Adapt ecdh_compute_key

Rename ecdh_compute_key into ossl_ecdh_compute_key and modify it to use EC error codes. Remove superfluous old ECDH functions. Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-22 18:47:11 +01:00 · 2015-10-22 18:47:11 +01:00 · 647b223875
commit 647b223875
parent 168e8374ee
1 changed files with 18 additions and 35 deletions
--- a/crypto/ec/ecdh_ossl.c
+++ b/crypto/ec/ecdh_ossl.c
@ -72,28 +72,11 @@

 #include "internal/cryptlib.h"

-#include "ech_locl.h"
 #include <openssl/err.h>
-#include <openssl/sha.h>
-#include <openssl/obj_mac.h>
 #include <openssl/bn.h>
-
-static int ecdh_compute_key(void *out, size_t len, const EC_POINT *pub_key,
-                            EC_KEY *ecdh,
-                            void *(*KDF) (const void *in, size_t inlen,
-                                          void *out, size_t *outlen));
-
-static ECDH_METHOD openssl_ecdh_meth = {
-    "OpenSSL ECDH method",
-    ecdh_compute_key,
-    ECDH_FLAG_FIPS_METHOD,      /* flags */
-    NULL                        /* app_data */
-};
-
-const ECDH_METHOD *ECDH_OpenSSL(void)
-{
-    return &openssl_ecdh_meth;
-}
+#include <openssl/objects.h>
+#include <openssl/ec.h>
+#include "ec_lcl.h"

 /*-
 * This implementation is based on the following primitives in the IEEE 1363 standard:
@ -101,10 +84,10 @@ const ECDH_METHOD *ECDH_OpenSSL(void)
 *  - ECSVDP-DH
 * Finally an optional KDF is applied.
 */
-static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
-                            EC_KEY *ecdh,
-                            void *(*KDF) (const void *in, size_t inlen,
-                                          void *out, size_t *outlen))
+int ossl_ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
+                          EC_KEY *ecdh,
+                          void *(*KDF) (const void *in, size_t inlen,
+                                        void *out, size_t *outlen))
 {
    BN_CTX *ctx;
    EC_POINT *tmp = NULL;
@ -116,7 +99,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
    unsigned char *buf = NULL;

    if (outlen > INT_MAX) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); /* sort of,
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); /* sort of,
                                                                 * anyway */
        return -1;
    }
@ -129,7 +112,7 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,

    priv_key = EC_KEY_get0_private_key(ecdh);
    if (priv_key == NULL) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_NO_PRIVATE_VALUE);
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_NO_PRIVATE_VALUE);
        goto err;
    }

@ -138,33 +121,33 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
    if (EC_KEY_get_flags(ecdh) & EC_FLAG_COFACTOR_ECDH) {
        if (!EC_GROUP_get_cofactor(group, x, ctx) ||
            !BN_mul(x, x, priv_key, ctx)) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+            ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
            goto err;
        }
        priv_key = x;
    }

    if ((tmp = EC_POINT_new(group)) == NULL) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
        goto err;
    }

    if (!EC_POINT_mul(group, tmp, NULL, pub_key, priv_key, ctx)) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_POINT_ARITHMETIC_FAILURE);
        goto err;
    }

    if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
        NID_X9_62_prime_field) {
        if (!EC_POINT_get_affine_coordinates_GFp(group, tmp, x, y, ctx)) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+            ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_POINT_ARITHMETIC_FAILURE);
            goto err;
        }
    }
 #ifndef OPENSSL_NO_EC2M
    else {
        if (!EC_POINT_get_affine_coordinates_GF2m(group, tmp, x, y, ctx)) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_POINT_ARITHMETIC_FAILURE);
+            ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_POINT_ARITHMETIC_FAILURE);
            goto err;
        }
    }
@ -173,23 +156,23 @@ static int ecdh_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
    buflen = (EC_GROUP_get_degree(group) + 7) / 8;
    len = BN_num_bytes(x);
    if (len > buflen) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, ERR_R_INTERNAL_ERROR);
        goto err;
    }
    if ((buf = OPENSSL_malloc(buflen)) == NULL) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, ERR_R_MALLOC_FAILURE);
        goto err;
    }

    memset(buf, 0, buflen - len);
    if (len != (size_t)BN_bn2bin(x, buf + buflen - len)) {
-        ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
+        ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, ERR_R_BN_LIB);
        goto err;
    }

    if (KDF != 0) {
        if (KDF(buf, buflen, out, &outlen) == NULL) {
-            ECDHerr(ECDH_F_ECDH_COMPUTE_KEY, ECDH_R_KDF_FAILED);
+            ECerr(EC_F_OSSL_ECDH_COMPUTE_KEY, EC_R_KDF_FAILED);
            goto err;
        }
        ret = outlen;