1 files changed, 65 insertions, 71 deletions
diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c
index 4fae7cacfd..f05db87f78 100644
--- a/src/lib/libcrypto/ecdh/ech_ossl.c
+++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */
+/* $OpenBSD: ech_ossl.c,v 1.10 2015/09/13 10:46:20 jsing Exp $ */
 /* ====================================================================
 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
 *
@@ -21,7 +21,7 @@
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
@@ -80,18 +80,19 @@
 #include "ech_locl.h"
 static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
-        EC_KEY *ecdh, 
+    EC_KEY *ecdh,
-        void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
+    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen));
 static ECDH_METHOD openssl_ecdh_meth = {
        .name = "OpenSSL ECDH method",
        .compute_key = ecdh_compute_key
 };
-const ECDH_METHOD *ECDH_OpenSSL(void)
+const ECDH_METHOD *
-        {
+ECDH_OpenSSL(void)
+{
        return &openssl_ecdh_meth;
-        }
+}
 /* This implementation is based on the following primitives in the IEEE 1363 standard:
@@ -99,114 +100,107 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
 *  - ECSVDP-DH
 * Finally an optional KDF is applied.
 */
-static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+static int
-        EC_KEY *ecdh,
+ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-        void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
+    EC_KEY *ecdh,
-        {
+    void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen))
+{
        BN_CTX *ctx;
-        EC_POINT *tmp=NULL;
+        EC_POINT *tmp = NULL;
-        BIGNUM *x=NULL, *y=NULL;
+        BIGNUM *x = NULL, *y = NULL;
        const BIGNUM *priv_key;
        const EC_GROUP* group;
-        int ret= -1;
+        int ret = -1;
        size_t buflen, len;
-        unsigned char *buf=NULL;
+        unsigned char *buf = NULL;
-        if (outlen > INT_MAX)
+        if (outlen > INT_MAX) {
-                {
                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
                return -1;
-                }
+        }
-        if ((ctx = BN_CTX_new()) == NULL) goto err;
+        if ((ctx = BN_CTX_new()) == NULL)
+                goto err;
        BN_CTX_start(ctx);
        if ((x = BN_CTX_get(ctx)) == NULL)
                goto err;
        if ((y = BN_CTX_get(ctx)) == NULL)
                goto err;
-        
        priv_key = EC_KEY_get0_private_key(ecdh);
-        if (priv_key == NULL)
+        if (priv_key == NULL) {
-                {
+                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
-                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
                goto err;
-                }
+        }
        group = EC_KEY_get0_group(ecdh);
-        if ((tmp=EC_POINT_new(group)) == NULL)
+        if ((tmp = EC_POINT_new(group)) == NULL) {
-                {
+                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
                goto err;
-                }
+        }
-        if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) 
+        if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
-                {
+                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
-                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+                    ECDH_R_POINT_ARITHMETIC_FAILURE);
                goto err;
-                }
+        }
-                
-        if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) 
+        if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-                {
+            NID_X9_62_prime_field) {
-                if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) 
+                if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y,
-                        {
+                    ctx)) {
-                        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+                        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
+                            ECDH_R_POINT_ARITHMETIC_FAILURE);
                        goto err;
-                        }
                }
+        }
 #ifndef OPENSSL_NO_EC2M
-        else
+        else {
-                {
+                if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y,
-                if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) 
+                    ctx)) {
-                        {
+                        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
