diff options
| -rw-r--r-- | src/lib/libcrypto/ec/ec_lib.c | 8 | ||||
| -rw-r--r-- | src/lib/libcrypto/ec/ec_local.h | 4 | ||||
| -rw-r--r-- | src/lib/libcrypto/ec/ecp_methods.c | 20 |
3 files changed, 8 insertions, 24 deletions
diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c index f906054603..a60543ab98 100644 --- a/src/lib/libcrypto/ec/ec_lib.c +++ b/src/lib/libcrypto/ec/ec_lib.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_lib.c,v 1.112 2025/01/21 17:01:25 tb Exp $ */ | 1 | /* $OpenBSD: ec_lib.c,v 1.113 2025/01/22 09:56:58 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | 3 | * Originally written by Bodo Moeller for the OpenSSL project. |
| 4 | */ | 4 | */ |
| @@ -1347,8 +1347,7 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, | |||
| 1347 | if (ctx == NULL) | 1347 | if (ctx == NULL) |
| 1348 | goto err; | 1348 | goto err; |
| 1349 | 1349 | ||
| 1350 | if (group->meth->mul_generator_ct == NULL || | 1350 | if (group->meth->mul_single_ct == NULL || |
| 1351 | group->meth->mul_single_ct == NULL || | ||
| 1352 | group->meth->mul_double_nonct == NULL) { | 1351 | group->meth->mul_double_nonct == NULL) { |
| 1353 | ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); | 1352 | ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); |
| 1354 | goto err; | 1353 | goto err; |
| @@ -1363,7 +1362,8 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar, | |||
| 1363 | * secret. This is why we ignore if BN_FLG_CONSTTIME is actually | 1362 | * secret. This is why we ignore if BN_FLG_CONSTTIME is actually |
| 1364 | * set and we always call the constant time version. | 1363 | * set and we always call the constant time version. |
| 1365 | */ | 1364 | */ |
| 1366 | ret = group->meth->mul_generator_ct(group, r, g_scalar, ctx); | 1365 | ret = group->meth->mul_single_ct(group, r, g_scalar, |
| 1366 | group->generator, ctx); | ||
| 1367 | } else if (g_scalar == NULL && point != NULL && p_scalar != NULL) { | 1367 | } else if (g_scalar == NULL && point != NULL && p_scalar != NULL) { |
| 1368 | /* | 1368 | /* |
| 1369 | * In this case we want to compute p_scalar * GenericPoint: | 1369 | * In this case we want to compute p_scalar * GenericPoint: |
diff --git a/src/lib/libcrypto/ec/ec_local.h b/src/lib/libcrypto/ec/ec_local.h index afa8b0307f..84c1552c8a 100644 --- a/src/lib/libcrypto/ec/ec_local.h +++ b/src/lib/libcrypto/ec/ec_local.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_local.h,v 1.62 2025/01/11 20:57:03 tb Exp $ */ | 1 | /* $OpenBSD: ec_local.h,v 1.63 2025/01/22 09:56:58 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Originally written by Bodo Moeller for the OpenSSL project. | 3 | * Originally written by Bodo Moeller for the OpenSSL project. |
| 4 | */ | 4 | */ |
| @@ -105,8 +105,6 @@ struct ec_method_st { | |||
| 105 | int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); | 105 | int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *); |
| 106 | int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *); | 106 | int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *); |
| 107 | 107 | ||
| 108 | int (*mul_generator_ct)(const EC_GROUP *, EC_POINT *r, | ||
| 109 | const BIGNUM *scalar, BN_CTX *); | ||
| 110 | int (*mul_single_ct)(const EC_GROUP *group, EC_POINT *r, | 108 | int (*mul_single_ct)(const EC_GROUP *group, EC_POINT *r, |
| 111 | const BIGNUM *scalar, const EC_POINT *point, BN_CTX *); | 109 | const BIGNUM *scalar, const EC_POINT *point, BN_CTX *); |
