diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-11-15 06:00:20 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-17 09:44:43 +1100 |
commit | fd1a96490cef7f945a1b3b5df4e90c8a1070f425 (patch) | |
tree | c806a64cad5969ddf02459d4535d5e9cf1ae9e4b | |
parent | 39b87104cdd47baf79ef77dc81de62cea07d119f (diff) |
upstream: remove most uses of BN_CTX
We weren't following the rules re BN_CTX_start/BN_CTX_end and the places
we were using it didn't benefit from its use anyway. ok dtucker@
OpenBSD-Commit-ID: ea9ba6c0d2e6f6adfe00b309a8f41842fe12fc7a
-rw-r--r-- | moduli.c | 12 | ||||
-rw-r--r-- | sk-usbhid.c | 15 | ||||
-rw-r--r-- | sshbuf-getput-crypto.c | 12 | ||||
-rw-r--r-- | sshkey.c | 92 |
4 files changed, 47 insertions, 84 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.36 2019/10/04 03:26:58 dtucker Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.37 2019/11/15 06:00:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -578,7 +578,6 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
578 | char *checkpoint_file, unsigned long start_lineno, unsigned long num_lines) | 578 | char *checkpoint_file, unsigned long start_lineno, unsigned long num_lines) |
579 | { | 579 | { |
580 | BIGNUM *q, *p, *a; | 580 | BIGNUM *q, *p, *a; |
581 | BN_CTX *ctx; | ||
582 | char *cp, *lp; | 581 | char *cp, *lp; |
583 | u_int32_t count_in = 0, count_out = 0, count_possible = 0; | 582 | u_int32_t count_in = 0, count_out = 0, count_possible = 0; |
584 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; | 583 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; |
@@ -602,8 +601,6 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
602 | fatal("BN_new failed"); | 601 | fatal("BN_new failed"); |
603 | if ((q = BN_new()) == NULL) | 602 | if ((q = BN_new()) == NULL) |
604 | fatal("BN_new failed"); | 603 | fatal("BN_new failed"); |
605 | if ((ctx = BN_CTX_new()) == NULL) | ||
606 | fatal("BN_CTX_new failed"); | ||
607 | 604 | ||
608 | debug2("%.24s Final %u Miller-Rabin trials (%x generator)", | 605 | debug2("%.24s Final %u Miller-Rabin trials (%x generator)", |
609 | ctime(&time_start), trials, generator_wanted); | 606 | ctime(&time_start), trials, generator_wanted); |
@@ -753,7 +750,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
753 | * that p is also prime. A single pass will weed out the | 750 | * that p is also prime. A single pass will weed out the |
754 | * vast majority of composite q's. | 751 | * vast majority of composite q's. |
755 | */ | 752 | */ |
756 | is_prime = BN_is_prime_ex(q, 1, ctx, NULL); | 753 | is_prime = BN_is_prime_ex(q, 1, NULL, NULL); |
757 | if (is_prime < 0) | 754 | if (is_prime < 0) |
758 | fatal("BN_is_prime_ex failed"); | 755 | fatal("BN_is_prime_ex failed"); |
759 | if (is_prime == 0) { | 756 | if (is_prime == 0) { |
@@ -769,7 +766,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
769 | * will show up on the first Rabin-Miller iteration so it | 766 | * will show up on the first Rabin-Miller iteration so it |
770 | * doesn't hurt to specify a high iteration count. | 767 | * doesn't hurt to specify a high iteration count. |
771 | */ | 768 | */ |
772 | is_prime = BN_is_prime_ex(p, trials, ctx, NULL); | 769 | is_prime = BN_is_prime_ex(p, trials, NULL, NULL); |
773 | if (is_prime < 0) | 770 | if (is_prime < 0) |
774 | fatal("BN_is_prime_ex failed"); | 771 | fatal("BN_is_prime_ex failed"); |
775 | if (is_prime == 0) { | 772 | if (is_prime == 0) { |
