summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ecdsa
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/ecdsa')
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_ossl.c62
1 files changed, 10 insertions, 52 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
index 02e38109bc..5df87f224b 100644
--- a/src/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_ossl.c,v 1.34 2023/06/25 18:35:28 tb Exp $ */ 1/* $OpenBSD: ecs_ossl.c,v 1.35 2023/06/25 18:41:36 tb Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project 3 * Written by Nils Larsch for the OpenSSL project
4 */ 4 */
@@ -71,18 +71,12 @@
71 71
72static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len, 72static int ecdsa_prepare_digest(const unsigned char *dgst, int dgst_len,
73 BIGNUM *order, BIGNUM *ret); 73 BIGNUM *order, BIGNUM *ret);
74static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
75 const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
76static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
77 BIGNUM **rp);
78static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
79 const ECDSA_SIG *sig, EC_KEY *eckey);
80 74
81static ECDSA_METHOD openssl_ecdsa_meth = { 75static ECDSA_METHOD openssl_ecdsa_meth = {
82 .name = "OpenSSL ECDSA method", 76 .name = "OpenSSL ECDSA method",
83 .ecdsa_do_sign = ecdsa_do_sign, 77 .ecdsa_do_sign = ossl_ecdsa_sign_sig,
84 .ecdsa_sign_setup = ecdsa_sign_setup, 78 .ecdsa_sign_setup = ossl_ecdsa_sign_setup,
85 .ecdsa_do_verify = ecdsa_do_verify 79 .ecdsa_do_verify = ossl_ecdsa_verify_sig,
86}; 80};
87 81
88const ECDSA_METHOD * 82const ECDSA_METHOD *
@@ -139,8 +133,8 @@ ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, unsigned char *si
139 return ret; 133 return ret;
140} 134}
141 135
142static int 136int
143ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) 137ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
144{ 138{
145 BN_CTX *ctx = ctx_in; 139 BN_CTX *ctx = ctx_in;
146 BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL; 140 BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL;
@@ -260,18 +254,6 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
260 return (ret); 254 return (ret);
261} 255}
262 256
263/* replace w/ ecdsa_sign_setup() when ECDSA_METHOD gets removed */
264int
265ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
266{
267 ECDSA_DATA *ecdsa;
268
269 if ((ecdsa = ecdsa_check(eckey)) == NULL)
270 return 0;
271 return ecdsa->meth->ecdsa_sign_setup(eckey, ctx_in, kinvp, rp);
272}
273
274
275/* 257/*
276 * It is too expensive to check curve parameters on every sign operation. 258 * It is too expensive to check curve parameters on every sign operation.
277 * Instead, cap the number of retries. A single retry is very unlikely, so 259 * Instead, cap the number of retries. A single retry is very unlikely, so
@@ -279,8 +261,8 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp
279 */ 261 */
280#define ECDSA_MAX_SIGN_ITERATIONS 32 262#define ECDSA_MAX_SIGN_ITERATIONS 32
281 263
282static ECDSA_SIG * 264ECDSA_SIG *
283ecdsa_do_sign(const unsigned char *dgst, int dgst_len, 265ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
284 const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) 266 const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
285{ 267{
286 BIGNUM *b = NULL, *binv = NULL, *bm = NULL, *bxr = NULL; 268 BIGNUM *b = NULL, *binv = NULL, *bm = NULL, *bxr = NULL;
@@ -432,18 +414,6 @@ ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
432 return ret; 414 return ret;
433} 415}
434 416
435/* replace w/ ecdsa_do_sign() when ECDSA_METHOD gets removed */
436ECDSA_SIG *
437ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
438 const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey)
439{
440 ECDSA_DATA *ecdsa;
441
442 if ((ecdsa = ecdsa_check(eckey)) == NULL)
443 return NULL;
444 return ecdsa->meth->ecdsa_do_sign(dgst, dgst_len, in_kinv, in_r, eckey);
445}
446
447int 417int
448ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, 418ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
449 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) 419 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
@@ -470,8 +440,8 @@ ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len,
470 return (ret); 440 return (ret);
471} 441}
472 442
473static int 443int
474ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig, 444ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
475 EC_KEY *eckey) 445 EC_KEY *eckey)
476{ 446{
477 BN_CTX *ctx; 447 BN_CTX *ctx;
@@ -561,18 +531,6 @@ ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
561 return ret; 531 return ret;
562} 532}
563 533
564/* replace w/ ecdsa_do_verify() when ECDSA_METHOD gets removed */
565int
566ossl_ecdsa_verify_sig(const unsigned char *dgst, int dgst_len,
567 const ECDSA_SIG *sig, EC_KEY *eckey)
568{
569 ECDSA_DATA *ecdsa;
570
571 if ((ecdsa = ecdsa_check(eckey)) == NULL)
572 return 0;
573 return ecdsa->meth->ecdsa_do_verify(dgst, dgst_len, sig, eckey);
574}
575
576ECDSA_SIG * 534ECDSA_SIG *
577ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) 535ECDSA_do_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
578{ 536{
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 12:14:13 +0000