Fix duplicate error number.

[openssl.git] / crypto / ec / ec_asn1.c

diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c
index 6e3a02ab86a6fd1669756d9b363791944c0ffec5..ae555398594b8e6c02bd554015853000efeff744 100644 (file)
--- a/crypto/ec/ec_asn1.c
+++ b/crypto/ec/ec_asn1.c
@@ -384,7 +384,7 @@ static int ec_asn1_group2fieldid(const EC_GROUP *group, X9_62_FIELDID *field)
                                }
                        if (!ASN1_INTEGER_set(char_two->p.tpBasis, (long)k))
                                {
-                               ECerr(EC_F_EC_ASN1_GROUP2PARAMETERS,
+                               ECerr(EC_F_EC_ASN1_GROUP2FIELDID,
                                        ERR_R_ASN1_LIB);
                                goto err;
                                }
@@ -529,6 +529,8 @@ static int ec_asn1_group2curve(const EC_GROUP *group, X9_62_CURVE *curve)
                                ECerr(EC_F_EC_ASN1_GROUP2CURVE, ERR_R_MALLOC_FAILURE);
                                goto err;
                                }
+               curve->seed->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+               curve->seed->flags |= ASN1_STRING_FLAG_BITS_LEFT;
                if (!ASN1_BIT_STRING_set(curve->seed, group->seed, 
                                         (int)group->seed_len))
                        {
@@ -707,7 +709,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group,
                /* use the asn1 OID to describe the
                 * the elliptic curve parameters
                 */
-               tmp = EC_GROUP_get_nid(group);
+               tmp = EC_GROUP_get_curve_name(group);
                if (tmp)
                        {
                        ret->type = 0;
@@ -741,6 +743,7 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
        EC_GROUP                *ret = NULL;
        BIGNUM                  *p = NULL, *a = NULL, *b = NULL;
        EC_POINT                *point=NULL;
+       long                    field_bits;
 
        if (!params->fieldID || !params->fieldID->fieldType || 
            !params->fieldID->p.ptr)
@@ -779,6 +782,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 
                char_two = params->fieldID->p.char_two;
 
+               field_bits = char_two->m;
+               if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
+                       {
+                       ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
+                       goto err;
+                       }
+
                if ((p = BN_new()) == NULL)
                        {
                        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_MALLOC_FAILURE);
@@ -799,6 +809,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
                                }
 
                        tmp_long = ASN1_INTEGER_get(char_two->p.tpBasis);
+
+                       if (!(char_two->m > tmp_long && tmp_long > 0))
+                               {
+                               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_TRINOMIAL_BASIS);
+                               goto err;
+                               }
+                       
                        /* create the polynomial */
                        if (!BN_set_bit(p, (int)char_two->m))
                                goto err;
@@ -817,6 +834,13 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
                                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
                                goto err;
                                }
+
+                       if (!(char_two->m > penta->k3 && penta->k3 > penta->k2 && penta->k2 > penta->k1 && penta->k1 > 0))
+                               {
+                               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_PENTANOMIAL_BASIS);
+                               goto err;
+                               }
+                       
                        /* create the polynomial */
                        if (!BN_set_bit(p, (int)char_two->m)) goto err;
                        if (!BN_set_bit(p, (int)penta->k1)) goto err;
@@ -837,11 +861,6 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
 
                /* create the EC_GROUP structure */
                ret = EC_GROUP_new_curve_GF2m(p, a, b, NULL);
-               if (ret == NULL)
-                       {
-                       ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
-                       goto err;
-                       }
                }
        else if (tmp == NID_X9_62_prime_field)
                {
@@ -858,13 +877,33 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
                        ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
                        goto err;
                        }
-               /* create the EC_GROUP structure */
-               ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
-               if (ret == NULL)
+
+               if (BN_is_negative(p) || BN_is_zero(p))
+                       {
+                       ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+                       goto err;
+                       }
+
+               field_bits = BN_num_bits(p);
+               if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS)
                        {
-                       ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+                       ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_FIELD_TOO_LARGE);
                        goto err;
                        }
+
+               /* create the EC_GROUP structure */
+               ret = EC_GROUP_new_curve_GFp(p, a, b, NULL);
+               }
+       else
+               {
+               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_FIELD);
+               goto err;
+               }
+
+       if (ret == NULL)
+               {
+               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_EC_LIB);
+               goto err;
                }
 
        /* extract seed (optional) */
@@ -909,6 +948,16 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARAMETERS *params)
                ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, ERR_R_ASN1_LIB);
                goto err;
                }
+       if (BN_is_negative(a) || BN_is_zero(a))
+               {
+               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+               goto err;
+               }
+       if (BN_num_bits(a) > (int)field_bits + 1) /* Hasse bound */
+               {
+               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_INVALID_GROUP_ORDER);
+               goto err;
+               }
        
        /* extract the cofactor (optional) */
        if (params->cofactor == NULL)
@@ -967,7 +1016,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
        if (params->type == 0)
                { /* the curve is given by an OID */
                tmp = OBJ_obj2nid(params->value.named_curve);
-               if ((ret = EC_GROUP_new_by_nid(tmp)) == NULL)
+               if ((ret = EC_GROUP_new_by_curve_name(tmp)) == NULL)
                        {
                        ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, 
                              EC_R_EC_GROUP_NEW_BY_NAME_FAILURE);
@@ -992,7 +1041,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params)
                }
        else
                {
-               ECerr(EC_F_EC_ASN1_PARAMETERS2GROUP, EC_R_ASN1_ERROR);
+               ECerr(EC_F_EC_ASN1_PKPARAMETERS2GROUP, EC_R_ASN1_ERROR);
                return NULL;
                }
 
@@ -1226,16 +1275,17 @@ int     i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
                                a->conv_form, NULL, 0, NULL);
 
                if (tmp_len > buf_len)
-                       buffer = OPENSSL_realloc(buffer, tmp_len);
-               if (buffer == NULL)
                        {
-                       ECerr(EC_F_I2D_ECPRIVATEKEY,
-                               ERR_R_MALLOC_FAILURE);
-                       goto err;
+                       unsigned char *tmp_buffer = OPENSSL_realloc(buffer, tmp_len);
+                       if (!tmp_buffer)
+                               {
+                               ECerr(EC_F_I2D_ECPRIVATEKEY, ERR_R_MALLOC_FAILURE);
+                               goto err;
+                               }
+                       buffer = tmp_buffer;
+                       buf_len = tmp_len;
                        }
 
-               buf_len = tmp_len;
-
                if (!EC_POINT_point2oct(a->group, a->pub_key, 
                        a->conv_form, buffer, buf_len, NULL))
                        {
@@ -1243,6 +1293,8 @@ int       i2d_ECPrivateKey(EC_KEY *a, unsigned char **out)
                        goto err;
                        }
 
+               priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
+               priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT;
                if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, 
                                buf_len))
                        {