From bcbac728558eebfaa4404c405e7dc22769585345 Mon Sep 17 00:00:00 2001 From: jsing <> Date: Sat, 26 Nov 2022 13:56:33 +0000 Subject: Remove BIGNUM consistency macros. Compiling with BN_DEBUG (and if you want to take it further, BN_DEBUG_RAND) supposedly adds consistency checks to the BN code. These are rarely if ever used and introduce a bunch of clutter in the code. Furthermore, there are hacks in place to undo things that the debugging code does. Remove all of this mess and instead rely on always enabled checks, more readable code and proper regress coverage to ensure correct behaviour. "Good riddance." tb@ --- src/lib/libcrypto/bn/bn_add.c | 13 +----- src/lib/libcrypto/bn/bn_blind.c | 6 +-- src/lib/libcrypto/bn/bn_ctx.c | 3 +- src/lib/libcrypto/bn/bn_div.c | 17 +------- src/lib/libcrypto/bn/bn_exp.c | 19 +------- src/lib/libcrypto/bn/bn_exp2.c | 8 +--- src/lib/libcrypto/bn/bn_gcd.c | 17 +------- src/lib/libcrypto/bn/bn_gf2m.c | 55 +---------------------- src/lib/libcrypto/bn/bn_kron.c | 4 +- src/lib/libcrypto/bn/bn_lcl.h | 97 +---------------------------------------- src/lib/libcrypto/bn/bn_lib.c | 33 +------------- src/lib/libcrypto/bn/bn_mod.c | 10 +---- src/lib/libcrypto/bn/bn_mont.c | 6 +-- src/lib/libcrypto/bn/bn_mpi.c | 3 +- src/lib/libcrypto/bn/bn_mul.c | 6 +-- src/lib/libcrypto/bn/bn_prime.c | 6 +-- src/lib/libcrypto/bn/bn_print.c | 4 +- src/lib/libcrypto/bn/bn_rand.c | 4 +- src/lib/libcrypto/bn/bn_recp.c | 6 +-- src/lib/libcrypto/bn/bn_shift.c | 14 +----- src/lib/libcrypto/bn/bn_sqr.c | 5 +-- src/lib/libcrypto/bn/bn_sqrt.c | 5 +-- src/lib/libcrypto/bn/bn_word.c | 11 +---- 23 files changed, 24 insertions(+), 328 deletions(-) diff --git a/src/lib/libcrypto/bn/bn_add.c b/src/lib/libcrypto/bn/bn_add.c index 3a8c0e847a..a81dd0ce75 100644 --- a/src/lib/libcrypto/bn/bn_add.c +++ b/src/lib/libcrypto/bn/bn_add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_add.c,v 1.14 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_add.c,v 1.15 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -67,8 +67,6 @@ BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { int ret, r_neg; - bn_check_top(a); - bn_check_top(b); if (a->neg == b->neg) { r_neg = a->neg; @@ -90,7 +88,6 @@ BN_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) } r->neg = r_neg; - bn_check_top(r); return ret; } @@ -101,8 +98,6 @@ BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) const BN_ULONG *ap, *bp; BN_ULONG *rp, carry, t1, t2; - bn_check_top(a); - bn_check_top(b); if (a->top < b->top) { const BIGNUM *tmp; @@ -139,7 +134,6 @@ BN_uadd(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) r->top += carry; r->neg = 0; - bn_check_top(r); return 1; } @@ -150,8 +144,6 @@ BN_usub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) const BN_ULONG *ap, *bp; BN_ULONG t1, t2, borrow, *rp; - bn_check_top(a); - bn_check_top(b); max = a->top; min = b->top; @@ -195,8 +187,6 @@ BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) { int ret, r_neg; - bn_check_top(a); - bn_check_top(b); if (a->neg != b->neg) { r_neg = a->neg; @@ -218,6 +208,5 @@ BN_sub(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) } r->neg = r_neg; - bn_check_top(r); return ret; } diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c index ecd6718279..412338ec02 100644 --- a/src/lib/libcrypto/bn/bn_blind.c +++ b/src/lib/libcrypto/bn/bn_blind.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_blind.c,v 1.17 2017/01/29 17:49:22 beck Exp $ */ +/* $OpenBSD: bn_blind.c,v 1.18 2022/11/26 13:56:33 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -141,7 +141,6 @@ BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { BN_BLINDING *ret = NULL; - bn_check_top(mod); if ((ret = calloc(1, sizeof(BN_BLINDING))) == NULL) { BNerror(ERR_R_MALLOC_FAILURE); @@ -232,7 +231,6 @@ BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { int ret = 1; - bn_check_top(n); if ((b->A == NULL) || (b->Ai == NULL)) { BNerror(BN_R_NOT_INITIALIZED); @@ -267,7 +265,6 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) { int ret; - bn_check_top(n); if (r != NULL) ret = BN_mod_mul(n, n, r, b->mod, ctx); @@ -279,7 +276,6 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); } - bn_check_top(n); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_ctx.c b/src/lib/libcrypto/bn/bn_ctx.c index 0d64ccab93..8ac1685a00 100644 --- a/src/lib/libcrypto/bn/bn_ctx.c +++ b/src/lib/libcrypto/bn/bn_ctx.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_ctx.c,v 1.16 2019/08/20 10:59:09 schwarze Exp $ */ +/* $OpenBSD: bn_ctx.c,v 1.17 2022/11/26 13:56:33 jsing Exp $ */ /* Written by Ulf Moeller for the OpenSSL project. */ /* ==================================================================== * Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved. @@ -471,7 +471,6 @@ BN_POOL_release(BN_POOL *p, unsigned int num) p->used -= num; while (num--) { - bn_check_top(p->current->vals + offset); if (!offset) { offset = BN_CTX_POOL_SIZE - 1; p->current = p->current->prev; diff --git a/src/lib/libcrypto/bn/bn_div.c b/src/lib/libcrypto/bn/bn_div.c index f641386eb8..288ec92ef4 100644 --- a/src/lib/libcrypto/bn/bn_div.c +++ b/src/lib/libcrypto/bn/bn_div.