Commit 03e1b3a1 authored by Matt Caswell's avatar Matt Caswell Committed by Dr. Stephen Henson
Browse files

Make binary curve ASN.1 work in FIPS mode. 

Don't check for binary curves by checking methods: the values will
be different in FIPS mode as they are redirected to the validated module
version.
(cherry picked from commit 94782e0e)
parent 9c95ff96

crypto/ec/ec_ameth.c

+1 −1
Original line number Diff line number Diff line
@@ -88,7 +88,7 @@ static int eckey_param2type(int *pptype, void **ppval, EC_KEY *ec_key) 
		if (!pstr)

			return 0;

		pstr->length = i2d_ECParameters(ec_key, &pstr->data);

		if (pstr->length < 0)

		if (pstr->length <= 0)

			{

			ASN1_STRING_free(pstr);

			ECerr(EC_F_ECKEY_PARAM2TYPE, ERR_R_EC_LIB);

crypto/ec/ec_asn1.c

+4 −2
Original line number Diff line number Diff line
@@ -89,7 +89,8 @@ int EC_GROUP_get_trinomial_basis(const EC_GROUP *group, unsigned int *k) 
	if (group == NULL)

		return 0;



	if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve

	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=

	    NID_X9_62_characteristic_two_field

	    || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] == 0)))

		{

		ECerr(EC_F_EC_GROUP_GET_TRINOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
@@ -107,7 +108,8 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, 
	if (group == NULL)

		return 0;



	if (EC_GROUP_method_of(group)->group_set_curve != ec_GF2m_simple_group_set_curve

	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) !=

	    NID_X9_62_characteristic_two_field

	    || !((group->poly[0] != 0) && (group->poly[1] != 0) && (group->poly[2] != 0) && (group->poly[3] != 0) && (group->poly[4] == 0)))

		{

		ECerr(EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);