs_ossl.c,v 1.63 2023/07/04 10:06:36 tb Exp $ */ | 1 | /* $OpenBSD: ecs_ossl.c,v 1.64 2023/07/04 10:14:37 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Nils Larsch for the OpenSSL project | 3 | * Written by Nils Larsch for the OpenSSL project |
| 4 | */ | 4 | */ |
| @@ -97,14 +97,15 @@ ecdsa_prepare_digest(const unsigned char *digest, int digest_len, | |||
| 97 | } | 97 | } |
| 98 | 98 | ||
| 99 | int | 99 | int |
| 100 | ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 100 | ossl_ecdsa_sign(int type, const unsigned char *digest, int digest_len, |
| 101 | unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) | 101 | unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, |
| 102 | const BIGNUM *r, EC_KEY *eckey) | ||
| 102 | { | 103 | { |
| 103 | ECDSA_SIG *s; | 104 | ECDSA_SIG *s; |
| 104 | int outlen = 0; | 105 | int outlen = 0; |
| 105 | int ret = 0; | 106 | int ret = 0; |
| 106 | 107 | ||
| 107 | if ((s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey)) == NULL) | 108 | if ((s = ECDSA_do_sign_ex(digest, digest_len, kinv, r, eckey)) == NULL) |
| 108 | goto err; | 109 | goto err; |
| 109 | 110 | ||
| 110 | if ((outlen = i2d_ECDSA_SIG(s, &sig)) < 0) { | 111 | if ((outlen = i2d_ECDSA_SIG(s, &sig)) < 0) { |
| @@ -349,7 +350,7 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, | |||
| 349 | #define ECDSA_MAX_SIGN_ITERATIONS 32 | 350 | #define ECDSA_MAX_SIGN_ITERATIONS 32 |
| 350 | 351 | ||
| 351 | ECDSA_SIG * | 352 | ECDSA_SIG * |
| 352 | ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, | 353 | ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, |
| 353 | const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) | 354 | const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) |
| 354 | { | 355 | { |
| 355 | const EC_GROUP *group; | 356 | const EC_GROUP *group; |
| @@ -385,7 +386,7 @@ ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, | |||
| 385 | goto err; | 386 | goto err; |
| 386 | } | 387 | } |
| 387 | 388 | ||
| 388 | if (!ecdsa_prepare_digest(dgst, dgst_len, eckey, e)) | 389 | if (!ecdsa_prepare_digest(digest, digest_len, eckey, e)) |
| 389 | goto err; | 390 | goto err; |
| 390 | 391 | ||
| 391 | if (in_kinv != NULL && in_r != NULL) { | 392 | if (in_kinv != NULL && in_r != NULL) { |
| @@ -453,7 +454,7 @@ ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len, | |||
| 453 | } | 454 | } |
| 454 | 455 | ||
| 455 | int | 456 | int |
| 456 | ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, | 457 | ossl_ecdsa_verify(int type, const unsigned char *digest, int digest_len, |
| 457 | const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) | 458 | const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) |
| 458 | { | 459 | { |
| 459 | ECDSA_SIG *s; | 460 | ECDSA_SIG *s; |
| @@ -475,7 +476,7 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, | |||
| 475 | if (timingsafe_memcmp(sigbuf, der, derlen)) | 476 | if (timingsafe_memcmp(sigbuf, der, derlen)) |
| 476 | goto err; | 477 | goto err; |
| 477 | 478 | ||
| 478 | ret = ECDSA_do_verify(dgst, dgst_len, s, eckey); | 479 | ret = ECDSA_do_verify(digest, digest_len, s, eckey); |
| 479 | 480 | ||
| 480 | err: | 481 | err: |
| 481 | freezero(der, derlen); | 482 | freezero(der, derlen); |
| @@ -485,8 +486,8 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, | |||
| 485 | } | 486 | } |
| 486 | 487 | ||
| 487 | int | 488 | int |
| 488 | ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, | 489 | ossl_ecdsa_verify_sig(const unsigned char *digest, int digest_len, |
| 489 | EC_KEY *eckey) | 490 | const ECDSA_SIG *sig, EC_KEY *eckey) |
| 490 | { | 491 | { |
| 491 | const EC_GROUP *group; | 492 | const EC_GROUP *group; |
| 492 | const EC_POINT *pub_key; | 493 | const EC_POINT *pub_key; |
| @@ -542,7 +543,7 @@ ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG * | |||
| 542 | goto err; | 543 | goto err; |
| 543 | } | 544 | } |
| 544 | 545 | ||
| 545 | if (!ecdsa_prepare_digest(dgst, dgst_len, eckey, e)) | 546 | if (!ecdsa_prepare_digest(digest, digest_len, eckey, e)) |
| 546 | goto err; | 547 | goto err; |
| 547 | 548 | ||
| 548 | if (BN_mod_inverse_ct(u2, sig->s, order, ctx) == NULL) { /* w = inv(s) */ | 549 | if (BN_mod_inverse_ct(u2, sig->s, order, ctx) == NULL) { /* w = inv(s) */ |
| @@ -588,42 +589,46 @@ ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG * | |||
| 588 | } | 589 | } |
| 589 | 590 | ||
| 590 | ECDSA_SIG * | 591 | ECDSA_SIG * |
| 591 | ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) | 592 | ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *eckey) |
