summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/ecdsa/ecs_ossl.c77
1 files changed, 38 insertions, 39 deletions
diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
index 9c388cc745..dcc823bbaa 100644
--- a/src/lib/libcrypto/ecdsa/ecs_ossl.c
+++ b/src/lib/libcrypto/ecdsa/ecs_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ecs_ossl.c,v 1.66 2023/07/04 10:26:47 tb Exp $ */ 1/* $OpenBSD: ecs_ossl.c,v 1.67 2023/07/04 10:31:57 tb Exp $ */
2/* 2/*
3 * Written by Nils Larsch for the OpenSSL project 3 * Written by Nils Larsch for the OpenSSL project
4 */ 4 */
@@ -99,13 +99,13 @@ ecdsa_prepare_digest(const unsigned char *digest, int digest_len,
99int 99int
100ossl_ecdsa_sign(int type, const unsigned char *digest, int digest_len, 100ossl_ecdsa_sign(int type, const unsigned char *digest, int digest_len,
101 unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv, 101 unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
102 const BIGNUM *r, EC_KEY *eckey) 102 const BIGNUM *r, EC_KEY *key)
103{ 103{
104 ECDSA_SIG *sig; 104 ECDSA_SIG *sig;
105 int out_len = 0; 105 int out_len = 0;
106 int ret = 0; 106 int ret = 0;
107 107
108 if ((sig = ECDSA_do_sign_ex(digest, digest_len, kinv, r, eckey)) == NULL) 108 if ((sig = ECDSA_do_sign_ex(digest, digest_len, kinv, r, key)) == NULL)
109 goto err; 109 goto err;
110 110
111 if ((out_len = i2d_ECDSA_SIG(sig, &signature)) < 0) { 111 if ((out_len = i2d_ECDSA_SIG(sig, &signature)) < 0) {
@@ -123,7 +123,7 @@ ossl_ecdsa_sign(int type, const unsigned char *digest, int digest_len,
123} 123}
124 124
125int 125int
126ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, 126ossl_ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
127 BIGNUM **out_r) 127 BIGNUM **out_r)
128{ 128{
129 const EC_GROUP *group; 129 const EC_GROUP *group;
@@ -141,11 +141,11 @@ ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv,
141 BN_free(*out_r); 141 BN_free(*out_r);
142 *out_r = NULL; 142 *out_r = NULL;
143 143
144 if (eckey == NULL) { 144 if (key == NULL) {
145 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); 145 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER);
146 goto err; 146 goto err;
147 } 147 }
148 if ((group = EC_KEY_get0_group(eckey)) == NULL) { 148 if ((group = EC_KEY_get0_group(key)) == NULL) {
149 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); 149 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER);
150 goto err; 150 goto err;
151 } 151 }
@@ -351,7 +351,7 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv,
351 351
352ECDSA_SIG * 352ECDSA_SIG *
353ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, 353ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
354 const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *eckey) 354 const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *key)
355{ 355{
356 const EC_GROUP *group; 356 const EC_GROUP *group;
357 BN_CTX *ctx = NULL; 357 BN_CTX *ctx = NULL;
@@ -362,11 +362,11 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
362 int attempts = 0; 362 int attempts = 0;
363 ECDSA_SIG *sig = NULL; 363 ECDSA_SIG *sig = NULL;
364 364
365 if ((group = EC_KEY_get0_group(eckey)) == NULL) { 365 if ((group = EC_KEY_get0_group(key)) == NULL) {
366 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); 366 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER);
367 goto err; 367 goto err;
368 } 368 }
369 if ((priv_key = EC_KEY_get0_private_key(eckey)) == NULL) { 369 if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) {
370 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); 370 ECDSAerror(ERR_R_PASSED_NULL_PARAMETER);
371 goto err; 371 goto err;
372 } 372 }
@@ -386,7 +386,7 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
386 goto err; 386 goto err;
387 } 387 }
388 388
