1 files changed, 53 insertions, 133 deletions
diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c
index 90330652e4..1162d89ca5 100644
--- a/src/lib/libcrypto/ec/ecp_smpl.c
+++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_smpl.c,v 1.43 2023/03/27 10:25:02 tb Exp $ */
+/* $OpenBSD: ecp_smpl.c,v 1.44 2023/04/11 18:58:20 jsing Exp $ */
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * for the OpenSSL project.
 * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -118,21 +118,17 @@ int
 ec_GFp_simple_group_set_curve(EC_GROUP *group,
    const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx)
 {
-        int ret = 0;
-        BN_CTX *new_ctx = NULL;
        BIGNUM *tmp_a;
+        int ret = 0;
        /* p must be a prime > 3 */
        if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) {
                ECerror(EC_R_INVALID_FIELD);
                return 0;
        }
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        BN_CTX_start(ctx);
        if ((tmp_a = BN_CTX_get(ctx)) == NULL)
                goto err;
@@ -166,51 +162,38 @@ ec_GFp_simple_group_set_curve(EC_GROUP *group,
 err:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
+        
        return ret;
 }
 int
 ec_GFp_simple_group_get_curve(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, BN_CTX *ctx)
 {
-        int ret = 0;
-        BN_CTX *new_ctx = NULL;
        if (p != NULL) {
                if (!bn_copy(p, &group->field))
                        return 0;
        }
-        if (a != NULL || b != NULL) {
+        if (group->meth->field_decode != NULL) {
-                if (group->meth->field_decode) {
+                if (a != NULL) {
-                        if (ctx == NULL) {
+                        if (!group->meth->field_decode(group, a, &group->a, ctx))
-                                ctx = new_ctx = BN_CTX_new();
+                                return 0;
-                                if (ctx == NULL)
+                }
-                                        return 0;
+                if (b != NULL) {
-                        }
+                        if (!group->meth->field_decode(group, b, &group->b, ctx))
-                        if (a != NULL) {
+                                return 0;
-                                if (!group->meth->field_decode(group, a, &group->a, ctx))
+                }
-                                        goto err;
+        } else {
-                        }
+                if (a != NULL) {
-                        if (b != NULL) {
+                        if (!bn_copy(a, &group->a))
-                                if (!group->meth->field_decode(group, b, &group->b, ctx))
+                                return 0;
-                                        goto err;
+                }
-                        }
+                if (b != NULL) {
-                } else {
+                        if (!bn_copy(b, &group->b))
-                        if (a != NULL) {
+                                return 0;
-                                if (!bn_copy(a, &group->a))
-                                        goto err;
-                        }
-                        if (b != NULL) {
-                                if (!bn_copy(b, &group->b))
-                                        goto err;
-                        }
                }
        }
-        ret = 1;
- err:
+        return 1;
-        BN_CTX_free(new_ctx);
-        return ret;
 }
 int
@@ -222,19 +205,12 @@ ec_GFp_simple_group_get_degree(const EC_GROUP *group)
 int
 ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
 {
-        int ret = 0;
        BIGNUM *a, *b, *order, *tmp_1, *tmp_2;
        const BIGNUM *p = &group->field;
-        BN_CTX *new_ctx = NULL;
+        int ret = 0;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL) {
-                        ECerror(ERR_R_MALLOC_FAILURE);
-                        goto err;
-                }
-        }
        BN_CTX_start(ctx);