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_div.c,v 1.26 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_div.c,v 1.27 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -127,23 +127,16 @@ BN_div_internal(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor int num_n, div_n; int no_branch = 0; - /* Invalid zero-padding would have particularly bad consequences - * in the case of 'num', so don't just rely on bn_check_top() for this one - * (bn_check_top() works only for BN_DEBUG builds) */ + /* Invalid zero-padding would have particularly bad consequences. */ if (num->top > 0 && num->d[num->top - 1] == 0) { BNerror(BN_R_NOT_INITIALIZED); return 0; } - bn_check_top(num); if (ct) no_branch = 1; - bn_check_top(dv); - bn_check_top(rm); - /* bn_check_top(num); */ /* 'num' has been checked already */ - bn_check_top(divisor); if (BN_is_zero(divisor)) { BNerror(BN_R_DIV_BY_ZERO); @@ -234,10 +227,6 @@ BN_div_internal(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor if (!no_branch) { if (BN_ucmp(&wnum, sdiv) >= 0) { - /* If BN_DEBUG_RAND is defined BN_ucmp changes (via - * bn_pollute) the const bignum arguments => - * clean the values between top and max again */ - bn_clear_top2max(&wnum); bn_sub_words(wnum.d, wnum.d, sdiv->d, div_n); *resp = 1; } else @@ -365,7 +354,6 @@ BN_div_internal(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor BN_rshift(rm, snum, norm_shift); if (!BN_is_zero(rm)) rm->neg = neg; - bn_check_top(rm); } if (no_branch) bn_correct_top(res); @@ -373,7 +361,6 @@ BN_div_internal(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor return (1); err: - bn_check_top(rm); BN_CTX_end(ctx); return (0); } diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c index 64156f716f..3bb0dd1304 100644 --- a/src/lib/libcrypto/bn/bn_exp.c +++ b/src/lib/libcrypto/bn/bn_exp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp.c,v 1.33 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_exp.c,v 1.34 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -168,7 +168,6 @@ err: if (r != rr && rr != NULL) BN_copy(r, rr); BN_CTX_end(ctx); - bn_check_top(r); return (ret); } @@ -178,9 +177,6 @@ BN_mod_exp_internal(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m { int ret; - bn_check_top(a); - bn_check_top(p); - bn_check_top(m); /* For even modulus m = 2^k*m_odd, it might make sense to compute * a^p mod m_odd and a^p mod 2^k separately (with Montgomery @@ -222,7 +218,6 @@ BN_mod_exp_internal(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m ret = BN_mod_exp_recp(r, a,p, m, ctx); } - bn_check_top(r); return (ret); } @@ -381,7 +376,6 @@ BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, err: BN_CTX_end(ctx); BN_RECP_CTX_free(&recp); - bn_check_top(r); return (ret); } @@ -401,9 +395,6 @@ BN_mod_exp_mont_internal(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, const BIG return BN_mod_exp_mont_consttime(rr, a, p, m, ctx, in_mont); } - bn_check_top(a); - bn_check_top(p); - bn_check_top(m); if (!BN_is_odd(m)) { BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); @@ -533,7 +524,6 @@ err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); - bn_check_top(rr); return (ret); } @@ -658,9 +648,6 @@ BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, unsigned char *powerbuf = NULL; BIGNUM tmp, am; - bn_check_top(a); - bn_check_top(p); - bn_check_top(m); if (!BN_is_odd(m)) { BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); @@ -937,8 +924,6 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m, return -1; } - bn_check_top(p); - bn_check_top(m); if (!BN_is_odd(m)) { BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); @@ -1052,7 +1037,6 @@ err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); - bn_check_top(rr); return (ret); } @@ -1172,6 +1156,5 @@ BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, err: BN_CTX_end(ctx); - bn_check_top(r); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_exp2.c b/src/lib/libcrypto/bn/bn_exp2.c index c63503f941..b2fd53e971 100644 --- a/src/lib/libcrypto/bn/bn_exp2.c +++ b/src/lib/libcrypto/bn/bn_exp2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_exp2.c,v 1.13 2022/02/07 19:49:56 tb Exp $ */ +/* $OpenBSD: bn_exp2.c,v 1.14 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -130,11 +130,6 @@ BN_mod_exp2_mont(BIGNUM *rr, const BIGNUM *a1, const BIGNUM *p1, BIGNUM *val1[TABLE_SIZE], *val2[TABLE_SIZE]; BN_MONT_CTX *mont = NULL; - bn_check_top(a1); - bn_check_top(p1); - bn_check_top(a2); - bn_check_top(p2); - bn_check_top(m); if (!BN_is_odd(m)) { BNerror(BN_R_CALLED_WITH_EVEN_MODULUS); @@ -303,6 +298,5 @@ err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); BN_CTX_end(ctx); - bn_check_top(rr); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_gcd.c b/src/lib/libcrypto/bn/bn_gcd.c