if (check_named) {
BIO_printf(bio_err, "validating named elliptic curve parameters: ");
- if (EC_GROUP_check_named_curve(group, 0) <= 0) {
+ if (EC_GROUP_check_named_curve(group, 0, NULL) <= 0) {
BIO_printf(bio_err, "failed\n");
ERR_print_errors(bio_err);
goto end;
return bn_expand2((a),(bits+BN_BITS2-1)/BN_BITS2);
}
-OPENSSL_CTX *bn_get_lib_ctx(BN_CTX *ctx);
-
#endif
LIBS=../../libcrypto
SOURCE[../../libcrypto]=buffer.c buf_err.c
+SOURCE[../../providers/fips]=buffer.c
$UTIL_COMMON=\
cryptlib.c params.c bsearch.c ex_data.c o_str.c \
ctype.c threads_pthread.c threads_win.c threads_none.c initthread.c \
- context.c sparse_array.c param_build.c $CPUIDASM
+ context.c sparse_array.c asn1_dsa.c packet.c param_build.c $CPUIDASM
$UTIL_DEFINE=$CPUIDDEF
SOURCE[../libcrypto]=$UTIL_COMMON \
mem.c mem_sec.c mem_dbg.c \
cversion.c info.c cpt_err.c ebcdic.c uid.c o_time.c o_dir.c \
o_fopen.c getenv.c o_init.c o_fips.c init.c trace.c provider.c \
- asn1_dsa.c packet.c $UPLINKSRC
+ $UPLINKSRC
DEFINE[../libcrypto]=$UTIL_DEFINE $UPLINKDEF
SOURCE[../providers/fips]=$UTIL_COMMON
DEFINE[../providers/fips]=$UTIL_DEFINE
ENDIF
LIBS=../../libcrypto
-SOURCE[../../libcrypto]=\
- ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \
- ec_err.c ec_curve.c ec_check.c ec_print.c ec_asn1.c ec_key.c \
- ec2_smpl.c ec_ameth.c ec_pmeth.c eck_prn.c \
+
+$COMMON=ec_lib.c ecp_smpl.c ecp_mont.c ecp_nist.c ec_cvt.c ec_mult.c \
+ ec_curve.c ec_check.c ec_print.c ec_key.c ec_asn1.c \
+ ec2_smpl.c \
ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistputil.c \
- ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c ecdh_kdf.c \
- ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c ecx_meth.c \
+ ecp_oct.c ec2_oct.c ec_oct.c ec_kmeth.c ecdh_ossl.c \
+ ecdsa_ossl.c ecdsa_sign.c ecdsa_vrf.c curve25519.c \
curve448/arch_32/f_impl.c curve448/f_generic.c curve448/scalar.c \
curve448/curve448_tables.c curve448/eddsa.c curve448/curve448.c \
$ECASM
+SOURCE[../../libcrypto]=$COMMON ec_ameth.c ec_pmeth.c ecx_meth.c ec_err.c \
+ ecdh_kdf.c eck_prn.c
DEFINE[../../libcrypto]=$ECDEF
+SOURCE[../../providers/fips]=$COMMON
+DEFINE[../../providers/fips]=$ECDEF
GENERATE[ecp_nistz256-x86.s]=asm/ecp_nistz256-x86.pl \
$(PERLASM_SCHEME) $(LIB_CFLAGS) $(LIB_CPPFLAGS) $(PROCESSOR)
void X448_public_from_private(uint8_t out_public_value[56],
const uint8_t private_key[56]);
-int ED448_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
- const uint8_t public_key[57], const uint8_t private_key[57],
- const uint8_t *context, size_t context_len);
+int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message,
+ size_t message_len, const uint8_t public_key[57],
+ const uint8_t private_key[57], const uint8_t *context,
+ size_t context_len);
-int ED448_verify(const uint8_t *message, size_t message_len,
+int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len,
const uint8_t signature[114], const uint8_t public_key[57],
const uint8_t *context, size_t context_len);
-int ED448ph_sign(uint8_t *out_sig, const uint8_t hash[64],
+int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64],
const uint8_t public_key[57], const uint8_t private_key[57],
const uint8_t *context, size_t context_len);
-int ED448ph_verify(const uint8_t hash[64], const uint8_t signature[114],
- const uint8_t public_key[57], const uint8_t *context,
- size_t context_len);
+int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64],
+ const uint8_t signature[114], const uint8_t public_key[57],
+ const uint8_t *context, size_t context_len);
-int ED448_public_from_private(uint8_t out_public_key[57],
+int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57],
const uint8_t private_key[57]);
#endif /* HEADER_CURVE448_LCL_H */
* privkey (in): The private key.
*/
c448_error_t c448_ed448_derive_public_key(
+ OPENSSL_CTX *ctx,
uint8_t pubkey [EDDSA_448_PUBLIC_BYTES],
const uint8_t privkey [EDDSA_448_PRIVATE_BYTES]);
* disambiguation. For Ed448 it is safe.
*/
c448_error_t c448_ed448_sign(
+ OPENSSL_CTX *ctx,
uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t privkey[EDDSA_448_PRIVATE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
* disambiguation. For Ed448 it is safe.
*/
c448_error_t c448_ed448_sign_prehash(
+ OPENSSL_CTX *ctx,
uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t privkey[EDDSA_448_PRIVATE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
* non-prehashed messages, at least without some very careful protocol-level
* disambiguation. For Ed448 it is safe.
*/
-c448_error_t c448_ed448_verify(const uint8_t
- signature[EDDSA_448_SIGNATURE_BYTES],
- const uint8_t
- pubkey[EDDSA_448_PUBLIC_BYTES],
- const uint8_t *message, size_t message_len,
- uint8_t prehashed, const uint8_t *context,
- uint8_t context_len);
+c448_error_t c448_ed448_verify(OPENSSL_CTX *ctx,
+ const uint8_t
+ signature[EDDSA_448_SIGNATURE_BYTES],
+ const uint8_t
+ pubkey[EDDSA_448_PUBLIC_BYTES],
+ const uint8_t *message, size_t message_len,
+ uint8_t prehashed, const uint8_t *context,
+ uint8_t context_len);
/*
* EdDSA signature verification.
* disambiguation. For Ed448 it is safe.
