diff options
Diffstat (limited to 'src/lib/libcrypto/ec/ecp_nistp224.c')
| -rw-r--r-- | src/lib/libcrypto/ec/ecp_nistp224.c | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/src/lib/libcrypto/ec/ecp_nistp224.c b/src/lib/libcrypto/ec/ecp_nistp224.c index 0976f24a9f..38dd83b6d9 100644 --- a/src/lib/libcrypto/ec/ecp_nistp224.c +++ b/src/lib/libcrypto/ec/ecp_nistp224.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ecp_nistp224.c,v 1.17 2015/09/10 15:56:25 jsing Exp $ */ | 1 | /* $OpenBSD: ecp_nistp224.c,v 1.18 2017/01/29 17:49:23 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Emilia Kasper (Google) for the OpenSSL project. | 3 | * Written by Emilia Kasper (Google) for the OpenSSL project. |
| 4 | */ | 4 | */ |
| @@ -319,11 +319,11 @@ BN_to_felem(felem out, const BIGNUM * bn) | |||
| 319 | memset(b_out, 0, sizeof b_out); | 319 | memset(b_out, 0, sizeof b_out); |
| 320 | num_bytes = BN_num_bytes(bn); | 320 | num_bytes = BN_num_bytes(bn); |
| 321 | if (num_bytes > sizeof b_out) { | 321 | if (num_bytes > sizeof b_out) { |
| 322 | ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); | 322 | ECerror(EC_R_BIGNUM_OUT_OF_RANGE); |
| 323 | return 0; | 323 | return 0; |
| 324 | } | 324 | } |
| 325 | if (BN_is_negative(bn)) { | 325 | if (BN_is_negative(bn)) { |
| 326 | ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE); | 326 | ECerror(EC_R_BIGNUM_OUT_OF_RANGE); |
| 327 | return 0; | 327 | return 0; |
| 328 | } | 328 | } |
| 329 | num_bytes = BN_bn2bin(bn, b_in); | 329 | num_bytes = BN_bn2bin(bn, b_in); |
| @@ -1191,7 +1191,7 @@ nistp224_pre_comp_new() | |||
| 1191 | NISTP224_PRE_COMP *ret = NULL; | 1191 | NISTP224_PRE_COMP *ret = NULL; |
| 1192 | ret = malloc(sizeof *ret); | 1192 | ret = malloc(sizeof *ret); |
| 1193 | if (!ret) { | 1193 | if (!ret) { |
| 1194 | ECerr(EC_F_NISTP224_PRE_COMP_NEW, ERR_R_MALLOC_FAILURE); | 1194 | ECerror(ERR_R_MALLOC_FAILURE); |
| 1195 | return ret; | 1195 | return ret; |
| 1196 | } | 1196 | } |
| 1197 | memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp)); | 1197 | memset(ret->g_pre_comp, 0, sizeof(ret->g_pre_comp)); |
| @@ -1277,8 +1277,7 @@ ec_GFp_nistp224_group_set_curve(EC_GROUP * group, const BIGNUM * p, | |||
| 1277 | BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b); | 1277 | BN_bin2bn(nistp224_curve_params[2], sizeof(felem_bytearray), curve_b); |
| 1278 | if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || | 1278 | if ((BN_cmp(curve_p, p)) || (BN_cmp(curve_a, a)) || |
| 1279 | (BN_cmp(curve_b, b))) { | 1279 | (BN_cmp(curve_b, b))) { |
| 1280 | ECerr(EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE, | 1280 | ECerror(EC_R_WRONG_CURVE_PARAMETERS); |
| 1281 | EC_R_WRONG_CURVE_PARAMETERS); | ||
| 1282 | goto err; | 1281 | goto err; |
| 1283 | } | 1282 | } |
| 1284 | group->field_mod_func = BN_nist_mod_224; | 1283 | group->field_mod_func = BN_nist_mod_224; |
| @@ -1299,8 +1298,7 @@ ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP * group, | |||
| 1299 | widefelem tmp; | 1298 | widefelem tmp; |
| 1300 | 1299 | ||
| 1301 | if (EC_POINT_is_at_infinity(group, point) > 0) { | 1300 | if (EC_POINT_is_at_infinity(group, point) > 0) { |
| 1302 | ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES, | 1301 | ECerror(EC_R_POINT_AT_INFINITY); |
| 1303 | EC_R_POINT_AT_INFINITY); | ||
| 1304 | return 0; | 1302 | return 0; |
| 1305 | } | 1303 | } |
| 1306 | if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) || | 1304 | if ((!BN_to_felem(x_in, &point->X)) || (!BN_to_felem(y_in, &point->Y)) || |
| @@ -1314,8 +1312,7 @@ ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP * group, | |||
| 1314 | felem_contract(x_out, x_in); | 1312 | felem_contract(x_out, x_in); |
| 1315 | if (x != NULL) { | 1313 | if (x != NULL) { |
| 1316 | if (!felem_to_BN(x, x_out)) { | 1314 | if (!felem_to_BN(x, x_out)) { |
