Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
c6700d27
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
9 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
c6700d27
编写于
2月 22, 2004
作者:
G
Geoff Thorpe
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
Submitted by: Nils Larsch Reviewed by: Geoff Thorpe
上级
1b068044
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
254 addition
and
149 deletion
+254
-149
crypto/ecdsa/ecdsa.h
crypto/ecdsa/ecdsa.h
+138
-15
crypto/ecdsa/ecs_ossl.c
crypto/ecdsa/ecs_ossl.c
+116
-134
未找到文件。
crypto/ecdsa/ecdsa.h
浏览文件 @
c6700d27
/* crypto/ecdsa/ecdsa.h */
/**
* \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
* \author Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
* Copyright (c) 2000-200
2
The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-200
3
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -96,7 +100,7 @@ typedef struct ecdsa_data_st {
/* EC_KEY_METH_DATA part */
int
(
*
init
)(
EC_KEY
*
);
void
(
*
finish
)(
EC_KEY
*
);
/* method specific part */
/* method
(ECDSA)
specific part */
BIGNUM
*
kinv
;
/* signing pre-calc */
BIGNUM
*
r
;
/* signing pre-calc */
ENGINE
*
engine
;
...
...
@@ -105,38 +109,157 @@ typedef struct ecdsa_data_st {
CRYPTO_EX_DATA
ex_data
;
}
ECDSA_DATA
;
/* signature functions */
/** ECDSA_SIG *ECDSA_SIG_new(void)
* allocates and initialize a ECDSA_SIG structure
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG
*
ECDSA_SIG_new
(
void
);
/** ECDSA_SIG_free
* frees a ECDSA_SIG structure
* \param a pointer to the ECDSA_SIG structure
*/
void
ECDSA_SIG_free
(
ECDSA_SIG
*
a
);
/** i2d_ECDSA_SIG
* DER encode content of ECDSA_SIG object (note: this function modifies *pp
* (*pp += length of the DER encoded signature)).
* \param a pointer to the ECDSA_SIG object
* \param pp pointer to a unsigned char pointer for the output or NULL
* \return the length of the DER encoded ECDSA_SIG object or 0
*/
int
i2d_ECDSA_SIG
(
const
ECDSA_SIG
*
a
,
unsigned
char
**
pp
);
ECDSA_SIG
*
d2i_ECDSA_SIG
(
ECDSA_SIG
**
v
,
const
unsigned
char
**
pp
,
long
length
);
/* ECDSA_DATA functions */
/** d2i_ECDSA_SIG
* decodes a DER encoded ECDSA signature (note: this function changes *pp
* (*pp += len)).
* \param v pointer to ECDSA_SIG pointer (may be NULL)
* \param pp buffer with the DER encoded signature
* \param len bufferlength
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
*/
ECDSA_SIG
*
d2i_ECDSA_SIG
(
ECDSA_SIG
**
v
,
const
unsigned
char
**
pp
,
long
len
);
/** ECDSA_DATA_new
* creates a new ECDSA_DATA object
* \return pointer to a newly allocated (and initialized) ECDSA_DATA object
*/
ECDSA_DATA
*
ECDSA_DATA_new
(
void
);
ECDSA_DATA
*
ECDSA_DATA_new_method
(
ENGINE
*
);
void
ECDSA_DATA_free
(
ECDSA_DATA
*
);
ECDSA_DATA
*
ecdsa_check
(
EC_KEY
*
);
/** ECDSA_DATA_new_method
* creates a new ECDSA_DATA object using a specified ENGINE
* \param eng pointer to a ENGINE structure
* \return pointer to a newly allocated (and initialized) ECDSA_DATA object
*/
ECDSA_DATA
*
ECDSA_DATA_new_method
(
ENGINE
*
eng
);
/** ECDSA_DATA_free
* frees ECDSA_DATA structure
* \param data pointer to a ECDSA_DATA structure
*/
void
ECDSA_DATA_free
(
ECDSA_DATA
*
data
);
/** ecdsa_check
* checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
* and if not it removes the old meth_data and creates a ECDSA_DATA structure.
