diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-11-15 06:00:20 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-17 09:44:43 +1100 |
commit | fd1a96490cef7f945a1b3b5df4e90c8a1070f425 (patch) | |
tree | c806a64cad5969ddf02459d4535d5e9cf1ae9e4b /sshkey.c | |
parent | 39b87104cdd47baf79ef77dc81de62cea07d119f (diff) |
upstream: remove most uses of BN_CTX
We weren't following the rules re BN_CTX_start/BN_CTX_end and the places
we were using it didn't benefit from its use anyway. ok dtucker@
OpenBSD-Commit-ID: ea9ba6c0d2e6f6adfe00b309a8f41842fe12fc7a
Diffstat (limited to 'sshkey.c')
-rw-r--r-- | sshkey.c | 92 |
1 files changed, 33 insertions, 59 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sshkey.c,v 1.92 2019/11/13 22:00:21 markus Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.93 2019/11/15 06:00:20 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
@@ -706,9 +706,6 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) | |||
706 | const BIGNUM *rsa_e_b, *rsa_n_b; | 706 | const BIGNUM *rsa_e_b, *rsa_n_b; |
707 | const BIGNUM *dsa_p_a, *dsa_q_a, *dsa_g_a, *dsa_pub_key_a; | 707 | const BIGNUM *dsa_p_a, *dsa_q_a, *dsa_g_a, *dsa_pub_key_a; |
708 | const BIGNUM *dsa_p_b, *dsa_q_b, *dsa_g_b, *dsa_pub_key_b; | 708 | const BIGNUM *dsa_p_b, *dsa_q_b, *dsa_g_b, *dsa_pub_key_b; |
709 | # if defined(OPENSSL_HAS_ECC) | ||
710 | BN_CTX *bnctx; | ||
711 | # endif /* OPENSSL_HAS_ECC */ | ||
712 | #endif /* WITH_OPENSSL */ | 709 | #endif /* WITH_OPENSSL */ |
713 | 710 | ||
714 | if (a == NULL || b == NULL || | 711 | if (a == NULL || b == NULL || |
@@ -751,17 +748,12 @@ sshkey_equal_public(const struct sshkey *a, const struct sshkey *b) | |||
751 | EC_KEY_get0_public_key(a->ecdsa) == NULL || | 748 | EC_KEY_get0_public_key(a->ecdsa) == NULL || |
752 | EC_KEY_get0_public_key(b->ecdsa) == NULL) | 749 | EC_KEY_get0_public_key(b->ecdsa) == NULL) |
753 | return 0; | 750 | return 0; |
754 | if ((bnctx = BN_CTX_new()) == NULL) | ||
755 | return 0; | ||
756 | if (EC_GROUP_cmp(EC_KEY_get0_group(a->ecdsa), | 751 | if (EC_GROUP_cmp(EC_KEY_get0_group(a->ecdsa), |
757 | EC_KEY_get0_group(b->ecdsa), bnctx) != 0 || | 752 | EC_KEY_get0_group(b->ecdsa), NULL) != 0 || |
758 | EC_POINT_cmp(EC_KEY_get0_group(a->ecdsa), | 753 | EC_POINT_cmp(EC_KEY_get0_group(a->ecdsa), |
759 | EC_KEY_get0_public_key(a->ecdsa), | 754 | EC_KEY_get0_public_key(a->ecdsa), |
760 | EC_KEY_get0_public_key(b->ecdsa), bnctx) != 0) { | 755 | EC_KEY_get0_public_key(b->ecdsa), NULL) != 0) |
761 | BN_CTX_free(bnctx); | ||
762 | return 0; | 756 | return 0; |
763 | } | ||
764 | BN_CTX_free(bnctx); | ||
765 | return 1; | 757 | return 1; |
766 | # endif /* OPENSSL_HAS_ECC */ | 758 | # endif /* OPENSSL_HAS_ECC */ |
767 | #endif /* WITH_OPENSSL */ | 759 | #endif /* WITH_OPENSSL */ |
@@ -1659,7 +1651,6 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) | |||
1659 | }; | 1651 | }; |
1660 | int nid; | 1652 | int nid; |
1661 | u_int i; | 1653 | u_int i; |
