projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix typo in CONTRIBUTING.md
[openssl.git]
/
crypto
/
bn
/
bn_gf2m.c
diff --git
a/crypto/bn/bn_gf2m.c
b/crypto/bn/bn_gf2m.c
index e025dae6c128605623ba05ac2a184b3e3fe52936..444c5ca7a37554f24b3d9cca83a330c7b5e1757e 100644
(file)
--- a/
crypto/bn/bn_gf2m.c
+++ b/
crypto/bn/bn_gf2m.c
@@
-1,5
+1,5
@@
/*
/*
- * Copyright 2002-20
18
The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-20
21
The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@
-12,7
+12,7
@@
#include <limits.h>
#include <stdio.h>
#include "internal/cryptlib.h"
#include <limits.h>
#include <stdio.h>
#include "internal/cryptlib.h"
-#include "bn_l
c
l.h"
+#include "bn_l
oca
l.h"
#ifndef OPENSSL_NO_EC2M
#ifndef OPENSSL_NO_EC2M
@@
-297,7
+297,7
@@
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const int p[])
bn_check_top(a);
bn_check_top(a);
- if (
!p[0]
) {
+ if (
p[0] == 0
) {
/* reduction mod 1 => return 0 */
BN_zero(r);
return 1;
/* reduction mod 1 => return 0 */
BN_zero(r);
return 1;
@@
-395,7
+395,7
@@
int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p)
bn_check_top(p);
ret = BN_GF2m_poly2arr(p, arr, OSSL_NELEM(arr));
if (!ret || ret > (int)OSSL_NELEM(arr)) {
bn_check_top(p);
ret = BN_GF2m_poly2arr(p, arr, OSSL_NELEM(arr));
if (!ret || ret > (int)OSSL_NELEM(arr)) {
-
BNerr(BN_F_BN_GF2M_MOD
, BN_R_INVALID_LENGTH);
+
ERR_raise(ERR_LIB_BN
, BN_R_INVALID_LENGTH);
return 0;
}
ret = BN_GF2m_mod_arr(r, a, arr);
return 0;
}
ret = BN_GF2m_mod_arr(r, a, arr);
@@
-467,15
+467,18
@@
int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
- int *arr = NULL;
+ int *arr;
+
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
- if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
- goto err;
+
+ arr = OPENSSL_malloc(sizeof(*arr) * max);
+ if (arr == NULL)
+ return 0;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
-
BNerr(BN_F_BN_GF2M_MOD_MUL
, BN_R_INVALID_LENGTH);
+
ERR_raise(ERR_LIB_BN
, BN_R_INVALID_LENGTH);
goto err;
}
ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
goto err;
}
ret = BN_GF2m_mod_mul_arr(r, a, b, arr, ctx);
@@
-525,15
+528,17
@@
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
- int *arr
= NULL
;
+ int *arr;
bn_check_top(a);
bn_check_top(p);
bn_check_top(a);
bn_check_top(p);
- if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
- goto err;
+
+ arr = OPENSSL_malloc(sizeof(*arr) * max);
+ if (arr == NULL)
+ return 0;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
-
BNerr(BN_F_BN_GF2M_MOD_SQR
, BN_R_INVALID_LENGTH);
+
ERR_raise(ERR_LIB_BN
, BN_R_INVALID_LENGTH);
goto err;
}
ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
goto err;
}
ret = BN_GF2m_mod_sqr_arr(r, a, arr, ctx);
@@
-706,8
+711,8
@@
static int BN_GF2m_mod_inv_vartime(BIGNUM *r, const BIGNUM *a,
ret = 1;
err:
ret = 1;
err:
-# ifdef BN_DEBUG
/* BN_CTX_end would complain about the
-
*
expanded form */
+# ifdef BN_DEBUG
+
/* BN_CTX_end would complain about the
expanded form */
bn_correct_top(c);
bn_correct_top(u);
bn_correct_top(v);
bn_correct_top(c);
bn_correct_top(u);
bn_correct_top(v);
@@
-725,15
+730,21
@@
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
BIGNUM *b = NULL;
int ret = 0;
{
BIGNUM *b = NULL;
int ret = 0;
+ int numbits;
BN_CTX_start(ctx);
if ((b = BN_CTX_get(ctx)) == NULL)
goto err;
BN_CTX_start(ctx);
if ((b = BN_CTX_get(ctx)) == NULL)
goto err;
+ /* Fail on a non-sensical input p value */
+ numbits = BN_num_bits(p);
+ if (numbits <= 1)
+ goto err;
+
/* generate blinding value */
do {
/* generate blinding value */
do {
- if (!BN_priv_rand_ex(b,
BN_num_bits(p)
- 1,
- BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY, ctx))
+ if (!BN_priv_rand_ex(b,
numbits
- 1,
+ BN_RAND_TOP_ANY, BN_RAND_BOTTOM_ANY,
0,
ctx))