* \param eckey pointer to a EC_KEY object
* \return pointer to a ECDSA_DATA structure
*/
ECDSA_DATA
*
ecdsa_check
(
EC_KEY
*
eckey
);
/** ECDSA_do_sign
* computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL
*/
ECDSA_SIG
*
ECDSA_do_sign
(
const
unsigned
char
*
dgst
,
int
dgst_len
,
EC_KEY
*
eckey
);
ECDSA_SIG
*
ECDSA_do_sign
(
const
unsigned
char
*
dgst
,
int
dgst_len
,
EC_KEY
*
);
/** ECDSA_do_verify
* verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param sig pointer to the ECDSA_SIG structure
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
*/
int
ECDSA_do_verify
(
const
unsigned
char
*
dgst
,
int
dgst_len
,
ECDSA_SIG
*
sig
,
EC_KEY
*
eckey
);
const
ECDSA_METHOD
*
ECDSA_OpenSSL
(
void
);
void
ECDSA_set_default_method
(
const
ECDSA_METHOD
*
);
/** ECDSA_set_default_method
* sets the default ECDSA method
* \param meth the new default ECDSA_METHOD
*/
void
ECDSA_set_default_method
(
const
ECDSA_METHOD
*
meth
);
/** ECDSA_get_default_method
* returns the default ECDSA method
* \return pointer to ECDSA_METHOD structure containing the default method
*/
const
ECDSA_METHOD
*
ECDSA_get_default_method
(
void
);
int
ECDSA_set_method
(
EC_KEY
*
,
const
ECDSA_METHOD
*
);
int
ECDSA_size
(
const
EC_KEY
*
);
/** ECDSA_set_method
* sets method to be used for the ECDSA operations
* \param eckey pointer to the EC_KEY object
* \param meth pointer to the new method
* \return 1 on success and 0 otherwise
*/
int
ECDSA_set_method
(
EC_KEY
*
eckey
,
const
ECDSA_METHOD
*
meth
);
/** ECDSA_size
* returns the maximum length of the DER encoded signature
* \param eckey pointer to a EC_KEY object
* \return numbers of bytes required for the DER encoded signature
*/
int
ECDSA_size
(
const
EC_KEY
*
eckey
);
/** ECDSA_sign_setup
* precompute parts of the signing operation (the computed values may be
* passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature
* computation).
* \param eckey pointer to the EC_KEY object containing a private EC key
* \param ctx pointer to a BN_CTX object (may be NULL)
* \param kinv pointer to a BIGNUM pointer for the inverse of k
* \param rp pointer to a BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
*/
int
ECDSA_sign_setup
(
EC_KEY
*
eckey
,
BN_CTX
*
ctx
,
BIGNUM
**
kinv
,
BIGNUM
**
rp
);
int
ECDSA_sign
(
int
type
,
const
unsigned
char
*
dgst
,
int
dgst_len
,
/** ECDSA_sign
* computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param sig buffer to hold the DER encoded signature
* \param siglen pointer to the length of the returned signature
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
int
ECDSA_sign
(
int
type
,
const
unsigned
char
*
dgst
,
int
dgstlen
,
unsigned
char
*
sig
,
unsigned
int
*
siglen
,
EC_KEY
*
eckey
);
int
ECDSA_verify
(
int
type
,
const
unsigned
char
*
dgst
,
int
dgst_len
,
const
unsigned
char
*
sig
,
int
sig_len
,
EC_KEY
*
eckey
);
/** ECDSA_verify
* verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
* \param type this parameter is ignored
* \param dgst pointer to the hash value
* \param dgstlen length of the hash value
* \param sig pointer to the DER encoded signature
* \param siglen length of the DER encoded signature
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
*/
int
ECDSA_verify
(
int
type
,
const
unsigned
char
*
dgst
,
int
dgstlen
,
const
unsigned
char
*
sig
,
int
siglen
,
EC_KEY
*
eckey
);
/* the standard ex_data functions */
int
ECDSA_get_ex_new_index
(
long
argl
,
void
*
argp
,
CRYPTO_EX_new
*
new_func
,
CRYPTO_EX_dup
*
dup_func
,
CRYPTO_EX_free
*
free_func
);
int
ECDSA_set_ex_data
(
EC_KEY
*
d
,
int
idx
,
void
*
arg
);
...
...
crypto/ecdsa/ecs_ossl.c
浏览文件 @
c6700d27
/* crypto/ecdsa/ecs_ossl.c */
/*
* Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
* Copyright (c) 1998-200
2
The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-200
4
The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
...
...