@@ -779,7 +776,7 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
779 | debug("%10u: p is almost certainly prime", count_in); | 776 | debug("%10u: p is almost certainly prime", count_in); |
780 | 777 | ||
781 | /* recheck q more rigorously */ | 778 | /* recheck q more rigorously */ |
782 | is_prime = BN_is_prime_ex(q, trials - 1, ctx, NULL); | 779 | is_prime = BN_is_prime_ex(q, trials - 1, NULL, NULL); |
783 | if (is_prime < 0) | 780 | if (is_prime < 0) |
784 | fatal("BN_is_prime_ex failed"); | 781 | fatal("BN_is_prime_ex failed"); |
785 | if (is_prime == 0) { | 782 | if (is_prime == 0) { |
@@ -802,7 +799,6 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
802 | free(lp); | 799 | free(lp); |
803 | BN_free(p); | 800 | BN_free(p); |
804 | BN_free(q); | 801 | BN_free(q); |
805 | BN_CTX_free(ctx); | ||
806 | 802 | ||
807 | if (checkpoint_file != NULL) | 803 | if (checkpoint_file != NULL) |
808 | unlink(checkpoint_file); | 804 | unlink(checkpoint_file); |
diff --git a/sk-usbhid.c b/sk-usbhid.c index 180f2eab9..d008b0a9a 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c | |||
@@ -282,15 +282,13 @@ pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) | |||
282 | BIGNUM *x = NULL, *y = NULL; | 282 | BIGNUM *x = NULL, *y = NULL; |
283 | EC_POINT *q = NULL; | 283 | EC_POINT *q = NULL; |
284 | EC_GROUP *g = NULL; | 284 | EC_GROUP *g = NULL; |
285 | BN_CTX *bn_ctx = NULL; | ||
286 | int ret = -1; | 285 | int ret = -1; |
287 | 286 | ||
288 | response->public_key = NULL; | 287 | response->public_key = NULL; |
289 | response->public_key_len = 0; | 288 | response->public_key_len = 0; |
290 | 289 | ||
291 | if ((bn_ctx = BN_CTX_new()) == NULL || | 290 | if ((x = BN_new()) == NULL || |
292 | (x = BN_CTX_get(bn_ctx)) == NULL || | 291 | (y = BN_new()) == NULL || |
293 | (y = BN_CTX_get(bn_ctx)) == NULL || | ||
294 | (g = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)) == NULL || | 292 | (g = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1)) == NULL || |
295 | (q = EC_POINT_new(g)) == NULL) { | 293 | (q = EC_POINT_new(g)) == NULL) { |
296 | skdebug(__func__, "libcrypto setup failed"); | 294 | skdebug(__func__, "libcrypto setup failed"); |
@@ -311,12 +309,12 @@ pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) | |||
311 | skdebug(__func__, "BN_bin2bn failed"); | 309 | skdebug(__func__, "BN_bin2bn failed"); |
312 | goto out; | 310 | goto out; |
313 | } | 311 | } |
314 | if (EC_POINT_set_affine_coordinates_GFp(g, q, x, y, bn_ctx) != 1) { | 312 | if (EC_POINT_set_affine_coordinates_GFp(g, q, x, y, NULL) != 1) { |
315 | skdebug(__func__, "EC_POINT_set_affine_coordinates_GFp failed"); | 313 | skdebug(__func__, "EC_POINT_set_affine_coordinates_GFp failed"); |
316 | goto out; | 314 | goto out; |
317 | } | 315 | } |
318 | response->public_key_len = EC_POINT_point2oct(g, q, | 316 | response->public_key_len = EC_POINT_point2oct(g, q, |
319 | POINT_CONVERSION_UNCOMPRESSED, NULL, 0, bn_ctx); | 317 | POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); |
320 | if (response->public_key_len == 0 || response->public_key_len > 2048) { | 318 | if (response->public_key_len == 0 || response->public_key_len > 2048) { |
321 | skdebug(__func__, "bad pubkey length %zu", | 319 | skdebug(__func__, "bad pubkey length %zu", |
322 | response->public_key_len); | 320 | response->public_key_len); |
@@ -327,7 +325,7 @@ pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) | |||
