diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2018-06-13 18:01:05 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2018-06-13 18:01:05 +0000 |
| commit | edd9a69760b7ea4b352ff3dd20d6f6aeb07af901 (patch) | |
| tree | e96d1ab6b842d0c4b584c25d7071e3d8ace697ce /lib | |
| parent | c0f827ce87f0238591976bb9669ceb30f5ba7c07 (diff) | |
style(9), comments and whitespace.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/dsa/dsa_ossl.c | 62 |
1 files changed, 32 insertions, 30 deletions
diff --git a/lib/libcrypto/dsa/dsa_ossl.c b/lib/libcrypto/dsa/dsa_ossl.c index 505ef800dca..7c23bb4909e 100644 --- a/lib/libcrypto/dsa/dsa_ossl.c +++ b/lib/libcrypto/dsa/dsa_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_ossl.c,v 1.32 2018/06/13 15:05:04 jsing Exp $ */ +/* $OpenBSD: dsa_ossl.c,v 1.33 2018/06/13 18:01:04 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -70,9 +70,9 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp); + BIGNUM **rp); static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, - DSA *dsa); + DSA *dsa); static int dsa_init(DSA *dsa); static int dsa_finish(DSA *dsa); @@ -82,7 +82,7 @@ static DSA_METHOD openssl_dsa_meth = { .dsa_sign_setup = dsa_sign_setup, .dsa_do_verify = dsa_do_verify, .init = dsa_init, - .finish = dsa_finish + .finish = dsa_finish, }; const DSA_METHOD * @@ -116,7 +116,8 @@ dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) ctx = BN_CTX_new(); if (ctx == NULL) goto err; -redo: + + redo: if (dsa->kinv == NULL || dsa->r == NULL) { if (!DSA_sign_setup(dsa, ctx, &kinv, &r)) goto err; @@ -128,11 +129,9 @@ redo: noredo = 1; } - /* * If the digest length is greater than the size of q use the - * BN_num_bits(dsa->q) leftmost bits of the digest, see - * fips 186-3, 4.2 + * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-3, 4.2. */ if (dlen > BN_num_bytes(dsa->q)) dlen = BN_num_bytes(dsa->q); @@ -151,8 +150,8 @@ redo: if (ret == NULL) goto err; /* - * Redo if r or s is zero as required by FIPS 186-3: this is - * very unlikely. + * Redo if r or s is zero as required by FIPS 186-3: this is very + * unlikely. */ if (BN_is_zero(r) || BN_is_zero(s)) { if (noredo) { @@ -164,7 +163,7 @@ redo: ret->r = r; ret->s = s; -err: + err: if (!ret) { DSAerror(reason); BN_free(r); @@ -174,6 +173,7 @@ err: BN_clear_free(&m); BN_clear_free(&xr); BN_clear_free(kinv); + return ret; } @@ -245,14 +245,15 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) if (dsa->meth->bn_mod_exp != NULL) { if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, &k, dsa->p, ctx, - dsa->method_mont_p)) + dsa->method_mont_p)) goto err; } else { - if (!BN_mod_exp_mont_ct(r, dsa->g, &k, dsa->p, ctx, dsa->method_mont_p)) + if (!BN_mod_exp_mont_ct(r, dsa->g, &k, dsa->p, ctx, + dsa->method_mont_p)) goto err; } - if (!BN_mod_ct(r,r,dsa->q,ctx)) + if (!BN_mod_ct(r, r, dsa->q, ctx)) goto err; /* Compute part of 's = inv(k) (m + xr) mod q' */ @@ -264,8 +265,10 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp) kinv = NULL; BN_clear_free(*rp); *rp = r; + ret = 1; -err: + + err: if (!ret) { DSAerror(ERR_R_BN_LIB); BN_clear_free(r); @@ -275,6 +278,7 @@ err: BN_clear_free(&k); BN_clear_free(&l); BN_clear_free(&m); + return ret; } @@ -292,7 +296,7 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) } i = BN_num_bits(dsa->q); - /* fips 186-3 allows only different sizes for q */ + /* FIPS 186-3 allows only three different sizes for q. */ if (i != 160 && i != 224 && i != 256) { DSAerror(DSA_R_BAD_Q_VALUE); return -1; @@ -320,23 +324,22 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) goto err; } - /* Calculate W = inv(S) mod Q - * save W in u2 */ + /* Calculate w = inv(s) mod q, saving w in u2. */ if ((BN_mod_inverse_ct(&u2, sig->s, dsa->q, ctx)) == NULL) goto err; - /* save M in u1 */ /* * If the digest length is greater than the size of q use the - * BN_num_bits(dsa->q) leftmost bits of the digest, see - * fips 186-3, 4.2 + * BN_num_bits(dsa->q) leftmost bits of the digest, see FIPS 186-3, 4.2. */ if (dgst_len > (i >> 3)) dgst_len = (i >> 3); + + /* Save m in u1. */ if (BN_bin2bn(dgst, dgst_len, &u1) == NULL) goto err; - /* u1 = M * w mod q */ + /* u1 = m * w mod q */ if (!BN_mod_mul(&u1, &u1, &u2, dsa->q, ctx)) goto err; @@ -344,7 +347,6 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) if (!BN_mod_mul(&u2, sig->r, &u2, dsa->q, ctx)) goto err; - if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { mont = BN_MONT_CTX_set_locked(&dsa->method_mont_p, CRYPTO_LOCK_DSA, dsa->p, ctx); @@ -353,12 +355,12 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) } if (dsa->meth->dsa_mod_exp != NULL) { - if (!dsa->meth->dsa_mod_exp(dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, - dsa->p, ctx, mont)) + if (!dsa->meth->dsa_mod_exp(dsa, &t1, dsa->g, &u1, dsa->pub_key, + &u2, dsa->p, ctx, mont)) goto err; } else { - if (!BN_mod_exp2_mont(&t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, - mont)) + if (!BN_mod_exp2_mont(&t1, dsa->g, &u1, dsa->pub_key, &u2, + dsa->p, ctx, mont)) goto err; } @@ -367,17 +369,17 @@ dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig, DSA *dsa) if (!BN_mod_ct(&u1, &t1, dsa->q, ctx)) goto err; - /* V is now in u1. If the signature is correct, it will be - * equal to R. */ + /* v is in u1 - if the signature is correct, it will be equal to r. */ ret = BN_ucmp(&u1, sig->r) == 0; -err: + err: if (ret < 0) DSAerror(ERR_R_BN_LIB); BN_CTX_free(ctx); BN_free(&u1); BN_free(&u2); BN_free(&t1); + return ret; } |