diff options
author | Emilia Kasper <emilia@openssl.org> | 2016-06-09 23:09:48 +0200 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2016-06-20 14:58:36 +0200 |
commit | 9267c11bb5d408e43482173794f08a3c8472afba (patch) | |
tree | 172336307a646ab33854a51627192f3307eb6545 /crypto | |
parent | b73cfb137e596f3e4396fbc5502ace3ff17cbaed (diff) |
Make DSA_SIG and ECDSA_SIG getters const.
Reorder arguments to follow convention.
Also allow r/s to be NULL in DSA_SIG_get0, similarly to ECDSA_SIG_get0.
This complements GH1193 which adds non-const setters.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/dsa/dsa_ameth.c | 4 | ||||
-rw-r--r-- | crypto/dsa/dsa_asn1.c | 13 | ||||
-rw-r--r-- | crypto/dsa/dsa_locl.h | 5 | ||||
-rw-r--r-- | crypto/dsa/dsa_ossl.c | 21 | ||||
-rw-r--r-- | crypto/ec/ec_asn1.c | 2 |
5 files changed, 22 insertions, 23 deletions
diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index b30368e32e..c7573bf256 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -437,9 +437,9 @@ static int dsa_sig_print(BIO *bp, const X509_ALGOR *sigalg, dsa_sig = d2i_DSA_SIG(NULL, &p, sig->length); if (dsa_sig) { int rv = 0; - BIGNUM *r, *s; + const BIGNUM *r, *s; - DSA_SIG_get0(&r, &s, dsa_sig); + DSA_SIG_get0(dsa_sig, &r, &s); if (BIO_write(bp, "\n", 1) != 1) goto err; diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index f79e1d1404..540d01fdce 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -14,11 +14,6 @@ #include <openssl/asn1t.h> #include <openssl/rand.h> -struct DSA_SIG_st { - BIGNUM *r; - BIGNUM *s; -}; - ASN1_SEQUENCE(DSA_SIG) = { ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) @@ -26,10 +21,12 @@ ASN1_SEQUENCE(DSA_SIG) = { IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) -void DSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const DSA_SIG *sig) +void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) { - *pr = sig->r; - *ps = sig->s; + if (pr != NULL) + *pr = sig->r; + if (ps != NULL) + *ps = sig->s; } int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) diff --git a/crypto/dsa/dsa_locl.h b/crypto/dsa/dsa_locl.h index d488951a16..5f9fc1ebf8 100644 --- a/crypto/dsa/dsa_locl.h +++ b/crypto/dsa/dsa_locl.h @@ -32,6 +32,11 @@ struct dsa_st { CRYPTO_RWLOCK *lock; }; +struct DSA_SIG_st { + BIGNUM *r; + BIGNUM *s; +}; + struct dsa_method { char *name; DSA_SIG *(*dsa_do_sign) (const unsigned char *dgst, int dlen, DSA *dsa); diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index 3c734ec26e..8913fcccd3 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -51,7 +51,6 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) BIGNUM *kinv = NULL; BIGNUM *m; BIGNUM *xr; - BIGNUM *r, *s; BN_CTX *ctx = NULL; int reason = ERR_R_BN_LIB; DSA_SIG *ret = NULL; @@ -71,13 +70,11 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) if (ret == NULL) goto err; - DSA_SIG_get0(&r, &s, ret); - ctx = BN_CTX_new(); if (ctx == NULL) goto err; redo: - if (!dsa_sign_setup(dsa, ctx, &kinv, &r, dgst, dlen)) + if (!dsa_sign_setup(dsa, ctx, &kinv, &ret->r, dgst, dlen)) goto err; if (dlen > BN_num_bytes(dsa->q)) @@ -91,21 +88,21 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa) goto err; /* Compute s = inv(k) (m + xr) mod q */ - if (!BN_mod_mul(xr, dsa->priv_key, r, dsa->q, ctx)) + if (!BN_mod_mul(xr, dsa->priv_key, ret->r, dsa->q, ctx)) goto err; /* s = xr */ - if (!BN_add(s, xr, m)) + if (!BN_add(ret->s, xr, m)) goto err; /* s = m + xr */ - if (BN_cmp(s, dsa->q) > 0) - if (!BN_sub(s, s, dsa->q)) + if (BN_cmp(ret->s, dsa->q) > 0) + if (!BN_sub(ret->s, ret->s, dsa->q)) goto err; - if (!BN_mod_mul(s, s, kinv, dsa->q, ctx)) + if (!BN_mod_mul(ret->s, ret->s, kinv, dsa->q, ctx)) goto err; /* * Redo if r or s is zero as required by FIPS 186-3: this is very * unlikely. */ - if (BN_is_zero(r) || BN_is_zero(s)) + if (BN_is_zero(ret->r) || BN_is_zero(ret->s)) goto redo; rv = 1; @@ -225,7 +222,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, BN_CTX *ctx; BIGNUM *u1, *u2, *t1; BN_MONT_CTX *mont = NULL; - BIGNUM *r, *s; + const BIGNUM *r, *s; int ret = -1, i; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_DO_VERIFY, DSA_R_MISSING_PARAMETERS); @@ -250,7 +247,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, if (u1 == NULL || u2 == NULL || t1 == NULL || ctx == NULL) goto err; - DSA_SIG_get0(&r, &s, sig); + DSA_SIG_get0(sig, &r, &s); if (BN_is_zero(r) || BN_is_negative(r) || BN_ucmp(r, dsa->q) >= 0) { diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index 9f7e837308..be7a96b74b 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -1172,7 +1172,7 @@ DECLARE_ASN1_FUNCTIONS_const(ECDSA_SIG) DECLARE_ASN1_ENCODE_FUNCTIONS_const(ECDSA_SIG, ECDSA_SIG) IMPLEMENT_ASN1_FUNCTIONS_const(ECDSA_SIG) -void ECDSA_SIG_get0(BIGNUM **pr, BIGNUM **ps, const ECDSA_SIG *sig) +void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) { if (pr != NULL) *pr = sig->r; |