327 | goto out; | 325 | goto out; |
328 | } | 326 | } |
329 | if (EC_POINT_point2oct(g, q, POINT_CONVERSION_UNCOMPRESSED, | 327 | if (EC_POINT_point2oct(g, q, POINT_CONVERSION_UNCOMPRESSED, |
330 | response->public_key, response->public_key_len, bn_ctx) == 0) { | 328 | response->public_key, response->public_key_len, NULL) == 0) { |
331 | skdebug(__func__, "EC_POINT_point2oct failed"); | 329 | skdebug(__func__, "EC_POINT_point2oct failed"); |
332 | goto out; | 330 | goto out; |
333 | } | 331 | } |
@@ -341,7 +339,8 @@ pack_public_key_ecdsa(fido_cred_t *cred, struct sk_enroll_response *response) | |||
341 | } | 339 | } |
342 | EC_POINT_free(q); | 340 | EC_POINT_free(q); |
343 | EC_GROUP_free(g); | 341 | EC_GROUP_free(g); |
344 | BN_CTX_free(bn_ctx); | 342 | BN_clear_free(x); |
343 | BN_clear_free(y); | ||
345 | return ret; | 344 | return ret; |
346 | } | 345 | } |
347 | 346 | ||
diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index ecbfa550f..2e61d3bcd 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshbuf-getput-crypto.c,v 1.7 2019/01/21 09:54:11 djm Exp $ */ | 1 | /* $OpenBSD: sshbuf-getput-crypto.c,v 1.8 2019/11/15 06:00:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2011 Damien Miller | 3 | * Copyright (c) 2011 Damien Miller |
4 | * | 4 | * |
@@ -154,23 +154,17 @@ int | |||
154 | sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) | 154 | sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) |
155 | { | 155 | { |
156 | u_char d[SSHBUF_MAX_ECPOINT]; | 156 | u_char d[SSHBUF_MAX_ECPOINT]; |
157 | BN_CTX *bn_ctx; | ||
158 | size_t len; | 157 | size_t len; |
159 | int ret; | 158 | int ret; |
160 | 159 | ||
161 | if ((bn_ctx = BN_CTX_new()) == NULL) | ||
162 | return SSH_ERR_ALLOC_FAIL; | ||
163 | if ((len = EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED, | 160 | if ((len = EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED, |
164 | NULL, 0, bn_ctx)) > SSHBUF_MAX_ECPOINT) { | 161 | NULL, 0, NULL)) > SSHBUF_MAX_ECPOINT) { |
165 | BN_CTX_free(bn_ctx); | ||
166 | return SSH_ERR_INVALID_ARGUMENT; | 162 | return SSH_ERR_INVALID_ARGUMENT; |
167 | } | 163 | } |
168 | if (EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED, | 164 | if (EC_POINT_point2oct(g, v, POINT_CONVERSION_UNCOMPRESSED, |
169 | d, len, bn_ctx) != len) { | 165 | d, len, NULL) != len) { |
170 | BN_CTX_free(bn_ctx); | ||
171 | return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ | 166 | return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ |
172 | } | 167 | } |
173 | BN_CTX_free(bn_ctx); | ||
174 | ret = sshbuf_put_string(buf, d, len); | 168 | ret = sshbuf_put_string(buf, d, len); |
175 | explicit_bzero(d, len); | 169 | explicit_bzero(d, len); |
176 | return ret; | 170 | return ret; |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.92 2019/11/13 22:00:21 markus Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.93 2019/11/15 06:00:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -706,9 +706,6 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) | |||
706 | const BIGNUM *rsa_e_b, *rsa_n_b; | 706 | const BIGNUM *rsa_e_b, *rsa_n_b; |
707 | const BIGNUM *dsa_p_a, *dsa_q_a, *dsa_g_a, *dsa_pub_key_a; | 707 | const BIGNUM *dsa_p_a, *dsa_q_a, *dsa_g_a, *dsa_pub_key_a; |
708 | const BIGNUM *dsa_p_b, *dsa_q_b, *dsa_g_b, *dsa_pub_key_b; | 708 | const BIGNUM *dsa_p_b, *dsa_q_b, *dsa_g_b, *dsa_pub_key_b; |
709 | # if defined(OPENSSL_HAS_ECC) | ||
710 | BN_CTX *bnctx; | ||
