diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/ec/ec_curve.c | 71 |
1 files changed, 55 insertions, 16 deletions
diff --git a/src/lib/libcrypto/ec/ec_curve.c b/src/lib/libcrypto/ec/ec_curve.c index 61d6c01048..2179924666 100644 --- a/src/lib/libcrypto/ec/ec_curve.c +++ b/src/lib/libcrypto/ec/ec_curve.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ec_curve.c,v 1.31 2023/05/01 08:16:17 tb Exp $ */ | 1 | /* $OpenBSD: ec_curve.c,v 1.32 2023/05/01 12:39:38 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Nils Larsch for the OpenSSL project. | 3 | * Written by Nils Larsch for the OpenSSL project. |
| 4 | */ | 4 | */ |
| @@ -2113,7 +2113,7 @@ ec_group_new_from_data(const ec_list_element curve) | |||
| 2113 | EC_GROUP *group = NULL; | 2113 | EC_GROUP *group = NULL; |
| 2114 | EC_POINT *P = NULL; | 2114 | EC_POINT *P = NULL; |
| 2115 | BN_CTX *ctx = NULL; | 2115 | BN_CTX *ctx = NULL; |
| 2116 | BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL; | 2116 | BIGNUM *p, *a, *b, *x, *y, *order, *cofactor; |
| 2117 | int ok = 0; | 2117 | int ok = 0; |
| 2118 | int seed_len, param_len; | 2118 | int seed_len, param_len; |
| 2119 | const EC_CURVE_DATA *data; | 2119 | const EC_CURVE_DATA *data; |
| @@ -2123,15 +2123,52 @@ ec_group_new_from_data(const ec_list_element curve) | |||
| 2123 | ECerror(ERR_R_MALLOC_FAILURE); | 2123 | ECerror(ERR_R_MALLOC_FAILURE); |
| 2124 | goto err; | 2124 | goto err; |
| 2125 | } | 2125 | } |
| 2126 | BN_CTX_start(ctx); | ||
| 2127 | |||
| 2128 | if ((p = BN_CTX_get(ctx)) == NULL) { | ||
| 2129 | ECerror(ERR_R_BN_LIB); | ||
| 2130 | goto err; | ||
| 2131 | } | ||
| 2132 | if ((a = BN_CTX_get(ctx)) == NULL) { | ||
| 2133 | ECerror(ERR_R_BN_LIB); | ||
| 2134 | goto err; | ||
| 2135 | } | ||
| 2136 | if ((b = BN_CTX_get(ctx)) == NULL) { | ||
| 2137 | ECerror(ERR_R_BN_LIB); | ||
| 2138 | goto err; | ||
| 2139 | } | ||
| 2140 | if ((x = BN_CTX_get(ctx)) == NULL) { | ||
| 2141 | ECerror(ERR_R_BN_LIB); | ||
| 2142 | goto err; | ||
| 2143 | } | ||
| 2144 | if ((y = BN_CTX_get(ctx)) == NULL) { | ||
| 2145 | ECerror(ERR_R_BN_LIB); | ||
| 2146 | goto err; | ||
| 2147 | } | ||
| 2148 | if ((order = BN_CTX_get(ctx)) == NULL) { | ||
| 2149 | ECerror(ERR_R_BN_LIB); | ||
| 2150 | goto err; | ||
| 2151 | } | ||
| 2152 | if ((cofactor = BN_CTX_get(ctx)) == NULL) { | ||
| 2153 | ECerror(ERR_R_BN_LIB); | ||
| 2154 | goto err; | ||
| 2155 | } | ||
| 2156 | |||
| 2126 | data = curve.data; | 2157 | data = curve.data; |
| 2127 | seed_len = data->seed_len; | 2158 | seed_len = data->seed_len; |
| 2128 | param_len = data->param_len; | 2159 | param_len = data->param_len; |
| 2129 | params = (const unsigned char *) (data + 1); /* skip header */ | 2160 | params = (const unsigned char *) (data + 1); /* skip header */ |
| 2130 | params += seed_len; /* skip seed */ | 2161 | params += seed_len; /* skip seed */ |
| 2131 | 2162 | ||