index d756398c8f..3d92a43cef 100644 --- a/src/lib/libcrypto/bn/bn_gcd.c +++ b/src/lib/libcrypto/bn/bn_gcd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gcd.c,v 1.16 2021/12/26 15:16:50 tb Exp $ */ +/* $OpenBSD: bn_gcd.c,v 1.17 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -123,8 +123,6 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) BIGNUM *a, *b, *t; int ret = 0; - bn_check_top(in_a); - bn_check_top(in_b); BN_CTX_start(ctx); if ((a = BN_CTX_get(ctx)) == NULL) @@ -154,7 +152,6 @@ BN_gcd(BIGNUM *r, const BIGNUM *in_a, const BIGNUM *in_b, BN_CTX *ctx) err: BN_CTX_end(ctx); - bn_check_top(r); return (ret); } @@ -179,8 +176,6 @@ euclid(BIGNUM *a, BIGNUM *b) BIGNUM *t; int shifts = 0; - bn_check_top(a); - bn_check_top(b); /* 0 <= b <= a */ while (!BN_is_zero(b)) { @@ -236,7 +231,6 @@ euclid(BIGNUM *a, BIGNUM *b) if (!BN_lshift(a, a, shifts)) goto err; } - bn_check_top(a); return (a); err: @@ -259,8 +253,6 @@ BN_mod_inverse_internal(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_CTX *ct if (ct) return BN_mod_inverse_no_branch(in, a, n, ctx); - bn_check_top(a); - bn_check_top(n); BN_CTX_start(ctx); if ((A = BN_CTX_get(ctx)) == NULL) @@ -536,7 +528,6 @@ err: if ((ret == NULL) && (in == NULL)) BN_free(R); BN_CTX_end(ctx); - bn_check_top(ret); return (ret); } @@ -573,8 +564,6 @@ BN_mod_inverse_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BIGNUM *ret = NULL; int sign; - bn_check_top(a); - bn_check_top(n); BN_init(&local_A); BN_init(&local_B); @@ -725,7 +714,6 @@ err: if ((ret == NULL) && (in == NULL)) BN_free(R); BN_CTX_end(ctx); - bn_check_top(ret); return (ret); } @@ -750,8 +738,6 @@ BN_gcd_no_branch(BIGNUM *in, const BIGNUM *a, const BIGNUM *n, BN_init(&local_A); BN_init(&local_B); - bn_check_top(a); - bn_check_top(n); BN_CTX_start(ctx); if ((A = BN_CTX_get(ctx)) == NULL) @@ -871,6 +857,5 @@ err: if ((ret == NULL) && (in == NULL)) BN_free(R); BN_CTX_end(ctx); - bn_check_top(ret); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_gf2m.c b/src/lib/libcrypto/bn/bn_gf2m.c index eceaba47c3..8adbbeb040 100644 --- a/src/lib/libcrypto/bn/bn_gf2m.c +++ b/src/lib/libcrypto/bn/bn_gf2m.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_gf2m.c,v 1.26 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_gf2m.c,v 1.27 2022/11/26 13:56:33 jsing Exp $ */ /* ==================================================================== * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. * @@ -325,8 +325,6 @@ BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b) int i; const BIGNUM *at, *bt; - bn_check_top(a); - bn_check_top(b); if (a->top < b->top) { at = b; @@ -368,7 +366,6 @@ BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[]) int n, dN, d0, d1; BN_ULONG zz, *z; - bn_check_top(a); if (!p[0]) { /* reduction mod 1 => return 0 */ @@ -467,8 +464,6 @@ BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p) const int max = BN_num_bits(p) + 1; int *arr = NULL; - bn_check_top(a); - bn_check_top(p); if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); @@ -477,7 +472,6 @@ BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p) goto err; } ret = BN_GF2m_mod_arr(r, a, arr); - bn_check_top(r); err: free(arr); @@ -496,8 +490,6 @@ BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], BIGNUM *s; BN_ULONG x1, x0, y1, y0, zz[4]; - bn_check_top(a); - bn_check_top(b); if (a == b) { return BN_GF2m_mod_sqr_arr(r, a, p, ctx); @@ -530,7 +522,6 @@ BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], bn_correct_top(s); if (BN_GF2m_mod_arr(r, s, p)) ret = 1; - bn_check_top(r); err: BN_CTX_end(ctx); @@ -552,9 +543,6 @@ BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, const int max = BN_num_bits(p) + 1; int *arr = NULL; - bn_check_top(a); - bn_check_top(b); - bn_check_top(p); if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); @@ -563,7 +551,6 @@ BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, goto err; } ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx); - bn_check_top(r); err: free(arr); @@ -578,7 +565,6 @@ BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx) int i, ret = 0; BIGNUM *s; - bn_check_top(a); BN_CTX_start(ctx); if ((s = BN_CTX_get(ctx)) == NULL) goto err; @@ -594,7 +580,6 @@ BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx) bn_correct_top(s); if (!BN_GF2m_mod_arr(r, s, p)) goto err; - bn_check_top(r); ret = 1; err: @@ -615,8 +600,6 @@ BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) const int max = BN_num_bits(p) + 1; int *arr = NULL; - bn_check_top(a); - bn_check_top(p); if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); @@ -625,7 +608,6 @@ BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto err; } ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx); - bn_check_top(r); err: free(arr); @@ -644,8 +626,6 @@ BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) BIGNUM *b, *c = NULL, *u = NULL, *v = NULL, *tmp; int ret = 0; - bn_check_top(a); - bn_check_top(p); BN_CTX_start(ctx); @@ -795,7 +775,6 @@ BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) if (!BN_copy(r, b)) goto err; - bn_check_top(r); ret = 1; err: @@ -820,7 +799,6 @@ BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[], BN_CTX *ctx) BIGNUM *field; int ret = 0; - bn_check_top(xx); BN_CTX_start(ctx); if ((field = BN_CTX_get(ctx)) == NULL) goto err; @@ -828,7 +806,6 @@ BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *xx, const int p[], BN_CTX *ctx) goto err; ret = BN_GF2m_mod_inv(r, xx, field, ctx); - bn_check_top(r); err: BN_CTX_end(ctx); @@ -847,9 +824,6 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, BIGNUM *xinv = NULL; int ret = 0; - bn_check_top(y); - bn_check_top(x); - bn_check_top(p); BN_CTX_start(ctx); if ((xinv = BN_CTX_get(ctx)) == NULL) @@ -859,7 +833,6 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, goto err; if (!BN_GF2m_mod_mul(r, y, xinv, p, ctx)) goto err; - bn_check_top(r); ret = 1; err: @@ -880,9 +853,6 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, BIGNUM *a, *b, *u, *v; int ret = 0; - bn_check_top(y); - bn_check_top(x); - bn_check_top(p); BN_CTX_start(ctx); @@ -949,7 +919,6 @@ BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *y, const BIGNUM *x, const BIGNUM *p, if (!BN_copy(r, u)) goto err; - bn_check_top(r); ret = 1; err: @@ -972,8 +941,6 @@ BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, BIGNUM *field; int ret = 0; - bn_check_top(yy); - bn_check_top(xx); BN_CTX_start(ctx); if ((field = BN_CTX_get(ctx)) == NULL) @@ -982,7 +949,6 @@ BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *yy, const BIGNUM *xx, goto err; ret = BN_GF2m_mod_div(r, yy, xx, field, ctx); - bn_check_top(r); err: BN_CTX_end(ctx); @@ -1001,8 +967,6 @@ BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], int ret = 0, i, n; BIGNUM *u; - bn_check_top(a); - bn_check_top(b); if (BN_is_zero(b)) return (BN_one(r)); @@ -1028,7 +992,6 @@ BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const int p[], } if (!BN_copy(r, u)) goto err; - bn_check_top(r); ret = 1; err: @@ -1051,9 +1014,6 @@ BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, const int max = BN_num_bits(p) + 1; int *arr = NULL; - bn_check_top(a); - bn_check_top(b); - bn_check_top(p); if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); @@ -1062,7 +1022,6 @@ BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *p, goto err; } ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx); - bn_check_top(r); err: free(arr); @@ -1079,7 +1038,6 @@ BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx) int ret = 0; BIGNUM *u; - bn_check_top(a); if (!p[0]) { /* reduction mod 1 => return 0 */ @@ -1094,7 +1052,6 @@ BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[], BN_CTX *ctx) if (!BN_set_bit(u, p[0] - 1)) goto err; ret = BN_GF2m_mod_exp_arr(r, a, u, p, ctx); - bn_check_top(r); err: BN_CTX_end(ctx); @@ -1114,8 +1071,6 @@ BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) int ret = 0; const int max = BN_num_bits(p) + 1; int *arr = NULL; - bn_check_top(a); - bn_check_top(p); if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); @@ -1124,7 +1079,6 @@ BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto err; } ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx); - bn_check_top(r); err: free(arr); @@ -1141,7 +1095,6 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], int ret = 0, count = 0, j; BIGNUM *a, *z, *rho, *w, *w2, *tmp; - bn_check_top(a_); if (!p[0]) { /* reduction mod 1 => return 0 */ @@ -1228,7 +1181,6 @@ BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[], if (!BN_copy(r, z)) goto err; - bn_check_top(r); ret = 1; @@ -1250,8 +1202,6 @@ BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) const int max = BN_num_bits(p) + 1; int *arr = NULL; - bn_check_top(a); - bn_check_top(p); if ((arr = reallocarray(NULL, max, sizeof(int))) == NULL) goto err; ret = BN_GF2m_poly2arr(p, arr, max); @@ -1260,7 +1210,6 @@ BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) goto err; } ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx); - bn_check_top(r); err: free(arr); @@ -1312,13 +1261,11 @@ BN_GF2m_arr2poly(const int p[], BIGNUM *a) { int i; - bn_check_top(a); BN_zero(a); for (i = 0; p[i] != -1; i++) { if (BN_set_bit(a, p[i]) == 0) return 0; } - bn_check_top(a); return 1; } diff --git a/src/lib/libcrypto/bn/bn_kron.c b/src/lib/libcrypto/bn/bn_kron.c index 998adedcd8..8629892a72 100644 --- a/src/lib/libcrypto/bn/bn_kron.c +++ b/src/lib/libcrypto/bn/bn_kron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_kron.c,v 1.10 2022/07/12 16:08:19 tb Exp $ */ +/* $OpenBSD: bn_kron.c,v 1.11 2022/11/26 13:56:33 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. * @@ -71,8 +71,6 @@ BN_kronecker(const BIGNUM *A, const BIGNUM *B, BN_CTX *ctx) int k, v; int ret = -2; - bn_check_top(A); - bn_check_top(B); BN_CTX_start(ctx); diff --git a/src/lib/libcrypto/bn/bn_lcl.h b/src/lib/libcrypto/bn/bn_lcl.h index d5f1250cfd..64855115f2 100644 --- a/src/lib/libcrypto/bn/bn_lcl.h +++ b/src/lib/libcrypto/bn/bn_lcl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_lcl.h,v 1.38 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_lcl.h,v 1.39 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -327,18 +327,6 @@ struct bn_gencb_st { #define Lw(t) (((BN_ULONG)(t))&BN_MASK2) #define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2) -#ifdef BN_DEBUG_RAND -#define bn_clear_top2max(a) \ - { \ - int ind = (a)->dmax - (a)->top; \ - BN_ULONG *ftl = &(a)->d[(a)->top-1]; \ - for (; ind != 0; ind--) \ - *(++ftl) = 0x0; \ - } -#else -#define bn_clear_top2max(a) -#endif - #ifdef BN_LLONG #define mul_add(r,a,w,c) { \ BN_ULLONG t; \ @@ -524,88 +512,6 @@ int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_U int bn_expand(BIGNUM *a, int bits); int bn_wexpand(BIGNUM *a, int words); -/* Bignum consistency macros - * There is one "API" macro, bn_fix_top(), for stripping leading zeroes from - * bignum data after direct manipulations on the data. There is also an - * "internal" macro, bn_check_top(), for verifying that there are no leading - * zeroes. Unfortunately, some auditing is required due to the fact that - * bn_fix_top() has become an overabused duct-tape because bignum data is - * occasionally passed around in an inconsistent state. So the following - * changes have been made to sort this out; - * - bn_fix_top()s implementation has been moved to bn_correct_top() - * - if BN_DEBUG isn't defined, bn_fix_top() maps to bn_correct_top(), and - * bn_check_top() is as before. - * - if BN_DEBUG *is* defined; - * - bn_check_top() tries to pollute unused words even if the bignum 'top' is - * consistent. (ed: only if BN_DEBUG_RAND is defined) - * - bn_fix_top() maps to bn_check_top() rather than "fixing" anything. - * The idea is to have debug builds flag up inconsistent bignums when they - * occur. If that occurs in a bn_fix_top(), we examine the code in question; if - * the use of bn_fix_top() was appropriate (ie. it follows directly after code - * that manipulates the bignum) it is converted to bn_correct_top(), and if it - * was not appropriate, we convert it permanently to bn_check_top() and track - * down the cause of the bug. Eventually, no internal code should be using the - * bn_fix_top() macro. External applications and libraries should try this with - * their own code too, both in terms of building against the openssl headers - * with BN_DEBUG defined *and* linking with a version of OpenSSL built with it - * defined. This not only improves external code, it provides more test - * coverage for openssl's own code. - */ - -#ifdef BN_DEBUG - -/* We only need assert() when debugging */ -#include - -#ifdef BN_DEBUG_RAND -#define bn_pollute(a) \ - do { \ - const BIGNUM *_bnum1 = (a); \ - if(_bnum1->top < _bnum1->dmax) { \ - unsigned char _tmp_char; \ - /* We cast away const without the compiler knowing, any \ - * *genuinely* constant variables that aren't mutable \ - * wouldn't be constructed with top!=dmax. */ \ - BN_ULONG *_not_const; \ - memcpy(&_not_const, &_bnum1->d, sizeof(BN_ULONG*)); \ - arc4random_buf(&_tmp_char, 1); \ - memset((unsigned char *)(_not_const + _bnum1->top), _tmp_char, \ - (_bnum1->dmax - _bnum1->top) * sizeof(BN_ULONG)); \ - } \ - } while(0) -#else -#define bn_pollute(a) -#endif - -#define bn_check_top(a) \ - do { \ - const BIGNUM *_bnum2 = (a); \ - if (_bnum2 != NULL) { \ - assert((_bnum2->top == 0) || \ - (_bnum2->d[_bnum2->top - 1] != 0)); \ - bn_pollute(_bnum2); \ - } \ - } while(0) - -#define bn_fix_top(a) bn_check_top(a) - -#define bn_check_size(bn, bits) bn_wcheck_size(bn, ((bits+BN_BITS2-1))/BN_BITS2) -#define bn_wcheck_size(bn, words) \ - do { \ - const BIGNUM *_bnum2 = (bn); \ - assert(words <= (_bnum2)->dmax && words >= (_bnum2)->top); \ - } while(0) - -#else /* !BN_DEBUG */ - -#define bn_pollute(a) -#define bn_check_top(a) -#define bn_fix_top(a) bn_correct_top(a) -#define bn_check_size(bn, bits) -#define bn_wcheck_size(bn, words) - -#endif - #define bn_correct_top(a) \ { \ BN_ULONG *ftl; \ @@ -616,7 +522,6 @@ int bn_wexpand(BIGNUM *a, int words); if (*(ftl--)) break; \ (a)->top = tmp_top; \ } \ - bn_pollute(a); \ } BN_ULONG bn_mul_add_words(BN_ULONG *rp, const BN_ULONG *ap, int num, BN_ULONG w); diff --git a/src/lib/libcrypto/bn/bn_lib.c b/src/lib/libcrypto/bn/bn_lib.c index e67abf90b1..a3b6811986 100644 --- a/src/lib/libcrypto/bn/bn_lib.c +++ b/src/lib/libcrypto/bn/bn_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_lib.c,v 1.61 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_lib.c,v 1.62 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -86,7 +86,6 @@ BN_new(void) ret->neg = 0; ret->dmax = 0; ret->d = NULL; - bn_check_top(ret); return (ret); } @@ -94,13 +93,11 @@ void BN_init(BIGNUM *a) { memset(a, 0, sizeof(BIGNUM)); - bn_check_top(a); } void BN_clear(BIGNUM *a) { - bn_check_top(a); if (a->d != NULL) explicit_bzero(a->d, a->dmax * sizeof(a->d[0])); a->top = 0; @@ -114,7 +111,6 @@ BN_clear_free(BIGNUM *a) if (a == NULL) return; - bn_check_top(a); if (a->d != NULL && !