@@ -86,49 +89,43 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
BIGNUM
**
rp
)
{
BN_CTX
*
ctx
=
NULL
;
BIGNUM
k
,
*
kinv
=
NULL
,
*
r
=
NULL
,
*
order
=
NULL
,
*
X
=
NULL
;
BIGNUM
*
k
=
NULL
,
*
r
=
NULL
,
*
order
=
NULL
,
*
X
=
NULL
;
EC_POINT
*
tmp_point
=
NULL
;
EC_GROUP
*
group
;
int
ret
=
0
;
if
(
!
eckey
||
!
eckey
->
group
||
!
eckey
->
pub_key
||
!
eckey
->
priv_key
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_PASSED_NULL_PARAMETER
);
return
0
;
}
BN_init
(
&
k
);
group
=
eckey
->
group
;
if
(
ctx_in
==
NULL
)
{
if
((
ctx
=
BN_CTX_new
())
==
NULL
)
if
((
ctx
=
BN_CTX_new
())
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_MALLOC_FAILURE
);
return
0
;
}
}
else
ctx
=
ctx_in
;
ctx
=
ctx_in
;
if
((
r
=
BN_new
())
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_BN_LIB
);
goto
err
;
}
if
((
order
=
BN_new
())
==
NULL
)
k
=
BN_new
();
/* this value is later returned in *kinvp */
r
=
BN_new
();
/* this value is later returned in *rp */
order
=
BN_new
();
X
=
BN_new
();
if
(
!
k
||
!
r
||
!
order
||
!
X
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_BN_LIB
);
goto
err
;
}
if
((
X
=
BN_new
())
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_BN_LIB
);
goto
err
;
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
((
tmp_point
=
EC_POINT_new
(
eckey
->
group
))
==
NULL
)
if
((
tmp_point
=
EC_POINT_new
(
group
))
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
goto
err
;
}
if
(
!
EC_GROUP_get_order
(
eckey
->
group
,
order
,
ctx
))
if
(
!
EC_GROUP_get_order
(
group
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
goto
err
;
...
...
@@ -138,42 +135,39 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
{
/* get random k */
do
if
(
!
BN_rand_range
(
&
k
,
order
))
if
(
!
BN_rand_range
(
k
,
order
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED
);
goto
err
;
}
while
(
BN_is_zero
(
&
k
));
while
(
BN_is_zero
(
k
));
/* compute r the x-coordinate of generator * k */
if
(
!
EC_POINT_mul
(
eckey
->
group
,
tmp_point
,
&
k
,
NULL
,
NULL
,
ctx
))
if
(
!
EC_POINT_mul
(
group
,
tmp_point
,
k
,
NULL
,
NULL
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
goto
err
;
}
if
(
EC_METHOD_get_field_type
(
EC_GROUP_method_of
(
eckey
->
group
))
==
NID_X9_62_prime_field
)
if
(
EC_METHOD_get_field_type
(
EC_GROUP_method_of
(
group
))
==
NID_X9_62_prime_field
)
{
if
(
!
EC_POINT_get_affine_coordinates_GFp
(
eckey
->
group
,
if
(
!
EC_POINT_get_affine_coordinates_GFp
(
group
,
tmp_point
,
X
,
NULL
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
goto
err
;
}
}
else
/* NID_X9_62_characteristic_two_field */
{
if
(
!
EC_POINT_get_affine_coordinates_GF2m
(
eckey
->
group
,
if
(
!
EC_POINT_get_affine_coordinates_GF2m
(
group
,
tmp_point
,
X
,
NULL
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
goto
err
;
}
}
if
(
!
BN_nnmod
(
r
,
X
,
order
,
ctx
))
if
(
!
BN_nnmod
(
r
,
X
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_BN_LIB
);
goto
err
;
...
...
@@ -182,36 +176,34 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
while
(
BN_is_zero
(
r
));
/* compute the inverse of k */
if
(
(
kinv
=
BN_mod_inverse
(
NULL
,
&
k
,
order
,
ctx
))
==
NULL
)
if
(
!
BN_mod_inverse
(
k
,
k
,
order
,
ctx
)
)
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_BN_LIB
);
goto
err
;
}
if
(
*
rp
=
=
NULL
)
/* clear old values if necessary */
if
(
*
rp
!