711 | # endif /* OPENSSL_HAS_ECC */ | ||
712 | #endif /* WITH_OPENSSL */ | 709 | #endif /* WITH_OPENSSL */ |
713 | 710 | ||
714 | if (a == NULL || b == NULL || | 711 | if (a == NULL || b == NULL || |
@@ -751,17 +748,12 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) | |||
751 | EC_KEY_get0_public_key(a->ecdsa) == NULL || | 748 | EC_KEY_get0_public_key(a->ecdsa) == NULL || |
752 | EC_KEY_get0_public_key(b->ecdsa) == NULL) | 749 | EC_KEY_get0_public_key(b->ecdsa) == NULL) |
753 | return 0; | 750 | return 0; |
754 | if ((bnctx = BN_CTX_new()) == NULL) | ||
755 | return 0; | ||
756 | if (EC_GROUP_cmp(EC_KEY_get0_group(a->ecdsa), | 751 | if (EC_GROUP_cmp(EC_KEY_get0_group(a->ecdsa), |
757 | EC_KEY_get0_group(b->ecdsa), bnctx) != 0 || | 752 | EC_KEY_get0_group(b->ecdsa), NULL) != 0 || |
758 | EC_POINT_cmp(EC_KEY_get0_group(a->ecdsa), | 753 | EC_POINT_cmp(EC_KEY_get0_group(a->ecdsa), |
759 | EC_KEY_get0_public_key(a->ecdsa), | 754 | EC_KEY_get0_public_key(a->ecdsa), |
760 | EC_KEY_get0_public_key(b->ecdsa), bnctx) != 0) { | 755 | EC_KEY_get0_public_key(b->ecdsa), NULL) != 0) |
761 | BN_CTX_free(bnctx); | ||
762 | return 0; | 756 | return 0; |
763 | } | ||
764 | BN_CTX_free(bnctx); | ||
765 | return 1; | 757 | return 1; |
766 | # endif /* OPENSSL_HAS_ECC */ | 758 | # endif /* OPENSSL_HAS_ECC */ |
767 | #endif /* WITH_OPENSSL */ | 759 | #endif /* WITH_OPENSSL */ |
@@ -1659,7 +1651,6 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) | |||
1659 | }; | 1651 | }; |
1660 | int nid; | 1652 | int nid; |
1661 | u_int i; | 1653 | u_int i; |
1662 | BN_CTX *bnctx; | ||
1663 | const EC_GROUP *g = EC_KEY_get0_group(k); | 1654 | const EC_GROUP *g = EC_KEY_get0_group(k); |
1664 | 1655 | ||
1665 | /* | 1656 | /* |
@@ -1672,18 +1663,13 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) | |||
1672 | */ | 1663 | */ |
1673 | if ((nid = EC_GROUP_get_curve_name(g)) > 0) | 1664 | if ((nid = EC_GROUP_get_curve_name(g)) > 0) |
1674 | return nid; | 1665 | return nid; |
1675 | if ((bnctx = BN_CTX_new()) == NULL) | ||
1676 | return -1; | ||
1677 | for (i = 0; nids[i] != -1; i++) { | 1666 | for (i = 0; nids[i] != -1; i++) { |
1678 | if ((eg = EC_GROUP_new_by_curve_name(nids[i])) == NULL) { | 1667 | if ((eg = EC_GROUP_new_by_curve_name(nids[i])) == NULL) |
1679 | BN_CTX_free(bnctx); | ||
1680 | return -1; | 1668 | return -1; |
1681 | } | 1669 | if (EC_GROUP_cmp(g, eg, NULL) == 0) |
1682 | if (EC_GROUP_cmp(g, eg, bnctx) == 0) | ||
1683 | break; | 1670 | break; |
1684 | EC_GROUP_free(eg); | 1671 | EC_GROUP_free(eg); |
1685 | } | 1672 | } |
1686 | BN_CTX_free(bnctx); | ||
1687 | if (nids[i] != -1) { | 1673 | if (nids[i] != -1) { |
1688 | /* Use the group with the NID attached */ | 1674 | /* Use the group with the NID attached */ |
1689 | EC_GROUP_set_asn1_flag(eg, OPENSSL_EC_NAMED_CURVE); | 1675 | EC_GROUP_set_asn1_flag(eg, OPENSSL_EC_NAMED_CURVE); |
@@ -3788,9 +3774,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
3788 | int | 3774 | int |
3789 | sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | 3775 | sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) |
3790 | { | 3776 | { |
3791 | BN_CTX *bnctx; | ||
3792 | EC_POINT *nq = NULL; | 3777 | EC_POINT *nq = NULL; |
3793 | BIGNUM *order, *x, *y, *tmp; | 3778 | BIGNUM *order = NULL, *x = NULL, *y = NULL, *tmp = NULL; |
3794 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; | 3779 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; |
3795 | 3780 | ||