*/
c448_error_t c448_ed448_verify_prehash(
+ OPENSSL_CTX *ctx,
const uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64],
* ed (in): The EdDSA private key
*/
c448_error_t c448_ed448_convert_private_key_to_x448(
+ OPENSSL_CTX *ctx,
uint8_t x[X448_PRIVATE_BYTES],
const uint8_t ed[EDDSA_448_PRIVATE_BYTES]);
#define COFACTOR 4
-static c448_error_t oneshot_hash(uint8_t *out, size_t outlen,
+static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen,
const uint8_t *in, size_t inlen)
{
EVP_MD_CTX *hashctx = EVP_MD_CTX_new();
+ EVP_MD *shake256 = NULL;
+ c448_error_t ret = C448_FAILURE;
if (hashctx == NULL)
return C448_FAILURE;
- if (!EVP_DigestInit_ex(hashctx, EVP_shake256(), NULL)
+ shake256 = EVP_MD_fetch(ctx, "SHAKE256", NULL);
+ if (shake256 == NULL)
+ goto err;
+
+ if (!EVP_DigestInit_ex(hashctx, shake256, NULL)
|| !EVP_DigestUpdate(hashctx, in, inlen)
- || !EVP_DigestFinalXOF(hashctx, out, outlen)) {
- EVP_MD_CTX_free(hashctx);
- return C448_FAILURE;
- }
+ || !EVP_DigestFinalXOF(hashctx, out, outlen))
+ goto err;
+ ret = C448_SUCCESS;
+ err:
EVP_MD_CTX_free(hashctx);
- return C448_SUCCESS;
+ EVP_MD_meth_free(shake256);
+ return ret;
}
static void clamp(uint8_t secret_scalar_ser[EDDSA_448_PRIVATE_BYTES])
secret_scalar_ser[EDDSA_448_PRIVATE_BYTES - 2] |= 0x80;
}
-static c448_error_t hash_init_with_dom(EVP_MD_CTX *hashctx, uint8_t prehashed,
+static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx,
+ uint8_t prehashed,
uint8_t for_prehash,
const uint8_t *context,
size_t context_len)
{
const char *dom_s = "SigEd448";
uint8_t dom[2];
+ EVP_MD *shake256 = NULL;
if (context_len > UINT8_MAX)
return C448_FAILURE;
- (for_prehash == 0 ? 1 : 0));
dom[1] = (uint8_t)context_len;
- if (!EVP_DigestInit_ex(hashctx, EVP_shake256(), NULL)
+ shake256 = EVP_MD_fetch(ctx, "SHAKE256", NULL);
+ if (shake256 == NULL)
+ return C448_FAILURE;
+
+ if (!EVP_DigestInit_ex(hashctx, shake256, NULL)
|| !EVP_DigestUpdate(hashctx, dom_s, strlen(dom_s))
|| !EVP_DigestUpdate(hashctx, dom, sizeof(dom))
- || !EVP_DigestUpdate(hashctx, context, context_len))
+ || !EVP_DigestUpdate(hashctx, context, context_len)) {
+ EVP_MD_meth_free(shake256);
return C448_FAILURE;
+ }
+ EVP_MD_meth_free(shake256);
return C448_SUCCESS;
}
/* In this file because it uses the hash */
c448_error_t c448_ed448_convert_private_key_to_x448(
+ OPENSSL_CTX *ctx,
uint8_t x[X448_PRIVATE_BYTES],
const uint8_t ed [EDDSA_448_PRIVATE_BYTES])
{
/* pass the private key through oneshot_hash function */
/* and keep the first X448_PRIVATE_BYTES bytes */
- return oneshot_hash(x, X448_PRIVATE_BYTES, ed,
+ return oneshot_hash(ctx, x, X448_PRIVATE_BYTES, ed,
EDDSA_448_PRIVATE_BYTES);
}
c448_error_t c448_ed448_derive_public_key(
+ OPENSSL_CTX *ctx,
uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t privkey[EDDSA_448_PRIVATE_BYTES])
{
unsigned int c;
curve448_point_t p;
- if (!oneshot_hash(secret_scalar_ser, sizeof(secret_scalar_ser), privkey,
+ if (!oneshot_hash(ctx, secret_scalar_ser, sizeof(secret_scalar_ser),
+ privkey,
EDDSA_448_PRIVATE_BYTES))
return C448_FAILURE;
}
c448_error_t c448_ed448_sign(
+ OPENSSL_CTX *ctx,
uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t privkey[EDDSA_448_PRIVATE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
*/
uint8_t expanded[EDDSA_448_PRIVATE_BYTES * 2];
- if (!oneshot_hash(expanded, sizeof(expanded), privkey,
+ if (!oneshot_hash(ctx, expanded, sizeof(expanded), privkey,
EDDSA_448_PRIVATE_BYTES))
goto err;
clamp(expanded);
EDDSA_448_PRIVATE_BYTES);
/* Hash to create the nonce */
- if (!hash_init_with_dom(hashctx, prehashed, 0, context, context_len)
+ if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context,
+ context_len)
|| !EVP_DigestUpdate(hashctx,
expanded + EDDSA_448_PRIVATE_BYTES,
EDDSA_448_PRIVATE_BYTES)
uint8_t challenge[2 * EDDSA_448_PRIVATE_BYTES];
/* Compute the challenge */
- if (!hash_init_with_dom(hashctx, prehashed, 0, context, context_len)
+ if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context, context_len)
|| !EVP_DigestUpdate(hashctx, nonce_point, sizeof(nonce_point))
|| !EVP_DigestUpdate(hashctx, pubkey, EDDSA_448_PUBLIC_BYTES)
|| !EVP_DigestUpdate(hashctx, message, message_len)
}
c448_error_t c448_ed448_sign_prehash(
+ OPENSSL_CTX *ctx,
uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t privkey[EDDSA_448_PRIVATE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64], const uint8_t *context,
size_t context_len)
{
- return c448_ed448_sign(signature, privkey, pubkey, hash, 64, 1, context,
- context_len);
+ return c448_ed448_sign(ctx, signature, privkey, pubkey, hash, 64, 1,
+ context, context_len);
}
c448_error_t c448_ed448_verify(
+ OPENSSL_CTX *ctx,
const uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t *message, size_t message_len,
uint8_t challenge[2 * EDDSA_448_PRIVATE_BYTES];
if (hashctx == NULL
- || !hash_init_with_dom(hashctx, prehashed, 0, context,
+ || !hash_init_with_dom(ctx, hashctx, prehashed, 0, context,
context_len)
|| !EVP_DigestUpdate(hashctx, signature, EDDSA_448_PUBLIC_BYTES)
|| !EVP_DigestUpdate(hashctx, pubkey, EDDSA_448_PUBLIC_BYTES)
}
c448_error_t c448_ed448_verify_prehash(
+ OPENSSL_CTX *ctx,
const uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64], const uint8_t *context,
uint8_t context_len)
{
- return c448_ed448_verify(signature, pubkey, hash, 64, 1, context,
+ return c448_ed448_verify(ctx, signature, pubkey, hash, 64, 1, context,
context_len);
}
-int ED448_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len,
- const uint8_t public_key[57], const uint8_t private_key[57],
- const uint8_t *context, size_t context_len)
+int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message,
+ size_t message_len, const uint8_t public_key[57],
+ const uint8_t private_key[57], const uint8_t *context,
+ size_t context_len)
{
- return c448_ed448_sign(out_sig, private_key, public_key, message,
+ return c448_ed448_sign(ctx, out_sig, private_key, public_key, message,
message_len, 0, context, context_len)
== C448_SUCCESS;
}
-int ED448_verify(const uint8_t *message, size_t message_len,
+int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len,
const uint8_t signature[114], const uint8_t public_key[57],
const uint8_t *context, size_t context_len)
{
- return c448_ed448_verify(signature, public_key, message, message_len, 0,
- context, (uint8_t)context_len) == C448_SUCCESS;
+ return c448_ed448_verify(ctx, signature, public_key, message, message_len,
+ 0, context, (uint8_t)context_len) == C448_SUCCESS;
}
-int ED448ph_sign(uint8_t *out_sig, const uint8_t hash[64],
+int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64],
const uint8_t public_key[57], const uint8_t private_key[57],
const uint8_t *context, size_t context_len)
{
- return c448_ed448_sign_prehash(out_sig, private_key, public_key, hash,
+ return c448_ed448_sign_prehash(ctx, out_sig, private_key, public_key, hash,
context, context_len) == C448_SUCCESS;
}
-int ED448ph_verify(const uint8_t hash[64], const uint8_t signature[114],
- const uint8_t public_key[57], const uint8_t *context,
- size_t context_len)
+int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64],
+ const uint8_t signature[114], const uint8_t public_key[57],
+ const uint8_t *context, size_t context_len)
{
- return c448_ed448_verify_prehash(signature, public_key, hash, context,
+ return c448_ed448_verify_prehash(ctx, signature, public_key, hash, context,
(uint8_t)context_len) == C448_SUCCESS;
}
-int ED448_public_from_private(uint8_t out_public_key[57],
+int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57],
const uint8_t private_key[57])
{
- return c448_ed448_derive_public_key(out_public_key, private_key)
+ return c448_ed448_derive_public_key(ctx, out_public_key, private_key)
