Skip to content

T
Third Party Openssl

OpenHarmony / Third Party Openssl
9 个月 前同步成功

通知 8
Star 18
Fork 1
T
Third Party Openssl

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 c6700d27 编写于 作者: G Geoff Thorpe
浏览文件
操作

A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h 

Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
上级 1b068044
隐藏空白更改
内联 并排
Showing with 254 addition and 149 deletion
crypto/ecdsa/ecdsa.h
浏览文件 @ c6700d27
/* crypto/ecdsa/ecdsa.h */
/**
* \file crypto/ecdsa/ecdsa.h Include file for the OpenSSL ECDSA functions
* \author Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 2000-2003 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -96,7 +100,7 @@ typedef struct ecdsa_data_st {
/* EC_KEY_METH_DATA part */
int (*init)(EC_KEY *);
void (*finish)(EC_KEY *);
/* method specific part */
/* method (ECDSA) specific part */
BIGNUM *kinv; /* signing pre-calc */
BIGNUM *r; /* signing pre-calc */
ENGINE *engine;
......@@ -105,38 +109,157 @@ typedef struct ecdsa_data_st {
CRYPTO_EX_DATA ex_data;
} ECDSA_DATA;
/* signature functions */
/** ECDSA_SIG *ECDSA_SIG_new(void)
* allocates and initialize a ECDSA_SIG structure
* \return pointer to a ECDSA_SIG structure or NULL if an error occurred
*/
ECDSA_SIG *ECDSA_SIG_new(void);
/** ECDSA_SIG_free
* frees a ECDSA_SIG structure
* \param a pointer to the ECDSA_SIG structure
*/
void ECDSA_SIG_free(ECDSA_SIG *a);
/** i2d_ECDSA_SIG
* DER encode content of ECDSA_SIG object (note: this function modifies *pp
* (*pp += length of the DER encoded signature)).
* \param a pointer to the ECDSA_SIG object
* \param pp pointer to a unsigned char pointer for the output or NULL
* \return the length of the DER encoded ECDSA_SIG object or 0
*/
int i2d_ECDSA_SIG(const ECDSA_SIG *a, unsigned char **pp);
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long length);
/* ECDSA_DATA functions */
/** d2i_ECDSA_SIG
* decodes a DER encoded ECDSA signature (note: this function changes *pp
* (*pp += len)).
* \param v pointer to ECDSA_SIG pointer (may be NULL)
* \param pp buffer with the DER encoded signature
* \param len bufferlength
* \return pointer to the decoded ECDSA_SIG structure (or NULL)
*/
ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **v, const unsigned char **pp, long len);
/** ECDSA_DATA_new
* creates a new ECDSA_DATA object
* \return pointer to a newly allocated (and initialized) ECDSA_DATA object
*/
ECDSA_DATA *ECDSA_DATA_new(void);
ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *);
void ECDSA_DATA_free(ECDSA_DATA *);
ECDSA_DATA *ecdsa_check(EC_KEY *);
/** ECDSA_DATA_new_method
* creates a new ECDSA_DATA object using a specified ENGINE
* \param eng pointer to a ENGINE structure
* \return pointer to a newly allocated (and initialized) ECDSA_DATA object
*/
ECDSA_DATA *ECDSA_DATA_new_method(ENGINE *eng);
/** ECDSA_DATA_free
* frees ECDSA_DATA structure
* \param data pointer to a ECDSA_DATA structure
*/
void ECDSA_DATA_free(ECDSA_DATA *data);
/** ecdsa_check
* checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
* and if not it removes the old meth_data and creates a ECDSA_DATA structure.
* \param eckey pointer to a EC_KEY object
* \return pointer to a ECDSA_DATA structure
*/
ECDSA_DATA *ecdsa_check(EC_KEY *eckey);
/** ECDSA_do_sign
* computes the ECDSA signature of the given hash value using
* the supplied private key and returns the created signature.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return pointer to a ECDSA_SIG structure or NULL
*/
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst,int dgst_len,EC_KEY *eckey);
ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len, EC_KEY *);
/** ECDSA_do_verify
* verifies that the supplied signature is a valid ECDSA
* signature of the supplied hash value using the supplied public key.