3796 | /* | 3781 | /* |
@@ -3801,10 +3786,6 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3801 | * EC_POINT_oct2point then the caller will need to explicitly check. | 3786 | * EC_POINT_oct2point then the caller will need to explicitly check. |
3802 | */ | 3787 | */ |
3803 | 3788 | ||
3804 | if ((bnctx = BN_CTX_new()) == NULL) | ||
3805 | return SSH_ERR_ALLOC_FAIL; | ||
3806 | BN_CTX_start(bnctx); | ||
3807 | |||
3808 | /* | 3789 | /* |
3809 | * We shouldn't ever hit this case because bignum_get_ecpoint() | 3790 | * We shouldn't ever hit this case because bignum_get_ecpoint() |
3810 | * refuses to load GF2m points. | 3791 | * refuses to load GF2m points. |
@@ -3817,18 +3798,18 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3817 | if (EC_POINT_is_at_infinity(group, public)) | 3798 | if (EC_POINT_is_at_infinity(group, public)) |
3818 | goto out; | 3799 | goto out; |
3819 | 3800 | ||
3820 | if ((x = BN_CTX_get(bnctx)) == NULL || | 3801 | if ((x = BN_new()) == NULL || |
3821 | (y = BN_CTX_get(bnctx)) == NULL || | 3802 | (y = BN_new()) == NULL || |
3822 | (order = BN_CTX_get(bnctx)) == NULL || | 3803 | (order = BN_new()) == NULL || |
3823 | (tmp = BN_CTX_get(bnctx)) == NULL) { | 3804 | (tmp = BN_new()) == NULL) { |
3824 | ret = SSH_ERR_ALLOC_FAIL; | 3805 | ret = SSH_ERR_ALLOC_FAIL; |
3825 | goto out; | 3806 | goto out; |
3826 | } | 3807 | } |
3827 | 3808 | ||
3828 | /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ | 3809 | /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ |
3829 | if (EC_GROUP_get_order(group, order, bnctx) != 1 || | 3810 | if (EC_GROUP_get_order(group, order, NULL) != 1 || |
3830 | EC_POINT_get_affine_coordinates_GFp(group, public, | 3811 | EC_POINT_get_affine_coordinates_GFp(group, public, |
3831 | x, y, bnctx) != 1) { | 3812 | x, y, NULL) != 1) { |
3832 | ret = SSH_ERR_LIBCRYPTO_ERROR; | 3813 | ret = SSH_ERR_LIBCRYPTO_ERROR; |
3833 | goto out; | 3814 | goto out; |
3834 | } | 3815 | } |
@@ -3841,7 +3822,7 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3841 | ret = SSH_ERR_ALLOC_FAIL; | 3822 | ret = SSH_ERR_ALLOC_FAIL; |
3842 | goto out; | 3823 | goto out; |
3843 | } | 3824 | } |
3844 | if (EC_POINT_mul(group, nq, NULL, public, order, bnctx) != 1) { | 3825 | if (EC_POINT_mul(group, nq, NULL, public, order, NULL) != 1) { |
3845 | ret = SSH_ERR_LIBCRYPTO_ERROR; | 3826 | ret = SSH_ERR_LIBCRYPTO_ERROR; |
3846 | goto out; | 3827 | goto out; |
3847 | } | 3828 | } |
@@ -3857,7 +3838,10 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3857 | goto out; | 3838 | goto out; |
3858 | ret = 0; | 3839 | ret = 0; |
3859 | out: | 3840 | out: |
3860 | BN_CTX_free(bnctx); | 3841 | BN_clear_free(x); |
3842 | BN_clear_free(y); | ||
3843 | BN_clear_free(order); | ||
3844 | BN_clear_free(tmp); | ||
3861 | EC_POINT_free(nq); | 3845 | EC_POINT_free(nq); |
3862 | return ret; | 3846 | return ret; |
3863 | } | 3847 | } |
@@ -3865,22 +3849,16 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3865 | int | 3849 | int |
3866 | sshkey_ec_validate_private(const EC_KEY *key) | 3850 | sshkey_ec_validate_private(const EC_KEY *key) |
3867 | { | 3851 | { |
3868 | BN_CTX *bnctx; | 3852 | BIGNUM *order = NULL, *tmp = NULL; |
3869 | BIGNUM *order, *tmp; | ||
3870 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; | 3853 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; |
3871 | 3854 | ||
3872 | if ((bnctx = BN_CTX_new()) == NULL) | 3855 | if ((order = BN_new()) == NULL || (tmp = BN_new()) == NULL) { |