| 112 | int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r, | 110 | int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r, |
diff --git a/src/lib/libcrypto/ec/ecp_methods.c b/src/lib/libcrypto/ec/ecp_methods.c index 718bd4565a..62966e14d6 100644 --- a/src/lib/libcrypto/ec/ecp_methods.c +++ b/src/lib/libcrypto/ec/ecp_methods.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecp_methods.c,v 1.39 2025/01/17 11:11:27 tb Exp $ */ | 1 | /* $OpenBSD: ecp_methods.c,v 1.40 2025/01/22 09:56:58 jsing Exp $ */ |
| 2 | /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> | 2 | /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de> |
| 3 | * for the OpenSSL project. | 3 | * for the OpenSSL project. |
| 4 | * Includes code written by Bodo Moeller for the OpenSSL project. | 4 | * Includes code written by Bodo Moeller for the OpenSSL project. |
| @@ -1023,13 +1023,8 @@ ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 1023 | if ((s = EC_POINT_new(group)) == NULL) | 1023 | if ((s = EC_POINT_new(group)) == NULL) |
| 1024 | goto err; | 1024 | goto err; |
| 1025 | 1025 | ||
| 1026 | if (point == NULL) { | 1026 | if (!EC_POINT_copy(s, point)) |
| 1027 | if (!EC_POINT_copy(s, group->generator)) | 1027 | goto err; |
| 1028 | goto err; | ||
| 1029 | } else { | ||
| 1030 | if (!EC_POINT_copy(s, point)) | ||
| 1031 | goto err; | ||
| 1032 | } | ||
| 1033 | 1028 | ||
| 1034 | EC_POINT_BN_set_flags(s, BN_FLG_CONSTTIME); | 1029 | EC_POINT_BN_set_flags(s, BN_FLG_CONSTTIME); |
| 1035 | 1030 | ||
| @@ -1195,13 +1190,6 @@ ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | |||
| 1195 | #undef EC_POINT_CSWAP | 1190 | #undef EC_POINT_CSWAP |
| 1196 | 1191 | ||
| 1197 | static int | 1192 | static int |
| 1198 | ec_mul_generator_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | ||
| 1199 | BN_CTX *ctx) | ||
| 1200 | { | ||
| 1201 | return ec_mul_ct(group, r, scalar, NULL, ctx); | ||
| 1202 | } | ||
| 1203 | |||
| 1204 | static int | ||
| 1205 | ec_mul_single_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, | 1193 | ec_mul_single_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, |
| 1206 | const EC_POINT *point, BN_CTX *ctx) | 1194 | const EC_POINT *point, BN_CTX *ctx) |
| 1207 | { | 1195 | { |
| @@ -1317,7 +1305,6 @@ static const EC_METHOD ec_GFp_simple_method = { | |||
| 1317 | .add = ec_add, | 1305 | .add = ec_add, |
| 1318 | .dbl = ec_dbl, | 1306 | .dbl = ec_dbl, |
| 1319 | .invert = ec_invert, | 1307 | .invert = ec_invert, |
| 1320 | .mul_generator_ct = ec_mul_generator_ct, | ||
| 1321 | .mul_single_ct = ec_mul_single_ct, | 1308 | .mul_single_ct = ec_mul_single_ct, |
| 1322 | .mul_double_nonct = ec_mul_double_nonct, | 1309 | .mul_double_nonct = ec_mul_double_nonct, |
| 1323 | .field_mul = ec_simple_field_mul, | 1310 | .field_mul = ec_simple_field_mul, |
| @@ -1343,7 +1330,6 @@ static const EC_METHOD ec_GFp_mont_method = { | |||
| 1343 | .add = ec_add, | 1330 | .add = ec_add, |
| 1344 | .dbl = ec_dbl, | 1331 | .dbl = ec_dbl, |
| 1345 | .invert = ec_invert, | 1332 | .invert = ec_invert, |
| 1346 | .mul_generator_ct = ec_mul_generator_ct, | ||
| 1347 | .mul_single_ct = ec_mul_single_ct, | 1333 | .mul_single_ct = ec_mul_single_ct, |
| 1348 | .mul_double_nonct = ec_mul_double_nonct, | 1334 | .mul_double_nonct = ec_mul_double_nonct, |
| 1349 | .field_mul = ec_mont_field_mul, | 1335 | .field_mul = ec_mont_field_mul, |