diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2023-07-04 10:53:43 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2023-07-04 10:53:43 +0000 |
| commit | 01db6d5b34dd25852d2e93e533085a359cc40eba (patch) | |
| tree | 5adb83af37f14a1b09c4d7e82190c0e0a14a28cc /lib | |
| parent | ffea90a11c273eab4d9ee5d9146c513d0c3e25ba (diff) | |
Extract private key and group order in s computation
This pushes a few variables no longer needed in ossl_ecdsa_sign_sig() into
ecdsa_compute_s() separating API logic and pure computation a bit more.
ok beck
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libcrypto/ecdsa/ecs_ossl.c | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/lib/libcrypto/ecdsa/ecs_ossl.c b/lib/libcrypto/ecdsa/ecs_ossl.c index dcc823bbaa0..4bc77a49204 100644 --- a/lib/libcrypto/ecdsa/ecs_ossl.c +++ b/lib/libcrypto/ecdsa/ecs_ossl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecs_ossl.c,v 1.67 2023/07/04 10:31:57 tb Exp $ */ +/* $OpenBSD: ecs_ossl.c,v 1.68 2023/07/04 10:53:42 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project */ @@ -269,8 +269,10 @@ ossl_ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, static int ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, - const BIGNUM *r, const BIGNUM *priv_key, const BIGNUM *order, BN_CTX *ctx) + const BIGNUM *r, const EC_KEY *key, BN_CTX *ctx) { + const EC_GROUP *group; + const BIGNUM *order, *priv_key; BIGNUM *b, *binv, *be, *bxr; BIGNUM *s = NULL; int ret = 0; @@ -279,6 +281,19 @@ ecdsa_compute_s(BIGNUM **out_s, const BIGNUM *e, const BIGNUM *kinv, BN_CTX_start(ctx); + if ((group = EC_KEY_get0_group(key)) == NULL) { + ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); + goto err; + } + if ((order = EC_GROUP_get0_order(group)) == NULL) { + ECDSAerror(ERR_R_EC_LIB); + goto err; + } + if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { + ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); + goto err; + } + if ((b = BN_CTX_get(ctx)) == NULL) goto err; if ((binv = BN_CTX_get(ctx)) == NULL) @@ -353,24 +368,13 @@ ECDSA_SIG * ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, const BIGNUM *in_kinv, const BIGNUM *in_r, EC_KEY *key) { - const EC_GROUP *group; BN_CTX *ctx = NULL; BIGNUM *kinv = NULL, *r = NULL, *s = NULL; BIGNUM *e; - const BIGNUM *order, *priv_key; int caller_supplied_values = 0; int attempts = 0; ECDSA_SIG *sig = NULL; - if ((group = EC_KEY_get0_group(key)) == NULL) { - ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if ((priv_key = EC_KEY_get0_private_key(key)) == NULL) { - ECDSAerror(ERR_R_PASSED_NULL_PARAMETER); - goto err; - } - if ((ctx = BN_CTX_new()) == NULL) { ECDSAerror(ERR_R_MALLOC_FAILURE); goto err; @@ -381,11 +385,6 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, if ((e = BN_CTX_get(ctx)) == NULL) goto err; - if ((order = EC_GROUP_get0_order(group)) == NULL) { - ECDSAerror(ERR_R_EC_LIB); - goto err; - } - if (!ecdsa_prepare_digest(digest, digest_len, key, e)) goto err; @@ -416,7 +415,7 @@ ossl_ecdsa_sign_sig(const unsigned char *digest, int digest_len, } /* If s is non-NULL, we have a valid signature. */ - if (!ecdsa_compute_s(&s, e, kinv, r, priv_key, order, ctx)) + if (!ecdsa_compute_s(&s, e, kinv, r, key, ctx)) goto err; if (s != NULL) break; |