1662 | BN_CTX *bnctx; | ||
1663 | const EC_GROUP *g = EC_KEY_get0_group(k); | 1654 | const EC_GROUP *g = EC_KEY_get0_group(k); |
1664 | 1655 | ||
1665 | /* | 1656 | /* |
@@ -1672,18 +1663,13 @@ sshkey_ecdsa_key_to_nid(EC_KEY *k) | |||
1672 | */ | 1663 | */ |
1673 | if ((nid = EC_GROUP_get_curve_name(g)) > 0) | 1664 | if ((nid = EC_GROUP_get_curve_name(g)) > 0) |
1674 | return nid; | 1665 | return nid; |
1675 | if ((bnctx = BN_CTX_new()) == NULL) | ||
1676 | return -1; | ||
1677 | for (i = 0; nids[i] != -1; i++) { | 1666 | for (i = 0; nids[i] != -1; i++) { |
1678 | if ((eg = EC_GROUP_new_by_curve_name(nids[i])) == NULL) { | 1667 | if ((eg = EC_GROUP_new_by_curve_name(nids[i])) == NULL) |
1679 | BN_CTX_free(bnctx); | ||
1680 | return -1; | 1668 | return -1; |
1681 | } | 1669 | if (EC_GROUP_cmp(g, eg, NULL) == 0) |
1682 | if (EC_GROUP_cmp(g, eg, bnctx) == 0) | ||
1683 | break; | 1670 | break; |
1684 | EC_GROUP_free(eg); | 1671 | EC_GROUP_free(eg); |
1685 | } | 1672 | } |
1686 | BN_CTX_free(bnctx); | ||
1687 | if (nids[i] != -1) { | 1673 | if (nids[i] != -1) { |
1688 | /* Use the group with the NID attached */ | 1674 | /* Use the group with the NID attached */ |
1689 | EC_GROUP_set_asn1_flag(eg, OPENSSL_EC_NAMED_CURVE); | 1675 | EC_GROUP_set_asn1_flag(eg, OPENSSL_EC_NAMED_CURVE); |
@@ -3788,9 +3774,8 @@ sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **kp) | |||
3788 | int | 3774 | int |
3789 | sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | 3775 | sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) |
3790 | { | 3776 | { |
3791 | BN_CTX *bnctx; | ||
3792 | EC_POINT *nq = NULL; | 3777 | EC_POINT *nq = NULL; |
3793 | BIGNUM *order, *x, *y, *tmp; | 3778 | BIGNUM *order = NULL, *x = NULL, *y = NULL, *tmp = NULL; |
3794 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; | 3779 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; |
3795 | 3780 | ||
3796 | /* | 3781 | /* |
@@ -3801,10 +3786,6 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3801 | * EC_POINT_oct2point then the caller will need to explicitly check. | 3786 | * EC_POINT_oct2point then the caller will need to explicitly check. |
3802 | */ | 3787 | */ |
3803 | 3788 | ||
3804 | if ((bnctx = BN_CTX_new()) == NULL) | ||
3805 | return SSH_ERR_ALLOC_FAIL; | ||
3806 | BN_CTX_start(bnctx); | ||
3807 | |||
3808 | /* | 3789 | /* |
3809 | * We shouldn't ever hit this case because bignum_get_ecpoint() | 3790 | * We shouldn't ever hit this case because bignum_get_ecpoint() |
3810 | * refuses to load GF2m points. | 3791 | * refuses to load GF2m points. |
@@ -3817,18 +3798,18 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3817 | if (EC_POINT_is_at_infinity(group, public)) | 3798 | if (EC_POINT_is_at_infinity(group, public)) |
3818 | goto out; | 3799 | goto out; |
3819 | 3800 | ||
3820 | if ((x = BN_CTX_get(bnctx)) == NULL || | 3801 | if ((x = BN_new()) == NULL || |