== C448_SUCCESS;
}
const BIGNUM *x_, int y_bit,
BN_CTX *ctx)
{
- BN_CTX *new_ctx = NULL;
BIGNUM *tmp, *x, *y, *z;
int ret = 0, z0;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
/* clear error queue */
ERR_clear_error();
if (ctx == NULL)
return 0;
}
+#endif
y_bit = (y_bit != 0) ? 1 : 0;
if (!BN_GF2m_add(tmp, x, tmp))
goto err;
if (!BN_GF2m_mod_solve_quad_arr(z, tmp, group->poly, ctx)) {
+#ifndef FIPS_MODE
unsigned long err = ERR_peek_last_error();
if (ERR_GET_LIB(err) == ERR_LIB_BN
ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
EC_R_INVALID_COMPRESSED_POINT);
} else
+#endif
+ {
ECerr(EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES,
ERR_R_BN_LIB);
+ }
goto err;
}
z0 = (BN_is_odd(z)) ? 1 : 0;
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
unsigned char *buf, size_t len, BN_CTX *ctx)
{
size_t ret;
- BN_CTX *new_ctx = NULL;
int used_ctx = 0;
BIGNUM *x, *y, *yxi;
size_t field_len, i, skip;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
if ((form != POINT_CONVERSION_COMPRESSED)
&& (form != POINT_CONVERSION_UNCOMPRESSED)
goto err;
}
+#ifndef FIPS_MODE
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL)
return 0;
}
+#endif
BN_CTX_start(ctx);
used_ctx = 1;
if (used_ctx)
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
err:
if (used_ctx)
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return 0;
}
{
point_conversion_form_t form;
int y_bit, m;
- BN_CTX *new_ctx = NULL;
BIGNUM *x, *y, *yxi;
size_t field_len, enc_len;
int ret = 0;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
if (len == 0) {
ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_BUFFER_TOO_SMALL);
return 0;
}
+#ifndef FIPS_MODE
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL)
return 0;
}
+#endif
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
#endif
{
int ret = 0;
BIGNUM *b;
+#ifndef FIPS_MODE
BN_CTX *new_ctx = NULL;
if (ctx == NULL) {
goto err;
}
}
+#endif
BN_CTX_start(ctx);
b = BN_CTX_get(ctx);
if (b == NULL)
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
int ec_GF2m_simple_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a,
const EC_POINT *b, BN_CTX *ctx)
{
- BN_CTX *new_ctx = NULL;
BIGNUM *x0, *y0, *x1, *y1, *x2, *y2, *s, *t;
int ret = 0;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
if (EC_POINT_is_at_infinity(group, a)) {
if (!EC_POINT_copy(r, b))
return 1;
}
+#ifndef FIPS_MODE
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL)
return 0;
}
+#endif
BN_CTX_start(ctx);
x0 = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
BN_CTX *ctx)
{
int ret = -1;
- BN_CTX *new_ctx = NULL;
BIGNUM *lh, *y2;
int (*field_mul) (const EC_GROUP *, BIGNUM *, const BIGNUM *,
const BIGNUM *, BN_CTX *);
int (*field_sqr) (const EC_GROUP *, BIGNUM *, const BIGNUM *, BN_CTX *);
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
if (EC_POINT_is_at_infinity(group, point))
return 1;
if (!point->Z_is_one)
return -1;
+#ifndef FIPS_MODE
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL)
return -1;
}
+#endif
BN_CTX_start(ctx);
y2 = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
const EC_POINT *b, BN_CTX *ctx)
{
BIGNUM *aX, *aY, *bX, *bY;
- BN_CTX *new_ctx = NULL;
int ret = -1;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
if (EC_POINT_is_at_infinity(group, a)) {
return EC_POINT_is_at_infinity(group, b) ? 0 : 1;
return ((BN_cmp(a->X, b->X) == 0) && BN_cmp(a->Y, b->Y) == 0) ? 0 : 1;
}
+#ifndef FIPS_MODE
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL)
return -1;
}
+#endif
BN_CTX_start(ctx);
aX = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
int ec_GF2m_simple_make_affine(const EC_GROUP *group, EC_POINT *point,
BN_CTX *ctx)
{
- BN_CTX *new_ctx = NULL;
BIGNUM *x, *y;
int ret = 0;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
if (point->Z_is_one || EC_POINT_is_at_infinity(group, point))
return 1;
+#ifndef FIPS_MODE
if (ctx == NULL) {
ctx = new_ctx = BN_CTX_new();
if (ctx == NULL)
return 0;
}
+#endif
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
/* s blinding: make sure lambda (s->Z here) is not zero */
do {
- if (!BN_priv_rand(s->Z, BN_num_bits(group->field) - 1,
- BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)) {
+ if (!BN_priv_rand_ex(s->Z, BN_num_bits(group->field) - 1,
+ BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx)) {
ECerr(EC_F_EC_GF2M_SIMPLE_LADDER_PRE, ERR_R_BN_LIB);
return 0;
}
/* r blinding: make sure lambda (r->Y here for storage) is not zero */
do {
- if (!BN_priv_rand(r->Y, BN_num_bits(group->field) - 1,
- BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY)) {
+ if (!BN_priv_rand_ex(r->Y, BN_num_bits(group->field) - 1,
+ BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx)) {
ECerr(EC_F_EC_GF2M_SIMPLE_LADDER_PRE, ERR_R_BN_LIB);
return 0;
}
#include "internal/nelem.h"
#include "internal/asn1_dsa.h"
+#ifndef FIPS_MODE
+
int EC_GROUP_get_basis_type(const EC_GROUP *group)
{
int i;
DECLARE_ASN1_FUNCTIONS(ECDSA_SIG)
DECLARE_ASN1_ENCODE_FUNCTIONS_name(ECDSA_SIG, ECDSA_SIG)
+#endif /* FIPS_MODE */
+
ECDSA_SIG *ECDSA_SIG_new(void)
{
ECDSA_SIG *sig = OPENSSL_zalloc(sizeof(*sig));
return 1;
}
+#ifndef FIPS_MODE
int ECDSA_size(const EC_KEY *r)
{
int ret, i;
ret = ASN1_object_size(1, i, V_ASN1_SEQUENCE);
return ret;
}
+#endif
#include "ec_lcl.h"
#include <openssl/err.h>
-int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only)
+int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only,
+ BN_CTX *ctx)
{
- int nid;
+ int nid = NID_undef;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+
+ if (ctx == NULL) {
+ ctx = new_ctx = BN_CTX_new();
+ if (ctx == NULL) {
+ ECerr(EC_F_EC_GROUP_CHECK_NAMED_CURVE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+#endif
- nid = ec_curve_nid_from_params(group);
+ nid = ec_curve_nid_from_params(group, ctx);
if (nid > 0 && nist_only && EC_curve_nid2nist(nid) == NULL)
nid = NID_undef;
+
+#ifndef FIPS_MODE
+ err:
+ BN_CTX_free(ctx);
+#endif
return nid;
}
* ECC domain parameter validation.
* See SP800-56A R3 5.5.2 "Assurances of Domain-Parameter Validity" Part 1b.
*/
- return EC_GROUP_check_named_curve(group, 1) >= 0 ? 1 : 0;
+ return EC_GROUP_check_named_curve(group, 1, ctx) >= 0 ? 1 : 0;
#else
int ret = 0;
const BIGNUM *order;
}
};
+# ifndef FIPS_MODE
/* the x9.62 prime curves (minus the nist prime curves) */
static const struct {
EC_CURVE_DATA h;
0x43, 0x21, 0x46, 0x52, 0x65, 0x51
}
};
+#endif /* FIPS_MODE */
static const struct {
EC_CURVE_DATA h;
}
};
+#ifndef FIPS_MODE
/* the secg prime curves (minus the nist and x9.62 prime curves) */
static const struct {
EC_CURVE_DATA h;
0x5C, 0x5C, 0x2A, 0x3D
}
};
+#endif /* FIPS_MODE */
#ifndef OPENSSL_NO_EC2M
/* characteristic two curves */
+
+# ifndef FIPS_MODE
static const struct {
EC_CURVE_DATA h;
unsigned char data[20 + 15 * 6];
0x33, 0x04, 0x9B, 0xA9, 0x8F
}
};
+# endif /* FIPS_MODE */
static const struct {
EC_CURVE_DATA h;
}
};
+# ifndef FIPS_MODE
static const struct {
EC_CURVE_DATA h;
unsigned char data[0 + 21 * 6];
0xAA, 0xB6, 0x89, 0xC2, 0x9C, 0xA7, 0x10, 0x27, 0x9B
}
};
+# endif /* FIPS_MODE */
static const struct {
EC_CURVE_DATA h;
}
};
+# ifndef FIPS_MODE
static const struct {
EC_CURVE_DATA h;
unsigned char data[20 + 25 * 6];
0xD5
}
};
+# endif /* FIPS_MODE */
static const struct {
EC_CURVE_DATA h;
}
};
+#ifndef FIPS_MODE
static const struct {
EC_CURVE_DATA h;
unsigned char data[0 + 30 * 6];
0x1D, 0xA8, 0x00, 0xE4, 0x78, 0xA5
}
};
+# endif /* FIPS_MODE */
static const struct {
EC_CURVE_DATA h;
}
};
+# ifndef FIPS_MODE
static const struct {
EC_CURVE_DATA h;
unsigned char data[20 + 21 * 6];
0xED, 0xF9, 0x7C, 0x44, 0xDB, 0x9F, 0x24, 0x20, 0xBA, 0xFC, 0xA7, 0x5E
}
};
-
-#endif
+# endif /* FIPS_MODE */
+#endif /* OPENSSL_NO_EC2M */
/*
* These curves were added by Annie Yousar.
