diff options
| author | Aaron Thompson <dev@aaront.org> | 2020-03-31 06:47:58 +0000 |
|---|---|---|
| committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-04-03 10:42:14 +0200 |
| commit | 0e8b6c97ba7ac37f5e92f6a24d128b04b5336388 (patch) | |
| tree | acf5fd9484390cafd858cf460a2f04a290051386 /crypto/ec | |
| parent | ec4d1b8f8ce2d2ed1c378abfeffaabfda3cc7122 (diff) | |
Fix bugs in EC code introduced with FIPS changes.
a9612d6c034f47c4788c67d85651d0cd58c3faf7 introduced possible memory leaks in EC_GROUP_cmp and EC_POINTs_mul, and a possible BN_CTX_end without BN_CTX_start in ec_field_inverse_mod_ord.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11452)
Diffstat (limited to 'crypto/ec')
| -rw-r--r-- | crypto/ec/ec_lib.c | 36 |
1 files changed, 21 insertions, 15 deletions
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 078d8b35fa..5540ec1bc2 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -599,12 +599,7 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) BIGNUM *a1, *a2, *a3, *b1, *b2, *b3; #ifndef FIPS_MODE BN_CTX *ctx_new = NULL; - - if (ctx == NULL) - ctx_new = ctx = BN_CTX_new(); #endif - if (ctx == NULL) - return -1; /* compare the field types */ if (EC_METHOD_get_field_type(EC_GROUP_method_of(a)) != @@ -617,6 +612,13 @@ int EC_GROUP_cmp(const EC_GROUP *a, const EC_GROUP *b, BN_CTX *ctx) if (a->meth->flags & EC_FLAGS_CUSTOM_CURVE) return 0; +#ifndef FIPS_MODE + if (ctx == NULL) + ctx_new = ctx = BN_CTX_new(); +#endif + if (ctx == NULL) + return -1; + BN_CTX_start(ctx); a1 = BN_CTX_get(ctx); a2 = BN_CTX_get(ctx); @@ -1047,14 +1049,7 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t i = 0; #ifndef FIPS_MODE BN_CTX *new_ctx = NULL; - - if (ctx == NULL) - ctx = new_ctx = BN_CTX_secure_new(); #endif - if (ctx == NULL) { - ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR); - return 0; - } if ((scalar == NULL) && (num == 0)) { return EC_POINT_set_to_infinity(group, r); @@ -1071,6 +1066,15 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } } +#ifndef FIPS_MODE + if (ctx == NULL) + ctx = new_ctx = BN_CTX_secure_new(); +#endif + if (ctx == NULL) { + ECerr(EC_F_EC_POINTS_MUL, ERR_R_INTERNAL_ERROR); + return 0; + } + if (group->meth->mul != NULL) ret = group->meth->mul(group, r, scalar, num, points, scalars, ctx); else @@ -1183,16 +1187,18 @@ static int ec_field_inverse_mod_ord(const EC_GROUP *group, BIGNUM *r, int ret = 0; #ifndef FIPS_MODE BN_CTX *new_ctx = NULL; +#endif + + if (group->mont_data == NULL) + return 0; +#ifndef FIPS_MODE if (ctx == NULL) ctx = new_ctx = BN_CTX_secure_new(); #endif if (ctx == NULL) return 0; - if (group->mont_data == NULL) - goto err; - BN_CTX_start(ctx); if ((e = BN_CTX_get(ctx)) == NULL) goto err; |