diff options
| author | Bodo Möller <bodo@openssl.org> | 2010-08-26 12:11:01 +0000 |
|---|---|---|
| committer | Bodo Möller <bodo@openssl.org> | 2010-08-26 12:11:01 +0000 |
| commit | c94f7f657bdfb94383413923d3cd522ed8ca955f (patch) | |
| tree | 4676bfec38985b0af5fd04b13b499c8cf8552ff1 | |
| parent | 173350bccaf25d6114a7108ccceabb974f125fa4 (diff) | |
ECC library bugfixes.
Submitted by: Emilia Kasper (Google)
| -rw-r--r-- | CHANGES | 12 | ||||
| -rw-r--r-- | crypto/ec/ec2_mult.c | 13 | ||||
| -rw-r--r-- | crypto/ec/ec_mult.c | 6 |
3 files changed, 25 insertions, 6 deletions
@@ -978,6 +978,18 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] + Changes between 0.9.8o and 0.9.8p [xx XXX xxxx] + + *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT + is also one of the inputs. + [Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)] + + *) Don't repeatedly append PBE algorithms to table if they already exist. + Sort table on each new add. This effectively makes the table read only + after all algorithms are added and subsequent calls to PKCS12_pbe_add + etc are non-op. + [Steve Henson] + Changes between 0.9.8n and 0.9.8o [01 Jun 2010] [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c index ab631a50a2..e12b9b284a 100644 --- a/crypto/ec/ec2_mult.c +++ b/crypto/ec/ec2_mult.c @@ -319,6 +319,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, int ret = 0; size_t i; EC_POINT *p=NULL; + EC_POINT *acc = NULL; if (ctx == NULL) { @@ -338,15 +339,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if ((p = EC_POINT_new(group)) == NULL) goto err; + if ((acc = EC_POINT_new(group)) == NULL) goto err; - if (!EC_POINT_set_to_infinity(group, r)) goto err; + if (!EC_POINT_set_to_infinity(group, acc)) goto err; if (scalar) { if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err; - if (BN_is_negative(scalar)) + if (BN_is_negative(scalar)) if (!group->meth->invert(group, p, ctx)) goto err; - if (!group->meth->add(group, r, r, p, ctx)) goto err; + if (!group->meth->add(group, acc, acc, p, ctx)) goto err; } for (i = 0; i < num; i++) @@ -354,13 +356,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err; if (BN_is_negative(scalars[i])) if (!group->meth->invert(group, p, ctx)) goto err; - if (!group->meth->add(group, r, r, p, ctx)) goto err; + if (!group->meth->add(group, acc, acc, p, ctx)) goto err; } + if (!EC_POINT_copy(r, acc)) goto err; + ret = 1; err: if (p) EC_POINT_free(p); + if (acc) EC_POINT_free(acc); if (new_ctx != NULL) BN_CTX_free(new_ctx); return ret; diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c index f05df5332e..19f21675fb 100644 --- a/crypto/ec/ec_mult.c +++ b/crypto/ec/ec_mult.c @@ -169,11 +169,13 @@ static void ec_pre_comp_clear_free(void *pre_) EC_POINT **p; for (p = pre->points; *p != NULL; p++) + { EC_POINT_clear_free(*p); - OPENSSL_cleanse(pre->points, sizeof pre->points); + OPENSSL_cleanse(p, sizeof *p); + } OPENSSL_free(pre->points); } - OPENSSL_cleanse(pre, sizeof pre); + OPENSSL_cleanse(pre, sizeof *pre); OPENSSL_free(pre); } |