From e7605a5f9628e0963785991b55f4323b645d578d Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Wed, 22 Jan 2025 09:56:58 +0000
Subject: Remove the mul_generator_ct function pointer from EC_METHOD.

There's no need for a separate mul_generator_ct() function pointer - we
really only need mul_single_ct() and mul_double_nonct(). And rather than
calling ec_mul_ct() and having it figure out which point to use, explicitly
pass the generator point when calling mul_single_ct().

ok tb@
---
 src/lib/libcrypto/ec/ec_lib.c      |  8 ++++----
 src/lib/libcrypto/ec/ec_local.h    |  4 +---
 src/lib/libcrypto/ec/ecp_methods.c | 20 +++-----------------
 3 files changed, 8 insertions(+), 24 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index f906054603..a60543ab98 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.112 2025/01/21 17:01:25 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.113 2025/01/22 09:56:58 jsing Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -1347,8 +1347,7 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
 	if (ctx == NULL)
 		goto err;
 
-	if (group->meth->mul_generator_ct == NULL ||
-	    group->meth->mul_single_ct == NULL ||
+	if (group->meth->mul_single_ct == NULL ||
 	    group->meth->mul_double_nonct == NULL) {
 		ECerror(ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
 		goto err;
@@ -1363,7 +1362,8 @@ EC_POINT_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *g_scalar,
 		 * secret. This is why we ignore if BN_FLG_CONSTTIME is actually
 		 * set and we always call the constant time version.
 		 */
-		ret = group->meth->mul_generator_ct(group, r, g_scalar, ctx);
+		ret = group->meth->mul_single_ct(group, r, g_scalar,
+		    group->generator, ctx);
 	} else if (g_scalar == NULL && point != NULL && p_scalar != NULL) {
 		/*
 		 * In this case we want to compute p_scalar * GenericPoint:
diff --git a/src/lib/libcrypto/ec/ec_local.h b/src/lib/libcrypto/ec/ec_local.h
index afa8b0307f..84c1552c8a 100644
--- a/src/lib/libcrypto/ec/ec_local.h
+++ b/src/lib/libcrypto/ec/ec_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_local.h,v 1.62 2025/01/11 20:57:03 tb Exp $ */
+/* $OpenBSD: ec_local.h,v 1.63 2025/01/22 09:56:58 jsing Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -105,8 +105,6 @@ struct ec_method_st {
 	int (*dbl)(const EC_GROUP *, EC_POINT *r, const EC_POINT *a, BN_CTX *);
 	int (*invert)(const EC_GROUP *, EC_POINT *, BN_CTX *);
 
-	int (*mul_generator_ct)(const EC_GROUP *, EC_POINT *r,
-	    const BIGNUM *scalar, BN_CTX *);
 	int (*mul_single_ct)(const EC_GROUP *group, EC_POINT *r,
 	    const BIGNUM *scalar, const EC_POINT *point, BN_CTX *);
 	int (*mul_double_nonct)(const EC_GROUP *group, EC_POINT *r,
diff --git a/src/lib/libcrypto/ec/ecp_methods.c b/src/lib/libcrypto/ec/ecp_methods.c
index 718bd4565a..62966e14d6 100644
--- a/src/lib/libcrypto/ec/ecp_methods.c
+++ b/src/lib/libcrypto/ec/ecp_methods.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ecp_methods.c,v 1.39 2025/01/17 11:11:27 tb Exp $ */
+/* $OpenBSD: ecp_methods.c,v 1.40 2025/01/22 09:56:58 jsing Exp $ */
 /* Includes code written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
  * for the OpenSSL project.
  * Includes code written by Bodo Moeller for the OpenSSL project.
@@ -1023,13 +1023,8 @@ ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 	if ((s = EC_POINT_new(group)) == NULL)
 		goto err;
 
-	if (point == NULL) {
-		if (!EC_POINT_copy(s, group->generator))
-			goto err;
-	} else {
-		if (!EC_POINT_copy(s, point))
-			goto err;
-	}
+	if (!EC_POINT_copy(s, point))
+		goto err;
 
 	EC_POINT_BN_set_flags(s, BN_FLG_CONSTTIME);
 
@@ -1194,13 +1189,6 @@ ec_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 #undef EC_POINT_BN_set_flags
 #undef EC_POINT_CSWAP
 
-static int
-ec_mul_generator_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
-    BN_CTX *ctx)
-{
-	return ec_mul_ct(group, r, scalar, NULL, ctx);
-}
-
 static int
 ec_mul_single_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
     const EC_POINT *point, BN_CTX *ctx)
@@ -1317,7 +1305,6 @@ static const EC_METHOD ec_GFp_simple_method = {
 	.add = ec_add,
 	.dbl = ec_dbl,
 	.invert = ec_invert,
-	.mul_generator_ct = ec_mul_generator_ct,
 	.mul_single_ct = ec_mul_single_ct,
 	.mul_double_nonct = ec_mul_double_nonct,
 	.field_mul = ec_simple_field_mul,
@@ -1343,7 +1330,6 @@ static const EC_METHOD ec_GFp_mont_method = {
 	.add = ec_add,
 	.dbl = ec_dbl,
 	.invert = ec_invert,
-	.mul_generator_ct = ec_mul_generator_ct,
 	.mul_single_ct = ec_mul_single_ct,
 	.mul_double_nonct = ec_mul_double_nonct,
 	.field_mul = ec_mont_field_mul,
-- 
cgit v1.2.3-55-g6feb