        if ((a = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((b = BN_CTX_get(ctx)) == NULL)
@@ -288,9 +264,8 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx)
        ret = 1;
 err:
-        if (ctx != NULL)
+        BN_CTX_end(ctx);
-                BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -341,18 +316,12 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
    EC_POINT *point, const BIGNUM *x, const BIGNUM *y, const BIGNUM *z,
    BN_CTX *ctx)
 {
-        BN_CTX *new_ctx = NULL;
        int ret = 0;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        if (x != NULL) {
                if (!BN_nnmod(&point->X, x, &group->field, ctx))
                        goto err;
-                if (group->meth->field_encode) {
+                if (group->meth->field_encode != NULL) {
                        if (!group->meth->field_encode(group, &point->X, &point->X, ctx))
                                goto err;
                }
@@ -360,7 +329,7 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
        if (y != NULL) {
                if (!BN_nnmod(&point->Y, y, &group->field, ctx))
                        goto err;
-                if (group->meth->field_encode) {
+                if (group->meth->field_encode != NULL) {
                        if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))
                                goto err;
                }
@@ -371,7 +340,7 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
                if (!BN_nnmod(&point->Z, z, &group->field, ctx))
                        goto err;
                Z_is_one = BN_is_one(&point->Z);
-                if (group->meth->field_encode) {
+                if (group->meth->field_encode != NULL) {
                        if (Z_is_one && (group->meth->field_set_to_one != 0)) {
                                if (!group->meth->field_set_to_one(group, &point->Z, ctx))
                                        goto err;
@@ -385,7 +354,6 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
        ret = 1;
 err:
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -393,15 +361,9 @@ int
 ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *group,
    const EC_POINT *point, BIGNUM *x, BIGNUM *y, BIGNUM *z, BN_CTX *ctx)
 {
-        BN_CTX *new_ctx = NULL;
        int ret = 0;
-        if (group->meth->field_decode != 0) {
+        if (group->meth->field_decode != NULL) {
-                if (ctx == NULL) {
-                        ctx = new_ctx = BN_CTX_new();
-                        if (ctx == NULL)
-                                return 0;
-                }
                if (x != NULL) {
                        if (!group->meth->field_decode(group, x, &point->X, ctx))
                                goto err;
@@ -432,7 +394,6 @@ ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *group,
        ret = 1;
 err:
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -453,7 +414,6 @@ int
 ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT *point,
    BIGNUM *x, BIGNUM *y, BN_CTX *ctx)
 {
-        BN_CTX *new_ctx = NULL;
        BIGNUM *Z, *Z_1, *Z_2, *Z_3;
        const BIGNUM *Z_;
        int ret = 0;
@@ -462,12 +422,9 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT
                ECerror(EC_R_POINT_AT_INFINITY);
                return 0;
        }
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        BN_CTX_start(ctx);
        if ((Z = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((Z_1 = BN_CTX_get(ctx)) == NULL)
@@ -552,7 +509,7 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT
 err:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -561,9 +518,8 @@ ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const E
 {
        int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
        int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-        const BIGNUM *p;
-        BN_CTX *new_ctx = NULL;
        BIGNUM *n0, *n1, *n2, *n3, *n4, *n5, *n6;
+        const BIGNUM *p;
