diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2018-08-14 17:48:02 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2018-08-14 17:48:02 +0000 |
| commit | dea77ea6fc17930104a7cf5c04b7aa6acc4a33fb (patch) | |
| tree | 9063b7bc29c788870f2821ff70405afe6d303e63 /crypto/openssl/crypto/ec | |
| parent | 8c52a6dbf7d095edbbd3e1345dabca669cc0800c (diff) | |
| parent | 43a67e02da9068b94df1c07fc6f0d70bafd9263b (diff) | |
| download | src-test2-dea77ea6fc17930104a7cf5c04b7aa6acc4a33fb.tar.gz src-test2-dea77ea6fc17930104a7cf5c04b7aa6acc4a33fb.zip | |
Notes
Diffstat (limited to 'crypto/openssl/crypto/ec')
| -rw-r--r-- | crypto/openssl/crypto/ec/ec_ameth.c | 22 | ||||
| -rw-r--r-- | crypto/openssl/crypto/ec/ec_lib.c | 10 | ||||
| -rw-r--r-- | crypto/openssl/crypto/ec/ecp_nistz256.c | 23 |
3 files changed, 34 insertions, 21 deletions
diff --git a/crypto/openssl/crypto/ec/ec_ameth.c b/crypto/openssl/crypto/ec/ec_ameth.c index 2c41c6e7a9f1..aa5f3056af77 100644 --- a/crypto/openssl/crypto/ec/ec_ameth.c +++ b/crypto/openssl/crypto/ec/ec_ameth.c @@ -3,7 +3,7 @@ * 2006. */ /* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. + * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -143,19 +143,19 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) static EC_KEY *eckey_type2param(int ptype, void *pval) { EC_KEY *eckey = NULL; + EC_GROUP *group = NULL; + if (ptype == V_ASN1_SEQUENCE) { - ASN1_STRING *pstr = pval; - const unsigned char *pm = NULL; - int pmlen; - pm = pstr->data; - pmlen = pstr->length; - if (!(eckey = d2i_ECParameters(NULL, &pm, pmlen))) { + const ASN1_STRING *pstr = pval; + const unsigned char *pm = pstr->data; + int pmlen = pstr->length; + + if ((eckey = d2i_ECParameters(NULL, &pm, pmlen)) == NULL) { ECerr(EC_F_ECKEY_TYPE2PARAM, EC_R_DECODE_ERROR); goto ecerr; } } else if (ptype == V_ASN1_OBJECT) { - ASN1_OBJECT *poid = pval; - EC_GROUP *group; + const ASN1_OBJECT *poid = pval; /* * type == V_ASN1_OBJECT => the parameters are given by an asn1 OID @@ -179,8 +179,8 @@ static EC_KEY *eckey_type2param(int ptype, void *pval) return eckey; ecerr: - if (eckey) - EC_KEY_free(eckey); + EC_KEY_free(eckey); + EC_GROUP_free(group); return NULL; } diff --git a/crypto/openssl/crypto/ec/ec_lib.c b/crypto/openssl/crypto/ec/ec_lib.c index 3241aa51d9f4..933745248d8d 100644 --- a/crypto/openssl/crypto/ec/ec_lib.c +++ b/crypto/openssl/crypto/ec/ec_lib.c @@ -3,7 +3,7 @@ * Originally written by Bodo Moeller for the OpenSSL project. */ /* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. + * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -319,12 +319,16 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator, BN_zero(&group->cofactor); /* - * We ignore the return value because some groups have an order with + * Some groups have an order with * factors of two, which makes the Montgomery setup fail. * |group->mont_data| will be NULL in this case. */ - ec_precompute_mont_data(group); + if (BN_is_odd(&group->order)) { + return ec_precompute_mont_data(group); + } + BN_MONT_CTX_free(group->mont_data); + group->mont_data = NULL; return 1; } diff --git a/crypto/openssl/crypto/ec/ecp_nistz256.c b/crypto/openssl/crypto/ec/ecp_nistz256.c index 9a53a39a25b9..0579cac3a96e 100644 --- a/crypto/openssl/crypto/ec/ecp_nistz256.c +++ b/crypto/openssl/crypto/ec/ecp_nistz256.c @@ -1118,23 +1118,32 @@ static int ecp_nistz256_set_from_affine(EC_POINT *out, const EC_GROUP *group, const P256_POINT_AFFINE *in, BN_CTX *ctx) { - BIGNUM x, y; - BN_ULONG d_x[P256_LIMBS], d_y[P256_LIMBS]; + BIGNUM x, y, z; int ret = 0; - memcpy(d_x, in->X, sizeof(d_x)); - x.d = d_x; + /* + * |const| qualifier omission is compensated by BN_FLG_STATIC_DATA + * flag, which effectively means "read-only data". + */ + x.d = (BN_ULONG *)in->X; x.dmax = x.top = P256_LIMBS; x.neg = 0; x.flags = BN_FLG_STATIC_DATA; - memcpy(d_y, in->Y, sizeof(d_y)); - y.d = d_y; + y.d = (BN_ULONG *)in->Y; y.dmax = y.top = P256_LIMBS; y.neg = 0; y.flags = BN_FLG_STATIC_DATA; - ret = EC_POINT_set_affine_coordinates_GFp(group, out, &x, &y, ctx); + z.d = (BN_ULONG *)ONE; + z.dmax = z.top = P256_LIMBS; + z.neg = 0; + z.flags = BN_FLG_STATIC_DATA; + + if ((ret = (BN_copy(&out->X, &x) != NULL)) + && (ret = (BN_copy(&out->Y, &y) != NULL)) + && (ret = (BN_copy(&out->Z, &z) != NULL))) + out->Z_is_one = 1; return ret; } |