ECC library bugfixes.

Submitted by: Emilia Kasper (Google)

diff --git a/CHANGES b/CHANGES
index bb8b7184f341de527ee5763583197209469b6049..fab61c34959ad2eb0b4278d73c603c2de6a117ac 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -855,6 +855,18 @@
   *) Change 'Configure' script to enable Camellia by default.
      [NTT]
   
+ Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
+
+  *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
+     is also one of the inputs.
+     [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
+
+  *) Don't repeatedly append PBE algorithms to table if they already exist.
+     Sort table on each new add. This effectively makes the table read only
+     after all algorithms are added and subsequent calls to PKCS12_pbe_add
+     etc are non-op.
+     [Steve Henson]
+
  Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
 
   [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after

diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c
index ab631a50a22cbdcc94dc26610f61f9b57dfd5e08..e12b9b284a00298cec51623ec81193c2e86499b9 100644 (file)
--- a/crypto/ec/ec2_mult.c
+++ b/crypto/ec/ec2_mult.c
@@ -319,6 +319,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
        int ret = 0;
        size_t i;
        EC_POINT *p=NULL;
+       EC_POINT *acc = NULL;
 
        if (ctx == NULL)
                {
@@ -338,15 +339,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
                }
 
        if ((p = EC_POINT_new(group)) == NULL) goto err;
+       if ((acc = EC_POINT_new(group)) == NULL) goto err;
 
-       if (!EC_POINT_set_to_infinity(group, r)) goto err;
+       if (!EC_POINT_set_to_infinity(group, acc)) goto err;
 
        if (scalar)
                {
                if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err;
-               if (BN_is_negative(scalar)) 
+               if (BN_is_negative(scalar))
                        if (!group->meth->invert(group, p, ctx)) goto err;
-               if (!group->meth->add(group, r, r, p, ctx)) goto err;
+               if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
                }
 
        for (i = 0; i < num; i++)
@@ -354,13 +356,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
                if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err;
                if (BN_is_negative(scalars[i]))
                        if (!group->meth->invert(group, p, ctx)) goto err;
-               if (!group->meth->add(group, r, r, p, ctx)) goto err;
+               if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
                }
 
+       if (!EC_POINT_copy(r, acc)) goto err;
+
        ret = 1;
 
   err:
        if (p) EC_POINT_free(p);
+       if (acc) EC_POINT_free(acc);
        if (new_ctx != NULL)
                BN_CTX_free(new_ctx);
        return ret;

diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index f05df5332e1b5ddc4c1bab30b79b50ce5c70c8dd..19f21675fbd804e139334f8f736b86b89f23388a 100644 (file)
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -169,11 +169,13 @@ static void ec_pre_comp_clear_free(void *pre_)
                EC_POINT **p;
 
                for (p = pre->points; *p != NULL; p++)
+                       {
                        EC_POINT_clear_free(*p);
-               OPENSSL_cleanse(pre->points, sizeof pre->points);
+                       OPENSSL_cleanse(p, sizeof *p);
+                       }
                OPENSSL_free(pre->points);
                }
-       OPENSSL_cleanse(pre, sizeof pre);
+       OPENSSL_cleanse(pre, sizeof *pre);
        OPENSSL_free(pre);
        }