diff options
Diffstat (limited to 'openssl/crypto/ecdh')
| -rw-r--r-- | openssl/crypto/ecdh/ecdh.h | 58 | ||||
| -rw-r--r-- | openssl/crypto/ecdh/ecdhtest.c | 582 | ||||
| -rw-r--r-- | openssl/crypto/ecdh/ech_err.c | 50 | ||||
| -rw-r--r-- | openssl/crypto/ecdh/ech_key.c | 15 | ||||
| -rw-r--r-- | openssl/crypto/ecdh/ech_lib.c | 268 | ||||
| -rw-r--r-- | openssl/crypto/ecdh/ech_locl.h | 58 | ||||
| -rw-r--r-- | openssl/crypto/ecdh/ech_ossl.c | 231 |
7 files changed, 643 insertions, 619 deletions
diff --git a/openssl/crypto/ecdh/ecdh.h b/openssl/crypto/ecdh/ecdh.h index 8887102c0..a9b811abd 100644 --- a/openssl/crypto/ecdh/ecdh.h +++ b/openssl/crypto/ecdh/ecdh.h @@ -21,7 +21,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -67,19 +67,19 @@ * */ #ifndef HEADER_ECDH_H -#define HEADER_ECDH_H +# define HEADER_ECDH_H -#include <openssl/opensslconf.h> +# include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_ECDH -#error ECDH is disabled. -#endif +# ifdef OPENSSL_NO_ECDH +# error ECDH is disabled. +# endif -#include <openssl/ec.h> -#include <openssl/ossl_typ.h> -#ifndef OPENSSL_NO_DEPRECATED -#include <openssl/bn.h> -#endif +# include <openssl/ec.h> +# include <openssl/ossl_typ.h> +# ifndef OPENSSL_NO_DEPRECATED +# include <openssl/bn.h> +# endif #ifdef __cplusplus extern "C" { @@ -87,21 +87,23 @@ extern "C" { const ECDH_METHOD *ECDH_OpenSSL(void); -void ECDH_set_default_method(const ECDH_METHOD *); +void ECDH_set_default_method(const ECDH_METHOD *); const ECDH_METHOD *ECDH_get_default_method(void); -int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); - -int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); +int ECDH_set_method(EC_KEY *, const ECDH_METHOD *); -int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new - *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg); -void *ECDH_get_ex_data(EC_KEY *d, int idx); +int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, + EC_KEY *ecdh, void *(*KDF) (const void *in, size_t inlen, + void *out, size_t *outlen)); +int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new + *new_func, CRYPTO_EX_dup *dup_func, + CRYPTO_EX_free *free_func); +int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg); +void *ECDH_get_ex_data(EC_KEY *d, int idx); /* BEGIN ERROR CODES */ -/* The following lines are auto generated by the script mkerr.pl. Any changes +/* + * The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. */ void ERR_load_ECDH_strings(void); @@ -109,15 +111,15 @@ void ERR_load_ECDH_strings(void); /* Error codes for the ECDH functions. */ /* Function codes. */ -#define ECDH_F_ECDH_CHECK 102 -#define ECDH_F_ECDH_COMPUTE_KEY 100 -#define ECDH_F_ECDH_DATA_NEW_METHOD 101 +# define ECDH_F_ECDH_CHECK 102 +# define ECDH_F_ECDH_COMPUTE_KEY 100 +# define ECDH_F_ECDH_DATA_NEW_METHOD 101 /* Reason codes. */ -#define ECDH_R_KDF_FAILED 102 -#define ECDH_R_NON_FIPS_METHOD 103 -#define ECDH_R_NO_PRIVATE_VALUE 100 -#define ECDH_R_POINT_ARITHMETIC_FAILURE 101 +# define ECDH_R_KDF_FAILED 102 +# define ECDH_R_NON_FIPS_METHOD 103 +# define ECDH_R_NO_PRIVATE_VALUE 100 +# define ECDH_R_POINT_ARITHMETIC_FAILURE 101 #ifdef __cplusplus } diff --git a/openssl/crypto/ecdh/ecdhtest.c b/openssl/crypto/ecdh/ecdhtest.c index 823d7baa6..996321d1e 100644 --- a/openssl/crypto/ecdh/ecdhtest.c +++ b/openssl/crypto/ecdh/ecdhtest.c @@ -21,7 +21,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -73,7 +73,7 @@ #include "../e_os.h" -#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */ +#include <openssl/opensslconf.h> /* for OPENSSL_NO_ECDH */ #include <openssl/crypto.h> #include <openssl/bio.h> #include <openssl/bn.h> @@ -86,289 +86,325 @@ int main(int argc, char *argv[]) { printf("No ECDH support\n"); - return(0); + return (0); } #else -#include <openssl/ec.h> -#include <openssl/ecdh.h> +# include <openssl/ec.h> +# include <openssl/ecdh.h> -#ifdef OPENSSL_SYS_WIN16 -#define MS_CALLBACK _far _loadds -#else -#define MS_CALLBACK -#endif +# ifdef OPENSSL_SYS_WIN16 +# define MS_CALLBACK _far _loadds +# else +# define MS_CALLBACK +# endif -#if 0 +# if 0 static void MS_CALLBACK cb(int p, int n, void *arg); -#endif - -static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +# endif +static const char rnd_seed[] = + "string to make the random number generator think it has entropy"; static const int KDF1_SHA1_len = 20; -static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t *outlen) - { -#ifndef OPENSSL_NO_SHA - if (*outlen < SHA_DIGEST_LENGTH) - return NULL; - else - *outlen = SHA_DIGEST_LENGTH; - return SHA1(in, inlen, out); -#else - return NULL; -#endif - } - +static void *KDF1_SHA1(const void *in, size_t inlen, void *out, + size_t *outlen) +{ +# ifndef OPENSSL_NO_SHA + if (*outlen < SHA_DIGEST_LENGTH) + return NULL; + else + *outlen = SHA_DIGEST_LENGTH; + return SHA1(in, inlen, out); +# else + return NULL; +# endif +} static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO *out) - { - EC_KEY *a=NULL; - EC_KEY *b=NULL; - BIGNUM *x_a=NULL, *y_a=NULL, - *x_b=NULL, *y_b=NULL; - char buf[12]; - unsigned char *abuf=NULL,*bbuf=NULL; - int i,alen,blen,aout,bout,ret=0; - const EC_GROUP *group; - - a = EC_KEY_new_by_curve_name(nid); - b = EC_KEY_new_by_curve_name(nid); - if (a == NULL || b == NULL) - goto err; - - group = EC_KEY_get0_group(a); - - if ((x_a=BN_new()) == NULL) goto err; - if ((y_a=BN_new()) == NULL) goto err; - if ((x_b=BN_new()) == NULL) goto err; - if ((y_b=BN_new()) == NULL) goto err; - - BIO_puts(out,"Testing key generation with "); - BIO_puts(out,text); -#ifdef NOISY - BIO_puts(out,"\n"); -#else - (void)BIO_flush(out); -#endif - - if (!EC_KEY_generate_key(a)) goto err; - - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) - { - if (!EC_POINT_get_affine_coordinates_GFp(group, - EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; - } -#ifndef OPENSSL_NO_EC2M - else - { - if (!EC_POINT_get_affine_coordinates_GF2m(group, - EC_KEY_get0_public_key(a), x_a, y_a, ctx)) goto err; - } -#endif -#ifdef NOISY - BIO_puts(out," pri 1="); - BN_print(out,a->priv_key); - BIO_puts(out,"\n pub 1="); - BN_print(out,x_a); - BIO_puts(out,","); - BN_print(out,y_a); - BIO_puts(out,"\n"); -#else - BIO_printf(out," ."); - (void)BIO_flush(out); -#endif - - if (!EC_KEY_generate_key(b)) goto err; - - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) - { - if (!EC_POINT_get_affine_coordinates_GFp(group, - EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; - } -#ifndef OPENSSL_NO_EC2M - else - { - if (!EC_POINT_get_affine_coordinates_GF2m(group, - EC_KEY_get0_public_key(b), x_b, y_b, ctx)) goto err; - } -#endif - -#ifdef NOISY - BIO_puts(out," pri 2="); - BN_print(out,b->priv_key); - BIO_puts(out,"\n pub 2="); - BN_print(out,x_b); - BIO_puts(out,","); - BN_print(out,y_b); - BIO_puts(out,"\n"); -#else - BIO_printf(out,"."); - (void)BIO_flush(out); -#endif - - alen=KDF1_SHA1_len; - abuf=(unsigned char *)OPENSSL_malloc(alen); - aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1); - -#ifdef NOISY - BIO_puts(out," key1 ="); - for (i=0; i<aout; i++) - { - sprintf(buf,"%02X",abuf[i]); - BIO_puts(out,buf); - } - BIO_puts(out,"\n"); -#else - BIO_printf(out,"."); - (void)BIO_flush(out); -#endif - - blen=KDF1_SHA1_len; - bbuf=(unsigned char *)OPENSSL_malloc(blen); - bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1); - -#ifdef NOISY - BIO_puts(out," key2 ="); - for (i=0; i<bout; i++) - { - sprintf(buf,"%02X",bbuf[i]); - BIO_puts(out,buf); - } - BIO_puts(out,"\n"); -#else - BIO_printf(out,"."); - (void)BIO_flush(out); -#endif - - if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0)) - { -#ifndef NOISY - BIO_printf(out, " failed\n\n"); - BIO_printf(out, "key a:\n"); - BIO_printf(out, "private key: "); - BN_print(out, EC_KEY_get0_private_key(a)); - BIO_printf(out, "\n"); - BIO_printf(out, "public key (x,y): "); - BN_print(out, x_a); - BIO_printf(out, ","); - BN_print(out, y_a); - BIO_printf(out, "\nkey b:\n"); - BIO_printf(out, "private key: "); - BN_print(out, EC_KEY_get0_private_key(b)); - BIO_printf(out, "\n"); - BIO_printf(out, "public key (x,y): "); - BN_print(out, x_b); - BIO_printf(out, ","); - BN_print(out, y_b); - BIO_printf(out, "\n"); - BIO_printf(out, "generated key a: "); - for (i=0; i<bout; i++) - { - sprintf(buf, "%02X", bbuf[i]); - BIO_puts(out, buf); - } - BIO_printf(out, "\n"); - BIO_printf(out, "generated key b: "); - for (i=0; i<aout; i++) - { - sprintf(buf, "%02X", abuf[i]); - BIO_puts(out,buf); - } - BIO_printf(out, "\n"); -#endif - fprintf(stderr,"Error in ECDH routines\n"); - ret=0; - } - else - { -#ifndef NOISY - BIO_printf(out, " ok\n"); -#endif - ret=1; - } -err: - ERR_print_errors_fp(stderr); - - if (abuf != NULL) OPENSSL_free(abuf); - if (bbuf != NULL) OPENSSL_free(bbuf); - if (x_a) BN_free(x_a); - if (y_a) BN_free(y_a); - if (x_b) BN_free(x_b); - if (y_b) BN_free(y_b); - if (b) EC_KEY_free(b); - if (a) EC_KEY_free(a); - return(ret); - } +{ + EC_KEY *a = NULL; + EC_KEY *b = NULL; + BIGNUM *x_a = NULL, *y_a = NULL, *x_b = NULL, *y_b = NULL; + char buf[12]; + unsigned char *abuf = NULL, *bbuf = NULL; + int i, alen, blen, aout, bout, ret = 0; + const EC_GROUP *group; + + a = EC_KEY_new_by_curve_name(nid); + b = EC_KEY_new_by_curve_name(nid); + if (a == NULL || b == NULL) + goto err; + + group = EC_KEY_get0_group(a); + + if ((x_a = BN_new()) == NULL) + goto err; + if ((y_a = BN_new()) == NULL) + goto err; + if ((x_b = BN_new()) == NULL) + goto err; + if ((y_b = BN_new()) == NULL) + goto err; + + BIO_puts(out, "Testing key generation with "); + BIO_puts(out, text); +# ifdef NOISY + BIO_puts(out, "\n"); +# else + (void)BIO_flush(out); +# endif + + if (!EC_KEY_generate_key(a)) + goto err; + + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == + NID_X9_62_prime_field) { + if (!EC_POINT_get_affine_coordinates_GFp + (group, EC_KEY_get0_public_key(a), x_a, y_a, ctx)) + goto err; + } +# ifndef OPENSSL_NO_EC2M + else { + if (!EC_POINT_get_affine_coordinates_GF2m(group, + EC_KEY_get0_public_key(a), + x_a, y_a, ctx)) + goto err; + } +# endif +# ifdef NOISY + BIO_puts(out, " pri 1="); + BN_print(out, a->priv_key); + BIO_puts(out, "\n pub 1="); + BN_print(out, x_a); + BIO_puts(out, ","); + BN_print(out, y_a); + BIO_puts(out, "\n"); +# else + BIO_printf(out, " ."); + (void)BIO_flush(out); +# endif + + if (!EC_KEY_generate_key(b)) + goto err; + + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == + NID_X9_62_prime_field) { + if (!EC_POINT_get_affine_coordinates_GFp + (group, EC_KEY_get0_public_key(b), x_b, y_b, ctx)) + goto err; + } +# ifndef OPENSSL_NO_EC2M + else { + if (!EC_POINT_get_affine_coordinates_GF2m(group, + EC_KEY_get0_public_key(b), + x_b, y_b, ctx)) + goto err; + } +# endif + +# ifdef NOISY + BIO_puts(out, " pri 2="); + BN_print(out, b->priv_key); + BIO_puts(out, "\n pub 2="); + BN_print(out, x_b); + BIO_puts(out, ","); + BN_print(out, y_b); + BIO_puts(out, "\n"); +# else + BIO_printf(out, "."); + (void)BIO_flush(out); +# endif + + alen = KDF1_SHA1_len; + abuf = (unsigned char *)OPENSSL_malloc(alen); + aout = + ECDH_compute_key(abuf, alen, EC_KEY_get0_public_key(b), a, KDF1_SHA1); + +# ifdef NOISY + BIO_puts(out, " key1 ="); + for (i = 0; i < aout; i++) { + sprintf(buf, "%02X", abuf[i]); + BIO_puts(out, buf); + } + BIO_puts(out, "\n"); +# else + BIO_printf(out, "."); + (void)BIO_flush(out); +# endif + + blen = KDF1_SHA1_len; + bbuf = (unsigned char *)OPENSSL_malloc(blen); + bout = + ECDH_compute_key(bbuf, blen, EC_KEY_get0_public_key(a), b, KDF1_SHA1); + +# ifdef NOISY + BIO_puts(out, " key2 ="); + for (i = 0; i < bout; i++) { + sprintf(buf, "%02X", bbuf[i]); + BIO_puts(out, buf); + } + BIO_puts(out, "\n"); +# else + BIO_printf(out, "."); + (void)BIO_flush(out); +# endif + + if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) { +# ifndef NOISY + BIO_printf(out, " failed\n\n"); + BIO_printf(out, "key a:\n"); + BIO_printf(out, "private key: "); + BN_print(out, EC_KEY_get0_private_key(a)); + BIO_printf(out, "\n"); + BIO_printf(out, "public key (x,y): "); + BN_print(out, x_a); + BIO_printf(out, ","); + BN_print(out, y_a); + BIO_printf(out, "\nkey b:\n"); + BIO_printf(out, "private key: "); + BN_print(out, EC_KEY_get0_private_key(b)); + BIO_printf(out, "\n"); + BIO_printf(out, "public key (x,y): "); + BN_print(out, x_b); + BIO_printf(out, ","); + BN_print(out, y_b); + BIO_printf(out, "\n"); + BIO_printf(out, "generated key a: "); + for (i = 0; i < bout; i++) { + sprintf(buf, "%02X", bbuf[i]); + BIO_puts(out, buf); + } + BIO_printf(out, "\n"); + BIO_printf(out, "generated key b: "); + for (i = 0; i < aout; i++) { + sprintf(buf, "%02X", abuf[i]); + BIO_puts(out, buf); + } + BIO_printf(out, "\n"); +# endif + fprintf(stderr, "Error in ECDH routines\n"); + ret = 0; + } else { +# ifndef NOISY + BIO_printf(out, " ok\n"); +# endif + ret = 1; + } + err: + ERR_print_errors_fp(stderr); + + if (abuf != NULL) + OPENSSL_free(abuf); + if (bbuf != NULL) + OPENSSL_free(bbuf); + if (x_a) + BN_free(x_a); + if (y_a) + BN_free(y_a); + if (x_b) + BN_free(x_b); + if (y_b) + BN_free(y_b); + if (b) + EC_KEY_free(b); + if (a) + EC_KEY_free(a); + return (ret); +} int main(int argc, char *argv[]) - { - BN_CTX *ctx=NULL; - int