diff options
| author | tb <> | 2023-07-04 10:53:42 +0000 |
|---|---|---|
| committer | tb <> | 2023-07-04 10:53:42 +0000 |
| commit | e29c1d622ce88688738223acc85fde2ebce9b3d8 (patch) | |
| tree | 7bb8ff58b8e515456c9405129e29bcf1ab6dc1d6 /src/lib | |
| parent | 09847e13eaea25ba42604e20264eb8bd44d8e56e (diff) | |
| download | openbsd-e29c1d622ce88688738223acc85fde2ebce9b3d8.tar.gz openbsd-e29c1d622ce88688738223acc85fde2ebce9b3d8.tar.bz2 openbsd-e29c1d622ce88688738223acc85fde2ebce9b3d8.zip | |
Extract private key and group order in s computation
This pushes a few variables no longer needed in ossl_ecdsa_sign_sig() into
ecdsa_compute_s() separating API logic and pure computation a bit more.
ok beck
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/ecdsa/ecs_ossl.c | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c index dcc823bbaa..4bc77a4920 100644 --- a/src/lib/libcrypto/ecdsa/ecs_ossl.c +++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecs_ossl.c,v 1.67 2023/07/04 10:31:57 tb Exp $ */ | 1 | /* $OpenBSD: ecs_ossl.c,v 1.68 2023/07/04 10:53:42 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Nils Larsch for the OpenSSL project | 3 | * Written by Nils Larsch for the OpenSSL project |
| 4 | */ | 4 | */ |
| @@ -269,8 +269,10 @@ ossl_ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, | |||
| 269 | 269 | ||
| 270 | static int | 270 | static int |
| 271 | ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, | 271 | ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, |
| 272 | const BIGNUM *r, const BIGNUM *priv_key, const BIGNUM *order, BN_CTX *ctx) | 272 | const BIGNUM *r, const EC_KEY *key, BN_CTX *ctx) |
| 273 | { | 273 | { |
| 274 | const EC_GROUP *group; | ||
| 275 | const BIGNUM *order, *priv_key; | ||
| 274 | BIGNUM *b, *binv, *be, *bxr; | 276 | BIGNUM *b, *binv, *be, *bxr; |
| 275 | BIGNUM *s = NULL; | 277 | BIGNUM *s = NULL; |
| 276 | int ret = 0; | 278 | int ret = 0; |
| @@ -279,6 +281,19 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, | |||
| 279 | 281 | ||
| 280 | BN_CTX_start(ctx); | 282 | BN_CTX_start(ctx); |
| 281 | 283 | ||
| 284 | if ((group = EC_KEY_get0_group(key)) == NULL) { | ||
| 285 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | ||
| 286 | goto err; | ||
| 287 | } | ||
| 288 | if ((order = EC_GROUP_get0_order(group)) == NULL) { | ||
| 289 | ECDSAerror(ERR_R_EC_LIB); | ||
| 290 | goto err; | ||
| 291 | } | ||
| 292 | if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { | ||
| 293 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | ||
| 294 | goto err; | ||
| 295 | } | ||
| 296 | |||
| 282 | if ((b = BN_CTX_get(ctx)) == NULL) | 297 | if ((b = BN_CTX_get(ctx)) == NULL) |
| 283 | goto err; | 298 | goto err; |
| 284 | if ((binv = BN_CTX_get(ctx)) == NULL) | 299 | if ((binv = BN_CTX_get(ctx)) == NULL) |
| @@ -353,24 +368,13 @@ ECDSA_SIG * | |||
| 353 | ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, | 368 | ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, |
| 354 | const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *key) | 369 | const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *key) |
| 355 | { | 370 | { |
| 356 | const EC_GROUP *group; | ||
| 357 | BN_CTX *ctx = NULL; | 371 | BN_CTX *ctx = NULL; |
| 358 | BIGNUM *kinv = NULL, *r = NULL, *s = NULL; | 372 | BIGNUM *kinv = NULL, *r = NULL, *s = NULL; |
| 359 | BIGNUM *e; | 373 | BIGNUM *e; |
| 360 | const BIGNUM *order, *priv_key; | ||
| 361 | int caller_supplied_values = 0; | 374 | int caller_supplied_values = 0; |
| 362 | int attempts = 0; | 375 | int attempts = 0; |
| 363 | ECDSA_SIG *sig = NULL; | 376 | ECDSA_SIG *sig = NULL; |
| 364 | 377 | ||
| 365 | if ((group = EC_KEY_get0_group(key)) == NULL) { | ||
| 366 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | ||
| 367 | goto err; | ||
| 368 | } | ||
| 369 | if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { | ||
| 370 | ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); | ||
| 371 | goto err; | ||
| 372 | } | ||
| 373 | |||
| 374 | if ((ctx = BN_CTX_new()) == NULL) { | 378 | if ((ctx = BN_CTX_new()) == NULL) { |
| 375 | ECDSAerror(ERR_R_MALLOC_FAILURE); | 379 | ECDSAerror(ERR_R_MALLOC_FAILURE); |
| 376 | goto err; | 380 | goto err; |
| @@ -381,11 +385,6 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, | |||
| 381 | if ((e = BN_CTX_get(ctx)) == NULL) | 385 | if ((e = BN_CTX_get(ctx)) == NULL) |
| 382 | goto err; | 386 | goto err; |
| 383 | 387 | ||
| 384 | if ((order = EC_GROUP_get0_order(group)) == NULL) { | ||
| 385 | ECDSAerror(ERR_R_EC_LIB); | ||
| 386 | goto err; | ||
| 387 | } | ||
| 388 | |||
| 389 | if (!ecdsa_prepare_digest(digest, digest_len, key, e)) | 388 | if (!ecdsa_prepare_digest(digest, digest_len, key, e)) |
| 390 | goto err; | 389 | goto err; |
| 391 | 390 | ||
| @@ -416,7 +415,7 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, | |||
| 416 | } | 415 | } |
| 417 | 416 | ||
| 418 | /* If s is non-NULL, we have a valid signature. */ | 417 | /* If s is non-NULL, we have a valid signature. */ |
| 419 | if (!ecdsa_compute_s(&s, e, kinv, r, priv_key, order, ctx)) | 418 | if (!ecdsa_compute_s(&s, e, kinv, r, key, ctx)) |
| 420 | goto err; | 419 | goto err; |
| 421 | if (s != NULL) | 420 | if (s != NULL) |
| 422 | break; | 421 | break; |