* generation mechanism is different from those defined in ANSI X9.62.
*/
+#ifndef FIPS_MODE
static const struct {
EC_CURVE_DATA h;
unsigned char data[0 + 20 * 6];
0x9C, 0xA9, 0x00, 0x69
}
};
+#endif /* FIPS_MODE */
-#ifndef OPENSSL_NO_SM2
+#if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
static const struct {
EC_CURVE_DATA h;
unsigned char data[0 + 32 * 6];
#define curve_list_length OSSL_NELEM(curve_list)
-static EC_GROUP *ec_group_new_from_data(const ec_list_element curve)
+static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx,
+ const ec_list_element curve)
{
EC_GROUP *group = NULL;
EC_POINT *P = NULL;
/* If no curve data curve method must handle everything */
if (curve.data == NULL)
- return EC_GROUP_new(curve.meth != NULL ? curve.meth() : NULL);
+ return EC_GROUP_new_ex(libctx,
+ curve.meth != NULL ? curve.meth() : NULL);
- if ((ctx = BN_CTX_new()) == NULL) {
+ if ((ctx = BN_CTX_new_ex(libctx)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
goto err;
}
if (curve.meth != 0) {
meth = curve.meth();
- if (((group = EC_GROUP_new(meth)) == NULL) ||
+ if (((group = EC_GROUP_new_ex(libctx, meth)) == NULL) ||
(!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
return group;
}
-EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
+EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, int nid)
{
size_t i;
EC_GROUP *ret = NULL;
#endif /* FIPS_MODE */
for (i = 0; i < curve_list_length; i++)
if (curve_list[i].nid == nid) {
- ret = ec_group_new_from_data(curve_list[i]);
+ ret = ec_group_new_from_data(libctx, curve_list[i]);
break;
}
if (ret == NULL) {
- ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME, EC_R_UNKNOWN_GROUP);
+ ECerr(EC_F_EC_GROUP_NEW_BY_CURVE_NAME_EX, EC_R_UNKNOWN_GROUP);
return NULL;
}
return ret;
}
+#ifndef FIPS_MODE
+EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
+{
+ return EC_GROUP_new_by_curve_name_ex(NULL, nid);
+}
+#endif
+
size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems)
{
size_t i, min;
* Returns: The nid associated with the found named curve, or NID_undef
* if not found. If there was an error it returns -1.
*/
-int ec_curve_nid_from_params(const EC_GROUP *group)
+int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
{
int ret = -1, nid, len, field_type, param_len;
size_t i, seed_len;
const BIGNUM *cofactor = NULL;
/* An array of BIGNUMs for (p, a, b, x, y, order) */
BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
- BN_CTX *ctx = NULL;
meth = EC_GROUP_method_of(group);
if (meth == NULL)
seed = EC_GROUP_get0_seed(group);
cofactor = EC_GROUP_get0_cofactor(group);
- ctx = BN_CTX_new();
- if (ctx == NULL)
- return -1;
BN_CTX_start(ctx);
/*
end:
OPENSSL_free(param_bytes);
BN_CTX_end(ctx);
- BN_CTX_free(ctx);
return ret;
}
*/
#include <openssl/err.h>
+#include "internal/bn_int.h"
#include "ec_lcl.h"
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
meth = EC_GFp_mont_method();
#endif
- ret = EC_GROUP_new(meth);
+ ret = EC_GROUP_new_ex(bn_get_lib_ctx(ctx), meth);
if (ret == NULL)
return NULL;
meth = EC_GF2m_simple_method();
- ret = EC_GROUP_new(meth);
+ ret = EC_GROUP_new_ex(bn_get_lib_ctx(ctx), meth);
if (ret == NULL)
return NULL;
#include <openssl/err.h>
#include <openssl/engine.h>
+#ifndef FIPS_MODE
EC_KEY *EC_KEY_new(void)
{
- return EC_KEY_new_method(NULL);
+ return ec_key_new_method_int(NULL, NULL);
}
+#endif
-EC_KEY *EC_KEY_new_by_curve_name(int nid)
+EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx)
+{
+ return ec_key_new_method_int(ctx, NULL);
+}
+
+EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, int nid)
{
- EC_KEY *ret = EC_KEY_new();
+ EC_KEY *ret = EC_KEY_new_ex(ctx);
if (ret == NULL)
return NULL;
- ret->group = EC_GROUP_new_by_curve_name(nid);
+ ret->group = EC_GROUP_new_by_curve_name_ex(ctx, nid);
if (ret->group == NULL) {
EC_KEY_free(ret);
return NULL;
return ret;
}
+#ifndef FIPS_MODE
+EC_KEY *EC_KEY_new_by_curve_name(int nid)
+{
+ return EC_KEY_new_by_curve_name_ex(NULL, nid);
+}
+#endif
+
void EC_KEY_free(EC_KEY *r)
{
int i;
if (r->meth != NULL && r->meth->finish != NULL)
r->meth->finish(r);
-#ifndef OPENSSL_NO_ENGINE
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
ENGINE_finish(r->engine);
#endif
if (r->group && r->group->meth->keyfinish)
r->group->meth->keyfinish(r);
+#ifndef FIPS_MODE
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_EC_KEY, r, &r->ex_data);
+#endif
CRYPTO_THREAD_lock_free(r->lock);
EC_GROUP_free(r->group);
EC_POINT_free(r->pub_key);
dest->meth->finish(dest);
if (dest->group && dest->group->meth->keyfinish)
dest->group->meth->keyfinish(dest);
-#ifndef OPENSSL_NO_ENGINE
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
if (ENGINE_finish(dest->engine) == 0)
return 0;
dest->engine = NULL;
#endif
}
+ dest->libctx = src->libctx;
/* copy the parameters */
if (src->group != NULL) {
const EC_METHOD *meth = EC_GROUP_method_of(src->group);
/* clear the old group */
EC_GROUP_free(dest->group);
- dest->group = EC_GROUP_new(meth);
+ dest->group = EC_GROUP_new_ex(src->libctx, meth);
if (dest->group == NULL)
return NULL;
if (!EC_GROUP_copy(dest->group, src->group))
dest->conv_form = src->conv_form;
dest->version = src->version;
dest->flags = src->flags;
+#ifndef FIPS_MODE
if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_EC_KEY,
&dest->ex_data, &src->ex_data))
return NULL;
+#endif
if (src->meth != dest->meth) {
-#ifndef OPENSSL_NO_ENGINE
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
if (src->engine != NULL && ENGINE_init(src->engine) == 0)
return NULL;
dest->engine = src->engine;
EC_KEY *EC_KEY_dup(const EC_KEY *ec_key)
{
- EC_KEY *ret = EC_KEY_new_method(ec_key->engine);
+ EC_KEY *ret = ec_key_new_method_int(ec_key->libctx, ec_key->engine);
if (ret == NULL)
return NULL;
const BIGNUM *order = NULL;
EC_POINT *pub_key = NULL;
const EC_GROUP *group = eckey->group;
+ BN_CTX *ctx = BN_CTX_secure_new_ex(eckey->libctx);
+
+ if (ctx == NULL)
+ goto err;
if (eckey->priv_key == NULL) {
priv_key = BN_secure_new();
* rand so the simpler backward compatible method has been used here.