        int ret = 0;
        if (a == b)
@@ -577,12 +533,8 @@ ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const E
        field_sqr = group->meth->field_sqr;
        p = &group->field;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        BN_CTX_start(ctx);
        if ((n0 = BN_CTX_get(ctx)) == NULL)
                goto end;
        if ((n1 = BN_CTX_get(ctx)) == NULL)
@@ -738,9 +690,8 @@ ec_GFp_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const E
        ret = 1;
 end:
-        if (ctx)                /* otherwise we already called BN_CTX_end */
+        BN_CTX_end(ctx);
-                BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -750,7 +701,6 @@ ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX
        int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
        int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
        const BIGNUM *p;
-        BN_CTX *new_ctx = NULL;
        BIGNUM *n0, *n1, *n2, *n3;
        int ret = 0;
@@ -763,12 +713,8 @@ ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX
        field_sqr = group->meth->field_sqr;
        p = &group->field;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        BN_CTX_start(ctx);
        if ((n0 = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((n1 = BN_CTX_get(ctx)) == NULL)
@@ -881,7 +827,7 @@ ec_GFp_simple_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX
 err:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -907,7 +853,6 @@ ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *
        int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
        int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
        const BIGNUM *p;
-        BN_CTX *new_ctx = NULL;
        BIGNUM *rh, *tmp, *Z4, *Z6;
        int ret = -1;
@@ -918,12 +863,8 @@ ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *
        field_sqr = group->meth->field_sqr;
        p = &group->field;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return -1;
-        }
        BN_CTX_start(ctx);
        if ((rh = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((tmp = BN_CTX_get(ctx)) == NULL)
@@ -999,7 +940,7 @@ ec_GFp_simple_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *
 err:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
@@ -1013,29 +954,24 @@ ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, B
        int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *);
        int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
-        BN_CTX *new_ctx = NULL;
        BIGNUM *tmp1, *tmp2, *Za23, *Zb23;
        const BIGNUM *tmp1_, *tmp2_;
        int ret = -1;
-        if (EC_POINT_is_at_infinity(group, a) > 0) {
+        if (EC_POINT_is_at_infinity(group, a) > 0)
                return EC_POINT_is_at_infinity(group, b) > 0 ? 0 : 1;
-        }
        if (EC_POINT_is_at_infinity(group, b) > 0)
                return 1;
-        if (a->Z_is_one && b->Z_is_one) {
+        if (a->Z_is_one && b->Z_is_one)
                return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
-        }
        field_mul = group->meth->field_mul;
        field_sqr = group->meth->field_sqr;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return -1;
-        }
        BN_CTX_start(ctx);
        if ((tmp1 = BN_CTX_get(ctx)) == NULL)
                goto end;
        if ((tmp2 = BN_CTX_get(ctx)) == NULL)
@@ -1100,26 +1036,21 @@ ec_GFp_simple_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, B
 end:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
 int
 ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
 {
-        BN_CTX *new_ctx = NULL;
        BIGNUM *x, *y;
        int ret = 0;
        if (point->Z_is_one || EC_POINT_is_at_infinity(group, point) > 0)
                return 1;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        BN_CTX_start(ctx);
        if ((x = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((y = BN_CTX_get(ctx)) == NULL)
@@ -1137,14 +1068,13 @@ ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx)