* \param dgst pointer to the hash value
* \param dgst_len length of the hash value
* \param sig pointer to the ECDSA_SIG structure
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
*/
int ECDSA_do_verify(const unsigned char *dgst, int dgst_len, ECDSA_SIG
*sig, EC_KEY* eckey);
const ECDSA_METHOD *ECDSA_OpenSSL(void);
void ECDSA_set_default_method(const ECDSA_METHOD *);
/** ECDSA_set_default_method
* sets the default ECDSA method
* \param meth the new default ECDSA_METHOD
*/
void ECDSA_set_default_method(const ECDSA_METHOD *meth);
/** ECDSA_get_default_method
* returns the default ECDSA method
* \return pointer to ECDSA_METHOD structure containing the default method
*/
const ECDSA_METHOD *ECDSA_get_default_method(void);
int ECDSA_set_method(EC_KEY *, const ECDSA_METHOD *);
int ECDSA_size(const EC_KEY *);
/** ECDSA_set_method
* sets method to be used for the ECDSA operations
* \param eckey pointer to the EC_KEY object
* \param meth pointer to the new method
* \return 1 on success and 0 otherwise
*/
int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
/** ECDSA_size
* returns the maximum length of the DER encoded signature
* \param eckey pointer to a EC_KEY object
* \return numbers of bytes required for the DER encoded signature
*/
int ECDSA_size(const EC_KEY *eckey);
/** ECDSA_sign_setup
* precompute parts of the signing operation (the computed values may be
* passed to ECDSA_DATA->kinv and ECDSA_DATA->r for a later signature
* computation).
* \param eckey pointer to the EC_KEY object containing a private EC key
* \param ctx pointer to a BN_CTX object (may be NULL)
* \param kinv pointer to a BIGNUM pointer for the inverse of k
* \param rp pointer to a BIGNUM pointer for x coordinate of k * generator
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
BIGNUM **rp);
int ECDSA_sign(int type, const unsigned char *dgst, int dgst_len,
/** ECDSA_sign
* computes ECDSA signature of a given hash value using the supplied
* private key (note: sig must point to ECDSA_size(eckey) bytes of memory).
* \param type this parameter is ignored
* \param dgst pointer to the hash value to sign
* \param dgstlen length of the hash value
* \param sig buffer to hold the DER encoded signature
* \param siglen pointer to the length of the returned signature
* \param eckey pointer to the EC_KEY object containing a private EC key
* \return 1 on success and 0 otherwise
*/
int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
int ECDSA_verify(int type, const unsigned char *dgst, int dgst_len,
const unsigned char *sig, int sig_len, EC_KEY *eckey);
/** ECDSA_verify
* verifies that the given signature is valid ECDSA signature
* of the supplied hash value using the specified public key.
* \param type this parameter is ignored
* \param dgst pointer to the hash value
* \param dgstlen length of the hash value
* \param sig pointer to the DER encoded signature
* \param siglen length of the DER encoded signature
* \param eckey pointer to the EC_KEY object containing a public EC key
* \return 1 if the signature is valid, 0 if the signature is invalid and -1 on error
*/
int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
const unsigned char *sig, int siglen, EC_KEY *eckey);
/* the standard ex_data functions */
int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new
*new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
......
crypto/ecdsa/ecs_ossl.c
浏览文件 @ c6700d27
/* crypto/ecdsa/ecs_ossl.c */
/*
* Written by Nils Larsch for the OpenSSL project
*/
/* ====================================================================
* Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
......@@ -86,49 +89,43 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
BIGNUM **rp)
{
BN_CTX *ctx = NULL;
BIGNUM k,*kinv=NULL,*r=NULL,*order=NULL,*X=NULL;
BIGNUM *k = NULL, *r = NULL, *order = NULL, *X = NULL;
EC_POINT *tmp_point=NULL;
EC_GROUP *group;
int ret = 0;
if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key)
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
BN_init(&k);
group = eckey->group;
if (ctx_in == NULL)
{
if ((ctx=BN_CTX_new()) == NULL)
if ((ctx = BN_CTX_new()) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
goto err;
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_MALLOC_FAILURE);
return 0;
}
}
else
ctx=ctx_in;
ctx = ctx_in;
if ((r = BN_new()) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
}
if ((order = BN_new()) == NULL)
k = BN_new(); /* this value is later returned in *kinvp */
r = BN_new(); /* this value is later returned in *rp */
order = BN_new();
X = BN_new();
if (!k || !r || !order || !X)
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
}
if ((X = BN_new()) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_MALLOC_FAILURE);