-                        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);
+                            ECDH_R_POINT_ARITHMETIC_FAILURE);
                        goto err;
-                        }
                }
+        }
 #endif
        buflen = (EC_GROUP_get_degree(group) + 7)/8;
        len = BN_num_bytes(x);
-        if (len > buflen)
+        if (len > buflen) {
-                {
+                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
-                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR);
                goto err;
-                }
+        }
-        if ((buf = malloc(buflen)) == NULL)
+        if ((buf = malloc(buflen)) == NULL) {
-                {
+                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
-                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
                goto err;
-                }
+        }
-        
        memset(buf, 0, buflen - len);
-        if (len != (size_t)BN_bn2bin(x, buf + buflen - len))
+        if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
-                {
+                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
-                ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
                goto err;
-                }
+        }
-        if (KDF != 0)
+        if (KDF != 0) {
-                {
+                if (KDF(buf, buflen, out, &outlen) == NULL) {
-                if (KDF(buf, buflen, out, &outlen) == NULL)
+                        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
-                        {
-                        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
                        goto err;
-                        }
-                ret = outlen;
                }
-        else
+                ret = outlen;
-                {
+        } else {
                /* no KDF, just copy as much as we can */
                if (outlen > buflen)
                        outlen = buflen;
                memcpy(out, buf, outlen);
                ret = outlen;
-                }
+        }
-        
 err:
        EC_POINT_free(tmp);
        if (ctx)
                BN_CTX_end(ctx);
        BN_CTX_free(ctx);
        free(buf);
-        return(ret);
+        return (ret);
-        }
+}

diff --git a/src/lib/libcrypto/ecdh/ech_ossl.c b/src/lib/libcrypto/ecdh/ech_ossl.c index 4fae7cacfd..f05db87f78 100644 --- a/src/lib/libcrypto/ecdh/ech_ossl.c +++ b/src/lib/libcrypto/ecdh/ech_ossl.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ech_ossl.c,v 1.9 2015/02/09 15:49:22 jsing Exp $ */	1	/* $OpenBSD: ech_ossl.c,v 1.10 2015/09/13 10:46:20 jsing Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.	3	* Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
4	*	4	*
@@ -21,7 +21,7 @@
21	* are met:	21	* are met:
22	*	22	*
23	* 1. Redistributions of source code must retain the above copyright	23	* 1. Redistributions of source code must retain the above copyright
24	* notice, this list of conditions and the following disclaimer.	24	* notice, this list of conditions and the following disclaimer.
25	*	25	*
26	* 2. Redistributions in binary form must reproduce the above copyright	26	* 2. Redistributions in binary form must reproduce the above copyright
27	* notice, this list of conditions and the following disclaimer in	27	* notice, this list of conditions and the following disclaimer in
@@ -80,18 +80,19 @@
80	#include "ech_locl.h"	80	#include "ech_locl.h"
81		81
82	static int ecdh_compute_key(void out, size_t len, const EC_POINT pub_key,	82	static int ecdh_compute_key(void out, size_t len, const EC_POINT pub_key,
83	EC_KEY *ecdh,	83	EC_KEY *ecdh,
84	void (KDF)(const void in, size_t inlen, void out, size_t *outlen));	84	void (KDF)(const void in, size_t inlen, void out, size_t *outlen));
85		85
86	static ECDH_METHOD openssl_ecdh_meth = {	86	static ECDH_METHOD openssl_ecdh_meth = {
87	.name = "OpenSSL ECDH method",	87	.name = "OpenSSL ECDH method",
88	.compute_key = ecdh_compute_key	88	.compute_key = ecdh_compute_key
89	};	89	};
90		90
91	const ECDH_METHOD *ECDH_OpenSSL(void)	91	const ECDH_METHOD *
92	{	92	ECDH_OpenSSL(void)
		93	{
93	return &openssl_ecdh_meth;	94	return &openssl_ecdh_meth;
94	}	95	}
95		96
96		97
97	/* This implementation is based on the following primitives in the IEEE 1363 standard:	98	/* This implementation is based on the following primitives in the IEEE 1363 standard:
@@ -99,114 +100,107 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
99	* - ECSVDP-DH	100	* - ECSVDP-DH
100	* Finally an optional KDF is applied.	101	* Finally an optional KDF is applied.