 err:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }
 int
 ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
 {
-        BN_CTX *new_ctx = NULL;
        BIGNUM *tmp0, *tmp1;
        size_t pow2 = 0;
        BIGNUM **heap = NULL;
@@ -1154,12 +1084,8 @@ ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *po
        if (num == 0)
                return 1;
-        if (ctx == NULL) {
-                ctx = new_ctx = BN_CTX_new();
-                if (ctx == NULL)
-                        return 0;
-        }
        BN_CTX_start(ctx);
        if ((tmp0 = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((tmp1 = BN_CTX_get(ctx)) == NULL)
@@ -1301,7 +1227,7 @@ ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *po
 err:
        BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        if (heap != NULL) {
                /*
                 * heap[pow2/2] .. heap[pow2-1] have not been allocated
@@ -1431,12 +1357,8 @@ ec_GFp_simple_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
        BIGNUM *k = NULL;
        BIGNUM *lambda = NULL;
        BIGNUM *cardinality = NULL;
-        BN_CTX *new_ctx = NULL;
        int ret = 0;
-        if (ctx == NULL && (ctx = new_ctx = BN_CTX_new()) == NULL)
-                return 0;
        BN_CTX_start(ctx);
        if ((s = EC_POINT_new(group)) == NULL)
@@ -1605,9 +1527,7 @@ ec_GFp_simple_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 err:
        EC_POINT_free(s);
-        if (ctx != NULL)
+        BN_CTX_end(ctx);
-                BN_CTX_end(ctx);
-        BN_CTX_free(new_ctx);
        return ret;
 }

diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c index 90330652e4..1162d89ca5 100644 --- a/src/lib/libcrypto/ec/ecp_smpl.c +++ b/src/lib/libcrypto/ec/ecp_smpl.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ecp_smpl.c,v 1.43 2023/03/27 10:25:02 tb Exp $ */	1	/* $OpenBSD: ecp_smpl.c,v 1.44 2023/04/11 18:58:20 jsing Exp $ */
2	/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>	2	/* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3	* for the OpenSSL project.	3	* for the OpenSSL project.
4	* Includes code written by Bodo Moeller for the OpenSSL project.	4	* Includes code written by Bodo Moeller for the OpenSSL project.
@@ -118,21 +118,17 @@ int
118	ec_GFp_simple_group_set_curve(EC_GROUP *group,	118	ec_GFp_simple_group_set_curve(EC_GROUP *group,
119	const BIGNUM p, const BIGNUM a, const BIGNUM b, BN_CTX ctx)	119	const BIGNUM p, const BIGNUM a, const BIGNUM b, BN_CTX ctx)
120	{	120	{
121	int ret = 0;
122	BN_CTX *new_ctx = NULL;
123	BIGNUM *tmp_a;	121	BIGNUM *tmp_a;
		122	int ret = 0;
124		123
125	/* p must be a prime > 3 */	124	/* p must be a prime > 3 */
126	if (BN_num_bits(p) <= 2 \|\| !BN_is_odd(p)) {	125	if (BN_num_bits(p) <= 2 \|\| !BN_is_odd(p)) {
127	ECerror(EC_R_INVALID_FIELD);	126	ECerror(EC_R_INVALID_FIELD);
128	return 0;	127	return 0;
129	}	128	}
130	if (ctx == NULL) {	129
131	ctx = new_ctx = BN_CTX_new();
132	if (ctx == NULL)
133	return 0;
134	}
135	BN_CTX_start(ctx);	130	BN_CTX_start(ctx);
		131
136	if ((tmp_a = BN_CTX_get(ctx)) == NULL)	132	if ((tmp_a = BN_CTX_get(ctx)) == NULL)
137	goto err;	133	goto err;
138		134
@@ -166,51 +162,38 @@ ec_GFp_simple_group_set_curve(EC_GROUP *group,
166		162
167	err:	163	err:
168	BN_CTX_end(ctx);	164	BN_CTX_end(ctx);
169	BN_CTX_free(new_ctx);	165
170	return ret;	166	return ret;
171	}	167	}
172		168
173	int	169	int
174	ec_GFp_simple_group_get_curve(const EC_GROUP group, BIGNUM p, BIGNUM a, BIGNUM b, BN_CTX *ctx)	170	ec_GFp_simple_group_get_curve(const EC_GROUP group, BIGNUM p, BIGNUM a, BIGNUM b, BN_CTX *ctx)
175	{	171	{
176	int ret = 0;
177	BN_CTX *new_ctx = NULL;
178
179	if (p != NULL) {	172	if (p != NULL) {
180	if (!bn_copy(p, &group->field))	173	if (!bn_copy(p, &group->field))
181	return 0;	174	return 0;
182	}	175	}
183	if (a != NULL \|\| b != NULL) {	176	if (group->meth->field_decode != NULL) {
184	if (group->meth->field_decode) {	177	if (a != NULL) {
