Add EC_GROUP_order_bits, EC_GROUP_get0_order and EC_GROUP_get0_cofactor (be2e334f) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/ec/ec_ameth.c

+4 −24

Original line number	Diff line number	Diff line
		@@ -356,23 +356,7 @@ static int int_ec_size(const EVP_PKEY *pkey)

		static int ec_bits(const EVP_PKEY *pkey)
		{
		BIGNUM *order = BN_new();
		const EC_GROUP *group;
		int ret;

		if (order == NULL) {
		ERR_clear_error();
		return 0;
		}
		group = EC_KEY_get0_group(pkey->pkey.ec);
		if (!EC_GROUP_get_order(group, order, NULL)) {
		ERR_clear_error();
		return 0;
		}

		ret = BN_num_bits(order);
		BN_free(order);
		return ret;
		return EC_GROUP_order_bits(EC_KEY_get0_group(pkey->pkey.ec));
		}

		static int ec_security_bits(const EVP_PKEY *pkey)
		@@ -435,7 +419,7 @@ static int do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)
		const char *ecstr;
		size_t buf_len = 0, i;
		int ret = 0, reason = ERR_R_BIO_LIB;
		BIGNUM pub_key = NULL, order = NULL;
		BIGNUM *pub_key = NULL;
		BN_CTX *ctx = NULL;
		const EC_GROUP *group;
		const EC_POINT *public_key;
		@@ -488,11 +472,8 @@ static int do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)

		if (!BIO_indent(bp, off, 128))
		goto err;
		if ((order = BN_new()) == NULL)
		goto err;
		if (!EC_GROUP_get_order(group, order, NULL))
		goto err;
		if (BIO_printf(bp, "%s: (%d bit)\n", ecstr, BN_num_bits(order)) <= 0)
		if (BIO_printf(bp, "%s: (%d bit)\n", ecstr,
		EC_GROUP_order_bits(group)) <= 0)
		goto err;

		if ((priv_key != NULL) && !ASN1_bn_print(bp, "priv:", priv_key,
		@@ -508,7 +489,6 @@ static int do_EC_KEY_print(BIO bp, const EC_KEY x, int off, int ktype)
		if (!ret)
		ECerr(EC_F_DO_EC_KEY_PRINT, reason);
		BN_free(pub_key);
		BN_free(order);
		BN_CTX_free(ctx);
		OPENSSL_free(buffer);
		return (ret);

crypto/ec/ec_asn1.c

+7 −17

Original line number	Diff line number	Diff line
		@@ -536,16 +536,11 @@ static ECPARAMETERS ec_asn1_group2parameters(const EC_GROUP group,
		{
		size_t len = 0;
		ECPARAMETERS *ret = NULL;
		BIGNUM *tmp = NULL;
		const BIGNUM *tmp;
		unsigned char *buffer = NULL;
		const EC_POINT *point = NULL;
		point_conversion_form_t form;

		if ((tmp = BN_new()) == NULL) {
		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
		goto err;
		}

		if (param == NULL) {
		if ((ret = ECPARAMETERS_new()) == NULL) {
		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_MALLOC_FAILURE);
		@@ -592,7 +587,8 @@ static ECPARAMETERS ec_asn1_group2parameters(const EC_GROUP group,
		}

		/* set the order */
		if (!EC_GROUP_get_order(group, tmp, NULL)) {
		tmp = EC_GROUP_get0_order(group);
		if (tmp == NULL) {
		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_EC_LIB);
		goto err;
		}
		@@ -603,7 +599,8 @@ static ECPARAMETERS ec_asn1_group2parameters(const EC_GROUP group,
		}

		/* set the cofactor (optional) */
		if (EC_GROUP_get_cofactor(group, tmp, NULL)) {
		tmp = EC_GROUP_get0_cofactor(group);
		if (tmp != NULL) {
		ret->cofactor = BN_to_ASN1_INTEGER(tmp, ret->cofactor);
		if (ret->cofactor == NULL) {
		ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS, ERR_R_ASN1_LIB);
		@@ -616,7 +613,6 @@ static ECPARAMETERS ec_asn1_group2parameters(const EC_GROUP group,
		err:
		if (!param)
		ECPARAMETERS_free(ret);
		BN_free(tmp);
		OPENSSL_free(buffer);
		return NULL;
		}
		@@ -1315,7 +1311,6 @@ int ECDSA_size(const EC_KEY *r)
		{
		int ret, i;
		ASN1_INTEGER bs;
		BIGNUM *order = NULL;
		unsigned char buf[4];
		const EC_GROUP *group;