*/
do
- if (!BN_priv_rand_range(priv_key, order))
+ if (!BN_priv_rand_range_ex(priv_key, order, ctx))
goto err;
while (BN_is_zero(priv_key)) ;
pub_key = eckey->pub_key;
/* Step (8) : pub_key = priv_key * G (where G is a point on the curve) */
- if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, NULL))
+ if (!EC_POINT_mul(group, pub_key, priv_key, NULL, NULL, ctx))
goto err;
eckey->priv_key = priv_key;
EC_POINT_free(pub_key);
BN_clear_free(priv_key);
+ BN_CTX_free(ctx);
return ok;
}
goto err;
}
- if ((ctx = BN_CTX_new()) == NULL)
+ if ((ctx = BN_CTX_new_ex(eckey->libctx)) == NULL)
goto err;
if ((point = EC_POINT_new(eckey->group)) == NULL)
ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- ctx = BN_CTX_new();
+ ctx = BN_CTX_new_ex(key->libctx);
if (ctx == NULL)
return 0;
if (finish != NULL)
finish(key);
-#ifndef OPENSSL_NO_ENGINE
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
ENGINE_finish(key->engine);
key->engine = NULL;
#endif
return 1;
}
-EC_KEY *EC_KEY_new_method(ENGINE *engine)
+EC_KEY *ec_key_new_method_int(OPENSSL_CTX *libctx, ENGINE *engine)
{
EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
- ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ ECerr(EC_F_EC_KEY_NEW_METHOD_INT, ERR_R_MALLOC_FAILURE);
return NULL;
}
+ ret->libctx = libctx;
+
ret->references = 1;
ret->lock = CRYPTO_THREAD_lock_new();
if (ret->lock == NULL) {
- ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_MALLOC_FAILURE);
+ ECerr(EC_F_EC_KEY_NEW_METHOD_INT, ERR_R_MALLOC_FAILURE);
OPENSSL_free(ret);
return NULL;
}
ret->meth = EC_KEY_get_default_method();
-#ifndef OPENSSL_NO_ENGINE
+#if !defined(OPENSSL_NO_ENGINE) && !defined(FIPS_MODE)
if (engine != NULL) {
if (!ENGINE_init(engine)) {
- ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
+ ECerr(EC_F_EC_KEY_NEW_METHOD_INT, ERR_R_ENGINE_LIB);
goto err;
}
ret->engine = engine;
if (ret->engine != NULL) {
ret->meth = ENGINE_get_EC(ret->engine);
if (ret->meth == NULL) {
- ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_ENGINE_LIB);
+ ECerr(EC_F_EC_KEY_NEW_METHOD_INT, ERR_R_ENGINE_LIB);
goto err;
}
}
ret->version = 1;
ret->conv_form = POINT_CONVERSION_UNCOMPRESSED;
+/* No ex_data inside the FIPS provider */
+#ifndef FIPS_MODE
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EC_KEY, ret, &ret->ex_data)) {
goto err;
}
+#endif
if (ret->meth->init != NULL && ret->meth->init(ret) == 0) {
- ECerr(EC_F_EC_KEY_NEW_METHOD, ERR_R_INIT_FAIL);
+ ECerr(EC_F_EC_KEY_NEW_METHOD_INT, ERR_R_INIT_FAIL);
goto err;
}
return ret;
return NULL;
}
+#ifndef FIPS_MODE
+EC_KEY *EC_KEY_new_method(ENGINE *engine)
+{
+ return ec_key_new_method_int(NULL, engine);
+}
+#endif
+
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
const EC_KEY *eckey,
void *(*KDF) (const void *in, size_t inlen, void *out,
NISTZ256_PRE_COMP *nistz256;
EC_PRE_COMP *ec;
} pre_comp;
+
+ OPENSSL_CTX *libctx;
};
#define SETPRECOMP(g, type, pre) \
point_conversion_form_t conv_form;
CRYPTO_REF_COUNT references;
int flags;
+#ifndef FIPS_MODE
CRYPTO_EX_DATA ex_data;
+#endif
CRYPTO_RWLOCK *lock;
+ OPENSSL_CTX *libctx;
};
struct ec_point_st {
int ec_key_simple_generate_public_key(EC_KEY *eckey);
int ec_key_simple_check_key(const EC_KEY *eckey);
-int ec_curve_nid_from_params(const EC_GROUP *group);
+int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx);
/* EC_METHOD definitions */
#define EC_KEY_METHOD_DYNAMIC 1
+EC_KEY *ec_key_new_method_int(OPENSSL_CTX *libctx, ENGINE *engine);
+
int ossl_ec_key_gen(EC_KEY *eckey);
int ossl_ecdh_compute_key(unsigned char **pout, size_t *poutlen,
const EC_POINT *pub_key, const EC_KEY *ecdh);
/* functions for EC_GROUP objects */
-EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
+EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth)
{
EC_GROUP *ret;
if (meth == NULL) {
- ECerr(EC_F_EC_GROUP_NEW, EC_R_SLOT_FULL);
+ ECerr(EC_F_EC_GROUP_NEW_EX, EC_R_SLOT_FULL);
return NULL;
}
if (meth->group_init == 0) {
- ECerr(EC_F_EC_GROUP_NEW, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ ECerr(EC_F_EC_GROUP_NEW_EX, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return NULL;
}
ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
- ECerr(EC_F_EC_GROUP_NEW, ERR_R_MALLOC_FAILURE);
+ ECerr(EC_F_EC_GROUP_NEW_EX, ERR_R_MALLOC_FAILURE);
return NULL;
}
+ ret->libctx = libctx;
ret->meth = meth;
if ((ret->meth->flags & EC_FLAGS_CUSTOM_CURVE) == 0) {
ret->order = BN_new();
return NULL;
}
+#ifndef FIPS_MODE
+EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
+{
+ return EC_GROUP_new_ex(NULL, meth);
+}
+#endif
+
void EC_pre_comp_free(EC_GROUP *group)
{
switch (group->pre_comp_type) {
if (dest == src)
return 1;
+ dest->libctx = src->libctx;
dest->curve_name = src->curve_name;
/* Copy precomputed */
if (a == NULL)
return NULL;
- if ((t = EC_GROUP_new(a->meth)) == NULL)
+ if ((t = EC_GROUP_new_ex(a->libctx, a->meth)) == NULL)
return NULL;
if (!EC_GROUP_copy(t, a))
goto err;
{
int r = 0;
BIGNUM *a1, *a2, *a3, *b1, *b2, *b3;
+#ifndef FIPS_MODE
BN_CTX *ctx_new = NULL;
+ if (ctx == NULL)
+ ctx_new = ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return -1;
+
/* compare the field types */
if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) !=
EC_METHOD_get_field_type(EC_GROUP_method_of(b)))
if (a->meth->flags & EC_FLAGS_CUSTOM_CURVE)
return 0;
- if (ctx == NULL)
- ctx_new = ctx = BN_CTX_new();
- if (ctx == NULL)
- return -1;
-
BN_CTX_start(ctx);
a1 = BN_CTX_get(ctx);
a2 = BN_CTX_get(ctx);
b3 = BN_CTX_get(ctx);
if (b3 == NULL) {
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(ctx_new);
+#endif
return -1;
}
}
end:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(ctx_new);
-
+#endif
return r;
}
{
int ret = 0;
size_t i = 0;
+#ifndef FIPS_MODE
BN_CTX *new_ctx = NULL;
+ if (ctx == NULL)
+ ctx = new_ctx = BN_CTX_secure_new();
+#endif
+ if (ctx == NULL) {
+ ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
if ((scalar == NULL) && (num == 0)) {
return EC_POINT_set_to_infinity(group, r);
}
}
}
- if (ctx == NULL && (ctx = new_ctx = BN_CTX_secure_new()) == NULL) {
- ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR);
- return 0;
- }
-
if (group->meth->mul != NULL)
ret = group->meth->mul(group, r, scalar, num, points, scalars, ctx);
else
/* use default */
ret = ec_wNAF_mul(group, r, scalar, num, points, scalars, ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
*/
static int ec_precompute_mont_data(EC_GROUP *group)
{
- BN_CTX *ctx = BN_CTX_new();
+ BN_CTX *ctx = BN_CTX_new_ex(group->libctx);
int ret = 0;
BN_MONT_CTX_free(group->mont_data);
return ret;
}
+#ifndef FIPS_MODE
int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg)
{
return CRYPTO_set_ex_data(&key->ex_data, idx, arg);
{
return CRYPTO_get_ex_data(&key->ex_data, idx);
}
+#endif
int ec_group_simple_order_bits(const EC_GROUP *group)
{
const BIGNUM *x, BN_CTX *ctx)
{
BIGNUM *e = NULL;
- BN_CTX *new_ctx = NULL;
int ret = 0;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
- if (group->mont_data == NULL)
+ if (ctx == NULL)
+ ctx = new_ctx = BN_CTX_secure_new();
+#endif
+ if (ctx == NULL)
return 0;
- if (ctx == NULL && (ctx = new_ctx = BN_CTX_secure_new()) == NULL)
- return 0;
+ if (group->mont_data == NULL)
+ goto err;
BN_CTX_start(ctx);
if ((e = BN_CTX_get(ctx)) == NULL)
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
{
const EC_POINT *generator;
EC_POINT *tmp_point = NULL, *base = NULL, **var;
- BN_CTX *new_ctx = NULL;
const BIGNUM *order;
size_t i, bits, w, pre_points_per_block, blocksize, numblocks, num;
EC_POINT **points = NULL;
EC_PRE_COMP *pre_comp;
int ret = 0;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
/* if there is an old EC_PRE_COMP object, throw it away */
EC_pre_comp_free(group);
goto err;
}
- if (ctx == NULL) {
+#ifndef FIPS_MODE