185	if (ctx == NULL) {	178	if (!group->meth->field_decode(group, a, &group->a, ctx))
186	ctx = new_ctx = BN_CTX_new();	179	return 0;
187	if (ctx == NULL)	180	}
188	return 0;	181	if (b != NULL) {
189	}	182	if (!group->meth->field_decode(group, b, &group->b, ctx))
190	if (a != NULL) {	183	return 0;
191	if (!group->meth->field_decode(group, a, &group->a, ctx))	184	}
192	goto err;	185	} else {
193	}	186	if (a != NULL) {
194	if (b != NULL) {	187	if (!bn_copy(a, &group->a))
195	if (!group->meth->field_decode(group, b, &group->b, ctx))	188	return 0;
196	goto err;	189	}
197	}	190	if (b != NULL) {
198	} else {	191	if (!bn_copy(b, &group->b))
199	if (a != NULL) {	192	return 0;
200	if (!bn_copy(a, &group->a))
201	goto err;
202	}
203	if (b != NULL) {
204	if (!bn_copy(b, &group->b))
205	goto err;
206	}
207	}	193	}
208	}	194	}
209	ret = 1;
210		195
211	err:	196	return 1;
212	BN_CTX_free(new_ctx);
213	return ret;
214	}	197	}
215		198
216	int	199	int
@@ -222,19 +205,12 @@ ec_GFp_simple_group_get_degree(const EC_GROUP *group)
222	int	205	int
223	ec_GFp_simple_group_check_discriminant(const EC_GROUP group, BN_CTX ctx)	206	ec_GFp_simple_group_check_discriminant(const EC_GROUP group, BN_CTX ctx)
224	{	207	{
225	int ret = 0;
226	BIGNUM a, b, order, tmp_1, *tmp_2;	208	BIGNUM a, b, order, tmp_1, *tmp_2;
227	const BIGNUM *p = &group->field;	209	const BIGNUM *p = &group->field;
228	BN_CTX *new_ctx = NULL;	210	int ret = 0;
229		211
230	if (ctx == NULL) {
231	ctx = new_ctx = BN_CTX_new();
232	if (ctx == NULL) {
233	ECerror(ERR_R_MALLOC_FAILURE);
234	goto err;
235	}
236	}
237	BN_CTX_start(ctx);	212	BN_CTX_start(ctx);
		213
238	if ((a = BN_CTX_get(ctx)) == NULL)	214	if ((a = BN_CTX_get(ctx)) == NULL)
239	goto err;	215	goto err;
240	if ((b = BN_CTX_get(ctx)) == NULL)	216	if ((b = BN_CTX_get(ctx)) == NULL)
@@ -288,9 +264,8 @@ ec_GFp_simple_group_check_discriminant(const EC_GROUP group, BN_CTX ctx)
288	ret = 1;	264	ret = 1;
289		265
290	err:	266	err:
291	if (ctx != NULL)	267	BN_CTX_end(ctx);
292	BN_CTX_end(ctx);	268
293	BN_CTX_free(new_ctx);
294	return ret;	269	return ret;
295	}	270	}
296		271
@@ -341,18 +316,12 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
341	EC_POINT point, const BIGNUM x, const BIGNUM y, const BIGNUM z,	316	EC_POINT point, const BIGNUM x, const BIGNUM y, const BIGNUM z,
342	BN_CTX *ctx)	317	BN_CTX *ctx)
343	{	318	{
344	BN_CTX *new_ctx = NULL;
345	int ret = 0;	319	int ret = 0;
346		320
347	if (ctx == NULL) {
348	ctx = new_ctx = BN_CTX_new();
349	if (ctx == NULL)
350	return 0;
351	}
352	if (x != NULL) {	321	if (x != NULL) {
353	if (!BN_nnmod(&point->X, x, &group->field, ctx))	322	if (!BN_nnmod(&point->X, x, &group->field, ctx))
354	goto err;	323	goto err;
355	if (group->meth->field_encode) {	324	if (group->meth->field_encode != NULL) {
356	if (!group->meth->field_encode(group, &point->X, &point->X, ctx))	325	if (!group->meth->field_encode(group, &point->X, &point->X, ctx))
357	goto err;	326	goto err;
358	}	327	}
@@ -360,7 +329,7 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
360	if (y != NULL) {	329	if (y != NULL) {
361	if (!BN_nnmod(&point->Y, y, &group->field, ctx))	330	if (!BN_nnmod(&point->Y, y, &group->field, ctx))
362	goto err;	331	goto err;
363	if (group->meth->field_encode) {	332	if (group->meth->field_encode != NULL) {
364	if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))	333	if (!group->meth->field_encode(group, &point->Y, &point->Y, ctx))
365	goto err;	334	goto err;
366	}	335	}
@@ -371,7 +340,7 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
371	if (!BN_nnmod(&point->Z, z, &group->field, ctx))	340	if (!BN_nnmod(&point->Z, z, &group->field, ctx))
372	goto err;	341	goto err;
373	Z_is_one = BN_is_one(&point->Z);	342	Z_is_one = BN_is_one(&point->Z);
374	if (group->meth->field_encode) {	343	if (group->meth->field_encode != NULL) {
375	if (Z_is_one && (group->meth->field_set_to_one != 0)) {	344	if (Z_is_one && (group->meth->field_set_to_one != 0)) {