389 if (!ecdsa_prepare_digest(digest, digest_len, eckey, e)) 389 if (!ecdsa_prepare_digest(digest, digest_len, key, e))
390 goto err; 390 goto err;
391 391
392 if (in_kinv != NULL && in_r != NULL) { 392 if (in_kinv != NULL && in_r != NULL) {
@@ -409,7 +409,7 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
409 409
410 do { 410 do {
411 if (!caller_supplied_values) { 411 if (!caller_supplied_values) {
412 if (!ECDSA_sign_setup(eckey, ctx, &kinv, &r)) { 412 if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) {
413 ECDSAerror(ERR_R_ECDSA_LIB); 413 ECDSAerror(ERR_R_ECDSA_LIB);
414 goto err; 414 goto err;
415 } 415 }
@@ -455,7 +455,7 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len,
455 455
456int 456int
457ossl_ecdsa_verify(int type, const unsigned char *digest, int digest_len, 457ossl_ecdsa_verify(int type, const unsigned char *digest, int digest_len,
458 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) 458 const unsigned char *sigbuf, int sig_len, EC_KEY *key)
459{ 459{
460 ECDSA_SIG *s; 460 ECDSA_SIG *s;
461 unsigned char *der = NULL; 461 unsigned char *der = NULL;
@@ -476,7 +476,7 @@ ossl_ecdsa_verify(int type, const unsigned char *digest, int digest_len,
476 if (timingsafe_memcmp(sigbuf, der, der_len)) 476 if (timingsafe_memcmp(sigbuf, der, der_len))
477 goto err; 477 goto err;
478 478
479 ret = ECDSA_do_verify(digest, digest_len, s, eckey); 479 ret = ECDSA_do_verify(digest, digest_len, s, key);
480 480
481 err: 481 err:
482 freezero(der, der_len); 482 freezero(der, der_len);
@@ -487,7 +487,7 @@ ossl_ecdsa_verify(int type, const unsigned char *digest, int digest_len,
487 487
488int 488int
489ossl_ecdsa_verify_sig(const unsigned char *digest, int digest_len, 489ossl_ecdsa_verify_sig(const unsigned char *digest, int digest_len,
490 const ECDSA_SIG *sig, EC_KEY *eckey) 490 const ECDSA_SIG *sig, EC_KEY *key)
491{ 491{
492 const EC_GROUP *group; 492 const EC_GROUP *group;
493 const EC_POINT *pub_key; 493 const EC_POINT *pub_key;
@@ -497,15 +497,15 @@ ossl_ecdsa_verify_sig(const unsigned char *digest, int digest_len,
497 BIGNUM *u1, *u2, *e, *x; 497 BIGNUM *u1, *u2, *e, *x;
498 int ret = -1; 498 int ret = -1;
499 499
500 if (eckey == NULL || sig == NULL) { 500 if (key == NULL || sig == NULL) {
501 ECDSAerror(ECDSA_R_MISSING_PARAMETERS); 501 ECDSAerror(ECDSA_R_MISSING_PARAMETERS);
502 goto err; 502 goto err;
503 } 503 }
504 if ((group = EC_KEY_get0_group(eckey)) == NULL) { 504 if ((group = EC_KEY_get0_group(key)) == NULL) {
505 ECDSAerror(ECDSA_R_MISSING_PARAMETERS); 505 ECDSAerror(ECDSA_R_MISSING_PARAMETERS);
506 goto err; 506 goto err;
507 } 507 }
508 if ((pub_key = EC_KEY_get0_public_key(eckey)) == NULL) { 508 if ((pub_key = EC_KEY_get0_public_key(key)) == NULL) {
509 ECDSAerror(ECDSA_R_MISSING_PARAMETERS); 509 ECDSAerror(ECDSA_R_MISSING_PARAMETERS);
510 goto err; 510 goto err;
511 } 511 }
@@ -543,7 +543,7 @@ ossl_ecdsa_verify_sig(const unsigned char *digest, int digest_len,
543 goto err; 543 goto err;
544 } 544 }
545 545
546 if (!ecdsa_prepare_digest(digest, digest_len, eckey, e)) 546 if (!ecdsa_prepare_digest(digest, digest_len, key, e))
547 goto err; 547 goto err;
548 548
549 if (BN_mod_inverse_ct(u2, sig->s, order, ctx) == NULL) { /* w = inv(s) */ 549 if (BN_mod_inverse_ct(u2, sig->s, order, ctx) == NULL) { /* w = inv(s) */
@@ -589,75 +589,74 @@ ossl_ecdsa_verify_sig(const unsigned char *digest, int digest_len,
589} 589}
590 590
591ECDSA_SIG * 591ECDSA_SIG *
592ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *eckey) 592ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
593{ 593{
594 return ECDSA_do_sign_ex(digest, digest_len, NULL, NULL, eckey); 594 return ECDSA_do_sign_ex(digest, digest_len, NULL, NULL, key);
595} 595}
596 596
597ECDSA_SIG * 597ECDSA_SIG *
598ECDSA_do_sign_ex(const unsigned char *digest, int digest_len, 598ECDSA_do_sign_ex(const unsigned char *digest, int digest_len,