+ if (ctx == NULL)
ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
- goto err;
- }
+#endif
+ if (ctx == NULL)
+ goto err;
BN_CTX_start(ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
EC_ec_pre_comp_free(pre_comp);
if (points) {
EC_POINT **p;
size_t buflen, len;
unsigned char *buf = NULL;
- if ((ctx = BN_CTX_new()) == NULL)
+ if ((ctx = BN_CTX_new_ex(ecdh->libctx)) == NULL)
goto err;
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
}
if ((ctx = ctx_in) == NULL) {
- if ((ctx = BN_CTX_new()) == NULL) {
+ if ((ctx = BN_CTX_new_ex(eckey->libctx)) == NULL) {
ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
return 0;
}
goto err;
}
} else {
- if (!BN_priv_rand_range(k, order)) {
+ if (!BN_priv_rand_range_ex(k, order, ctx)) {
ECerr(EC_F_ECDSA_SIGN_SETUP,
EC_R_RANDOM_NUMBER_GENERATION_FAILED);
goto err;
}
s = ret->s;
- if ((ctx = BN_CTX_new()) == NULL
+ if ((ctx = BN_CTX_new_ex(eckey->libctx)) == NULL
|| (m = BN_new()) == NULL) {
ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_MALLOC_FAILURE);
goto err;
return -1;
}
- ctx = BN_CTX_new();
+ ctx = BN_CTX_new_ex(eckey->libctx);
if (ctx == NULL) {
ECerr(EC_F_OSSL_ECDSA_VERIFY_SIG, ERR_R_MALLOC_FAILURE);
return -1;
group->field_data2 = NULL;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
if (group->field_data1 == NULL)
return 0;
- if (ctx == NULL && (ctx = new_ctx = BN_CTX_secure_new()) == NULL)
+ if (ctx == NULL
+ && (ctx = new_ctx = BN_CTX_secure_new_ex(group->libctx)) == NULL)
return 0;
BN_CTX_start(ctx);
BN_CTX *new_ctx = NULL;
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
+ if ((ctx = new_ctx = BN_CTX_new_ex(group->libctx)) == NULL)
return 0;
BN_CTX_start(ctx);
goto err;
}
if (!ctx)
- if ((ctx_new = ctx = BN_CTX_new()) == NULL)
+ if ((ctx_new = ctx = BN_CTX_new_ex(group->libctx)) == NULL)
goto err;
if (!BN_mul(r, a, b, ctx))
goto err;
}
if (!ctx)
- if ((ctx_new = ctx = BN_CTX_new()) == NULL)
+ if ((ctx_new = ctx = BN_CTX_new_ex(group->libctx)) == NULL)
goto err;
if (!BN_sqr(r, a, ctx))
BN_CTX *ctx)
{
int ret = 0;
- BN_CTX *new_ctx = NULL;
BIGNUM *curve_p, *curve_a, *curve_b;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
- return 0;
+ new_ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return 0;
+
BN_CTX_start(ctx);
curve_p = BN_CTX_get(ctx);
curve_a = BN_CTX_get(ctx);
ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
int ret = 0;
NISTP224_PRE_COMP *pre = NULL;
int i, j;
- BN_CTX *new_ctx = NULL;
BIGNUM *x, *y;
EC_POINT *generator = NULL;
felem tmp_felems[32];
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
/* throw away old precomputation */
EC_pre_comp_free(group);
+
+#ifndef FIPS_MODE
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
- return 0;
+ new_ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return 0;
+
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
y = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
EC_POINT_free(generator);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
EC_nistp224_pre_comp_free(pre);
return ret;
}
BN_CTX *ctx)
{
int ret = 0;
- BN_CTX *new_ctx = NULL;
BIGNUM *curve_p, *curve_a, *curve_b;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
- return 0;
+ new_ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return 0;
+
BN_CTX_start(ctx);
curve_p = BN_CTX_get(ctx);
curve_a = BN_CTX_get(ctx);
ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
int ret = 0;
NISTP256_PRE_COMP *pre = NULL;
int i, j;
- BN_CTX *new_ctx = NULL;
BIGNUM *x, *y;
EC_POINT *generator = NULL;
smallfelem tmp_smallfelems[32];
felem x_tmp, y_tmp, z_tmp;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
/* throw away old precomputation */
EC_pre_comp_free(group);
+
+#ifndef FIPS_MODE
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
- return 0;
+ new_ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return 0;
+
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
y = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
EC_POINT_free(generator);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
EC_nistp256_pre_comp_free(pre);
return ret;
}
BN_CTX *ctx)
{
int ret = 0;
- BN_CTX *new_ctx = NULL;
BIGNUM *curve_p, *curve_a, *curve_b;
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
- return 0;
+ new_ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return 0;
+
BN_CTX_start(ctx);
curve_p = BN_CTX_get(ctx);
curve_a = BN_CTX_get(ctx);
ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx);
err:
BN_CTX_end(ctx);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
return ret;
}
int ret = 0;
NISTP521_PRE_COMP *pre = NULL;
int i, j;
- BN_CTX *new_ctx = NULL;
BIGNUM *x, *y;
EC_POINT *generator = NULL;
felem tmp_felems[16];
+#ifndef FIPS_MODE
+ BN_CTX *new_ctx = NULL;
+#endif
/* throw away old precomputation */
EC_pre_comp_free(group);
+
+#ifndef FIPS_MODE
if (ctx == NULL)
- if ((ctx = new_ctx = BN_CTX_new()) == NULL)
- return 0;
+ new_ctx = BN_CTX_new();
+#endif
+ if (ctx == NULL)
+ return 0;
+
BN_CTX_start(ctx);
x = BN_CTX_get(ctx);
y = BN_CTX_get(ctx);
err:
BN_CTX_end(ctx);
EC_POINT_free(generator);
+#ifndef FIPS_MODE
BN_CTX_free(new_ctx);
+#endif
EC_nistp521_pre_comp_free(pre);
return ret;
}
return 0;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
goto err;
}
BIGNUM *tmp1, *tmp2, *x, *y;
int ret = 0;
+#ifndef FIPS_MODE
/* clear error queue */
ERR_clear_error();
+#endif
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
}
if (!BN_mod_sqrt(y, tmp1, group->field, ctx)) {
+#ifndef FIPS_MODE
unsigned long err = ERR_peek_last_error();
if (ERR_GET_LIB(err) == ERR_LIB_BN
ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
EC_R_INVALID_COMPRESSED_POINT);
} else
+#endif
+ {
ECerr(EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES,
ERR_R_BN_LIB);
+ }
goto err;
}
}
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
}
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
}
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
if (a != NULL || b != NULL) {
if (group->meth->field_decode) {
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
BN_CTX *new_ctx = NULL;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL) {
ECerr(EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT,
ERR_R_MALLOC_FAILURE);
int ret = 0;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
if (group->meth->field_decode != 0) {
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
}
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
p = group->field;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
p = group->field;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
p = group->field;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return -1;
}
field_sqr = group->meth->field_sqr;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return -1;
}
return 1;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
return 1;
if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
+ ctx = new_ctx = BN_CTX_new_ex(group->libctx);
if (ctx == NULL)
return 0;
}
BN_CTX *new_ctx = NULL;
int ret = 0;
- if (ctx == NULL && (ctx = new_ctx = BN_CTX_secure_new()) == NULL)
+ if (ctx == NULL
+ && (ctx = new_ctx = BN_CTX_secure_new_ex(group->libctx)) == NULL)
return 0;
BN_CTX_start(ctx);
goto err;
do {
- if (!BN_priv_rand_range(e, group->field))
+ if (!BN_priv_rand_range_ex(e, group->field, ctx))
goto err;
} while (BN_is_zero(e));
/* make sure lambda is not zero */
do {
- if (!BN_priv_rand_range(lambda, group->field)) {
+ if (!BN_priv_rand_range_ex(lambda, group->field, ctx)) {
ECerr(EC_F_EC_GFP_SIMPLE_BLIND_COORDINATES, ERR_R_BN_LIB);
goto err;
}
X448_public_from_private(pubkey, privkey);
break;
case EVP_PKEY_ED448:
- ED448_public_from_private(pubkey, privkey);
+ /*
+ * TODO(3.0): We set the library context to NULL for now. This will
+ * need to change.