376	if (!group->meth->field_set_to_one(group, &point->Z, ctx))	345	if (!group->meth->field_set_to_one(group, &point->Z, ctx))
377	goto err;	346	goto err;
@@ -385,7 +354,6 @@ ec_GFp_simple_set_Jprojective_coordinates(const EC_GROUP *group,
385	ret = 1;	354	ret = 1;
386		355
387	err:	356	err:
388	BN_CTX_free(new_ctx);
389	return ret;	357	return ret;
390	}	358	}
391		359
@@ -393,15 +361,9 @@ int
393	ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *group,	361	ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *group,
394	const EC_POINT point, BIGNUM x, BIGNUM y, BIGNUM z, BN_CTX *ctx)	362	const EC_POINT point, BIGNUM x, BIGNUM y, BIGNUM z, BN_CTX *ctx)
395	{	363	{
396	BN_CTX *new_ctx = NULL;
397	int ret = 0;	364	int ret = 0;
398		365
399	if (group->meth->field_decode != 0) {	366	if (group->meth->field_decode != NULL) {
400	if (ctx == NULL) {
401	ctx = new_ctx = BN_CTX_new();
402	if (ctx == NULL)
403	return 0;
404	}
405	if (x != NULL) {	367	if (x != NULL) {
406	if (!group->meth->field_decode(group, x, &point->X, ctx))	368	if (!group->meth->field_decode(group, x, &point->X, ctx))
407	goto err;	369	goto err;
@@ -432,7 +394,6 @@ ec_GFp_simple_get_Jprojective_coordinates(const EC_GROUP *group,
432	ret = 1;	394	ret = 1;
433		395
434	err:	396	err:
435	BN_CTX_free(new_ctx);
436	return ret;	397	return ret;
437	}	398	}
438		399
@@ -453,7 +414,6 @@ int
453	ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP group, const EC_POINT point,	414	ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP group, const EC_POINT point,
454	BIGNUM x, BIGNUM y, BN_CTX *ctx)	415	BIGNUM x, BIGNUM y, BN_CTX *ctx)
455	{	416	{
456	BN_CTX *new_ctx = NULL;
457	BIGNUM Z, Z_1, Z_2, Z_3;	417	BIGNUM Z, Z_1, Z_2, Z_3;
458	const BIGNUM *Z_;	418	const BIGNUM *Z_;
459	int ret = 0;	419	int ret = 0;
@@ -462,12 +422,9 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT
462	ECerror(EC_R_POINT_AT_INFINITY);	422	ECerror(EC_R_POINT_AT_INFINITY);
463	return 0;	423	return 0;
464	}	424	}
465	if (ctx == NULL) {	425
466	ctx = new_ctx = BN_CTX_new();
467	if (ctx == NULL)
468	return 0;
469	}
470	BN_CTX_start(ctx);	426	BN_CTX_start(ctx);
		427
471	if ((Z = BN_CTX_get(ctx)) == NULL)	428	if ((Z = BN_CTX_get(ctx)) == NULL)
472	goto err;	429	goto err;
473	if ((Z_1 = BN_CTX_get(ctx)) == NULL)	430	if ((Z_1 = BN_CTX_get(ctx)) == NULL)
@@ -552,7 +509,7 @@ ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, const EC_POINT
552		509
553	err:	510	err:
554	BN_CTX_end(ctx);	511	BN_CTX_end(ctx);
555	BN_CTX_free(new_ctx);	512
556	return ret;	513	return ret;
557	}	514	}
558		515
@@ -561,9 +518,8 @@ ec_GFp_simple_add(const EC_GROUP group, EC_POINT r, const EC_POINT *a, const E
561	{	518	{
562	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );	519	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );
563	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);	520	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);
564	const BIGNUM *p;
565	BN_CTX *new_ctx = NULL;
566	BIGNUM n0, n1, n2, n3, n4, n5, *n6;	521	BIGNUM n0, n1, n2, n3, n4, n5, *n6;
		522	const BIGNUM *p;
567	int ret = 0;	523	int ret = 0;
568		524
569	if (a == b)	525	if (a == b)
@@ -577,12 +533,8 @@ ec_GFp_simple_add(const EC_GROUP group, EC_POINT r, const EC_POINT *a, const E
577	field_sqr = group->meth->field_sqr;	533	field_sqr = group->meth->field_sqr;
578	p = &group->field;	534	p = &group->field;
579		535
580	if (ctx == NULL) {
581	ctx = new_ctx = BN_CTX_new();
582	if (ctx == NULL)
583	return 0;
584	}
585	BN_CTX_start(ctx);	536	BN_CTX_start(ctx);
		537
586	if ((n0 = BN_CTX_get(ctx)) == NULL)	538	if ((n0 = BN_CTX_get(ctx)) == NULL)
587	goto end;	539	goto end;
588	if ((n1 = BN_CTX_get(ctx)) == NULL)	540	if ((n1 = BN_CTX_get(ctx)) == NULL)
@@ -738,9 +690,8 @@ ec_GFp_simple_add(const EC_GROUP group, EC_POINT r, const EC_POINT *a, const E
738	ret = 1;	690	ret = 1;
739		691
740	end:	692	end:
741	if (ctx) /* otherwise we already called BN_CTX_end */	693	BN_CTX_end(ctx);
742	BN_CTX_end(ctx);	694
743	BN_CTX_free(new_ctx);
744	return ret;	695	return ret;
745	}	696	}