=
NULL
)
BN_clear_free
(
*
rp
);
*
rp
=
r
;
if
(
*
kinvp
==
NULL
)
if
(
*
kinvp
!=
NULL
)
BN_clear_free
(
*
kinvp
);
*
kinvp
=
kinv
;
kinv
=
NULL
;
/* save the pre-computed values */
*
rp
=
r
;
*
kinvp
=
k
;
ret
=
1
;
err:
if
(
!
ret
)
{
if
(
k
inv
!=
NULL
)
BN_clear_free
(
kinv
);
if
(
k
!=
NULL
)
BN_clear_free
(
k
);
if
(
r
!=
NULL
)
BN_clear_free
(
r
);
}
if
(
ctx_in
==
NULL
)
BN_CTX_free
(
ctx
);
if
(
kinv
!=
NULL
)
BN_clear_free
(
kinv
);
if
(
order
!=
NULL
)
BN_
clear_
free
(
order
);
BN_free
(
order
);
if
(
tmp_point
!=
NULL
)
EC_POINT_free
(
tmp_point
);
if
(
X
)
BN_clear_free
(
X
);
BN_clear_free
(
&
k
);
if
(
X
)
BN_clear_free
(
X
);
return
(
ret
);
}
...
...
@@ -219,32 +211,38 @@ err:
static
ECDSA_SIG
*
ecdsa_do_sign
(
const
unsigned
char
*
dgst
,
int
dgst_len
,
EC_KEY
*
eckey
)
{
BIGNUM
*
kinv
=
NULL
,
*
r
=
NULL
,
*
s
=
NULL
,
*
m
=
NULL
,
*
tmp
=
NULL
,
*
order
=
NULL
;
BIGNUM
xr
;
BN_CTX
*
ctx
=
NULL
;
ECDSA_SIG
*
ret
=
NULL
;
int
ok
=
0
;
BIGNUM
*
kinv
=
NULL
,
*
r
,
*
s
,
*
m
=
NULL
,
*
tmp
=
NULL
,
*
order
=
NULL
;
BN_CTX
*
ctx
=
NULL
;
EC_GROUP
*
group
;
ECDSA_SIG
*
ret
;
ECDSA_DATA
*
ecdsa
;
BN_init
(
&
xr
);
ecdsa
=
ecdsa_check
(
eckey
);
if
(
!
eckey
||
!
eckey
->
group
||
!
eckey
->
pub_key
||
!
eckey
->
priv_key
||
!
ecdsa
)
if
(
!
eckey
->
group
||
!
eckey
->
pub_key
||
!
eckey
->
priv_key
||
!
ecdsa
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_PASSED_NULL_PARAMETER
);
goto
err
;
return
NULL
;
}
group
=
eckey
->
group
;
ret
=
ECDSA_SIG_new
();
if
(
!
ret
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_MALLOC_FAILURE
);
return
NULL
;
}
s
=
ret
->
s
;
if
((
ctx
=
BN_CTX_new
())
==
NULL
||
(
order
=
BN_new
())
==
NULL
||
(
tmp
=
BN_new
())
==
NULL
||
(
m
=
BN_new
())
==
NULL
||
(
s
=
BN_new
())
==
NULL
)
(
tmp
=
BN_new
())
==
NULL
||
(
m
=
BN_new
())
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
!
EC_GROUP_get_order
(
eckey
->
group
,
order
,
ctx
))
if
(
!
EC_GROUP_get_order
(
group
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_EC_LIB
);
goto
err
;
...
...
@@ -256,7 +254,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
goto
err
;
}
if
(
BN_bin2bn
(
dgst
,
dgst_len
,
m
)
==
NULL
)
if
(
!
BN_bin2bn
(
dgst
,
dgst_len
,
m
)
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_BN_LIB
);
goto
err
;
...
...
@@ -265,34 +263,34 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
{
if
(
ecdsa
->
kinv
==
NULL
||
ecdsa
->
r
==
NULL
)
{
if
(
!
ECDSA_sign_setup
(
eckey
,
ctx
,
&
kinv
,
&
r
))
if
(
!
ECDSA_sign_setup
(
eckey
,
ctx
,
&
kinv
,
&
ret
->
r
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_ECDSA_LIB
);
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_ECDSA_LIB
);
goto
err
;
}
r
=
ret
->
r
;
}
else
{
kinv
=
ecdsa
->
kinv
;
BN_free
(
ret
->
r
);
kinv
=
ecdsa
->
kinv
;
r
=
ecdsa
->
r
;
ret
->
r
=
r
;
ecdsa
->
kinv
=
NULL
;
r
=
ecdsa
->
r
;
ecdsa
->
r
=
NULL
;
ecdsa
->
r
=
NULL
;
}
if
(
!
