diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-09-22 15:51:49 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-09-23 17:31:40 +1000 |
| commit | 8dbef010e7e6ecc07a9c8142cf26c8768fd55dc2 (patch) | |
| tree | a3e5ecfc64eed994b7c1c2e185ce45e182332f69 /crypto/ec/curve448 | |
| parent | 7f80980fb7096ab4898e500a054a1bb8cbcaa266 (diff) | |
| download | openssl-8dbef010e7e6ecc07a9c8142cf26c8768fd55dc2.tar.gz | |
Fix ecx so that is uses a settable propertyquery
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12944)
Diffstat (limited to 'crypto/ec/curve448')
| -rw-r--r-- | crypto/ec/curve448/curve448_local.h | 4 | ||||
| -rw-r--r-- | crypto/ec/curve448/ed448.h | 18 | ||||
| -rw-r--r-- | crypto/ec/curve448/eddsa.c | 63 |
3 files changed, 49 insertions, 36 deletions
diff --git a/crypto/ec/curve448/curve448_local.h b/crypto/ec/curve448/curve448_local.h index 84dd157d94..62a61fd979 100644 --- a/crypto/ec/curve448/curve448_local.h +++ b/crypto/ec/curve448/curve448_local.h @@ -12,10 +12,10 @@ int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], const uint8_t public_key[57], const uint8_t private_key[57], - const uint8_t *context, size_t context_len); + const uint8_t *context, size_t context_len, const char *propq); int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64], const uint8_t signature[114], const uint8_t public_key[57], - const uint8_t *context, size_t context_len); + const uint8_t *context, size_t context_len, const char *propq); #endif /* OSSL_CRYPTO_EC_CURVE448_LOCAL_H */ diff --git a/crypto/ec/curve448/ed448.h b/crypto/ec/curve448/ed448.h index 4f99fe6901..16248b28cc 100644 --- a/crypto/ec/curve448/ed448.h +++ b/crypto/ec/curve448/ed448.h @@ -40,7 +40,8 @@ c448_error_t c448_ed448_derive_public_key( OPENSSL_CTX *ctx, uint8_t pubkey [EDDSA_448_PUBLIC_BYTES], - const uint8_t privkey [EDDSA_448_PRIVATE_BYTES]); + const uint8_t privkey [EDDSA_448_PRIVATE_BYTES], + const char *propq); /* * EdDSA signing. @@ -66,7 +67,8 @@ c448_error_t c448_ed448_sign( const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, - size_t context_len); + size_t context_len, + const char *propq); /* * EdDSA signing with prehash. @@ -91,7 +93,8 @@ c448_error_t c448_ed448_sign_prehash( const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t hash[64], const uint8_t *context, - size_t context_len); + size_t context_len, + const char *propq); /* * EdDSA signature verification. @@ -118,7 +121,8 @@ c448_error_t c448_ed448_verify(OPENSSL_CTX *ctx, pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, - uint8_t context_len); + uint8_t context_len, + const char *propq); /* * EdDSA signature verification. @@ -143,7 +147,8 @@ c448_error_t c448_ed448_verify_prehash( const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t hash[64], const uint8_t *context, - uint8_t context_len); + uint8_t context_len, + const char *propq); /* * EdDSA point encoding. Used internally, exposed externally. @@ -196,6 +201,7 @@ c448_error_t curve448_point_decode_like_eddsa_and_mul_by_ratio( c448_error_t c448_ed448_convert_private_key_to_x448( OPENSSL_CTX *ctx, uint8_t x[X448_PRIVATE_BYTES], - const uint8_t ed[EDDSA_448_PRIVATE_BYTES]); + const uint8_t ed[EDDSA_448_PRIVATE_BYTES], + const char *propq); #endif /* OSSL_CRYPTO_EC_CURVE448_ED448_H */ diff --git a/crypto/ec/curve448/eddsa.c b/crypto/ec/curve448/eddsa.c index f4fbaf7539..51a14642dc 100644 --- a/crypto/ec/curve448/eddsa.c +++ b/crypto/ec/curve448/eddsa.c @@ -21,7 +21,8 @@ #define COFACTOR 4 static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen, - const uint8_t *in, size_t inlen) + const uint8_t *in, size_t inlen, + const char *propq) { EVP_MD_CTX *hashctx = EVP_MD_CTX_new(); EVP_MD *shake256 = NULL; @@ -30,7 +31,7 @@ static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen, if (hashctx == NULL) return C448_FAILURE; - shake256 = EVP_MD_fetch(ctx, "SHAKE256", NULL); + shake256 = EVP_MD_fetch(ctx, "SHAKE256", propq); if (shake256 == NULL) goto err; @@ -57,7 +58,8 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx, uint8_t prehashed, uint8_t for_prehash, const uint8_t *context, - size_t context_len) + size_t context_len, + const char *propq) { #ifdef CHARSET_EBCDIC const char dom_s[] = {0x53, 0x69, 0x67, 0x45, @@ -75,7 +77,7 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx, - (for_prehash == 0 ? 1 : 0)); dom[1] = (uint8_t)context_len; - shake256 = EVP_MD_fetch(ctx, "SHAKE256", NULL); + shake256 = EVP_MD_fetch(ctx, "SHAKE256", propq); if (shake256 == NULL) return C448_FAILURE; @@ -95,18 +97,20 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx, c448_error_t c448_ed448_convert_private_key_to_x448( OPENSSL_CTX *ctx, uint8_t x[X448_PRIVATE_BYTES], - const uint8_t ed [EDDSA_448_PRIVATE_BYTES]) + const uint8_t ed [EDDSA_448_PRIVATE_BYTES], + const char *propq) { /* pass the private key through oneshot_hash function */ /* and keep the first X448_PRIVATE_BYTES bytes */ return oneshot_hash(ctx, x, X448_PRIVATE_BYTES, ed, - EDDSA_448_PRIVATE_BYTES); + EDDSA_448_PRIVATE_BYTES, propq); } c448_error_t c448_ed448_derive_public_key( OPENSSL_CTX *ctx, uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], - const uint8_t privkey[EDDSA_448_PRIVATE_BYTES]) + const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], + const char *propq) { /* only this much used for keygen */ uint8_t secret_scalar_ser[EDDSA_448_PRIVATE_BYTES]; @@ -116,7 +120,8 @@ c448_error_t c448_ed448_derive_public_key( if (!oneshot_hash(ctx, secret_scalar_ser, sizeof(secret_scalar_ser), privkey, - EDDSA_448_PRIVATE_BYTES)) + EDDSA_448_PRIVATE_BYTES, + propq)) return C448_FAILURE; clamp(secret_scalar_ser); @@ -154,7 +159,7 @@ c448_error_t c448_ed448_sign( const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, - size_t context_len) + size_t context_len, const char *propq) { curve448_scalar_t secret_scalar; EVP_MD_CTX *hashctx = EVP_MD_CTX_new(); @@ -175,7 +180,7 @@ c448_error_t c448_ed448_sign( uint8_t expanded[EDDSA_448_PRIVATE_BYTES * 2]; if (!oneshot_hash(ctx, expanded, sizeof(expanded), privkey, - EDDSA_448_PRIVATE_BYTES)) + EDDSA_448_PRIVATE_BYTES, propq)) goto err; clamp(expanded); curve448_scalar_decode_long(secret_scalar, expanded, @@ -183,7 +188,7 @@ c448_error_t c448_ed448_sign( /* Hash to create the nonce */ if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context, - context_len) + context_len, propq) || !EVP_DigestUpdate(hashctx, expanded + EDDSA_448_PRIVATE_BYTES, EDDSA_448_PRIVATE_BYTES) @@ -224,7 +229,8 @@ c448_error_t c448_ed448_sign( uint8_t challenge[2 * EDDSA_448_PRIVATE_BYTES]; /* Compute the challenge */ - if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context, context_len) + if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context, context_len, + propq) || !EVP_DigestUpdate(hashctx, nonce_point, sizeof(nonce_point)) || !EVP_DigestUpdate(hashctx, pubkey, EDDSA_448_PUBLIC_BYTES) || !EVP_DigestUpdate(hashctx, message, message_len) @@ -260,10 +266,10 @@ c448_error_t c448_ed448_sign_prehash( const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t hash[64], const uint8_t *context, - size_t context_len) + size_t context_len, const char *propq) { return c448_ed448_sign(ctx, signature, privkey, pubkey, hash, 64, 1, - context, context_len); + context, context_len, propq); } c448_error_t c448_ed448_verify( @@ -272,7 +278,7 @@ c448_error_t c448_ed448_verify( const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, uint8_t prehashed, const uint8_t *context, - uint8_t context_len) + uint8_t context_len, const char *propq) { curve448_point_t pk_point, r_point; c448_error_t error; @@ -321,7 +327,7 @@ c448_error_t c448_ed448_verify( if (hashctx == NULL || !hash_init_with_dom(ctx, hashctx, prehashed, 0, context, - context_len) + context_len, propq) || !EVP_DigestUpdate(hashctx, signature, EDDSA_448_PUBLIC_BYTES) || !EVP_DigestUpdate(hashctx, pubkey, EDDSA_448_PUBLIC_BYTES) || !EVP_DigestUpdate(hashctx, message, message_len) @@ -354,50 +360,51 @@ c448_error_t c448_ed448_verify_prehash( const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t hash[64], const uint8_t *context, - uint8_t context_len) + uint8_t context_len, const char *propq) { return c448_ed448_verify(ctx, signature, pubkey, hash, 64, 1, context, - context_len); + context_len, propq); } int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message, size_t message_len, const uint8_t public_key[57], const uint8_t private_key[57], const uint8_t *context, - size_t context_len) + size_t context_len, const char *propq) { return c448_ed448_sign(ctx, out_sig, private_key, public_key, message, - message_len, 0, context, context_len) + message_len, 0, context, context_len,propq) == C448_SUCCESS; } int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len, const uint8_t signature[114], const uint8_t public_key[57], - const uint8_t *context, size_t context_len) + const uint8_t *context, size_t context_len, const char *propq) { return c448_ed448_verify(ctx, signature, public_key, message, message_len, - 0, context, (uint8_t)context_len) == C448_SUCCESS; + 0, context, (uint8_t)context_len, + propq) == C448_SUCCESS; } int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], const uint8_t public_key[57], const uint8_t private_key[57], - const uint8_t *context, size_t context_len) + const uint8_t *context, size_t context_len, const char *propq) { return c448_ed448_sign_prehash(ctx, out_sig, private_key, public_key, hash, - context, context_len) == C448_SUCCESS; + context, context_len, propq) == C448_SUCCESS; } int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64], const uint8_t signature[114], const uint8_t public_key[57], - const uint8_t *context, size_t context_len) + const uint8_t *context, size_t context_len, const char *propq) { return c448_ed448_verify_prehash(ctx, signature, public_key, hash, context, - (uint8_t)context_len) == C448_SUCCESS; + (uint8_t)context_len, propq) == C448_SUCCESS; } int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57], - const uint8_t private_key[57]) + const uint8_t private_key[57], const char *propq) { - return c448_ed448_derive_public_key(ctx, out_public_key, private_key) + return c448_ed448_derive_public_key(ctx, out_public_key, private_key, propq) == C448_SUCCESS; } |