goto err;
}
if ((tmp_point = EC_POINT_new(eckey->group)) == NULL)
if ((tmp_point = EC_POINT_new(group)) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
if (!EC_GROUP_get_order(eckey->group,order,ctx))
if (!EC_GROUP_get_order(group, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
......@@ -138,42 +135,39 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
{
/* get random k */
do
if (!BN_rand_range(&k,order))
if (!BN_rand_range(k, order))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
goto err;
}
while (BN_is_zero(&k));
while (BN_is_zero(k));
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(eckey->group, tmp_point, &k, NULL, NULL, ctx))
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
goto err;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group))
== NID_X9_62_prime_field)
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
{
if (!EC_POINT_get_affine_coordinates_GFp(eckey->group,
if (!EC_POINT_get_affine_coordinates_GFp(group,
tmp_point, X, NULL, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
ERR_R_EC_LIB);
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB);
goto err;
}
}
else /* NID_X9_62_characteristic_two_field */
{
if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group,
if (!EC_POINT_get_affine_coordinates_GF2m(group,
tmp_point, X, NULL, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
ERR_R_EC_LIB);
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,ERR_R_EC_LIB);
goto err;
}
}
if (!BN_nnmod(r,X,order,ctx))
if (!BN_nnmod(r, X, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
......@@ -182,36 +176,34 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
while (BN_is_zero(r));
/* compute the inverse of k */
if ((kinv = BN_mod_inverse(NULL,&k,order,ctx)) == NULL)
if (!BN_mod_inverse(k, k, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
goto err;
}
if (*rp == NULL)
/* clear old values if necessary */
if (*rp != NULL)
BN_clear_free(*rp);
*rp = r;
if (*kinvp == NULL)
if (*kinvp != NULL)
BN_clear_free(*kinvp);
*kinvp = kinv;
kinv = NULL;
/* save the pre-computed values */
*rp = r;
*kinvp = k;
ret = 1;
err:
if (!ret)
{
if (kinv != NULL) BN_clear_free(kinv);
if (k != NULL) BN_clear_free(k);
if (r != NULL) BN_clear_free(r);
}
if (ctx_in == NULL)
BN_CTX_free(ctx);
if (kinv != NULL)
BN_clear_free(kinv);
if (order != NULL)
BN_clear_free(order);
BN_free(order);
if (tmp_point != NULL)
EC_POINT_free(tmp_point);
if (X) BN_clear_free(X);
BN_clear_free(&k);
if (X)
BN_clear_free(X);
return(ret);
}
......@@ -219,32 +211,38 @@ err:
static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
EC_KEY *eckey)
{
BIGNUM *kinv=NULL,*r=NULL,*s=NULL,*m=NULL,*tmp=NULL,*order=NULL;
BIGNUM xr;
BN_CTX *ctx=NULL;
ECDSA_SIG *ret=NULL;
int ok = 0;
BIGNUM *kinv=NULL, *r, *s, *m=NULL,*tmp=NULL,*order=NULL;
BN_CTX *ctx = NULL;
EC_GROUP *group;
ECDSA_SIG *ret;
ECDSA_DATA *ecdsa;
BN_init(&xr);
ecdsa = ecdsa_check(eckey);
if (!eckey || !eckey->group || !eckey->pub_key || !eckey->priv_key
|| !ecdsa)
if (!eckey->group || !eckey->pub_key || !eckey->priv_key || !ecdsa)
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_PASSED_NULL_PARAMETER);
goto err;
return NULL;
}
group = eckey->group;
ret = ECDSA_SIG_new();
if (!ret)
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
return NULL;
}
s = ret->s;
if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
(tmp = BN_new()) == NULL || (m = BN_new()) == NULL ||
(s = BN_new()) == NULL )
(tmp = BN_new()) == NULL || (m = BN_new()) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_GROUP_get_order(eckey->group,order,ctx))
if (!EC_GROUP_get_order(group, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_EC_LIB);
goto err;
......@@ -256,7 +254,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
goto err;
}
if (BN_bin2bn(dgst,dgst_len,m) == NULL)
if (!BN_bin2bn(dgst, dgst_len, m))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
......@@ -265,34 +263,34 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
{
if (ecdsa->kinv == NULL || ecdsa->r == NULL)
{
if (!ECDSA_sign_setup(eckey,ctx,&kinv,&r))
if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,
ERR_R_ECDSA_LIB);
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
goto err;
}
r = ret->r;
}
else
{
kinv = ecdsa->kinv;
BN_free(ret->r);
kinv = ecdsa->kinv;
r = ecdsa->r;
ret->r = r;
ecdsa->kinv = NULL;
r = ecdsa->r;
ecdsa->r = NULL;
ecdsa->r = NULL;
}
if (!BN_mod_mul(tmp,eckey->priv_key,r,order,ctx))
if (!BN_mod_mul(tmp, eckey->priv_key, r, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (!BN_add(s,tmp,m))
if (!BN_mod_add_quick(s, tmp, m, order))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
}
if (BN_cmp(s,order) > 0)