ret=1; - BIO *out; - - CRYPTO_malloc_debug_init(); - CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - -#ifdef OPENSSL_SYS_WIN32 - CRYPTO_malloc_init(); -#endif - - RAND_seed(rnd_seed, sizeof rnd_seed); - - out=BIO_new(BIO_s_file()); - if (out == NULL) EXIT(1); - BIO_set_fp(out,stdout,BIO_NOCLOSE); - - if ((ctx=BN_CTX_new()) == NULL) goto err; - - /* NIST PRIME CURVES TESTS */ - if (!test_ecdh_curve(NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) goto err; - if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) goto err; - if (!test_ecdh_curve(NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) goto err; - if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) goto err; - if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) goto err; -#ifndef OPENSSL_NO_EC2M - /* NIST BINARY CURVES TESTS */ - if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) goto err; - if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) goto err; -#endif - - ret = 0; - -err: - ERR_print_errors_fp(stderr); - if (ctx) BN_CTX_free(ctx); - BIO_free(out); - CRYPTO_cleanup_all_ex_data(); - ERR_remove_thread_state(NULL); - CRYPTO_mem_leaks_fp(stderr); - EXIT(ret); - return(ret); - } +{ + BN_CTX *ctx = NULL; + int ret = 1; + BIO *out; + + CRYPTO_malloc_debug_init(); + CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + +# ifdef OPENSSL_SYS_WIN32 + CRYPTO_malloc_init(); +# endif + + RAND_seed(rnd_seed, sizeof rnd_seed); + + out = BIO_new(BIO_s_file()); + if (out == NULL) + EXIT(1); + BIO_set_fp(out, stdout, BIO_NOCLOSE); + + if ((ctx = BN_CTX_new()) == NULL) + goto err; + + /* NIST PRIME CURVES TESTS */ + if (!test_ecdh_curve + (NID_X9_62_prime192v1, "NIST Prime-Curve P-192", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_secp224r1, "NIST Prime-Curve P-224", ctx, out)) + goto err; + if (!test_ecdh_curve + (NID_X9_62_prime256v1, "NIST Prime-Curve P-256", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_secp384r1, "NIST Prime-Curve P-384", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_secp521r1, "NIST Prime-Curve P-521", ctx, out)) + goto err; +# ifndef OPENSSL_NO_EC2M + /* NIST BINARY CURVES TESTS */ + if (!test_ecdh_curve(NID_sect163k1, "NIST Binary-Curve K-163", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect163r2, "NIST Binary-Curve B-163", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect233k1, "NIST Binary-Curve K-233", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect233r1, "NIST Binary-Curve B-233", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect283k1, "NIST Binary-Curve K-283", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect283r1, "NIST Binary-Curve B-283", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect409k1, "NIST Binary-Curve K-409", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect409r1, "NIST Binary-Curve B-409", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect571k1, "NIST Binary-Curve K-571", ctx, out)) + goto err; + if (!test_ecdh_curve(NID_sect571r1, "NIST Binary-Curve B-571", ctx, out)) + goto err; +# endif + + ret = 0; + + err: + ERR_print_errors_fp(stderr); + if (ctx) + BN_CTX_free(ctx); + BIO_free(out); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_thread_state(NULL); + CRYPTO_mem_leaks_fp(stderr); + EXIT(ret); + return (ret); +} -#if 0 +# if 0 static void MS_CALLBACK cb(int p, int n, void *arg) - { - char c='*'; - - if (p == 0) c='.'; - if (p == 1) c='+'; - if (p == 2) c='*'; - if (p == 3) c='\n'; - BIO_write((BIO *)arg,&c,1); - (void)BIO_flush((BIO *)arg); -#ifdef LINT - p=n; -#endif - } -#endif +{ + char c = '*'; + + if (p == 0) + c = '.'; + if (p == 1) + c = '+'; + if (p == 2) + c = '*'; + if (p == 3) + c = '\n'; + BIO_write((BIO *)arg, &c, 1); + (void)BIO_flush((BIO *)arg); +# ifdef LINT + p = n; +# endif +} +# endif #endif diff --git a/openssl/crypto/ecdh/ech_err.c b/openssl/crypto/ecdh/ech_err.c index 3bd247398..af9f625b4 100644 --- a/openssl/crypto/ecdh/ech_err.c +++ b/openssl/crypto/ecdh/ech_err.c @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -53,7 +53,8 @@ * */ -/* NOTE: this file was auto generated by the mkerr.pl script: any changes +/* + * NOTE: this file was auto generated by the mkerr.pl script: any changes * made to it will be overwritten when the script next updates this file, * only reason strings will be preserved. */ @@ -65,36 +66,33 @@ /* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR -#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0) -#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason) +# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDH,func,0) +# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDH,0,reason) -static ERR_STRING_DATA ECDH_str_functs[]= - { -{ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"}, -{ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"}, -{ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"}, -{0,NULL} - }; +static ERR_STRING_DATA ECDH_str_functs[] = { + {ERR_FUNC(ECDH_F_ECDH_CHECK), "ECDH_CHECK"}, + {ERR_FUNC(ECDH_F_ECDH_COMPUTE_KEY), "ECDH_compute_key"}, + {ERR_FUNC(ECDH_F_ECDH_DATA_NEW_METHOD), "ECDH_DATA_new_method"}, + {0, NULL} +}; -static ERR_STRING_DATA ECDH_str_reasons[]= - { -{ERR_REASON(ECDH_R_KDF_FAILED) ,"KDF failed"}, -{ERR_REASON(ECDH_R_NON_FIPS_METHOD) ,"non fips method"}, -{ERR_REASON(ECDH_R_NO_PRIVATE_VALUE) ,"no private value"}, -{ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE),"point arithmetic failure"}, -{0,NULL} - }; +static ERR_STRING_DATA ECDH_str_reasons[] = { + {ERR_REASON(ECDH_R_KDF_FAILED), "KDF failed"}, + {ERR_REASON(ECDH_R_NON_FIPS_METHOD), "non fips method"}, + {ERR_REASON(ECDH_R_NO_PRIVATE_VALUE), "no private value"}, + {ERR_REASON(ECDH_R_POINT_ARITHMETIC_FAILURE), "point arithmetic failure"}, + {0, NULL} +}; #endif void ERR_load_ECDH_strings(void) - { +{ #ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) - { - ERR_load_strings(0,ECDH_str_functs); - ERR_load_strings(0,ECDH_str_reasons); - } + if (ERR_func_error_string(ECDH_str_functs[0].error) == NULL) { + ERR_load_strings(0, ECDH_str_functs); + ERR_load_strings(0, ECDH_str_reasons); + } #endif - } +} diff --git a/openssl/crypto/ecdh/ech_key.c b/openssl/crypto/ecdh/ech_key.c index 2988899ea..4f1449896 100644 --- a/openssl/crypto/ecdh/ech_key.c +++ b/openssl/crypto/ecdh/ech_key.c @@ -21,7 +21,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -70,11 +70,12 @@ #include "ech_locl.h" int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - EC_KEY *eckey, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) + EC_KEY *eckey, + void *(*KDF) (const void *in, size_t inlen, void *out, + size_t *outlen)) { - ECDH_DATA *ecdh = ecdh_check(eckey); - if (ecdh == NULL) - return 0; - return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF); + ECDH_DATA *ecdh = ecdh_check(eckey); + if (ecdh == NULL) + return 0; + return ecdh->meth->compute_key(out, outlen, pub_key, eckey, KDF); } diff --git a/openssl/crypto/ecdh/ech_lib.c b/openssl/crypto/ecdh/ech_lib.c index 0644431b7..cbc21d1a2 100644 --- a/openssl/crypto/ecdh/ech_lib.c +++ b/openssl/crypto/ecdh/ech_lib.c @@ -21,7 +21,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -70,204 +70,196 @@ #include "ech_locl.h" #include <string.h> #ifndef OPENSSL_NO_ENGINE -#include <openssl/engine.h> +# include <openssl/engine.h> #endif #include <openssl/err.h> #ifdef OPENSSL_FIPS -#include <openssl/fips.h> +# include <openssl/fips.h> #endif -const char ECDH_version[]="ECDH" OPENSSL_VERSION_PTEXT; +const char ECDH_version[] = "ECDH" OPENSSL_VERSION_PTEXT; static const ECDH_METHOD *default_ECDH_method = NULL; static void *ecdh_data_new(void); static void *ecdh_data_dup(void *); -static void ecdh_data_free(void *); +static void ecdh_data_free(void *); void ECDH_set_default_method(const ECDH_METHOD *meth) - { - default_ECDH_method = meth; - } +{ + default_ECDH_method = meth; +} const ECDH_METHOD *ECDH_get_default_method(void) - { - if(!default_ECDH_method) - { +{ + if (!default_ECDH_method) { #ifdef OPENSSL_FIPS - if (FIPS_mode()) - return FIPS_ecdh_openssl(); - else - return ECDH_OpenSSL(); + if (FIPS_mode()) + return FIPS_ecdh_openssl(); + else + return ECDH_OpenSSL(); #else - default_ECDH_method = ECDH_OpenSSL(); + default_ECDH_method = ECDH_OpenSSL(); #endif - } - return default_ECDH_method; - } + } + return default_ECDH_method; +} int ECDH_set_method(EC_KEY *eckey, const ECDH_METHOD *meth) - { - ECDH_DATA *ecdh; +{ + ECDH_DATA *ecdh; - ecdh = ecdh_check(eckey); + ecdh = ecdh_check(eckey); - if (ecdh == NULL) - return 0; + if (ecdh == NULL) + return 0; #if 0 - mtmp = ecdh->meth; - if (mtmp->finish) - mtmp->finish(eckey); + mtmp = ecdh->meth; + if (mtmp->finish) + mtmp->finish(eckey); #endif #ifndef OPENSSL_NO_ENGINE - if (ecdh->engine) - { - ENGINE_finish(ecdh->engine); - ecdh->engine = NULL; - } + if (ecdh->engine) { + ENGINE_finish(ecdh->engine); + ecdh->engine = NULL; + } #endif - ecdh->meth = meth; + ecdh->meth = meth; #if 0 - if (meth->init) - meth->init(eckey); + if (meth->init) + meth->init(eckey); #endif - return 1; - } + return 1; +} static ECDH_DATA *ECDH_DATA_new_method(ENGINE *engine) - { - ECDH_DATA *ret; +{ + ECDH_DATA *ret; - ret=(ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA)); - if (ret == NULL) - { - ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE); - return(NULL); - } + ret = (ECDH_DATA *)OPENSSL_malloc(sizeof(ECDH_DATA)); + if (ret == NULL) { + ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_MALLOC_FAILURE); + return (NULL); + } - ret->init = NULL; + ret->init = NULL; - ret->meth = ECDH_get_default_method(); - ret->engine = engine; + ret->meth = ECDH_get_default_method(); + ret->engine = engine; #ifndef OPENSSL_NO_ENGINE - if (!ret->engine) - ret->engine = ENGINE_get_default_ECDH(); - if (ret->engine) - { - ret->meth = ENGINE_get_ECDH(ret->engine); - if (!ret->meth) - { - ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB); - ENGINE_finish(ret->engine); - OPENSSL_free(ret); - return NULL; - } - } + if (!ret->engine) + ret->engine = ENGINE_get_default_ECDH(); + if (ret->engine) { + ret->meth = ENGINE_get_ECDH(ret->engine); + if (!ret->meth) { + ECDHerr(ECDH_F_ECDH_DATA_NEW_METHOD, ERR_R_ENGINE_LIB); + ENGINE_finish(ret->engine); + OPENSSL_free(ret); + return NULL; + } + } #endif - ret->flags = ret->meth->flags; - CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); + ret->flags = ret->meth->flags; + CRYPTO_new_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); #if 0 - if ((ret->meth->init != NULL) && !ret->meth->init(ret)) - { - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); - OPENSSL_free(ret); - ret=NULL; - } -#endif - return(ret); - } + if ((ret->meth->init != NULL) && !ret->meth->init(ret)) { + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, ret, &ret->ex_data); + OPENSSL_free(ret); + ret = NULL; + } +#endif + return (ret); +} static void *ecdh_data_new(void) - { - return (void *)ECDH_DATA_new_method(NULL); - } +{ + return (void *)ECDH_DATA_new_method(NULL); +} static void *ecdh_data_dup(void *data) { - ECDH_DATA *r = (ECDH_DATA *)data; + ECDH_DATA *r = (ECDH_DATA *)data; - /* XXX: dummy operation */ - if (r == NULL) - return NULL; + /* XXX: dummy operation */ + if (r == NULL) + return NULL; - return (void *)ecdh_data_new(); + return (void *)ecdh_data_new(); } void ecdh_data_free(void *data) - { - ECDH_DATA *r = (ECDH_DATA *)data; +{ + ECDH_DATA *r = (ECDH_DATA *)data; #ifndef OPENSSL_NO_ENGINE - if (r->engine) - ENGINE_finish(r->engine); + if (r->engine) + ENGINE_finish(r->engine); #endif - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data); + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_ECDH, r, &r->ex_data); - OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA)); + OPENSSL_cleanse((void *)r, sizeof(ECDH_DATA)); - OPENSSL_free(r); - } + OPENSSL_free(r); +} ECDH_DATA *ecdh_check(EC_KEY *key) - { - ECDH_DATA *ecdh_data; - - void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup, - ecdh_data_free, ecdh_data_free); - if (data == NULL) - { - ecdh_data = (ECDH_DATA *)ecdh_data_new(); - if (ecdh_data == NULL) - return NULL; - data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data, - ecdh_data_dup, ecdh_data_free, ecdh_data_free); - if (data != NULL) - { - /* Another thread raced us to install the key_method - * data and won. */ - ecdh_data_free(ecdh_data); - ecdh_data = (ECDH_DATA *)data; - } - } - else - ecdh_data = (ECDH_DATA *)data; +{ + ECDH_DATA *ecdh_data; + + void *data = EC_KEY_get_key_method_data(key, ecdh_data_dup, + ecdh_data_free, ecdh_data_free); + if (data == NULL) { + ecdh_data = (ECDH_DATA *)ecdh_data_new(); + if (ecdh_data == NULL) + return NULL; + data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data, + ecdh_data_dup, ecdh_data_free, + ecdh_data_free); + if (data != NULL) { + /* + * Another thread raced us to install the key_method data and + * won. + */ + ecdh_data_free(ecdh_data); + ecdh_data = (ECDH_DATA *)data; + } + } else + ecdh_data = (ECDH_DATA *)data; #ifdef OPENSSL_FIPS - if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD) - && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) - { - ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD); - return NULL; - } + if (FIPS_mode() && !