3873 | return SSH_ERR_ALLOC_FAIL; | ||
3874 | BN_CTX_start(bnctx); | ||
3875 | |||
3876 | if ((order = BN_CTX_get(bnctx)) == NULL || | ||
3877 | (tmp = BN_CTX_get(bnctx)) == NULL) { | ||
3878 | ret = SSH_ERR_ALLOC_FAIL; | 3856 | ret = SSH_ERR_ALLOC_FAIL; |
3879 | goto out; | 3857 | goto out; |
3880 | } | 3858 | } |
3881 | 3859 | ||
3882 | /* log2(private) > log2(order)/2 */ | 3860 | /* log2(private) > log2(order)/2 */ |
3883 | if (EC_GROUP_get_order(EC_KEY_get0_group(key), order, bnctx) != 1) { | 3861 | if (EC_GROUP_get_order(EC_KEY_get0_group(key), order, NULL) != 1) { |
3884 | ret = SSH_ERR_LIBCRYPTO_ERROR; | 3862 | ret = SSH_ERR_LIBCRYPTO_ERROR; |
3885 | goto out; | 3863 | goto out; |
3886 | } | 3864 | } |
@@ -3897,47 +3875,43 @@ sshkey_ec_validate_private(const EC_KEY *key) | |||
3897 | goto out; | 3875 | goto out; |
3898 | ret = 0; | 3876 | ret = 0; |
3899 | out: | 3877 | out: |
3900 | BN_CTX_free(bnctx); | 3878 | BN_clear_free(order); |
3879 | BN_clear_free(tmp); | ||
3901 | return ret; | 3880 | return ret; |
3902 | } | 3881 | } |
3903 | 3882 | ||
3904 | void | 3883 | void |
3905 | sshkey_dump_ec_point(const EC_GROUP *group, const EC_POINT *point) | 3884 | sshkey_dump_ec_point(const EC_GROUP *group, const EC_POINT *point) |
3906 | { | 3885 | { |
3907 | BIGNUM *x, *y; | 3886 | BIGNUM *x = NULL, *y = NULL; |
3908 | BN_CTX *bnctx; | ||
3909 | 3887 | ||
3910 | if (point == NULL) { | 3888 | if (point == NULL) { |
3911 | fputs("point=(NULL)\n", stderr); | 3889 | fputs("point=(NULL)\n", stderr); |
3912 | return; | 3890 | return; |
3913 | } | 3891 | } |
3914 | if ((bnctx = BN_CTX_new()) == NULL) { | 3892 | if ((x = BN_new()) == NULL || (y = BN_new()) == NULL) { |
3915 | fprintf(stderr, "%s: BN_CTX_new failed\n", __func__); | 3893 | fprintf(stderr, "%s: BN_new failed\n", __func__); |
3916 | return; | 3894 | goto out; |
3917 | } | ||
3918 | BN_CTX_start(bnctx); | ||
3919 | if ((x = BN_CTX_get(bnctx)) == NULL || | ||
3920 | (y = BN_CTX_get(bnctx)) == NULL) { | ||
3921 | fprintf(stderr, "%s: BN_CTX_get failed\n", __func__); | ||
3922 | return; | ||
3923 | } | 3895 | } |
3924 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != | 3896 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != |
3925 | NID_X9_62_prime_field) { | 3897 | NID_X9_62_prime_field) { |
3926 | fprintf(stderr, "%s: group is not a prime field\n", __func__); | 3898 | fprintf(stderr, "%s: group is not a prime field\n", __func__); |
3927 | return; | 3899 | goto out; |
3928 | } | 3900 | } |
3929 | if (EC_POINT_get_affine_coordinates_GFp(group, point, x, y, | 3901 | if (EC_POINT_get_affine_coordinates_GFp(group, point, |
3930 | bnctx) != 1) { | 3902 | x, y, NULL) != 1) { |
3931 | fprintf(stderr, "%s: EC_POINT_get_affine_coordinates_GFp\n", | 3903 | fprintf(stderr, "%s: EC_POINT_get_affine_coordinates_GFp\n", |
3932 | __func__); | 3904 | __func__); |
3933 | return; | 3905 | goto out; |
3934 | } | 3906 | } |
3935 | fputs("x=", stderr); | 3907 | fputs("x=", stderr); |
3936 | BN_print_fp(stderr, x); | 3908 | BN_print_fp(stderr, x); |
3937 | fputs("\ny=", stderr); | 3909 | fputs("\ny=", stderr); |
3938 | BN_print_fp(stderr, y); | 3910 | BN_print_fp(stderr, y); |
3939 | fputs("\n", stderr); | 3911 | fputs("\n", stderr); |
3940 | BN_CTX_free(bnctx); | 3912 | out: |
3913 | BN_clear_free(x); | ||
3914 | BN_clear_free(y); | ||
3941 | } | 3915 | } |
3942 | 3916 | ||
3943 | void | 3917 | void |