599 const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *eckey) 599 const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key)
600{ 600{
601 if (eckey->meth->sign_sig == NULL) { 601 if (key->meth->sign_sig == NULL) {
602 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 602 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
603 return 0; 603 return 0;
604 } 604 }
605 return eckey->meth->sign_sig(digest, digest_len, kinv, out_r, eckey); 605 return key->meth->sign_sig(digest, digest_len, kinv, out_r, key);
606} 606}
607 607
608int 608int
609ECDSA_sign(int type, const unsigned char *digest, int digest_len, 609ECDSA_sign(int type, const unsigned char *digest, int digest_len,
610 unsigned char *signature, unsigned int *signature_len, EC_KEY *eckey) 610 unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
611{ 611{
612 return ECDSA_sign_ex(type, digest, digest_len, signature, signature_len, 612 return ECDSA_sign_ex(type, digest, digest_len, signature, signature_len,
613 NULL, NULL, eckey); 613 NULL, NULL, key);
614} 614}
615 615
616int 616int
617ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len, 617ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len,
618 unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv, 618 unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
619 const BIGNUM *r, EC_KEY *eckey) 619 const BIGNUM *r, EC_KEY *key)
620{ 620{
621 if (eckey->meth->sign == NULL) { 621 if (key->meth->sign == NULL) {
622 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 622 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
623 return 0; 623 return 0;
624 } 624 }
625 return eckey->meth->sign(type, digest, digest_len, signature, 625 return key->meth->sign(type, digest, digest_len, signature,
626 signature_len, kinv, r, eckey); 626 signature_len, kinv, r, key);
627} 627}
628 628
629int 629int
630ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv, 630ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
631 BIGNUM **out_r) 631 BIGNUM **out_r)
632{ 632{
633 if (eckey->meth->sign_setup == NULL) { 633 if (key->meth->sign_setup == NULL) {
634 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 634 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
635 return 0; 635 return 0;
636 } 636 }
637 return eckey->meth->sign_setup(eckey, in_ctx, out_kinv, out_r); 637 return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
638} 638}
639 639
640int 640int
641ECDSA_do_verify(const unsigned char *digest, int digest_len, 641ECDSA_do_verify(const unsigned char *digest, int digest_len,
642 const ECDSA_SIG *sig, EC_KEY *eckey) 642 const ECDSA_SIG *sig, EC_KEY *key)
643{ 643{
644 if (eckey->meth->verify_sig == NULL) { 644 if (key->meth->verify_sig == NULL) {
645 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 645 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
646 return 0; 646 return 0;
647 } 647 }
648 return eckey->meth->verify_sig(digest, digest_len, sig, eckey); 648 return key->meth->verify_sig(digest, digest_len, sig, key);
649} 649}
650 650
651int 651int
652ECDSA_verify(int type, const unsigned char *digest, int digest_len, 652ECDSA_verify(int type, const unsigned char *digest, int digest_len,
653 const unsigned char *sigbuf, int sig_len, EC_KEY *eckey) 653 const unsigned char *sigbuf, int sig_len, EC_KEY *key)
654{ 654{
655 if (eckey->meth->verify == NULL) { 655 if (key->meth->verify == NULL) {
656 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED); 656 ECDSAerror(EVP_R_METHOD_NOT_SUPPORTED);
657 return 0; 657 return 0;
658 } 658 }
659 return eckey->meth->verify(type, digest, digest_len, sigbuf, sig_len, 659 return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
660 eckey);
661} 660}
662 661
663int 662int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-25 05:02:42 +0000