BN_mod_mul
(
tmp
,
eckey
->
priv_key
,
r
,
order
,
ctx
))
if
(
!
BN_mod_mul
(
tmp
,
eckey
->
priv_key
,
r
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_BN_LIB
);
goto
err
;
}
if
(
!
BN_
add
(
s
,
tmp
,
m
))
if
(
!
BN_
mod_add_quick
(
s
,
tmp
,
m
,
order
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_BN_LIB
);
goto
err
;
}
if
(
BN_cmp
(
s
,
order
)
>
0
)
BN_sub
(
s
,
s
,
order
);
if
(
!
BN_mod_mul
(
s
,
s
,
kinv
,
order
,
ctx
))
if
(
!
BN_mod_mul
(
s
,
s
,
kinv
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_BN_LIB
);
goto
err
;
...
...
@@ -300,23 +298,13 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
}
while
(
BN_is_zero
(
s
));
if
((
ret
=
ECDSA_SIG_new
())
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
BN_copy
(
ret
->
r
,
r
)
==
NULL
||
BN_copy
(
ret
->
s
,
s
)
==
NULL
)
ok
=
1
;
err:
if
(
!
ok
)
{
ECDSA_SIG_free
(
ret
);
ret
=
NULL
;
ECDSAerr
(
ECDSA_F_ECDSA_DO_SIGN
,
ERR_R_BN_LIB
);
}
err:
if
(
r
)
BN_clear_free
(
r
);
if
(
s
)
BN_clear_free
(
s
);
if
(
ctx
)
BN_CTX_free
(
ctx
);
if
(
m
)
...
...
@@ -324,92 +312,99 @@ err:
if
(
tmp
)
BN_clear_free
(
tmp
);
if
(
order
)
BN_
clear_
free
(
order
);
BN_free
(
order
);
if
(
kinv
)
BN_clear_free
(
kinv
);
return
(
ret
)
;
return
ret
;
}
static
int
ecdsa_do_verify
(
const
unsigned
char
*
dgst
,
int
dgst_len
,
ECDSA_SIG
*
sig
,
EC_KEY
*
eckey
)
{
BN_CTX
*
ctx
;
BIGNUM
*
order
=
NULL
,
*
u1
=
NULL
,
*
u2
=
NULL
,
*
m
=
NULL
,
*
X
=
NULL
;
EC_POINT
*
point
=
NULL
;
int
ret
=
-
1
;
BN_CTX
*
ctx
;
BIGNUM
*
order
,
*
u1
,
*
u2
,
*
m
,
*
X
;
EC_POINT
*
point
=
NULL
;
EC_GROUP
*
group
;
/* check input values */
if
(
!
eckey
||
!
eckey
->
group
||
!
eckey
->
pub_key
||
!
sig
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ECDSA_R_MISSING_PARAMETERS
);
return
-
1
;
}
if
((
ctx
=
BN_CTX_new
())
==
NULL
||
(
order
=
BN_new
())
==
NULL
||
(
u1
=
BN_new
())
==
NULL
||
(
u2
=
BN_new
())
==
NULL
||
(
m
=
BN_new
())
==
NULL
||
(
X
=
BN_new
())
==
NULL
)
group
=
eckey
->
group
;
ctx
=
BN_CTX_new
();
if
(
!
ctx
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
return
-
1
;
}
if
(
!
EC_GROUP_get_order
(
eckey
->
group
,
order
,
ctx
))
BN_CTX_start
(
ctx
);
order
=
BN_CTX_get
(
ctx
);
u1
=
BN_CTX_get
(
ctx
);
u2
=
BN_CTX_get
(
ctx
);
m
=
BN_CTX_get
(
ctx
);
X
=
BN_CTX_get
(
ctx
);
if
(
!
X
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_BN_LIB
);
goto
err
;
}
if
(
BN_is_zero
(
sig
->
r
)
||
BN_get_sign
(
sig
->
r
)
||
BN_ucmp
(
sig
->
r
,
order
)
>=
0
)
if
(
!