| 1317 | ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES, | 1315 | ECerror(ERR_R_BN_LIB); |
| 1318 | ERR_R_BN_LIB); | ||
| 1319 | return 0; | 1316 | return 0; |
| 1320 | } | 1317 | } |
| 1321 | } | 1318 | } |
| @@ -1326,8 +1323,7 @@ ec_GFp_nistp224_point_get_affine_coordinates(const EC_GROUP * group, | |||
| 1326 | felem_contract(y_out, y_in); | 1323 | felem_contract(y_out, y_in); |
| 1327 | if (y != NULL) { | 1324 | if (y != NULL) { |
| 1328 | if (!felem_to_BN(y, y_out)) { | 1325 | if (!felem_to_BN(y, y_out)) { |
| 1329 | ECerr(EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES, | 1326 | ECerror(ERR_R_BN_LIB); |
| 1330 | ERR_R_BN_LIB); | ||
| 1331 | return 0; | 1327 | return 0; |
| 1332 | } | 1328 | } |
| 1333 | } | 1329 | } |
| @@ -1410,7 +1406,7 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r, | |||
| 1410 | if (!felem_to_BN(x, g_pre_comp[0][1][0]) || | 1406 | if (!felem_to_BN(x, g_pre_comp[0][1][0]) || |
| 1411 | !felem_to_BN(y, g_pre_comp[0][1][1]) || | 1407 | !felem_to_BN(y, g_pre_comp[0][1][1]) || |
| 1412 | !felem_to_BN(z, g_pre_comp[0][1][2])) { | 1408 | !felem_to_BN(z, g_pre_comp[0][1][2])) { |
| 1413 | ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB); | 1409 | ECerror(ERR_R_BN_LIB); |
| 1414 | goto err; | 1410 | goto err; |
| 1415 | } | 1411 | } |
| 1416 | if (!EC_POINT_set_Jprojective_coordinates_GFp(group, | 1412 | if (!EC_POINT_set_Jprojective_coordinates_GFp(group, |
| @@ -1443,7 +1439,7 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r, | |||
| 1443 | (num_points * 17 + 1), sizeof(felem)); | 1439 | (num_points * 17 + 1), sizeof(felem)); |
| 1444 | } | 1440 | } |
| 1445 | if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { | 1441 | if ((secrets == NULL) || (pre_comp == NULL) || (mixed && (tmp_felems == NULL))) { |
| 1446 | ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_MALLOC_FAILURE); | 1442 | ECerror(ERR_R_MALLOC_FAILURE); |
| 1447 | goto err; | 1443 | goto err; |
| 1448 | } | 1444 | } |
| 1449 | /* | 1445 | /* |
| @@ -1471,7 +1467,7 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r, | |||
| 1471 | * don't guarantee constant-timeness | 1467 | * don't guarantee constant-timeness |
| 1472 | */ | 1468 | */ |
| 1473 | if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) { | 1469 | if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) { |
| 1474 | ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB); | 1470 | ECerror(ERR_R_BN_LIB); |
| 1475 | goto err; | 1471 | goto err; |
| 1476 | } | 1472 | } |
| 1477 | num_bytes = BN_bn2bin(tmp_scalar, tmp); | 1473 | num_bytes = BN_bn2bin(tmp_scalar, tmp); |
| @@ -1513,7 +1509,7 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r, | |||
| 1513 | * constant-timeness | 1509 | * constant-timeness |
| 1514 | */ | 1510 | */ |
| 1515 | if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) { | 1511 | if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) { |
| 1516 | ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB); | 1512 | ECerror(ERR_R_BN_LIB); |
| 1517 | goto err; | 1513 | goto err; |
| 1518 | } | 1514 | } |
| 1519 | num_bytes = BN_bn2bin(tmp_scalar, tmp); | 1515 | num_bytes = BN_bn2bin(tmp_scalar, tmp); |
| @@ -1537,7 +1533,7 @@ ec_GFp_nistp224_points_mul(const EC_GROUP * group, EC_POINT * r, | |||
| 1537 | felem_contract(z_in, z_out); | 1533 | felem_contract(z_in, z_out); |
| 1538 | if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) || | 1534 | if ((!felem_to_BN(x, x_in)) || (!felem_to_BN(y, y_in)) || |
| 1539 | (!felem_to_BN(z, z_in))) { | 1535 | (!felem_to_BN(z, z_in))) { |
| 1540 | ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB); | 1536 | ECerror(ERR_R_BN_LIB); |
| 1541 | goto err; | 1537 | goto err; |
| 1542 | } | 1538 | } |
| 1543 | ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx); | 1539 | ret = EC_POINT_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx); |