BN_bin2bn handle leading zero's

If a binary sequence is all zero's, call BN_zero.

Reviewed-by: Matt Caswell <matt@openssl.org>

5 files changed, 8 insertions, 23 deletions

diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 4e133ce8ca..c8e8519d8b 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -552,7 +552,9 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
     if (ret == NULL)
         return (NULL);
     bn_check_top(ret);
-    l = 0;
+    /* Skip leading zero's. */
+    for ( ; *s == 0 && len > 0; s++, len--)
+        continue;
     n = len;
     if (n == 0) {
         ret->top = 0;
@@ -566,6 +568,7 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
     }
     ret->top = i;
     ret->neg = 0;
+    l = 0;
     while (n--) {
         l = (l << 8L) | *(s++);
         if (m-- == 0) {
diff --git a/engines/ccgost/gost2001_keyx.c b/engines/ccgost/gost2001_keyx.c
index abbacbb40f..1fd0174436 100644
--- a/engines/ccgost/gost2001_keyx.c
+++ b/engines/ccgost/gost2001_keyx.c
@@ -35,7 +35,7 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size,
         ukm_be[7 - i] = ukm[i];
     }
     BN_CTX_start(ctx);
-    UKM = getbnfrombuf(ukm_be, 8);
+    UKM = BN_bin2bn(ukm_be, 8, NULL);
     p = BN_CTX_get(ctx);
     order = BN_CTX_get(ctx);
     X = BN_CTX_get(ctx);
diff --git a/engines/ccgost/gost_ameth.c b/engines/ccgost/gost_ameth.c
index 4f3bd90e81..5b1d04584f 100644
--- a/engines/ccgost/gost_ameth.c
+++ b/engines/ccgost/gost_ameth.c
@@ -276,7 +276,7 @@ static int priv_decode_gost(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf)
             rev_buf[31 - i] = s->data[i];
         }
         ASN1_STRING_free(s);
-        pk_num = getbnfrombuf(rev_buf, 32);
+        pk_num = BN_bin2bn(rev_buf, 32, NULL);
     } else {
         priv_key = d2i_ASN1_INTEGER(NULL, &p, priv_len);
         if (!priv_key)
@@ -490,8 +490,8 @@ static int pub_decode_gost01(EVP_PKEY *pk, X509_PUBKEY *pub)
     len = octet->length / 2;
     ASN1_OCTET_STRING_free(octet);
 
-    Y = getbnfrombuf(databuf, len);
-    X = getbnfrombuf(databuf + len, len);
+    Y = BN_bin2bn(databuf, len, NULL);
+    X = BN_bin2bn(databuf + len, len, NULL);
     OPENSSL_free(databuf);
     pub_key = EC_POINT_new(group);
     if (!EC_POINT_set_affine_coordinates_GFp(group, pub_key, X, Y, NULL)) {
diff --git a/engines/ccgost/gost_asn1.c b/engines/ccgost/gost_asn1.c
index 0412d2c7c1..11686339b7 100644
--- a/engines/ccgost/gost_asn1.c
+++ b/engines/ccgost/gost_asn1.c
@@ -54,19 +54,3 @@ ASN1_NDEF_SEQUENCE(GOST_CLIENT_KEY_EXCHANGE_PARAMS) = { /* FIXME incomplete */
 
 ASN1_NDEF_SEQUENCE_END(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
 IMPLEMENT_ASN1_FUNCTIONS(GOST_CLIENT_KEY_EXCHANGE_PARAMS)
-
-/* Convert byte buffer to bignum, skipping leading zeros*/
-BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len)
-{
-    BIGNUM *b;
-
-    while (*buf == 0 && len > 0) {
-        buf++;
-        len--;
-    }
-    if (len)
-        return BN_bin2bn(buf, len, NULL);
-    b = BN_new();
-    BN_zero(b);
-    return b;
-}
diff --git a/engines/ccgost/gost_lcl.h b/engines/ccgost/gost_lcl.h
index 27fe0e761a..b2541a79d8 100644
--- a/engines/ccgost/gost_lcl.h
+++ b/engines/ccgost/gost_lcl.h
@@ -213,8 +213,6 @@ BIGNUM *hashsum2bn(const unsigned char *dgst);
  * nesseccary
  */
 int store_bignum(BIGNUM *bn, unsigned char *buf, int len);
-/* Read bignum, which can have few MSB all-zeros    from buffer*/
-BIGNUM *getbnfrombuf(const unsigned char *buf, size_t len);
 /* Pack GOST R 34.10 signature according to CryptoPro rules */
 int pack_sign_cp(DSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
 /* Unpack GOST R 34.10 signature according to CryptoPro rules */