		@@ -1325,13 +1320,9 @@ int ECDSA_size(const EC_KEY *r)
		if (group == NULL)
		return 0;

		if ((order = BN_new()) == NULL)
		i = EC_GROUP_order_bits(group);
		if (i == 0)
		return 0;
		if (!EC_GROUP_get_order(group, order, NULL)) {
		BN_clear_free(order);
		return 0;
		}
		i = BN_num_bits(order);
		bs.length = (i + 7) / 8;
		bs.data = buf;
		bs.type = V_ASN1_INTEGER;
		@@ -1341,6 +1332,5 @@ int ECDSA_size(const EC_KEY *r)
		i = i2d_ASN1_INTEGER(&bs, NULL);
		i += i; /* r and s */
		ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
		BN_clear_free(order);
		return (ret);
		}

crypto/ec/ec_check.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -58,7 +58,7 @@
		int EC_GROUP_check(const EC_GROUP group, BN_CTX ctx)
		{
		int ret = 0;
		BIGNUM *order;
		const BIGNUM *order;
		BN_CTX *new_ctx = NULL;
		EC_POINT *point = NULL;

		@@ -92,7 +92,8 @@ int EC_GROUP_check(const EC_GROUP group, BN_CTX ctx)
		/* check the order of the generator */
		if ((point = EC_POINT_new(group)) == NULL)
		goto err;
		if (!EC_GROUP_get_order(group, order, ctx))
		order = EC_GROUP_get0_order(group);
		if (order == NULL)
		goto err;
		if (BN_is_zero(order)) {
		ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_ORDER);

crypto/ec/ec_key.c

+4 −5

Original line number	Diff line number	Diff line
		@@ -241,11 +241,10 @@ int ossl_ec_key_gen(EC_KEY *eckey)
		{
		int ok = 0;
		BN_CTX *ctx = NULL;
		BIGNUM priv_key = NULL, order = NULL;
		BIGNUM *priv_key = NULL;
		const BIGNUM *order = NULL;
		EC_POINT *pub_key = NULL;

		if ((order = BN_new()) == NULL)
		goto err;
		if ((ctx = BN_CTX_new()) == NULL)
		goto err;

		@@ -256,7 +255,8 @@ int ossl_ec_key_gen(EC_KEY *eckey)
		} else
		priv_key = eckey->priv_key;

		if (!EC_GROUP_get_order(eckey->group, order, ctx))
		order = EC_GROUP_get0_order(eckey->group);
		if (order == NULL)
		goto err;

		do
		@@ -280,7 +280,6 @@ int ossl_ec_key_gen(EC_KEY *eckey)
		ok = 1;

		err:
		BN_free(order);
		if (eckey->pub_key == NULL)
		EC_POINT_free(pub_key);
		if (eckey->priv_key != priv_key)

crypto/ec/ec_lib.c

+29 −5

Original line number	Diff line number	Diff line
		@@ -349,21 +349,43 @@ BN_MONT_CTX EC_GROUP_get_mont_data(const EC_GROUP group)

		int EC_GROUP_get_order(const EC_GROUP group, BIGNUM order, BN_CTX *ctx)
		{
		if (group->order == NULL)
		return 0;
		if (!BN_copy(order, group->order))
		return 0;

		return !BN_is_zero(order);
		}

		const BIGNUM EC_GROUP_get0_order(const EC_GROUP group)
		{
		return group->order;
		}

		int EC_GROUP_order_bits(const EC_GROUP *group)
		{
		if (group->order)
		return BN_num_bits(group->order);
		return 0;
		}

		int EC_GROUP_get_cofactor(const EC_GROUP group, BIGNUM cofactor,
		BN_CTX *ctx)
		{

		if (group->cofactor == NULL)
		return 0;
		if (!BN_copy(cofactor, group->cofactor))
		return 0;

		return !BN_is_zero(group->cofactor);
		}

		const BIGNUM EC_GROUP_get0_cofactor(const EC_GROUP group)
		{
		return group->cofactor;
		}

		void EC_GROUP_set_curve_name(EC_GROUP *group, int nid)
		{
		group->curve_name = nid;
		@@ -536,16 +558,18 @@ int EC_GROUP_cmp(const EC_GROUP a, const EC_GROUP b, BN_CTX *ctx)
		r = 1;

		if (!r) {
		const BIGNUM ao, bo, ac, bc;
		/* compare the order and cofactor */
		if (!EC_GROUP_get_order(a, a1, ctx) \|\|
		!EC_GROUP_get_order(b, b1, ctx) \|\|
		!EC_GROUP_get_cofactor(a, a2, ctx) \|\|
		!EC_GROUP_get_cofactor(b, b2, ctx)) {
		ao = EC_GROUP_get0_order(a);
		bo = EC_GROUP_get0_order(b);
		ac = EC_GROUP_get0_cofactor(a);
		bc = EC_GROUP_get0_cofactor(b);
		if (ao == NULL \|\| bo == NULL) {
		BN_CTX_end(ctx);
		BN_CTX_free(ctx_new);
		return -1;
		}
		if (BN_cmp(a1, b1) \|\| BN_cmp(a2, b2))
		if (BN_cmp(ao, bo) \|\| BN_cmp(ac, bc))
		r = 1;
		}

Admin message