+ */
+ ED448_public_from_private(NULL, pubkey, privkey);
break;
}
}
return 0;
}
- if (ED448_sign(sig, tbs, tbslen, edkey->pubkey, edkey->privkey, NULL,
- 0) == 0)
+ /*
+ * TODO(3.0): We use NULL for the library context for now. Will need to
+ * change later.
+ */
+ if (ED448_sign(NULL, sig, tbs, tbslen, edkey->pubkey, edkey->privkey,
+ NULL, 0) == 0)
return 0;
*siglen = ED448_SIGSIZE;
return 1;
if (siglen != ED448_SIGSIZE)
return 0;
- return ED448_verify(tbs, tbslen, sig, edkey->pubkey, NULL, 0);
+ /*
+ * TODO(3.0): We send NULL for the OPENSSL_CTX for now. This will need to
+ * change.
+ */
+ return ED448_verify(NULL, tbs, tbslen, sig, edkey->pubkey, NULL, 0);
}
static int pkey_ecd_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
ec_GFp_simple_set_compressed_coordinates
EC_F_EC_GROUP_CHECK:170:EC_GROUP_check
EC_F_EC_GROUP_CHECK_DISCRIMINANT:171:EC_GROUP_check_discriminant
+EC_F_EC_GROUP_CHECK_NAMED_CURVE:299:EC_GROUP_check_named_curve
EC_F_EC_GROUP_COPY:106:EC_GROUP_copy
EC_F_EC_GROUP_GET_CURVE:291:EC_GROUP_get_curve
EC_F_EC_GROUP_GET_CURVE_GF2M:172:EC_GROUP_get_curve_GF2m
EC_F_EC_GROUP_GET_TRINOMIAL_BASIS:194:EC_GROUP_get_trinomial_basis
EC_F_EC_GROUP_NEW:108:EC_GROUP_new
EC_F_EC_GROUP_NEW_BY_CURVE_NAME:174:EC_GROUP_new_by_curve_name
+EC_F_EC_GROUP_NEW_BY_CURVE_NAME_EX:301:EC_GROUP_new_by_curve_name_ex
+EC_F_EC_GROUP_NEW_EX:302:EC_GROUP_new_ex
EC_F_EC_GROUP_NEW_FROM_DATA:175:ec_group_new_from_data
EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS:263:EC_GROUP_new_from_ecparameters
EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS:264:EC_GROUP_new_from_ecpkparameters
EC_F_EC_KEY_GENERATE_KEY:179:EC_KEY_generate_key
EC_F_EC_KEY_NEW:182:EC_KEY_new
EC_F_EC_KEY_NEW_METHOD:245:EC_KEY_new_method
+EC_F_EC_KEY_NEW_METHOD_INT:300:ec_key_new_method_int
EC_F_EC_KEY_OCT2PRIV:255:EC_KEY_oct2priv
EC_F_EC_KEY_PRINT:180:EC_KEY_print
EC_F_EC_KEY_PRINT_FP:181:EC_KEY_print_fp
const BIGNUM *r1, const BIGNUM *r2, int nlen,
const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb);
+OPENSSL_CTX *bn_get_lib_ctx(BN_CTX *ctx);
#endif
return 1;
}
# endif
+#endif /* FIPS_MODE */
-# ifdef ECP_NISTZ256_ASM
+#ifdef ECP_NISTZ256_ASM
void ecp_nistz256_mul_mont(unsigned long res[4], const unsigned long a[4],
const unsigned long b[4]);
ecp_nistz256_mul_mont(res, in, one);
}
-# endif
-#endif /* FIPS_MODE */
+#endif
static sigjmp_buf ill_jmp;
static void ill_handler(int sig)
int EC_GROUP_get_degree(const EC_GROUP *group);
int EC_GROUP_check(const EC_GROUP *group, BN_CTX *ctx);
- int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only);
+ int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only,
+ BN_CTX *ctx);
int EC_GROUP_check_discriminant(const EC_GROUP *group, BN_CTX *ctx);
aliases, so that multiple NID's can map to the same domain parameters. For such curves it is unspecified which of the aliases will be
returned if the curve name of the given group is NID_undef.
If B<nist_only> is 1 it will only look for NIST approved curves, otherwise it searches all built-in curves.
+This function may be passed a BN_CTX object in the B<ctx> parameter.
+The B<ctx> parameter may be NULL.
EC_GROUP_cmp compares B<a> and B<b> to determine whether they represent the same curve or not.
/* EC_GROUP functions */
/********************************************************************/
-/** Creates a new EC_GROUP object
- * \param meth EC_METHOD to use
+/**
+ * Creates a new EC_GROUP object
+ * \param libctx The associated library context or NULL for the default
+ * library context
+ * \param meth EC_METHOD to use
+ * \return newly created EC_GROUP object or NULL in case of an error.
+ */
+EC_GROUP *EC_GROUP_new_ex(OPENSSL_CTX *libctx, const EC_METHOD *meth);
+
+/**
+ * Creates a new EC_GROUP object. Same as EC_GROUP_new_ex with NULL for the
+ * library context.
+ * \param libctx The associated library context or NULL for the default
+ * library context
+ * \param meth EC_METHOD to use
* \return newly created EC_GROUP object or NULL in case of an error.
*/
EC_GROUP *EC_GROUP_new(const EC_METHOD *meth);
const BIGNUM *b, BN_CTX *ctx);
# endif
-/** Creates a EC_GROUP object with a curve specified by a NID
- * \param nid NID of the OID of the curve name
+/**
+ * Creates a EC_GROUP object with a curve specified by a NID
+ * \param libctx The associated library context or NULL for the default
+ * context
+ * \param nid NID of the OID of the curve name
+ * \return newly created EC_GROUP object with specified curve or NULL
+ * if an error occurred
+ */
+EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, int nid);
+
+/**
+ * Creates a EC_GROUP object with a curve specified by a NID. Same as
+ * EC_GROUP_new_by_curve_name_ex but the libctx is always NULL.
+ * \param nid NID of the OID of the curve name
* \return newly created EC_GROUP object with specified curve or NULL
* if an error occurred
*/
const char *EC_curve_nid2nist(int nid);
int EC_curve_nist2nid(const char *name);
-int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only);
+int EC_GROUP_check_named_curve(const EC_GROUP *group, int nist_only,
+ BN_CTX *ctx);
/********************************************************************/
/* EC_POINT functions */
# define EC_FLAG_FIPS_CHECKED 0x2
# define EC_FLAG_COFACTOR_ECDH 0x1000
-/** Creates a new EC_KEY object.
+/**
+ * Creates a new EC_KEY object.
+ * \param ctx The library context for to use for this EC_KEY. May be NULL in
+ * which case the default library context is used.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx);
+
+/**
+ * Creates a new EC_KEY object. Same as calling EC_KEY_new_ex with a NULL
+ * library context
* \return EC_KEY object or NULL if an error occurred.
*/
EC_KEY *EC_KEY_new(void);
void EC_KEY_clear_flags(EC_KEY *key, int flags);
-/** Creates a new EC_KEY object using a named curve as underlying
+/**
+ * Creates a new EC_KEY object using a named curve as underlying
* EC_GROUP object.
+ * \param ctx The library context for to use for this EC_KEY. May be NULL in
+ * which case the default library context is used.
+ * \param nid NID of the named curve.
+ * \return EC_KEY object or NULL if an error occurred.
+ */
+EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, int nid);
+
+/**
+ * Creates a new EC_KEY object using a named curve as underlying
+ * EC_GROUP object. Same as calling EC_KEY_new_by_curve_name_ex with a NULL
+ * library context.
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
EC_KEY *EC_KEY_new_by_curve_name(int nid);
+
/** Frees a EC_KEY object.
* \param key EC_KEY object to be freed.