746		697
@@ -750,7 +701,6 @@ ec_GFp_simple_dbl(const EC_GROUP group, EC_POINT r, const EC_POINT *a, BN_CTX
750	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );	701	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );
751	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);	702	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);
752	const BIGNUM *p;	703	const BIGNUM *p;
753	BN_CTX *new_ctx = NULL;
754	BIGNUM n0, n1, n2, n3;	704	BIGNUM n0, n1, n2, n3;
755	int ret = 0;	705	int ret = 0;
756		706
@@ -763,12 +713,8 @@ ec_GFp_simple_dbl(const EC_GROUP group, EC_POINT r, const EC_POINT *a, BN_CTX
763	field_sqr = group->meth->field_sqr;	713	field_sqr = group->meth->field_sqr;
764	p = &group->field;	714	p = &group->field;
765		715
766	if (ctx == NULL) {
767	ctx = new_ctx = BN_CTX_new();
768	if (ctx == NULL)
769	return 0;
770	}
771	BN_CTX_start(ctx);	716	BN_CTX_start(ctx);
		717
772	if ((n0 = BN_CTX_get(ctx)) == NULL)	718	if ((n0 = BN_CTX_get(ctx)) == NULL)
773	goto err;	719	goto err;
774	if ((n1 = BN_CTX_get(ctx)) == NULL)	720	if ((n1 = BN_CTX_get(ctx)) == NULL)
@@ -881,7 +827,7 @@ ec_GFp_simple_dbl(const EC_GROUP group, EC_POINT r, const EC_POINT *a, BN_CTX
881		827
882	err:	828	err:
883	BN_CTX_end(ctx);	829	BN_CTX_end(ctx);
884	BN_CTX_free(new_ctx);	830
885	return ret;	831	return ret;
886	}	832	}
887		833
@@ -907,7 +853,6 @@ ec_GFp_simple_is_on_curve(const EC_GROUP group, const EC_POINT point, BN_CTX *
907	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );	853	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );
908	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);	854	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);
909	const BIGNUM *p;	855	const BIGNUM *p;
910	BN_CTX *new_ctx = NULL;
911	BIGNUM rh, tmp, Z4, Z6;	856	BIGNUM rh, tmp, Z4, Z6;
912	int ret = -1;	857	int ret = -1;
913		858
@@ -918,12 +863,8 @@ ec_GFp_simple_is_on_curve(const EC_GROUP group, const EC_POINT point, BN_CTX *
918	field_sqr = group->meth->field_sqr;	863	field_sqr = group->meth->field_sqr;
919	p = &group->field;	864	p = &group->field;
920		865
921	if (ctx == NULL) {
922	ctx = new_ctx = BN_CTX_new();
923	if (ctx == NULL)
924	return -1;
925	}
926	BN_CTX_start(ctx);	866	BN_CTX_start(ctx);
		867
927	if ((rh = BN_CTX_get(ctx)) == NULL)	868	if ((rh = BN_CTX_get(ctx)) == NULL)
928	goto err;	869	goto err;
929	if ((tmp = BN_CTX_get(ctx)) == NULL)	870	if ((tmp = BN_CTX_get(ctx)) == NULL)
@@ -999,7 +940,7 @@ ec_GFp_simple_is_on_curve(const EC_GROUP group, const EC_POINT point, BN_CTX *
999		940
1000	err:	941	err:
1001	BN_CTX_end(ctx);	942	BN_CTX_end(ctx);
1002	BN_CTX_free(new_ctx);	943
1003	return ret;	944	return ret;
1004	}	945	}
1005		946
@@ -1013,29 +954,24 @@ ec_GFp_simple_cmp(const EC_GROUP group, const EC_POINT a, const EC_POINT *b, B
1013		954
1014	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );	955	int (field_mul) (const EC_GROUP , BIGNUM , const BIGNUM , const BIGNUM , BN_CTX );
1015	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);	956	int (field_sqr) (const EC_GROUP , BIGNUM , const BIGNUM , BN_CTX *);
1016	BN_CTX *new_ctx = NULL;
1017	BIGNUM tmp1, tmp2, Za23, Zb23;	957	BIGNUM tmp1, tmp2, Za23, Zb23;
1018	const BIGNUM tmp1_, tmp2_;	958	const BIGNUM tmp1_, tmp2_;
1019	int ret = -1;	959	int ret = -1;
1020		960
1021	if (EC_POINT_is_at_infinity(group, a) > 0) {	961	if (EC_POINT_is_at_infinity(group, a) > 0)
1022	return EC_POINT_is_at_infinity(group, b) > 0 ? 0 : 1;	962	return EC_POINT_is_at_infinity(group, b) > 0 ? 0 : 1;
1023	}	963
1024	if (EC_POINT_is_at_infinity(group, b) > 0)	964	if (EC_POINT_is_at_infinity(group, b) > 0)
1025	return 1;	965	return 1;
1026		966
1027	if (a->Z_is_one && b->Z_is_one) {	967	if (a->Z_is_one && b->Z_is_one)
1028	return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;	968	return ((BN_cmp(&a->X, &b->X) == 0) && BN_cmp(&a->Y, &b->Y) == 0) ? 0 : 1;
1029	}	969
1030	field_mul = group->meth->field_mul;	970	field_mul = group->meth->field_mul;