(BN_get_flags(a, BN_FLG_STATIC_DATA))) freezero(a->d, a->dmax * sizeof(a->d[0])); i = BN_get_flags(a, BN_FLG_MALLOCED); @@ -256,7 +252,6 @@ BN_num_bits(const BIGNUM *a) { int i = a->top - 1; - bn_check_top(a); if (BN_is_zero(a)) return 0; @@ -271,7 +266,6 @@ bn_expand_internal(const BIGNUM *b, int words) const BN_ULONG *B; int i; - bn_check_top(b); if (words > (INT_MAX/(4*BN_BITS2))) { BNerror(BN_R_BIGNUM_TOO_LONG); @@ -337,7 +331,6 @@ bn_expand_internal(const BIGNUM *b, int words) static int bn_expand2(BIGNUM *b, int words) { - bn_check_top(b); if (words > b->dmax) { BN_ULONG *a = bn_expand_internal(b, words); @@ -370,7 +363,6 @@ bn_expand2(BIGNUM *b, int words) assert(A == &(b->d[b->dmax])); } #endif - bn_check_top(b); return 1; } @@ -408,7 +400,6 @@ BN_dup(const BIGNUM *a) if (a == NULL) return NULL; - bn_check_top(a); t = BN_new(); if (t == NULL) @@ -417,7 +408,6 @@ BN_dup(const BIGNUM *a) BN_free(t); return NULL; } - bn_check_top(t); return t; } @@ -428,7 +418,6 @@ BN_copy(BIGNUM *a, const BIGNUM *b) BN_ULONG *A; const BN_ULONG *B; - bn_check_top(b); if (a == b) return (a); @@ -463,7 +452,6 @@ BN_copy(BIGNUM *a, const BIGNUM *b) a->top = b->top; a->neg = b->neg; - bn_check_top(a); return (a); } @@ -474,8 +462,6 @@ BN_swap(BIGNUM *a, BIGNUM *b) BN_ULONG *tmp_d; int tmp_top, tmp_dmax, tmp_neg; - bn_check_top(a); - bn_check_top(b); flags_old_a = a->flags; flags_old_b = b->flags; @@ -499,8 +485,6 @@ BN_swap(BIGNUM *a, BIGNUM *b) (flags_old_b & BN_FLG_STATIC_DATA); b->flags = (flags_old_b & BN_FLG_MALLOCED) | (flags_old_a & BN_FLG_STATIC_DATA); - bn_check_top(a); - bn_check_top(b); } BN_ULONG @@ -517,13 +501,11 @@ BN_get_word(const BIGNUM *a) int BN_set_word(BIGNUM *a, BN_ULONG w) { - bn_check_top(a); if (!bn_wexpand(a, 1)) return (0); a->neg = 0; a->d[0] = w; a->top = (w ? 1 : 0); - bn_check_top(a); return (1); } @@ -541,7 +523,6 @@ BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret) ret = bn = BN_new(); if (ret == NULL) return (NULL); - bn_check_top(ret); l = 0; n = len; if (n == 0) { @@ -658,7 +639,6 @@ BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret) if (ret == NULL) return NULL; - bn_check_top(ret); s += len; /* Skip trailing zeroes. */ @@ -715,8 +695,6 @@ BN_ucmp(const BIGNUM *a, const BIGNUM *b) int i; BN_ULONG t1, t2, *ap, *bp; - bn_check_top(a); - bn_check_top(b); i = a->top - b->top; if (i != 0) @@ -748,8 +726,6 @@ BN_cmp(const BIGNUM *a, const BIGNUM *b) return (0); } - bn_check_top(a); - bn_check_top(b); if (a->neg != b->neg) { if (a->neg) @@ -799,7 +775,6 @@ BN_set_bit(BIGNUM *a, int n) } a->d[i] |= (((BN_ULONG)1) << j); - bn_check_top(a); return (1); } @@ -808,7 +783,6 @@ BN_clear_bit(BIGNUM *a, int n) { int i, j; - bn_check_top(a); if (n < 0) return 0; @@ -827,7 +801,6 @@ BN_is_bit_set(const BIGNUM *a, int n) { int i, j; - bn_check_top(a); if (n < 0) return 0; i = n / BN_BITS2; @@ -842,7 +815,6 @@ BN_mask_bits(BIGNUM *a, int n) { int b, w; - bn_check_top(a); if (n < 0) return 0; @@ -932,9 +904,6 @@ BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords) BN_ULONG t; int i; - bn_wcheck_size(a, nwords); - bn_wcheck_size(b, nwords); - assert(a != b); assert((condition & (condition - 1)) == 0); assert(sizeof(BN_ULONG) >= sizeof(int)); diff --git a/src/lib/libcrypto/bn/bn_mod.c b/src/lib/libcrypto/bn/bn_mod.c index 897ff434e9..5be8252f2d 100644 --- a/src/lib/libcrypto/bn/bn_mod.c +++ b/src/lib/libcrypto/bn/bn_mod.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mod.c,v 1.12 2017/01/29 17:49:22 beck Exp $ */ +/* $OpenBSD: bn_mod.c,v 1.13 2022/11/26 13:56:33 jsing Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. */ /* ==================================================================== @@ -182,9 +182,6 @@ BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, BIGNUM *t; int ret = 0; - bn_check_top(a); - bn_check_top(b); - bn_check_top(m); BN_CTX_start(ctx); if ((t = BN_CTX_get(ctx)) == NULL) @@ -198,7 +195,6 @@ BN_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, const BIGNUM *m, } if (!BN_nnmod(r, t,m, ctx)) goto err; - bn_check_top(r); ret = 1; err: @@ -220,7 +216,6 @@ BN_mod_lshift1(BIGNUM *r, const BIGNUM *a, const BIGNUM *m, BN_CTX *ctx) { if (!BN_lshift1(r, a)) return 0; - bn_check_top(r); return BN_nnmod(r, r, m, ctx); } @@ -231,7 +226,6 @@ BN_mod_lshift1_quick(BIGNUM *r, const BIGNUM *a, const BIGNUM *m) { if (!BN_lshift1(r, a)) return 0; - bn_check_top(r); if (BN_cmp(r, m) >= 0) return BN_sub(r, r, m); return 1; @@ -254,7 +248,6 @@ BN_mod_lshift(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m, BN_CTX *ctx) } ret = BN_mod_lshift_quick(r, r, n, (abs_m ? abs_m : m)); - bn_check_top(r); BN_free(abs_m); return ret; @@ -302,7 +295,6 @@ BN_mod_lshift_quick(BIGNUM *r, const BIGNUM *a, int n, const BIGNUM *m) return 0; } } - bn_check_top(r); return 1; } diff --git a/src/lib/libcrypto/bn/bn_mont.c b/src/lib/libcrypto/bn/bn_mont.c index 251c67b89d..24bc41e886 100644 --- a/src/lib/libcrypto/bn/bn_mont.c +++ b/src/lib/libcrypto/bn/bn_mont.