From bf2546f94762f6579ff40f71d6f333adbf72ffc4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Mon, 14 Feb 2011 16:45:28 +0000 Subject: [PATCH] Use BN_nist_mod_func to avoid need to peek error queue. --- crypto/ec/ec_cvt.c | 38 +++++++------------------------------- 1 file changed, 7 insertions(+), 31 deletions(-) diff --git a/crypto/ec/ec_cvt.c b/crypto/ec/ec_cvt.c index bbed1da455..0c3b93a43b 100644 --- a/crypto/ec/ec_cvt.c +++ b/crypto/ec/ec_cvt.c @@ -69,6 +69,8 @@ * */ +#define OPENSSL_FIPSAPI + #include #include "ec_lcl.h" @@ -78,7 +80,10 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM const EC_METHOD *meth; EC_GROUP *ret; - meth = EC_GFp_nist_method(); + if (BN_nist_mod_func(p)) + meth = EC_GFp_nist_method(); + else + meth = EC_GFp_mont_method(); ret = EC_GROUP_new(meth); if (ret == NULL) @@ -86,37 +91,8 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) { - unsigned long err; - - err = ERR_peek_last_error(); - - if (!(ERR_GET_LIB(err) == ERR_LIB_EC && - ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) || - (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) - { - /* real error */ - - EC_GROUP_clear_free(ret); - return NULL; - } - - - /* not an actual error, we just cannot use EC_GFp_nist_method */ - - ERR_clear_error(); - EC_GROUP_clear_free(ret); - meth = EC_GFp_mont_method(); - - ret = EC_GROUP_new(meth); - if (ret == NULL) - return NULL; - - if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) - { - EC_GROUP_clear_free(ret); - return NULL; - } + return NULL; } return ret; -- 2.25.1