ECC library bugfixes.

Submitted by: Emilia Kasper (Google)
This commit is contained in:
Bodo Möller 2010-08-26 12:11:01 +00:00
parent 173350bcca
commit c94f7f657b
3 changed files with 25 additions and 6 deletions

12
CHANGES
View file

@ -978,6 +978,18 @@
*) Change 'Configure' script to enable Camellia by default. *) Change 'Configure' script to enable Camellia by default.
[NTT] [NTT]
Changes between 0.9.8o and 0.9.8p [xx XXX xxxx]
*) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
is also one of the inputs.
[Emilia Käsper <emilia.kasper@esat.kuleuven.be> (Google)]
*) Don't repeatedly append PBE algorithms to table if they already exist.
Sort table on each new add. This effectively makes the table read only
after all algorithms are added and subsequent calls to PKCS12_pbe_add
etc are non-op.
[Steve Henson]
Changes between 0.9.8n and 0.9.8o [01 Jun 2010] Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
[NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after

View file

@ -319,6 +319,7 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
int ret = 0; int ret = 0;
size_t i; size_t i;
EC_POINT *p=NULL; EC_POINT *p=NULL;
EC_POINT *acc = NULL;
if (ctx == NULL) if (ctx == NULL)
{ {
@ -338,15 +339,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
} }
if ((p = EC_POINT_new(group)) == NULL) goto err; if ((p = EC_POINT_new(group)) == NULL) goto err;
if ((acc = EC_POINT_new(group)) == NULL) goto err;
if (!EC_POINT_set_to_infinity(group, r)) goto err; if (!EC_POINT_set_to_infinity(group, acc)) goto err;
if (scalar) if (scalar)
{ {
if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err; if (!ec_GF2m_montgomery_point_multiply(group, p, scalar, group->generator, ctx)) goto err;
if (BN_is_negative(scalar)) if (BN_is_negative(scalar))
if (!group->meth->invert(group, p, ctx)) goto err; if (!group->meth->invert(group, p, ctx)) goto err;
if (!group->meth->add(group, r, r, p, ctx)) goto err; if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
} }
for (i = 0; i < num; i++) for (i = 0; i < num; i++)
@ -354,13 +356,16 @@ int ec_GF2m_simple_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err; if (!ec_GF2m_montgomery_point_multiply(group, p, scalars[i], points[i], ctx)) goto err;
if (BN_is_negative(scalars[i])) if (BN_is_negative(scalars[i]))
if (!group->meth->invert(group, p, ctx)) goto err; if (!group->meth->invert(group, p, ctx)) goto err;
if (!group->meth->add(group, r, r, p, ctx)) goto err; if (!group->meth->add(group, acc, acc, p, ctx)) goto err;
} }
if (!EC_POINT_copy(r, acc)) goto err;
ret = 1; ret = 1;
err: err:
if (p) EC_POINT_free(p); if (p) EC_POINT_free(p);
if (acc) EC_POINT_free(acc);
if (new_ctx != NULL) if (new_ctx != NULL)
BN_CTX_free(new_ctx); BN_CTX_free(new_ctx);
return ret; return ret;

View file

@ -169,11 +169,13 @@ static void ec_pre_comp_clear_free(void *pre_)
EC_POINT **p; EC_POINT **p;
for (p = pre->points; *p != NULL; p++) for (p = pre->points; *p != NULL; p++)
{
EC_POINT_clear_free(*p); EC_POINT_clear_free(*p);
OPENSSL_cleanse(pre->points, sizeof pre->points); OPENSSL_cleanse(p, sizeof *p);
}
OPENSSL_free(pre->points); OPENSSL_free(pre->points);
} }
OPENSSL_cleanse(pre, sizeof pre); OPENSSL_cleanse(pre, sizeof *pre);
OPENSSL_free(pre); OPENSSL_free(pre);
} }