| 592 | { | 593 | { |
| 593 | return ECDSA_do_sign_ex(dgst, dlen, NULL, NULL, eckey); | 594 | return ECDSA_do_sign_ex(digest, digest_len, NULL, NULL, eckey); |
| 594 | } | 595 | } |
| 595 | 596 | ||
| 596 | ECDSA_SIG * | 597 | ECDSA_SIG * |
| 597 | ECDSA_do_sign_ex(const unsigned char *dgst, int dlen, const BIGNUM *kinv, | 598 | ECDSA_do_sign_ex(const unsigned char *digest, int digest_len, |
| 598 | const BIGNUM *out_r, EC_KEY *eckey) | 599 | const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *eckey) |
| 599 | { | 600 | { |
| 600 | if (eckey->meth->sign_sig == NULL) { | 601 | if (eckey->meth->sign_sig == NULL) { |
| 601 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); | 602 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); |
| 602 | return 0; | 603 | return 0; |
| 603 | } | 604 | } |
| 604 | return eckey->meth->sign_sig(dgst, dlen, kinv, out_r, eckey); | 605 | return eckey->meth->sign_sig(digest, digest_len, kinv, out_r, eckey); |
| 605 | } | 606 | } |
| 606 | 607 | ||
| 607 | int | 608 | int |
| 608 | ECDSA_sign(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 609 | ECDSA_sign(int type, const unsigned char *digest, int digest_len, |
| 609 | unsigned int *siglen, EC_KEY *eckey) | 610 | unsigned char *sig, unsigned int *siglen, EC_KEY *eckey) |
| 610 | { | 611 | { |
| 611 | return ECDSA_sign_ex(type, dgst, dlen, sig, siglen, NULL, NULL, eckey); | 612 | return ECDSA_sign_ex(type, digest, digest_len, sig, siglen, NULL, NULL, |
| 613 | eckey); | ||
| 612 | } | 614 | } |
| 613 | 615 | ||
| 614 | int | 616 | int |
| 615 | ECDSA_sign_ex(int type, const unsigned char *dgst, int dlen, unsigned char *sig, | 617 | ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len, |
| 616 | unsigned int *siglen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) | 618 | unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv, |
| 619 | const BIGNUM *r, EC_KEY *eckey) | ||
| 617 | { | 620 | { |
| 618 | if (eckey->meth->sign == NULL) { | 621 | if (eckey->meth->sign == NULL) { |
| 619 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); | 622 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); |
| 620 | return 0; | 623 | return 0; |
| 621 | } | 624 | } |
| 622 | return eckey->meth->sign(type, dgst, dlen, sig, siglen, kinv, r, eckey); | 625 | return eckey->meth->sign(type, digest, digest_len, sig, siglen, kinv, r, |
| 626 | eckey); | ||
| 623 | } | 627 | } |
| 624 | 628 | ||
| 625 | int | 629 | int |
| 626 | ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r) | 630 | ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, |
| 631 | BIGNUM **out_r) | ||
| 627 | { | 632 | { |
| 628 | if (eckey->meth->sign_setup == NULL) { | 633 | if (eckey->meth->sign_setup == NULL) { |
| 629 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); | 634 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); |
| @@ -633,25 +638,26 @@ ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_ | |||
| 633 | } | 638 | } |
| 634 | 639 | ||
| 635 | int | 640 | int |
| 636 | ECDSA_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, | 641 | ECDSA_do_verify(const unsigned char *digest, int digest_len, |
| 637 | EC_KEY *eckey) | 642 | const ECDSA_SIG *sig, EC_KEY *eckey) |
| 638 | { | 643 | { |
| 639 | if (eckey->meth->verify_sig == NULL) { | 644 | if (eckey->meth->verify_sig == NULL) { |
| 640 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); | 645 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); |
| 641 | return 0; | 646 | return 0; |
| 642 | } | 647 | } |
| 643 | return eckey->meth->verify_sig(dgst, dgst_len, sig, eckey); | 648 | return eckey->meth->verify_sig(digest, digest_len, sig, eckey); |
| 644 | } | 649 | } |
| 645 | 650 | ||
| 646 | int | 651 | int |
| 647 | ECDSA_verify(int type, const unsigned char *dgst, int dgst_len, | 652 | ECDSA_verify(int type, const unsigned char *digest, int digest_len, |
| 648 | const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) | 653 | const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) |
| 649 | { | 654 | { |
| 650 | if (eckey->meth->verify == NULL) { | 655 | if (eckey->meth->verify == NULL) { |
| 651 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); | 656 | ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); |
| 652 | return 0; | 657 | return 0; |
| 653 | } | 658 | } |
| 654 | return eckey->meth->verify(type, dgst, dgst_len, sigbuf, sig_len, eckey); | 659 | return eckey->meth->verify(type, digest, digest_len, sigbuf, sig_len, |
| 660 | eckey); | ||
| 655 | } | 661 | } |
| 656 | 662 | ||
| 657 | int | 663 | int |