BN_sub(s,s,order);
if (!BN_mod_mul(s,s,kinv,order,ctx))
if (!BN_mod_mul(s, s, kinv, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
goto err;
......@@ -300,23 +298,13 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
}
while (BN_is_zero(s));
if ((ret = ECDSA_SIG_new()) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (BN_copy(ret->r, r) == NULL || BN_copy(ret->s, s) == NULL)
ok = 1;
err:
if (!ok)
{
ECDSA_SIG_free(ret);
ret = NULL;
ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ERR_R_BN_LIB);
}
err:
if (r)
BN_clear_free(r);
if (s)
BN_clear_free(s);
if (ctx)
BN_CTX_free(ctx);
if (m)
......@@ -324,92 +312,99 @@ err:
if (tmp)
BN_clear_free(tmp);
if (order)
BN_clear_free(order);
BN_free(order);
if (kinv)
BN_clear_free(kinv);
return(ret);
return ret;
}
static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
ECDSA_SIG *sig, EC_KEY *eckey)
{
BN_CTX *ctx;
BIGNUM *order=NULL,*u1=NULL,*u2=NULL,*m=NULL,*X=NULL;
EC_POINT *point=NULL;
int ret = -1;
BN_CTX *ctx;
BIGNUM *order, *u1, *u2, *m, *X;
EC_POINT *point = NULL;
EC_GROUP *group;
/* check input values */
if (!eckey || !eckey->group || !eckey->pub_key || !sig)
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_MISSING_PARAMETERS);
return -1;
}
if ((ctx = BN_CTX_new()) == NULL || (order = BN_new()) == NULL ||
(u1 = BN_new()) == NULL || (u2 = BN_new()) == NULL ||
(m = BN_new()) == NULL || (X = BN_new()) == NULL)
group = eckey->group;
ctx = BN_CTX_new();
if (!ctx)
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
return -1;
}
if (!EC_GROUP_get_order(eckey->group, order, ctx))
BN_CTX_start(ctx);
order = BN_CTX_get(ctx);
u1 = BN_CTX_get(ctx);
u2 = BN_CTX_get(ctx);
m = BN_CTX_get(ctx);
X = BN_CTX_get(ctx);
if (!X)
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
if (BN_is_zero(sig->r) || BN_get_sign(sig->r) ||
BN_ucmp(sig->r, order) >= 0)
if (!EC_GROUP_get_order(group, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
ret = 0;
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
if (BN_is_zero(sig->s) || BN_get_sign(sig->s) ||
BN_ucmp(sig->s, order) >= 0)
if (BN_is_zero(sig->r) || BN_get_sign(sig->r) ||
BN_ucmp(sig->r, order) >= 0 || BN_is_zero(sig->s) ||
BN_get_sign(sig->s) || BN_ucmp(sig->s, order) >= 0)
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ECDSA_R_BAD_SIGNATURE);
ret = 0;
ret = 0; /* signature is invalid */
goto err;
}
/* calculate tmp1 = inv(S) mod order */
if ((BN_mod_inverse(u2,sig->s,order,ctx)) == NULL)
if (!BN_mod_inverse(u2, sig->s, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
/* digest -> m */
if (BN_bin2bn(dgst,dgst_len,m) == NULL)
if (!BN_bin2bn(dgst, dgst_len, m))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
/* u1 = m * tmp mod order */
if (!BN_mod_mul(u1,m,u2,order,ctx))
if (!BN_mod_mul(u1, m, u2, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
/* u2 = r * w mod q */
if (!BN_mod_mul(u2,sig->r,u2,order,ctx))
if (!BN_mod_mul(u2, sig->r, u2, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
if ((point = EC_POINT_new(eckey->group)) == NULL)
if ((point = EC_POINT_new(group)) == NULL)
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EC_POINT_mul(eckey->group, point, u1, eckey->pub_key, u2, ctx))
if (!EC_POINT_mul(group, point, u1, eckey->pub_key, u2, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_EC_LIB);
goto err;
}
if (EC_METHOD_get_field_type(EC_GROUP_method_of(eckey->group))
== NID_X9_62_prime_field)
if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) == NID_X9_62_prime_field)
{
if (!EC_POINT_get_affine_coordinates_GFp(eckey->group,
if (!EC_POINT_get_affine_coordinates_GFp(group,
point, X, NULL, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
......@@ -418,7 +413,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
}
else /* NID_X9_62_characteristic_two_field */
{
if (!EC_POINT_get_affine_coordinates_GF2m(eckey->group,
if (!EC_POINT_get_affine_coordinates_GF2m(group,
point, X, NULL, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
......@@ -426,30 +421,17 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
}
}
if (!BN_nnmod(u1,X,order,ctx))
if (!BN_nnmod(u1, X, order, ctx))
{
ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);
goto err;
}
/* is now in u1. If the signature is correct, it will be
* equal to R. */
ret = (BN_ucmp(u1,sig->r) == 0);
err:
if (ctx)
BN_CTX_free(ctx);
if (u1)
BN_clear_free(u1);
if (u2)
BN_clear_free(u2);
if (m)
BN_clear_free(m);
if (X)
BN_clear_free(X);
if (order)
BN_clear_free(order);
/* if the signature is correct u1 is equal to sig->r */
ret = (BN_ucmp(u1, sig->r) == 0);
err:
BN_CTX_end(ctx);
BN_CTX_free(ctx);
if (point)
EC_POINT_free(point);
return(ret);
return ret;
}
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册