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mont.c,v 1.30 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_mont.c,v 1.31 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -152,7 +152,6 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, if ((tmp = BN_CTX_get(ctx)) == NULL) goto err; - bn_check_top(tmp); if (a == b) { if (!BN_sqr(tmp, a, ctx)) goto err; @@ -168,7 +167,6 @@ BN_mod_mul_montgomery(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, if (!BN_from_montgomery(r, tmp, mont, ctx)) goto err; #endif - bn_check_top(r); ret = 1; err: BN_CTX_end(ctx); @@ -272,7 +270,6 @@ BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont) #endif bn_correct_top(r); bn_correct_top(ret); - bn_check_top(ret); return (1); } @@ -318,7 +315,6 @@ BN_from_montgomery(BIGNUM *ret, const BIGNUM *a, BN_MONT_CTX *mont, BN_CTX *ctx) goto err; } retn = 1; - bn_check_top(ret); err: BN_CTX_end(ctx); diff --git a/src/lib/libcrypto/bn/bn_mpi.c b/src/lib/libcrypto/bn/bn_mpi.c index 9b743cca8c..75b34511fe 100644 --- a/src/lib/libcrypto/bn/bn_mpi.c +++ b/src/lib/libcrypto/bn/bn_mpi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mpi.c,v 1.9 2022/11/09 01:05:45 tobhe Exp $ */ +/* $OpenBSD: bn_mpi.c,v 1.10 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -131,6 +131,5 @@ BN_mpi2bn(const unsigned char *d, int n, BIGNUM *ain) if (neg) { BN_clear_bit(a, BN_num_bits(a) - 1); } - bn_check_top(a); return (a); } diff --git a/src/lib/libcrypto/bn/bn_mul.c b/src/lib/libcrypto/bn/bn_mul.c index fa9d559da9..0d8da8a6f6 100644 --- a/src/lib/libcrypto/bn/bn_mul.c +++ b/src/lib/libcrypto/bn/bn_mul.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_mul.c,v 1.21 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_mul.c,v 1.22 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -954,9 +954,6 @@ BN_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) fprintf(stderr, "BN_mul %d * %d\n",a->top,b->top); #endif - bn_check_top(a); - bn_check_top(b); - bn_check_top(r); al = a->top; bl = b->top; @@ -1092,7 +1089,6 @@ end: BN_copy(r, rr); ret = 1; err: - bn_check_top(r); BN_CTX_end(ctx); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_prime.c b/src/lib/libcrypto/bn/bn_prime.c index bf3f931644..0ba288c46a 100644 --- a/src/lib/libcrypto/bn/bn_prime.c +++ b/src/lib/libcrypto/bn/bn_prime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_prime.c,v 1.26 2022/11/09 22:52:51 tb Exp $ */ +/* $OpenBSD: bn_prime.c,v 1.27 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -232,7 +232,6 @@ BN_generate_prime_ex(BIGNUM *ret, int bits, int safe, const BIGNUM *add, err: BN_CTX_end(ctx); BN_CTX_free(ctx); - bn_check_top(ret); return found; } @@ -288,7 +287,6 @@ loop: } if (!BN_add_word(rnd, delta)) return (0); - bn_check_top(rnd); return (1); } @@ -338,7 +336,6 @@ loop: err: BN_CTX_end(ctx); - bn_check_top(rnd); return (ret); } @@ -406,6 +403,5 @@ loop: err: BN_CTX_end(ctx); - bn_check_top(p); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_print.c b/src/lib/libcrypto/bn/bn_print.c index ad2e3ba16c..4576e25f49 100644 --- a/src/lib/libcrypto/bn/bn_print.c +++ b/src/lib/libcrypto/bn/bn_print.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_print.c,v 1.35 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_print.c,v 1.36 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -254,7 +254,6 @@ BN_hex2bn(BIGNUM **bn, const char *a) ret->neg = neg; *bn = ret; - bn_check_top(ret); return (num); err: @@ -322,7 +321,6 @@ BN_dec2bn(BIGNUM **bn, const char *a) bn_correct_top(ret); *bn = ret; - bn_check_top(ret); return (num); err: diff --git a/src/lib/libcrypto/bn/bn_rand.c b/src/lib/libcrypto/bn/bn_rand.c index b21692c949..17f1868350 100644 --- a/src/lib/libcrypto/bn/bn_rand.c +++ b/src/lib/libcrypto/bn/bn_rand.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_rand.c,v 1.25 2021/08/31 11:19:19 tb Exp $ */ +/* $OpenBSD: bn_rand.c,v 1.26 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -190,7 +190,6 @@ bnrand(int pseudorand, BIGNUM *rnd, int bits, int top, int bottom) err: freezero(buf, bytes); - bn_check_top(rnd); return (ret); } @@ -272,7 +271,6 @@ bn_rand_range(int pseudo, BIGNUM *r, const BIGNUM *range) } while (BN_cmp(r, range) >= 0); } - bn_check_top(r); return 1; } diff --git a/src/lib/libcrypto/bn/bn_recp.c b/src/lib/libcrypto/bn/bn_recp.c index 6588d33033..8959f6bd3c 100644 --- a/src/lib/libcrypto/bn/bn_recp.c +++ b/src/lib/libcrypto/bn/bn_recp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_recp.c,v 1.15 2017/01/29 17:49:22 beck Exp $ */ +/* $OpenBSD: bn_recp.c,v 1.16 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -134,7 +134,6 @@ BN_mod_mul_reciprocal(BIGNUM *r, const BIGNUM *x, const BIGNUM *y, err: BN_CTX_end(ctx); - bn_check_top(r); return (ret); } @@ -228,8 +227,6 @@ BN_div_recp(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, BN_RECP_CTX *recp, err: BN_CTX_end(ctx); - bn_check_top(dv); - bn_check_top(rem); return (ret); } @@ -257,7 +254,6 @@ BN_reciprocal(BIGNUM *r, const BIGNUM *m, int len, BN_CTX *ctx) ret = len; err: - bn_check_top(r); BN_CTX_end(ctx); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_shift.c b/src/lib/libcrypto/bn/bn_shift.c index e2612d1e9d..6dbaffb194 100644 --- a/src/lib/libcrypto/bn/bn_shift.c +++ b/src/lib/libcrypto/bn/bn_shift.