(ecdh_data->flags & ECDH_FLAG_FIPS_METHOD) + && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) { + ECDHerr(ECDH_F_ECDH_CHECK, ECDH_R_NON_FIPS_METHOD); + return NULL; + } #endif - - return ecdh_data; - } + return ecdh_data; +} int ECDH_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, - CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) - { - return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp, - new_func, dup_func, free_func); - } + CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) +{ + return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_ECDH, argl, argp, + new_func, dup_func, free_func); +} int ECDH_set_ex_data(EC_KEY *d, int idx, void *arg) - { - ECDH_DATA *ecdh; - ecdh = ecdh_check(d); - if (ecdh == NULL) - return 0; - return(CRYPTO_set_ex_data(&ecdh->ex_data,idx,arg)); - } +{ + ECDH_DATA *ecdh; + ecdh = ecdh_check(d); + if (ecdh == NULL) + return 0; + return (CRYPTO_set_ex_data(&ecdh->ex_data, idx, arg)); +} void *ECDH_get_ex_data(EC_KEY *d, int idx) - { - ECDH_DATA *ecdh; - ecdh = ecdh_check(d); - if (ecdh == NULL) - return NULL; - return(CRYPTO_get_ex_data(&ecdh->ex_data,idx)); - } +{ + ECDH_DATA *ecdh; + ecdh = ecdh_check(d); + if (ecdh == NULL) + return NULL; + return (CRYPTO_get_ex_data(&ecdh->ex_data, idx)); +} diff --git a/openssl/crypto/ecdh/ech_locl.h b/openssl/crypto/ecdh/ech_locl.h index f6cad6a89..4e66024c7 100644 --- a/openssl/crypto/ecdh/ech_locl.h +++ b/openssl/crypto/ecdh/ech_locl.h @@ -7,7 +7,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -54,43 +54,45 @@ */ #ifndef HEADER_ECH_LOCL_H -#define HEADER_ECH_LOCL_H +# define HEADER_ECH_LOCL_H -#include <openssl/ecdh.h> +# include <openssl/ecdh.h> #ifdef __cplusplus extern "C" { #endif -struct ecdh_method - { - const char *name; - int (*compute_key)(void *key, size_t outlen, const EC_POINT *pub_key, EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); -#if 0 - int (*init)(EC_KEY *eckey); - int (*finish)(EC_KEY *eckey); -#endif - int flags; - char *app_data; - }; +struct ecdh_method { + const char *name; + int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key, + EC_KEY *ecdh, void *(*KDF) (const void *in, + size_t inlen, void *out, + size_t *outlen)); +# if 0 + int (*init) (EC_KEY *eckey); + int (*finish) (EC_KEY *eckey); +# endif + int flags; + char *app_data; +}; -/* If this flag is set the ECDH method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its responsibility - * to ensure the result is compliant. +/* + * If this flag is set the ECDH method is FIPS compliant and can be used in + * FIPS mode. This is set in the validated module method. If an application + * sets this flag in its own methods it is its responsibility to ensure the + * result is compliant. */ -#define ECDH_FLAG_FIPS_METHOD 0x1 +# define ECDH_FLAG_FIPS_METHOD 0x1 typedef struct ecdh_data_st { - /* EC_KEY_METH_DATA part */ - int (*init)(EC_KEY *); - /* method specific part */ - ENGINE *engine; - int flags; - const ECDH_METHOD *meth; - CRYPTO_EX_DATA ex_data; + /* EC_KEY_METH_DATA part */ + int (*init) (EC_KEY *); + /* method specific part */ + ENGINE *engine; + int flags; + const ECDH_METHOD *meth; + CRYPTO_EX_DATA ex_data; } ECDH_DATA; ECDH_DATA *ecdh_check(EC_KEY *); @@ -99,4 +101,4 @@ ECDH_DATA *ecdh_check(EC_KEY *); } #endif -#endif /* HEADER_ECH_LOCL_H */ +#endif /* HEADER_ECH_LOCL_H */ diff --git a/openssl/crypto/ecdh/ech_ossl.c b/openssl/crypto/ecdh/ech_ossl.c index 4a30628fb..d448b19a5 100644 --- a/openssl/crypto/ecdh/ech_ossl.c +++ b/openssl/crypto/ecdh/ech_ossl.c @@ -21,7 +21,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -67,7 +67,6 @@ * */ - #include <string.h> #include <limits.h> @@ -80,136 +79,130 @@ #include <openssl/bn.h> static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key, - EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)); + EC_KEY *ecdh, + void *(*KDF) (const void *in, size_t inlen, + void *out, size_t *outlen)); static ECDH_METHOD openssl_ecdh_meth = { - "OpenSSL ECDH method", - ecdh_compute_key, + "OpenSSL ECDH method", + ecdh_compute_key, #if 0 - NULL, /* init */ - NULL, /* finish */ + NULL, /* init */ + NULL, /* finish */ #endif - 0, /* flags */ - NULL /* app_data */ + 0, /* flags */ + NULL /* app_data */ }; const ECDH_METHOD *ECDH_OpenSSL(void) - { - return &openssl_ecdh_meth; - } - +{ + return &openssl_ecdh_meth; +} -/* This implementation is based on the following primitives in the IEEE 1363 standard: +/*- + * This implementation is based on the following primitives in the IEEE 1363 standard: * - ECKAS-DH1 * - ECSVDP-DH * Finally an optional KDF is applied. */ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, - EC_KEY *ecdh, - void *(*KDF)(const void *in, size_t inlen, void *out, size_t *outlen)) - { - BN_CTX *ctx; - EC_POINT *tmp=NULL; - BIGNUM *x=NULL, *y=NULL; - const BIGNUM *priv_key; - const EC_GROUP* group; - int ret= -1; - size_t buflen, len; - unsigned char *buf=NULL; - - if (outlen > INT_MAX) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); /* sort of, anyway */ - return -1; - } - - if ((ctx = BN_CTX_new()) == NULL) goto err; - BN_CTX_start(ctx); - x = BN_CTX_get(ctx); - y = BN_CTX_get(ctx); - - priv_key = EC_KEY_get0_private_key(ecdh); - if (priv_key == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_NO_PRIVATE_VALUE); - goto err; - } - - group = EC_KEY_get0_group(ecdh); - if ((tmp=EC_POINT_new(group)) == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); - goto err; - } - - if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - - if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field) - { - if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - } + EC_KEY *ecdh, + void *(*KDF) (const void *in, size_t inlen, + void *out, size_t *outlen)) +{ + BN_CTX *ctx; + EC_POINT *tmp = NULL; + BIGNUM *x = NULL, *y = NULL; + const BIGNUM *priv_key; + const EC_GROUP *group; + int ret = -1; + size_t buflen, len; + unsigned char *buf = NULL; + + if (outlen > INT_MAX) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); /* sort of, + * anyway */ + return -1; + } + + if ((ctx = BN_CTX_new()) == NULL) + goto err; + BN_CTX_start(ctx); + x = BN_CTX_get(ctx); + y = BN_CTX_get(ctx); + + priv_key = EC_KEY_get0_private_key(ecdh); + if (priv_key == NULL) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE); + goto err; + } + + group = EC_KEY_get0_group(ecdh); + if ((tmp = EC_POINT_new(group)) == NULL) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); + goto err; + } + + if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE); + goto err; + } + + if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == + NID_X9_62_prime_field) { + if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE); + goto err; + } + } #ifndef OPENSSL_NO_EC2M - else - { - if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_POINT_ARITHMETIC_FAILURE); - goto err; - } - } + else { + if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE); + goto err; + } + } #endif - buflen = (EC_GROUP_get_degree(group) + 7)/8; - len = BN_num_bytes(x); - if (len > buflen) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_INTERNAL_ERROR); - goto err; - } - if ((buf = OPENSSL_malloc(buflen)) == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_MALLOC_FAILURE); - goto err; - } - - memset(buf, 0, buflen - len); - if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ERR_R_BN_LIB); - goto err; - } - - if (KDF != 0) - { - if (KDF(buf, buflen, out, &outlen) == NULL) - { - ECDHerr(ECDH_F_ECDH_COMPUTE_KEY,ECDH_R_KDF_FAILED); - goto err; - } - ret = outlen; - } - else - { - /* no KDF, just copy as much as we can */ - if (outlen > buflen) - outlen = buflen; - memcpy(out, buf, outlen); - ret = outlen; - } - -err: - if (tmp) EC_POINT_free(tmp); - if (ctx) BN_CTX_end(ctx); - if (ctx) BN_CTX_free(ctx); - if (buf) OPENSSL_free(buf); - return(ret); - } + buflen = (EC_GROUP_get_degree(group) + 7) / 8; + len = BN_num_bytes(x); + if (len > buflen) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR); + goto err; + } + if ((buf = OPENSSL_malloc(buflen)) == NULL) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); + goto err; + } + + memset(buf, 0, buflen - len); + if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB); + goto err; + } + + if (KDF != 0) { + if (KDF(buf, buflen, out, &outlen) == NULL) { + ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED); + goto err; + } + ret = outlen; + } else { + /* no KDF, just copy as much as we can */ + if (outlen > buflen) + outlen = buflen; + memcpy(out, buf, outlen); + ret = outlen; + } + + err: + if (tmp) + EC_POINT_free(tmp); + if (ctx) + BN_CTX_end(ctx); + if (ctx) + BN_CTX_free(ctx); + if (buf) + OPENSSL_free(buf); + return (ret); +} |