1031	field_sqr = group->meth->field_sqr;	971	field_sqr = group->meth->field_sqr;
1032		972
1033	if (ctx == NULL) {
1034	ctx = new_ctx = BN_CTX_new();
1035	if (ctx == NULL)
1036	return -1;
1037	}
1038	BN_CTX_start(ctx);	973	BN_CTX_start(ctx);
		974
1039	if ((tmp1 = BN_CTX_get(ctx)) == NULL)	975	if ((tmp1 = BN_CTX_get(ctx)) == NULL)
1040	goto end;	976	goto end;
1041	if ((tmp2 = BN_CTX_get(ctx)) == NULL)	977	if ((tmp2 = BN_CTX_get(ctx)) == NULL)
@@ -1100,26 +1036,21 @@ ec_GFp_simple_cmp(const EC_GROUP group, const EC_POINT a, const EC_POINT *b, B
1100		1036
1101	end:	1037	end:
1102	BN_CTX_end(ctx);	1038	BN_CTX_end(ctx);
1103	BN_CTX_free(new_ctx);	1039
1104	return ret;	1040	return ret;
1105	}	1041	}
1106		1042
1107	int	1043	int
1108	ec_GFp_simple_make_affine(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)	1044	ec_GFp_simple_make_affine(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)
1109	{	1045	{
1110	BN_CTX *new_ctx = NULL;
1111	BIGNUM x, y;	1046	BIGNUM x, y;
1112	int ret = 0;	1047	int ret = 0;
1113		1048
1114	if (point->Z_is_one \|\| EC_POINT_is_at_infinity(group, point) > 0)	1049	if (point->Z_is_one \|\| EC_POINT_is_at_infinity(group, point) > 0)
1115	return 1;	1050	return 1;
1116		1051
1117	if (ctx == NULL) {
1118	ctx = new_ctx = BN_CTX_new();
1119	if (ctx == NULL)
1120	return 0;
1121	}
1122	BN_CTX_start(ctx);	1052	BN_CTX_start(ctx);
		1053
1123	if ((x = BN_CTX_get(ctx)) == NULL)	1054	if ((x = BN_CTX_get(ctx)) == NULL)
1124	goto err;	1055	goto err;
1125	if ((y = BN_CTX_get(ctx)) == NULL)	1056	if ((y = BN_CTX_get(ctx)) == NULL)
@@ -1137,14 +1068,13 @@ ec_GFp_simple_make_affine(const EC_GROUP group, EC_POINT point, BN_CTX *ctx)
1137		1068
1138	err:	1069	err:
1139	BN_CTX_end(ctx);	1070	BN_CTX_end(ctx);
1140	BN_CTX_free(new_ctx);	1071
1141	return ret;	1072	return ret;
1142	}	1073	}
1143		1074
1144	int	1075	int
1145	ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT points[], BN_CTX *ctx)	1076	ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT points[], BN_CTX *ctx)
1146	{	1077	{
1147	BN_CTX *new_ctx = NULL;
1148	BIGNUM tmp0, tmp1;	1078	BIGNUM tmp0, tmp1;
1149	size_t pow2 = 0;	1079	size_t pow2 = 0;
1150	BIGNUM **heap = NULL;	1080	BIGNUM **heap = NULL;
@@ -1154,12 +1084,8 @@ ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT po
1154	if (num == 0)	1084	if (num == 0)
1155	return 1;	1085	return 1;
1156		1086
1157	if (ctx == NULL) {
1158	ctx = new_ctx = BN_CTX_new();
1159	if (ctx == NULL)
1160	return 0;
1161	}
1162	BN_CTX_start(ctx);	1087	BN_CTX_start(ctx);
		1088
1163	if ((tmp0 = BN_CTX_get(ctx)) == NULL)	1089	if ((tmp0 = BN_CTX_get(ctx)) == NULL)
1164	goto err;	1090	goto err;
1165	if ((tmp1 = BN_CTX_get(ctx)) == NULL)	1091	if ((tmp1 = BN_CTX_get(ctx)) == NULL)
@@ -1301,7 +1227,7 @@ ec_GFp_simple_points_make_affine(const EC_GROUP group, size_t num, EC_POINT po
1301		1227
1302	err:	1228	err:
1303	BN_CTX_end(ctx);	1229	BN_CTX_end(ctx);
1304	BN_CTX_free(new_ctx);	1230
1305	if (heap != NULL) {	1231	if (heap != NULL) {
1306	/*	1232	/*
1307	* heap[pow2/2] .. heap[pow2-1] have not been allocated	1233	* heap[pow2/2] .. heap[pow2-1] have not been allocated
@@ -1431,12 +1357,8 @@ ec_GFp_simple_mul_ct(const EC_GROUP group, EC_POINT r, const BIGNUM *scalar,
1431	BIGNUM *k = NULL;	1357	BIGNUM *k = NULL;
1432	BIGNUM *lambda = NULL;	1358	BIGNUM *lambda = NULL;
1433	BIGNUM *cardinality = NULL;	1359	BIGNUM *cardinality = NULL;
1434	BN_CTX *new_ctx = NULL;
1435	int ret = 0;	1360	int ret = 0;
1436		1361
1437	if (ctx == NULL && (ctx = new_ctx = BN_CTX_new()) == NULL)
1438	return 0;
1439
1440	BN_CTX_start(ctx);	1362	BN_CTX_start(ctx);
1441		1363
1442	if ((s = EC_POINT_new(group)) == NULL)	1364	if ((s = EC_POINT_new(group)) == NULL)
@@ -1605,9 +1527,7 @@ ec_GFp_simple_mul_ct(const EC_GROUP group, EC_POINT r, const BIGNUM *scalar,
1605		1527
1606	err:	1528	err:
1607	EC_POINT_free(s);	1529	EC_POINT_free(s);
1608	if (ctx != NULL)	1530	BN_CTX_end(ctx);
1609	BN_CTX_end(ctx);
1610	BN_CTX_free(new_ctx);
1611		1531
1612	return ret;	1532	return ret;
1613	}	1533	}