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_shift.c,v 1.15 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_shift.c,v 1.16 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -69,8 +69,6 @@ BN_lshift1(BIGNUM *r, const BIGNUM *a) BN_ULONG *ap, *rp, t, c; int i; - bn_check_top(r); - bn_check_top(a); if (r != a) { r->neg = a->neg; @@ -93,7 +91,6 @@ BN_lshift1(BIGNUM *r, const BIGNUM *a) *rp = 1; r->top++; } - bn_check_top(r); return (1); } @@ -103,8 +100,6 @@ BN_rshift1(BIGNUM *r, const BIGNUM *a) BN_ULONG *ap, *rp, t, c; int i, j; - bn_check_top(r); - bn_check_top(a); if (BN_is_zero(a)) { BN_zero(r); @@ -129,7 +124,6 @@ BN_rshift1(BIGNUM *r, const BIGNUM *a) c = (t & 1) ? BN_TBIT : 0; } r->top = j; - bn_check_top(r); return (1); } @@ -145,8 +139,6 @@ BN_lshift(BIGNUM *r, const BIGNUM *a, int n) return 0; } - bn_check_top(r); - bn_check_top(a); r->neg = a->neg; nw = n / BN_BITS2; @@ -171,7 +163,6 @@ BN_lshift(BIGNUM *r, const BIGNUM *a, int n) t[i]=0;*/ r->top = a->top + nw + 1; bn_correct_top(r); - bn_check_top(r); return (1); } @@ -187,8 +178,6 @@ BN_rshift(BIGNUM *r, const BIGNUM *a, int n) return 0; } - bn_check_top(r); - bn_check_top(a); nw = n / BN_BITS2; rb = n % BN_BITS2; @@ -225,6 +214,5 @@ BN_rshift(BIGNUM *r, const BIGNUM *a, int n) if ((l = (l >> rb) & BN_MASK2)) *(t) = l; } - bn_check_top(r); return (1); } diff --git a/src/lib/libcrypto/bn/bn_sqr.c b/src/lib/libcrypto/bn/bn_sqr.c index 36b3965207..80070831ab 100644 --- a/src/lib/libcrypto/bn/bn_sqr.c +++ b/src/lib/libcrypto/bn/bn_sqr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqr.c,v 1.14 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_sqr.c,v 1.15 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -72,7 +72,6 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) #ifdef BN_COUNT fprintf(stderr, "BN_sqr %d * %d\n", a->top, a->top); #endif - bn_check_top(a); al = a->top; if (al <= 0) { @@ -145,8 +144,6 @@ BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) ret = 1; err: - bn_check_top(rr); - bn_check_top(tmp); BN_CTX_end(ctx); return (ret); } diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c index d9ab545496..e964c578e3 100644 --- a/src/lib/libcrypto/bn/bn_sqrt.c +++ b/src/lib/libcrypto/bn/bn_sqrt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_sqrt.c,v 1.12 2022/11/19 12:25:23 tb Exp $ */ +/* $OpenBSD: bn_sqrt.c,v 1.13 2022/11/26 13:56:33 jsing Exp $ */ /* Written by Lenka Fibikova * and Bodo Moeller for the OpenSSL project. */ /* ==================================================================== @@ -87,7 +87,6 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) BN_free(ret); return NULL; } - bn_check_top(ret); return ret; } @@ -105,7 +104,6 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx) BN_free(ret); return NULL; } - bn_check_top(ret); return ret; } @@ -407,6 +405,5 @@ end: ret = NULL; } BN_CTX_end(ctx); - bn_check_top(ret); return ret; } diff --git a/src/lib/libcrypto/bn/bn_word.c b/src/lib/libcrypto/bn/bn_word.c index 683668c52d..9719808520 100644 --- a/src/lib/libcrypto/bn/bn_word.c +++ b/src/lib/libcrypto/bn/bn_word.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bn_word.c,v 1.14 2022/11/24 01:30:01 jsing Exp $ */ +/* $OpenBSD: bn_word.c,v 1.15 2022/11/26 13:56:33 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -87,7 +87,6 @@ BN_mod_word(const BIGNUM *a, BN_ULONG w) } #endif - bn_check_top(a); w &= BN_MASK2; for (i = a->top - 1; i >= 0; i--) { #ifndef BN_LLONG @@ -108,7 +107,6 @@ BN_div_word(BIGNUM *a, BN_ULONG w) BN_ULONG ret = 0; int i, j; - bn_check_top(a); w &= BN_MASK2; if (!w) @@ -134,7 +132,6 @@ BN_div_word(BIGNUM *a, BN_ULONG w) if ((a->top > 0) && (a->d[a->top - 1] == 0)) a->top--; ret >>= j; - bn_check_top(a); return (ret); } @@ -144,7 +141,6 @@ BN_add_word(BIGNUM *a, BN_ULONG w) BN_ULONG l; int i; - bn_check_top(a); w &= BN_MASK2; /* degenerate case: w is zero */ @@ -171,7 +167,6 @@ BN_add_word(BIGNUM *a, BN_ULONG w) a->top++; a->d[i] = w; } - bn_check_top(a); return (1); } @@ -180,7 +175,6 @@ BN_sub_word(BIGNUM *a, BN_ULONG w) { int i; - bn_check_top(a); w &= BN_MASK2; /* degenerate case: w is zero */ @@ -219,7 +213,6 @@ BN_sub_word(BIGNUM *a, BN_ULONG w) } if ((a->d[i] == 0) && (i == (a->top - 1))) a->top--; - bn_check_top(a); return (1); } @@ -228,7 +221,6 @@ BN_mul_word(BIGNUM *a, BN_ULONG w) { BN_ULONG ll; - bn_check_top(a); w &= BN_MASK2; if (a->top) { if (w == 0) @@ -242,6 +234,5 @@ BN_mul_word(BIGNUM *a, BN_ULONG w) } } } - bn_check_top(a); return (1); } -- cgit v1.2.3-55-g6feb