3821 | (y = BN_CTX_get(bnctx)) == NULL || | 3802 | (y = BN_new()) == NULL || |
3822 | (order = BN_CTX_get(bnctx)) == NULL || | 3803 | (order = BN_new()) == NULL || |
3823 | (tmp = BN_CTX_get(bnctx)) == NULL) { | 3804 | (tmp = BN_new()) == NULL) { |
3824 | ret = SSH_ERR_ALLOC_FAIL; | 3805 | ret = SSH_ERR_ALLOC_FAIL; |
3825 | goto out; | 3806 | goto out; |
3826 | } | 3807 | } |
3827 | 3808 | ||
3828 | /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ | 3809 | /* log2(x) > log2(order)/2, log2(y) > log2(order)/2 */ |
3829 | if (EC_GROUP_get_order(group, order, bnctx) != 1 || | 3810 | if (EC_GROUP_get_order(group, order, NULL) != 1 || |
3830 | EC_POINT_get_affine_coordinates_GFp(group, public, | 3811 | EC_POINT_get_affine_coordinates_GFp(group, public, |
3831 | x, y, bnctx) != 1) { | 3812 | x, y, NULL) != 1) { |
3832 | ret = SSH_ERR_LIBCRYPTO_ERROR; | 3813 | ret = SSH_ERR_LIBCRYPTO_ERROR; |
3833 | goto out; | 3814 | goto out; |
3834 | } | 3815 | } |
@@ -3841,7 +3822,7 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3841 | ret = SSH_ERR_ALLOC_FAIL; | 3822 | ret = SSH_ERR_ALLOC_FAIL; |
3842 | goto out; | 3823 | goto out; |
3843 | } | 3824 | } |
3844 | if (EC_POINT_mul(group, nq, NULL, public, order, bnctx) != 1) { | 3825 | if (EC_POINT_mul(group, nq, NULL, public, order, NULL) != 1) { |
3845 | ret = SSH_ERR_LIBCRYPTO_ERROR; | 3826 | ret = SSH_ERR_LIBCRYPTO_ERROR; |
3846 | goto out; | 3827 | goto out; |
3847 | } | 3828 | } |
@@ -3857,7 +3838,10 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3857 | goto out; | 3838 | goto out; |
3858 | ret = 0; | 3839 | ret = 0; |
3859 | out: | 3840 | out: |
3860 | BN_CTX_free(bnctx); | 3841 | BN_clear_free(x); |
3842 | BN_clear_free(y); | ||
3843 | BN_clear_free(order); | ||
3844 | BN_clear_free(tmp); | ||
3861 | EC_POINT_free(nq); | 3845 | EC_POINT_free(nq); |
3862 | return ret; | 3846 | return ret; |
3863 | } | 3847 | } |
@@ -3865,22 +3849,16 @@ sshkey_ec_validate_public(const EC_GROUP *group, const EC_POINT *public) | |||
3865 | int | 3849 | int |
3866 | sshkey_ec_validate_private(const EC_KEY *key) | 3850 | sshkey_ec_validate_private(const EC_KEY *key) |
3867 | { | 3851 | { |
3868 | BN_CTX *bnctx; | 3852 | BIGNUM *order = NULL, *tmp = NULL; |
3869 | BIGNUM *order, *tmp; | ||
3870 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; | 3853 | int ret = SSH_ERR_KEY_INVALID_EC_VALUE; |
3871 | 3854 | ||
3872 | if ((bnctx = BN_CTX_new()) == NULL) | 3855 | if ((order = BN_new()) == NULL || (tmp = BN_new()) == NULL) { |
3873 | return SSH_ERR_ALLOC_FAIL; | ||
3874 | BN_CTX_start(bnctx); | ||
3875 | |||
3876 | if ((order = BN_CTX_get(bnctx)) == NULL || | ||
3877 | (tmp = BN_CTX_get(bnctx)) == NULL) { | ||
3878 | ret = SSH_ERR_ALLOC_FAIL; | 3856 | ret = SSH_ERR_ALLOC_FAIL; |
3879 | goto out; | 3857 | goto out; |
3880 | } | 3858 | } |
3881 | 3859 | ||
3882 | /* log2(private) > log2(order)/2 */ | 3860 | /* log2(private) > log2(order)/2 */ |