goto err;
} while (BN_is_zero(b));
goto err;
} while (BN_is_zero(b));
@@
-899,15
+910,18
@@
int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
- int *arr = NULL;
+ int *arr;
+
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
bn_check_top(a);
bn_check_top(b);
bn_check_top(p);
- if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
- goto err;
+
+ arr = OPENSSL_malloc(sizeof(*arr) * max);
+ if (arr == NULL)
+ return 0;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
-
BNerr(BN_F_BN_GF2M_MOD_EXP
, BN_R_INVALID_LENGTH);
+
ERR_raise(ERR_LIB_BN
, BN_R_INVALID_LENGTH);
goto err;
}
ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
goto err;
}
ret = BN_GF2m_mod_exp_arr(r, a, b, arr, ctx);
@@
-929,7
+943,7
@@
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a, const int p[],
bn_check_top(a);
bn_check_top(a);
- if (
!p[0]
) {
+ if (
p[0] == 0
) {
/* reduction mod 1 => return 0 */
BN_zero(r);
return 1;
/* reduction mod 1 => return 0 */
BN_zero(r);
return 1;
@@
-959,14
+973,17
@@
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
- int *arr = NULL;
+ int *arr;
+
bn_check_top(a);
bn_check_top(p);
bn_check_top(a);
bn_check_top(p);
- if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
- goto err;
+
+ arr = OPENSSL_malloc(sizeof(*arr) * max);
+ if (arr == NULL)
+ return 0;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
-
BNerr(BN_F_BN_GF2M_MOD_SQRT
, BN_R_INVALID_LENGTH);
+
ERR_raise(ERR_LIB_BN
, BN_R_INVALID_LENGTH);
goto err;
}
ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
goto err;
}
ret = BN_GF2m_mod_sqrt_arr(r, a, arr, ctx);
@@
-988,7
+1005,7
@@
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
bn_check_top(a_);
bn_check_top(a_);
- if (
!p[0]
) {
+ if (
p[0] == 0
) {
/* reduction mod 1 => return 0 */
BN_zero(r);
return 1;
/* reduction mod 1 => return 0 */
BN_zero(r);
return 1;
@@
-1032,7
+1049,7
@@
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
goto err;
do {
if (!BN_priv_rand_ex(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY,
goto err;
do {
if (!BN_priv_rand_ex(rho, p[0], BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY,
- ctx))
+
0,
ctx))
goto err;
if (!BN_GF2m_mod_arr(rho, rho, p))
goto err;
goto err;
if (!BN_GF2m_mod_arr(rho, rho, p))
goto err;
@@
-1054,7
+1071,7
@@
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
count++;
} while (BN_is_zero(w) && (count < MAX_ITERATIONS));
if (BN_is_zero(w)) {
count++;
} while (BN_is_zero(w) && (count < MAX_ITERATIONS));
if (BN_is_zero(w)) {
-
BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR
, BN_R_TOO_MANY_ITERATIONS);
+
ERR_raise(ERR_LIB_BN
, BN_R_TOO_MANY_ITERATIONS);
goto err;
}
}
goto err;
}
}
@@
-1064,7
+1081,7
@@
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a_, const int p[],
if (!BN_GF2m_add(w, z, w))
goto err;
if (BN_GF2m_cmp(w, a)) {
if (!BN_GF2m_add(w, z, w))
goto err;
if (BN_GF2m_cmp(w, a)) {
-
BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR
, BN_R_NO_SOLUTION);
+
ERR_raise(ERR_LIB_BN
, BN_R_NO_SOLUTION);
goto err;
}
goto err;
}
@@
-1090,14
+1107,17
@@
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
{
int ret = 0;
const int max = BN_num_bits(p) + 1;
- int *arr = NULL;
+ int *arr;
+
bn_check_top(a);
bn_check_top(p);
bn_check_top(a);
bn_check_top(p);
- if ((arr = OPENSSL_malloc(sizeof(*arr) * max)) == NULL)
+
+ arr = OPENSSL_malloc(sizeof(*arr) * max);
+ if (arr == NULL)
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
goto err;
ret = BN_GF2m_poly2arr(p, arr, max);
if (!ret || ret > max) {
-
BNerr(BN_F_BN_GF2M_MOD_SOLVE_QUAD
, BN_R_INVALID_LENGTH);
+
ERR_raise(ERR_LIB_BN
, BN_R_INVALID_LENGTH);
goto err;
}
ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);
goto err;
}
ret = BN_GF2m_mod_solve_quad_arr(r, a, arr, ctx);