| 2132 | if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) || | 2163 | if (BN_bin2bn(params + 0 * param_len, param_len, p) == NULL) { |
| 2133 | !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) || | 2164 | ECerror(ERR_R_BN_LIB); |
| 2134 | !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) { | 2165 | goto err; |
| 2166 | } | ||
| 2167 | if (BN_bin2bn(params + 1 * param_len, param_len, a) == NULL) { | ||
| 2168 | ECerror(ERR_R_BN_LIB); | ||
| 2169 | goto err; | ||
| 2170 | } | ||
| 2171 | if (BN_bin2bn(params + 2 * param_len, param_len, b) == NULL) { | ||
| 2135 | ECerror(ERR_R_BN_LIB); | 2172 | ECerror(ERR_R_BN_LIB); |
| 2136 | goto err; | 2173 | goto err; |
| 2137 | } | 2174 | } |
| @@ -2146,8 +2183,11 @@ ec_group_new_from_data(const ec_list_element curve) | |||
| 2146 | ECerror(ERR_R_EC_LIB); | 2183 | ECerror(ERR_R_EC_LIB); |
| 2147 | goto err; | 2184 | goto err; |
| 2148 | } | 2185 | } |
| 2149 | if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) | 2186 | if (BN_bin2bn(params + 3 * param_len, param_len, x) == NULL) { |
| 2150 | || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) { | 2187 | ECerror(ERR_R_BN_LIB); |
| 2188 | goto err; | ||
| 2189 | } | ||
| 2190 | if (BN_bin2bn(params + 4 * param_len, param_len, y) == NULL) { | ||
| 2151 | ECerror(ERR_R_BN_LIB); | 2191 | ECerror(ERR_R_BN_LIB); |
| 2152 | goto err; | 2192 | goto err; |
| 2153 | } | 2193 | } |
| @@ -2155,12 +2195,15 @@ ec_group_new_from_data(const ec_list_element curve) | |||
| 2155 | ECerror(ERR_R_EC_LIB); | 2195 | ECerror(ERR_R_EC_LIB); |
| 2156 | goto err; | 2196 | goto err; |
| 2157 | } | 2197 | } |
| 2158 | if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) | 2198 | if (BN_bin2bn(params + 5 * param_len, param_len, order) == NULL) { |
| 2159 | || !BN_set_word(x, (BN_ULONG) data->cofactor)) { | ||
| 2160 | ECerror(ERR_R_BN_LIB); | 2199 | ECerror(ERR_R_BN_LIB); |
| 2161 | goto err; | 2200 | goto err; |
| 2162 | } | 2201 | } |
| 2163 | if (!EC_GROUP_set_generator(group, P, order, x)) { | 2202 | if (!BN_set_word(cofactor, data->cofactor)) { |
| 2203 | ECerror(ERR_R_BN_LIB); | ||
| 2204 | goto err; | ||
| 2205 | } | ||
| 2206 | if (!EC_GROUP_set_generator(group, P, order, cofactor)) { | ||
| 2164 | ECerror(ERR_R_EC_LIB); | 2207 | ECerror(ERR_R_EC_LIB); |
| 2165 | goto err; | 2208 | goto err; |
| 2166 | } | 2209 | } |
| @@ -2177,13 +2220,9 @@ ec_group_new_from_data(const ec_list_element curve) | |||
| 2177 | group = NULL; | 2220 | group = NULL; |
| 2178 | } | 2221 | } |
| 2179 | EC_POINT_free(P); | 2222 | EC_POINT_free(P); |
| 2223 | BN_CTX_end(ctx); | ||
| 2180 | BN_CTX_free(ctx); | 2224 | BN_CTX_free(ctx); |
| 2181 | BN_free(p); | 2225 | |
| 2182 | BN_free(a); | ||
| 2183 | BN_free(b); | ||
| 2184 | BN_free(order); | ||
| 2185 | BN_free(x); | ||
| 2186 | BN_free(y); | ||
| 2187 | return group; | 2226 | return group; |
| 2188 | } | 2227 | } |
| 2189 | 2228 | ||