EC_GROUP_get_order
(
group
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ECDSA_R_BAD_SIGNATURE
);
ret
=
0
;
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_EC_LIB
);
goto
err
;
}
if
(
BN_is_zero
(
sig
->
s
)
||
BN_get_sign
(
sig
->
s
)
||
BN_ucmp
(
sig
->
s
,
order
)
>=
0
)
if
(
BN_is_zero
(
sig
->
r
)
||
BN_get_sign
(
sig
->
r
)
||
BN_ucmp
(
sig
->
r
,
order
)
>=
0
||
BN_is_zero
(
sig
->
s
)
||
BN_get_sign
(
sig
->
s
)
||
BN_ucmp
(
sig
->
s
,
order
)
>=
0
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ECDSA_R_BAD_SIGNATURE
);
ret
=
0
;
ret
=
0
;
/* signature is invalid */
goto
err
;
}
/* calculate tmp1 = inv(S) mod order */
if
(
(
BN_mod_inverse
(
u2
,
sig
->
s
,
order
,
ctx
))
==
NULL
)
if
(
!
BN_mod_inverse
(
u2
,
sig
->
s
,
order
,
ctx
)
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_BN_LIB
);
goto
err
;
}
/* digest -> m */
if
(
BN_bin2bn
(
dgst
,
dgst_len
,
m
)
==
NULL
)
if
(
!
BN_bin2bn
(
dgst
,
dgst_len
,
m
)
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_BN_LIB
);
goto
err
;
}
/* u1 = m * tmp mod order */
if
(
!
BN_mod_mul
(
u1
,
m
,
u2
,
order
,
ctx
))
if
(
!
BN_mod_mul
(
u1
,
m
,
u2
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_BN_LIB
);
goto
err
;
}
/* u2 = r * w mod q */
if
(
!
BN_mod_mul
(
u2
,
sig
->
r
,
u2
,
order
,
ctx
))
if
(
!
BN_mod_mul
(
u2
,
sig
->
r
,
u2
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_BN_LIB
);
goto
err
;
}
if
((
point
=
EC_POINT_new
(
eckey
->
group
))
==
NULL
)
if
((
point
=
EC_POINT_new
(
group
))
==
NULL
)
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_MALLOC_FAILURE
);
goto
err
;
}
if
(
!
EC_POINT_mul
(
eckey
->
group
,
point
,
u1
,
eckey
->
pub_key
,
u2
,
ctx
))
if
(
!
EC_POINT_mul
(
group
,
point
,
u1
,
eckey
->
pub_key
,
u2
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_EC_LIB
);
goto
err
;
}
if
(
EC_METHOD_get_field_type
(
EC_GROUP_method_of
(
eckey
->
group
))
==
NID_X9_62_prime_field
)
if
(
EC_METHOD_get_field_type
(
EC_GROUP_method_of
(
group
))
==
NID_X9_62_prime_field
)
{
if
(
!
EC_POINT_get_affine_coordinates_GFp
(
eckey
->
group
,
if
(
!
EC_POINT_get_affine_coordinates_GFp
(
group
,
point
,
X
,
NULL
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
...
...
@@ -418,7 +413,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
}
else
/* NID_X9_62_characteristic_two_field */
{
if
(
!
EC_POINT_get_affine_coordinates_GF2m
(
eckey
->
group
,
if
(
!
EC_POINT_get_affine_coordinates_GF2m
(
group
,
point
,
X
,
NULL
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_SIGN_SETUP
,
ERR_R_EC_LIB
);
...
...
@@ -426,30 +421,17 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
}
}
if
(
!
BN_nnmod
(
u1
,
X
,
order
,
ctx
))
if
(
!
BN_nnmod
(
u1
,
X
,
order
,
ctx
))
{
ECDSAerr
(
ECDSA_F_ECDSA_DO_VERIFY
,
ERR_R_BN_LIB
);
goto
err
;
}
/* is now in u1. If the signature is correct, it will be
* equal to R. */
ret
=
(
BN_ucmp
(
u1
,
sig
->
r
)
==
0
);
err:
if
(
ctx
)
BN_CTX_free
(
ctx
);
if
(
u1
)
BN_clear_free
(
u1
);
if
(
u2
)
BN_clear_free
(
u2
);
if
(
m
)
BN_clear_free
(
m
);
if
(
X
)
BN_clear_free
(
X
);
if
(
order
)
BN_clear_free
(
order
);
/* if the signature is correct u1 is equal to sig->r */
ret
=
(
BN_ucmp
(
u1
,
sig
->
r
)
==
0
);
err:
BN_CTX_end
(
ctx
);
BN_CTX_free
(
ctx
);
if
(
point
)
EC_POINT_free
(
point
);
return
(
ret
)
;
return
ret
;
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录