diff options
Diffstat (limited to 'crypto/ec/ecx_meth.c')
-rw-r--r-- | crypto/ec/ecx_meth.c | 63 |
1 files changed, 18 insertions, 45 deletions
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 525fcd343f..15b902ec1d 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -20,20 +20,10 @@ #include <openssl/rand.h> #include "crypto/asn1.h" #include "crypto/evp.h" +#include "crypto/ecx.h" #include "ec_local.h" #include "curve448/curve448_local.h" -#define X25519_BITS 253 -#define X25519_SECURITY_BITS 128 - -#define ED25519_SIGSIZE 64 - -#define X448_BITS 448 -#define ED448_BITS 456 -#define X448_SECURITY_BITS 224 - -#define ED448_SIGSIZE 114 - #define ISX448(id) ((id) == EVP_PKEY_X448) #define IS25519(id) ((id) == EVP_PKEY_X25519 || (id) == EVP_PKEY_ED25519) #define KEYLENID(id) (IS25519(id) ? X25519_KEYLEN \ @@ -73,7 +63,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg, } } - key = OPENSSL_zalloc(sizeof(*key)); + key = ecx_key_new(KEYLENID(id), 1); if (key == NULL) { ECerr(EC_F_ECX_KEY_OP, ERR_R_MALLOC_FAILURE); return 0; @@ -83,17 +73,14 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg, if (op == KEY_OP_PUBLIC) { memcpy(pubkey, p, plen); } else { - privkey = key->privkey = OPENSSL_secure_malloc(KEYLENID(id)); + privkey = ecx_key_allocate_privkey(key); if (privkey == NULL) { ECerr(EC_F_ECX_KEY_OP, ERR_R_MALLOC_FAILURE); goto err; } if (op == KEY_OP_KEYGEN) { - if (RAND_priv_bytes(privkey, KEYLENID(id)) <= 0) { - OPENSSL_secure_free(privkey); - key->privkey = NULL; + if (RAND_priv_bytes(privkey, KEYLENID(id)) <= 0) goto err; - } if (id == EVP_PKEY_X25519) { privkey[0] &= 248; privkey[X25519_KEYLEN - 1] &= 127; @@ -128,7 +115,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg, EVP_PKEY_assign(pkey, id, key); return 1; err: - OPENSSL_free(key); + ecx_key_free(key); return 0; } @@ -264,9 +251,7 @@ static int ecx_security_bits(const EVP_PKEY *pkey) static void ecx_free(EVP_PKEY *pkey) { - if (pkey->pkey.ecx != NULL) - OPENSSL_secure_clear_free(pkey->pkey.ecx->privkey, KEYLEN(pkey)); - OPENSSL_free(pkey->pkey.ecx); + ecx_key_free(pkey->pkey.ecx); } /* "parameters" are always equal */ @@ -1067,10 +1052,9 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; - ECX_KEY *key; + ECX_KEY *key = ecx_key_new(X25519_KEYLEN, 1); unsigned char *privkey = NULL, *pubkey; - key = OPENSSL_zalloc(sizeof(*key)); if (key == NULL) { ECerr(EC_F_S390X_PKEY_ECX_KEYGEN25519, ERR_R_MALLOC_FAILURE); goto err; @@ -1078,7 +1062,7 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) pubkey = key->pubkey; - privkey = key->privkey = OPENSSL_secure_malloc(X25519_KEYLEN); + privkey = ecx_key_allocate_privkey(key); if (privkey == NULL) { ECerr(EC_F_S390X_PKEY_ECX_KEYGEN25519, ERR_R_MALLOC_FAILURE); goto err; @@ -1097,9 +1081,7 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); return 1; err: - OPENSSL_secure_clear_free(privkey, X25519_KEYLEN); - key->privkey = NULL; - OPENSSL_free(key); + ecx_key_free(key); return 0; } @@ -1112,10 +1094,9 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; - ECX_KEY *key; + ECX_KEY *key = ecx_key_new(X448_KEYLEN, 1); unsigned char *privkey = NULL, *pubkey; - key = OPENSSL_zalloc(sizeof(*key)); if (key == NULL) { ECerr(EC_F_S390X_PKEY_ECX_KEYGEN448, ERR_R_MALLOC_FAILURE); goto err; @@ -1123,7 +1104,7 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) pubkey = key->pubkey; - privkey = key->privkey = OPENSSL_secure_malloc(X448_KEYLEN); + privkey = ecx_key_allocate_privkey(key); if (privkey == NULL) { ECerr(EC_F_S390X_PKEY_ECX_KEYGEN448, ERR_R_MALLOC_FAILURE); goto err; @@ -1141,9 +1122,7 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); return 1; err: - OPENSSL_secure_clear_free(privkey, X448_KEYLEN); - key->privkey = NULL; - OPENSSL_free(key); + ecx_key_free(key); return 0; } @@ -1160,11 +1139,10 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, }; unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH]; - ECX_KEY *key; + ECX_KEY *key = ecx_key_new(ED25519_KEYLEN, 1); unsigned char *privkey = NULL, *pubkey; unsigned int sz; - key = OPENSSL_zalloc(sizeof(*key)); if (key == NULL) { ECerr(EC_F_S390X_PKEY_ECD_KEYGEN25519, ERR_R_MALLOC_FAILURE); goto err; @@ -1172,7 +1150,7 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) pubkey = key->pubkey; - privkey = key->privkey = OPENSSL_secure_malloc(ED25519_KEYLEN); + privkey = ecx_key_allocate_privkey(key); if (privkey == NULL) { ECerr(EC_F_S390X_PKEY_ECD_KEYGEN25519, ERR_R_MALLOC_FAILURE); goto err; @@ -1197,9 +1175,7 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) EVP_PKEY_assign(pkey, ctx->pmeth->pkey_id, key); return 1; err: - OPENSSL_secure_clear_free(privkey, ED25519_KEYLEN); - key->privkey = NULL; - OPENSSL_free(key); + ecx_key_free(key); return 0; } @@ -1220,11 +1196,10 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) 0x24, 0xbc, 0xb6, 0x6e, 0x71, 0x46, 0x3f, 0x69, 0x00 }; unsigned char x_dst[57], buff[114]; - ECX_KEY *key; + ECX_KEY *key = ecx_key_new(ED448_KEYLEN, 1); unsigned char *privkey = NULL, *pubkey; EVP_MD_CTX *hashctx = NULL; - key = OPENSSL_zalloc(sizeof(*key)); if (key == NULL) { ECerr(EC_F_S390X_PKEY_ECD_KEYGEN448, ERR_R_MALLOC_FAILURE); goto err; @@ -1232,7 +1207,7 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) pubkey = key->pubkey; - privkey = key->privkey = OPENSSL_secure_malloc(ED448_KEYLEN); + privkey = ecx_key_allocate_privkey(key); if (privkey == NULL) { ECerr(EC_F_S390X_PKEY_ECD_KEYGEN448, ERR_R_MALLOC_FAILURE); goto err; @@ -1265,9 +1240,7 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) EVP_MD_CTX_free(hashctx); return 1; err: - OPENSSL_secure_clear_free(privkey, ED448_KEYLEN); - key->privkey = NULL; - OPENSSL_free(key); + ecx_key_free(key); EVP_MD_CTX_free(hashctx); return 0; } |