*/
EVP_MD_CTX *hashctx = EVP_MD_CTX_new();
if (!TEST_ptr(hashctx)
- || !TEST_true(ED448_sign(outsig, NULL, 0, pubkey1, privkey1, NULL,
- 0))
+ || !TEST_true(ED448_sign(NULL, outsig, NULL, 0, pubkey1, privkey1,
+ NULL, 0))
|| !TEST_int_eq(memcmp(sig1, outsig, sizeof(sig1)), 0)
- || !TEST_true(ED448_sign(outsig, msg2, sizeof(msg2), pubkey2,
+ || !TEST_true(ED448_sign(NULL, outsig, msg2, sizeof(msg2), pubkey2,
privkey2, NULL, 0))
|| !TEST_int_eq(memcmp(sig2, outsig, sizeof(sig2)), 0)
- || !TEST_true(ED448_sign(outsig, msg3, sizeof(msg3), pubkey3,
+ || !TEST_true(ED448_sign(NULL, outsig, msg3, sizeof(msg3), pubkey3,
privkey3, context3, sizeof(context3)))
|| !TEST_int_eq(memcmp(sig3, outsig, sizeof(sig3)), 0)
- || !TEST_true(ED448_sign(outsig, msg4, sizeof(msg4), pubkey4,
+ || !TEST_true(ED448_sign(NULL, outsig, msg4, sizeof(msg4), pubkey4,
privkey4, NULL, 0))
|| !TEST_int_eq(memcmp(sig4, outsig, sizeof(sig4)), 0)
- || !TEST_true(ED448_sign(outsig, msg5, sizeof(msg5), pubkey5,
+ || !TEST_true(ED448_sign(NULL, outsig, msg5, sizeof(msg5), pubkey5,
privkey5, NULL, 0))
|| !TEST_int_eq(memcmp(sig5, outsig, sizeof(sig5)), 0)
- || !TEST_true(ED448_sign(outsig, msg6, sizeof(msg6), pubkey6,
+ || !TEST_true(ED448_sign(NULL, outsig, msg6, sizeof(msg6), pubkey6,
privkey6, NULL, 0))
|| !TEST_int_eq(memcmp(sig6, outsig, sizeof(sig6)), 0)
- || !TEST_true(ED448_sign(outsig, msg7, sizeof(msg7), pubkey7,
+ || !TEST_true(ED448_sign(NULL, outsig, msg7, sizeof(msg7), pubkey7,
privkey7, NULL, 0))
|| !TEST_int_eq(memcmp(sig7, outsig, sizeof(sig7)), 0)
- || !TEST_true(ED448_sign(outsig, msg8, sizeof(msg8), pubkey8,
+ || !TEST_true(ED448_sign(NULL, outsig, msg8, sizeof(msg8), pubkey8,
privkey8, NULL, 0))
|| !TEST_int_eq(memcmp(sig8, outsig, sizeof(sig8)), 0)
- || !TEST_true(ED448_sign(outsig, msg9, sizeof(msg9), pubkey9,
+ || !TEST_true(ED448_sign(NULL, outsig, msg9, sizeof(msg9), pubkey9,
privkey9, NULL, 0))
|| !TEST_int_eq(memcmp(sig9, outsig, sizeof(sig9)), 0)
- || !TEST_true(ED448ph_sign(outsig, dohash(hashctx, phmsg1,
+ || !TEST_true(ED448ph_sign(NULL, outsig, dohash(hashctx, phmsg1,
sizeof(phmsg1)), phpubkey1, phprivkey1,
NULL, 0))
|| !TEST_int_eq(memcmp(phsig1, outsig, sizeof(phsig1)), 0)
- || !TEST_true(ED448ph_sign(outsig, dohash(hashctx, phmsg2,
+ || !TEST_true(ED448ph_sign(NULL, outsig, dohash(hashctx, phmsg2,
sizeof(phmsg2)), phpubkey2, phprivkey2,
phcontext2, sizeof(phcontext2)))
|| !TEST_int_eq(memcmp(phsig2, outsig, sizeof(phsig2)), 0)) {
}
/* Passes because this is a valid curve */
- if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0), nid)
+ if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)
/* Only NIST curves pass */
- || !TEST_int_eq(EC_GROUP_check_named_curve(group, 1),
+ || !TEST_int_eq(EC_GROUP_check_named_curve(group, 1, NULL),
EC_curve_nid2nist(nid) != NULL ? nid : NID_undef))
goto err;
/* Fail if the curve name doesn't match the parameters */
EC_GROUP_set_curve_name(group, nid + 1);
ERR_set_mark();
- if (!TEST_int_le(EC_GROUP_check_named_curve(group, 0), 0))
+ if (!TEST_int_le(EC_GROUP_check_named_curve(group, 0, NULL), 0))
goto err;
ERR_pop_to_mark();
/* Restore curve name and ensure it's passing */
EC_GROUP_set_curve_name(group, nid);
- if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0), nid))
+ if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid))
goto err;
if (!TEST_int_eq(EC_GROUP_set_seed(group, invalid_seed, invalid_seed_len),
* If the built-in curve has a seed and we set the seed to another value
* then it will fail the check.
*/
- if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0), 0))
+ if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), 0))
goto err;
} else {
/*
* If the built-in curve does not have a seed then setting the seed will
* pass the check (as the seed is optional).
*/
- if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0), nid))
+ if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid))
goto err;
}
/* Pass if the seed is unknown (as it is optional) */
if (!TEST_int_eq(EC_GROUP_set_seed(group, NULL, 0), 1)
- || !TEST_int_eq(EC_GROUP_check_named_curve(group, 0), nid))
+ || !TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid))
goto err;
/* Check that a duped group passes */
- if (!TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), nid))
+ if (!TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid))
goto err;
/* check that changing any generator parameter fails */
if (!TEST_true(EC_GROUP_set_generator(gtest, other_gen, group_order,
group_cofactor))
- || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), 0)
+ || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)
|| !TEST_true(EC_GROUP_set_generator(gtest, group_gen, other_order,
group_cofactor))
- || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), 0)
+ || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)
/* The order is not an optional field, so this should fail */
|| !TEST_true(EC_GROUP_set_generator(gtest, group_gen, NULL,
group_cofactor))
- || !TEST_int_le(EC_GROUP_check_named_curve(gtest, 0), 0)
+ || !TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)
|| !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order,
other_cofactor))
- || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), 0)
+ || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)
/* Check that if the cofactor is not set then it still passes */
|| !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order,
NULL))
- || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), nid)
+ || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)
/* check that restoring the generator passes */
|| !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order,
group_cofactor))
- || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), nid))
+ || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid))
goto err;
/*
*/
ERR_set_mark();
if (EC_GROUP_set_curve(gtest, other_p, group_a, group_b, NULL)) {
- if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0), 0))
+ if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0))
goto err;
} else {
/* clear the error stack if EC_GROUP_set_curve() failed */
ERR_set_mark();
}
if (EC_GROUP_set_curve(gtest, group_p, other_a, group_b, NULL)) {
- if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0), 0))
+ if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0))
goto err;
} else {
/* clear the error stack if EC_GROUP_set_curve() failed */
ERR_set_mark();
}
if (EC_GROUP_set_curve(gtest, group_p, group_a, other_b, NULL)) {
- if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0), 0))
+ if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0))
goto err;
} else {
/* clear the error stack if EC_GROUP_set_curve() failed */
/* Check that restoring the curve parameters passes */
if (!TEST_true(EC_GROUP_set_curve(gtest, group_p, group_a, group_b, NULL))
- || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0), nid))
+ || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid))
goto err;
ret = 1;
if (!TEST_ptr(g = EC_GROUP_new_from_ecparameters(p)))
goto err;
- if (!TEST_int_gt(rv = EC_GROUP_check_named_curve(g, 0), 0))
+ if (!TEST_int_gt(rv = EC_GROUP_check_named_curve(g, 0, NULL), 0))
goto err;
if (rv != nid) {
/*
ERR_vset_error 4812 3_0_0 EXIST::FUNCTION:
X509_get0_authority_issuer 4813 3_0_0 EXIST::FUNCTION:
X509_get0_authority_serial 4814 3_0_0 EXIST::FUNCTION:
+EC_GROUP_new_ex 4815 3_0_0 EXIST::FUNCTION:EC
+EC_GROUP_new_by_curve_name_ex 4816 3_0_0 EXIST::FUNCTION:EC
+EC_KEY_new_ex 4817 3_0_0 EXIST::FUNCTION:EC
+EC_KEY_new_by_curve_name_ex 4818 3_0_0 EXIST::FUNCTION:EC
projects / oweals / openssl.git / commitdiff