101	*/	102	*/
102	static int ecdh_compute_key(void out, size_t outlen, const EC_POINT pub_key,	103	static int
103	EC_KEY *ecdh,	104	ecdh_compute_key(void out, size_t outlen, const EC_POINT pub_key,
104	void (KDF)(const void in, size_t inlen, void out, size_t *outlen))	105	EC_KEY *ecdh,
105	{	106	void (KDF)(const void in, size_t inlen, void out, size_t *outlen))
		107	{
106	BN_CTX *ctx;	108	BN_CTX *ctx;
107	EC_POINT *tmp=NULL;	109	EC_POINT *tmp = NULL;
108	BIGNUM x=NULL, y=NULL;	110	BIGNUM x = NULL, y = NULL;
109	const BIGNUM *priv_key;	111	const BIGNUM *priv_key;
110	const EC_GROUP* group;	112	const EC_GROUP* group;
111	int ret= -1;	113	int ret = -1;
112	size_t buflen, len;	114	size_t buflen, len;
113	unsigned char *buf=NULL;	115	unsigned char *buf = NULL;
114		116
115	if (outlen > INT_MAX)	117	if (outlen > INT_MAX) {
116	{
117	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */	118	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */
118	return -1;	119	return -1;
119	}	120	}
120		121
121	if ((ctx = BN_CTX_new()) == NULL) goto err;	122	if ((ctx = BN_CTX_new()) == NULL)
		123	goto err;
122	BN_CTX_start(ctx);	124	BN_CTX_start(ctx);
123	if ((x = BN_CTX_get(ctx)) == NULL)	125	if ((x = BN_CTX_get(ctx)) == NULL)
124	goto err;	126	goto err;
125	if ((y = BN_CTX_get(ctx)) == NULL)	127	if ((y = BN_CTX_get(ctx)) == NULL)
126	goto err;	128	goto err;
127		129
128	priv_key = EC_KEY_get0_private_key(ecdh);	130	priv_key = EC_KEY_get0_private_key(ecdh);
129	if (priv_key == NULL)	131	if (priv_key == NULL) {
130	{	132	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
131	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE);
132	goto err;	133	goto err;
133	}	134	}
134		135
135	group = EC_KEY_get0_group(ecdh);	136	group = EC_KEY_get0_group(ecdh);
136	if ((tmp=EC_POINT_new(group)) == NULL)	137	if ((tmp = EC_POINT_new(group)) == NULL) {
137	{	138	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
138	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
139	goto err;	139	goto err;
140	}	140	}
141		141
142	if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx))	142	if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
143	{	143	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
144	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);	144	ECDH_R_POINT_ARITHMETIC_FAILURE);
145	goto err;	145	goto err;
146	}	146	}
147		147
148	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)	148	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
149	{	149	NID_X9_62_prime_field) {
150	if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx))	150	if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y,
151	{	151	ctx)) {
152	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);	152	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
		153	ECDH_R_POINT_ARITHMETIC_FAILURE);
153	goto err;	154	goto err;
154	}
155	}	155	}
		156	}
156	#ifndef OPENSSL_NO_EC2M	157	#ifndef OPENSSL_NO_EC2M
157	else	158	else {
158	{	159	if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y,
159	if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx))	160	ctx)) {
160	{	161	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,
161	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE);	162	ECDH_R_POINT_ARITHMETIC_FAILURE);
162	goto err;	163	goto err;
163	}
164	}	164	}
		165	}
165	#endif	166	#endif
166		167
167	buflen = (EC_GROUP_get_degree(group) + 7)/8;	168	buflen = (EC_GROUP_get_degree(group) + 7)/8;
168	len = BN_num_bytes(x);	169	len = BN_num_bytes(x);
169	if (len > buflen)	170	if (len > buflen) {
170	{	171	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
171	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR);
172	goto err;	172	goto err;
173	}	173	}
174	if ((buf = malloc(buflen)) == NULL)	174	if ((buf = malloc(buflen)) == NULL) {
175	{	175	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
176	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE);
177	goto err;	176	goto err;
178	}	177	}
179		178
180	memset(buf, 0, buflen - len);	179	memset(buf, 0, buflen - len);
181	if (len != (size_t)BN_bn2bin(x, buf + buflen - len))	180	if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
182	{	181	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
183	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB);
184	goto err;	182	goto err;
185	}	183	}
186		184
187	if (KDF != 0)	185	if (KDF != 0) {
188	{	186	if (KDF(buf, buflen, out, &outlen) == NULL) {
189	if (KDF(buf, buflen, out, &outlen) == NULL)	187	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
190	{
191	ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED);
192	goto err;	188	goto err;
193	}
194	ret = outlen;
195	}	189	}
196	else	190	ret = outlen;
197	{	191	} else {
198	/* no KDF, just copy as much as we can */	192	/* no KDF, just copy as much as we can */
199	if (outlen > buflen)	193	if (outlen > buflen)
200	outlen = buflen;	194	outlen = buflen;
201	memcpy(out, buf, outlen);	195	memcpy(out, buf, outlen);
202	ret = outlen;	196	ret = outlen;
203	}	197	}
204		198
205	err:	199	err:
206	EC_POINT_free(tmp);	200	EC_POINT_free(tmp);
207	if (ctx)	201	if (ctx)
208	BN_CTX_end(ctx);	202	BN_CTX_end(ctx);
209	BN_CTX_free(ctx);	203	BN_CTX_free(ctx);
210	free(buf);	204	free(buf);
211	return(ret);	205	return (ret);
212	}	206	}