From e248740d67c3b047742800892aa80e4d90345cf4 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 16 Sep 2011 17:35:40 +0000 Subject: [PATCH] Minor code tidy and bug fix: need to set t = s after first pass and t and s do not need to have independent values after the first pass so set t = s. --- fips/rand/fips_drbg_ec.c | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/fips/rand/fips_drbg_ec.c b/fips/rand/fips_drbg_ec.c index 0b674199bb..ccdab03cf9 100644 --- a/fips/rand/fips_drbg_ec.c +++ b/fips/rand/fips_drbg_ec.c @@ -287,17 +287,19 @@ static int drbg_ec_generate(DRBG_CTX *dctx, } BN_CTX_start(ectx->bctx); - t = BN_CTX_get(ectx->bctx); r = BN_CTX_get(ectx->bctx); if (!r) goto err; if (adin && adin_len) { size_t i; + t = BN_CTX_get(ectx->bctx); + if (!t) + goto err; /* Convert s to buffer */ if (ectx->exbits) - BN_lshift(ectx->s, ectx->s, ectx->exbits); - bn2binpad(ectx->sbuf, dctx->seedlen, ectx->s); + BN_lshift(s, s, ectx->exbits); + bn2binpad(ectx->sbuf, dctx->seedlen, s); /* Step 2 */ if (!hash_df(dctx, ectx->tbuf, adin, adin_len, NULL, 0, NULL, 0)) @@ -309,11 +311,13 @@ static int drbg_ec_generate(DRBG_CTX *dctx, return 0; } else - if (!BN_copy(t, ectx->s)) - goto err; + /* Note if no additional input t and s the algorithm never + * needs separate values for t and s. + */ + t = s; #ifdef EC_DRBG_TRACE - bnprint(stderr, "s at start of generate: ", ectx->s); + bnprint(stderr, "s at start of generate: ", s); #endif for (;;) @@ -360,6 +364,8 @@ static int drbg_ec_generate(DRBG_CTX *dctx, if (!outlen) break; out += dctx->blocklength; + /* Step #5 after first pass */ + t = s; #ifdef EC_DRBG_TRACE fprintf(stderr, "Random bits written:\n"); hexprint(stderr, out, dctx->blocklength); -- 2.25.1