3883 | if (EC_GROUP_get_order(EC_KEY_get0_group(key), order, bnctx) != 1) { | 3861 | if (EC_GROUP_get_order(EC_KEY_get0_group(key), order, NULL) != 1) { |
3884 | ret = SSH_ERR_LIBCRYPTO_ERROR; | 3862 | ret = SSH_ERR_LIBCRYPTO_ERROR; |
3885 | goto out; | 3863 | goto out; |
3886 | } | 3864 | } |
@@ -3897,47 +3875,43 @@ sshkey_ec_validate_private(const EC_KEY *key) | |||
3897 | goto out; | 3875 | goto out; |
3898 | ret = 0; | 3876 | ret = 0; |
3899 | out: | 3877 | out: |
3900 | BN_CTX_free(bnctx); | 3878 | BN_clear_free(order); |
3879 | BN_clear_free(tmp); | ||
3901 | return ret; | 3880 | return ret; |
3902 | } | 3881 | } |
3903 | 3882 | ||
3904 | void | 3883 | void |
3905 | sshkey_dump_ec_point(const EC_GROUP *group, const EC_POINT *point) | 3884 | sshkey_dump_ec_point(const EC_GROUP *group, const EC_POINT *point) |
3906 | { | 3885 | { |
3907 | BIGNUM *x, *y; | 3886 | BIGNUM *x = NULL, *y = NULL; |
3908 | BN_CTX *bnctx; | ||
3909 | 3887 | ||
3910 | if (point == NULL) { | 3888 | if (point == NULL) { |
3911 | fputs("point=(NULL)\n", stderr); | 3889 | fputs("point=(NULL)\n", stderr); |
3912 | return; | 3890 | return; |
3913 | } | 3891 | } |
3914 | if ((bnctx = BN_CTX_new()) == NULL) { | 3892 | if ((x = BN_new()) == NULL || (y = BN_new()) == NULL) { |
3915 | fprintf(stderr, "%s: BN_CTX_new failed\n", __func__); | 3893 | fprintf(stderr, "%s: BN_new failed\n", __func__); |
3916 | return; | 3894 | goto out; |
3917 | } | ||
3918 | BN_CTX_start(bnctx); | ||
3919 | if ((x = BN_CTX_get(bnctx)) == NULL || | ||
3920 | (y = BN_CTX_get(bnctx)) == NULL) { | ||
3921 | fprintf(stderr, "%s: BN_CTX_get failed\n", __func__); | ||
3922 | return; | ||
3923 | } | 3895 | } |
3924 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != | 3896 | if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) != |
3925 | NID_X9_62_prime_field) { | 3897 | NID_X9_62_prime_field) { |
3926 | fprintf(stderr, "%s: group is not a prime field\n", __func__); | 3898 | fprintf(stderr, "%s: group is not a prime field\n", __func__); |
3927 | return; | 3899 | goto out; |
3928 | } | 3900 | } |
3929 | if (EC_POINT_get_affine_coordinates_GFp(group, point, x, y, | 3901 | if (EC_POINT_get_affine_coordinates_GFp(group, point, |
3930 | bnctx) != 1) { | 3902 | x, y, NULL) != 1) { |
3931 | fprintf(stderr, "%s: EC_POINT_get_affine_coordinates_GFp\n", | 3903 | fprintf(stderr, "%s: EC_POINT_get_affine_coordinates_GFp\n", |
3932 | __func__); | 3904 | __func__); |
3933 | return; | 3905 | goto out; |
3934 | } | 3906 | } |
3935 | fputs("x=", stderr); | 3907 | fputs("x=", stderr); |
3936 | BN_print_fp(stderr, x); | 3908 | BN_print_fp(stderr, x); |
3937 | fputs("\ny=", stderr); | 3909 | fputs("\ny=", stderr); |
3938 | BN_print_fp(stderr, y); | 3910 | BN_print_fp(stderr, y); |
3939 | fputs("\n", stderr); | 3911 | fputs("\n", stderr); |
3940 | BN_CTX_free(bnctx); | 3912 | out: |
3913 | BN_clear_free(x); | ||
3914 | BN_clear_free(y); | ||
3941 | } | 3915 | } |
3942 | 3916 | ||
3943 | void | 3917 | void |