aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/ec
diff options
context:
space:
mode:
authorShane Lontis <shane.lontis@oracle.com>2020-09-22 15:51:49 +1000
committerShane Lontis <shane.lontis@oracle.com>2020-09-23 17:31:40 +1000
commit8dbef010e7e6ecc07a9c8142cf26c8768fd55dc2 (patch)
treea3e5ecfc64eed994b7c1c2e185ce45e182332f69 /crypto/ec
parent7f80980fb7096ab4898e500a054a1bb8cbcaa266 (diff)
downloadopenssl-8dbef010e7e6ecc07a9c8142cf26c8768fd55dc2.tar.gz
Fix ecx so that is uses a settable propertyquery
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12944)
Diffstat (limited to 'crypto/ec')
-rw-r--r--crypto/ec/curve25519.c4
-rw-r--r--crypto/ec/curve448/curve448_local.h4
-rw-r--r--crypto/ec/curve448/ed448.h18
-rw-r--r--crypto/ec/curve448/eddsa.c63
-rw-r--r--crypto/ec/ecx_backend.c6
-rw-r--r--crypto/ec/ecx_key.c19
-rw-r--r--crypto/ec/ecx_meth.c45
7 files changed, 91 insertions, 68 deletions
diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c
index 19fdb8d74f..b945c35f29 100644
--- a/crypto/ec/curve25519.c
+++ b/crypto/ec/curve25519.c
@@ -5578,14 +5578,14 @@ err:
}
int ED25519_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[32],
- const uint8_t private_key[32])
+ const uint8_t private_key[32], const char *propq)
{
uint8_t az[SHA512_DIGEST_LENGTH];
ge_p3 A;
int r;
EVP_MD *sha512 = NULL;
- sha512 = EVP_MD_fetch(ctx, SN_sha512, NULL);
+ sha512 = EVP_MD_fetch(ctx, SN_sha512, propq);
if (sha512 == NULL)
return 0;
r = EVP_Digest(private_key, 32, az, NULL, sha512, NULL);
diff --git a/crypto/ec/curve448/curve448_local.h b/crypto/ec/curve448/curve448_local.h
index 84dd157d94..62a61fd979 100644
--- a/crypto/ec/curve448/curve448_local.h
+++ b/crypto/ec/curve448/curve448_local.h
@@ -12,10 +12,10 @@
int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64],
const uint8_t public_key[57], const uint8_t private_key[57],
- const uint8_t *context, size_t context_len);
+ const uint8_t *context, size_t context_len, const char *propq);
int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64],
const uint8_t signature[114], const uint8_t public_key[57],
- const uint8_t *context, size_t context_len);
+ const uint8_t *context, size_t context_len, const char *propq);
#endif /* OSSL_CRYPTO_EC_CURVE448_LOCAL_H */
diff --git a/crypto/ec/curve448/ed448.h b/crypto/ec/curve448/ed448.h
index 4f99fe6901..16248b28cc 100644
--- a/crypto/ec/curve448/ed448.h
+++ b/crypto/ec/curve448/ed448.h
@@ -40,7 +40,8 @@
c448_error_t c448_ed448_derive_public_key(
OPENSSL_CTX *ctx,
uint8_t pubkey [EDDSA_448_PUBLIC_BYTES],
- const uint8_t privkey [EDDSA_448_PRIVATE_BYTES]);
+ const uint8_t privkey [EDDSA_448_PRIVATE_BYTES],
+ const char *propq);
/*
* EdDSA signing.
@@ -66,7 +67,8 @@ c448_error_t c448_ed448_sign(
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t *message, size_t message_len,
uint8_t prehashed, const uint8_t *context,
- size_t context_len);
+ size_t context_len,
+ const char *propq);
/*
* EdDSA signing with prehash.
@@ -91,7 +93,8 @@ c448_error_t c448_ed448_sign_prehash(
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64],
const uint8_t *context,
- size_t context_len);
+ size_t context_len,
+ const char *propq);
/*
* EdDSA signature verification.
@@ -118,7 +121,8 @@ c448_error_t c448_ed448_verify(OPENSSL_CTX *ctx,
pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t *message, size_t message_len,
uint8_t prehashed, const uint8_t *context,
- uint8_t context_len);
+ uint8_t context_len,
+ const char *propq);
/*
* EdDSA signature verification.
@@ -143,7 +147,8 @@ c448_error_t c448_ed448_verify_prehash(
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64],
const uint8_t *context,
- uint8_t context_len);
+ uint8_t context_len,
+ const char *propq);
/*
* EdDSA point encoding. Used internally, exposed externally.
@@ -196,6 +201,7 @@ c448_error_t curve448_point_decode_like_eddsa_and_mul_by_ratio(
c448_error_t c448_ed448_convert_private_key_to_x448(
OPENSSL_CTX *ctx,
uint8_t x[X448_PRIVATE_BYTES],
- const uint8_t ed[EDDSA_448_PRIVATE_BYTES]);
+ const uint8_t ed[EDDSA_448_PRIVATE_BYTES],
+ const char *propq);
#endif /* OSSL_CRYPTO_EC_CURVE448_ED448_H */
diff --git a/crypto/ec/curve448/eddsa.c b/crypto/ec/curve448/eddsa.c
index f4fbaf7539..51a14642dc 100644
--- a/crypto/ec/curve448/eddsa.c
+++ b/crypto/ec/curve448/eddsa.c
@@ -21,7 +21,8 @@
#define COFACTOR 4
static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen,
- const uint8_t *in, size_t inlen)
+ const uint8_t *in, size_t inlen,
+ const char *propq)
{
EVP_MD_CTX *hashctx = EVP_MD_CTX_new();
EVP_MD *shake256 = NULL;
@@ -30,7 +31,7 @@ static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen,
if (hashctx == NULL)
return C448_FAILURE;
- shake256 = EVP_MD_fetch(ctx, "SHAKE256", NULL);
+ shake256 = EVP_MD_fetch(ctx, "SHAKE256", propq);
if (shake256 == NULL)
goto err;
@@ -57,7 +58,8 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx,
uint8_t prehashed,
uint8_t for_prehash,
const uint8_t *context,
- size_t context_len)
+ size_t context_len,
+ const char *propq)
{
#ifdef CHARSET_EBCDIC
const char dom_s[] = {0x53, 0x69, 0x67, 0x45,
@@ -75,7 +77,7 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx,
- (for_prehash == 0 ? 1 : 0));
dom[1] = (uint8_t)context_len;
- shake256 = EVP_MD_fetch(ctx, "SHAKE256", NULL);
+ shake256 = EVP_MD_fetch(ctx, "SHAKE256", propq);
if (shake256 == NULL)
return C448_FAILURE;
@@ -95,18 +97,20 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx,
c448_error_t c448_ed448_convert_private_key_to_x448(
OPENSSL_CTX *ctx,
uint8_t x[X448_PRIVATE_BYTES],
- const uint8_t ed [EDDSA_448_PRIVATE_BYTES])
+ const uint8_t ed [EDDSA_448_PRIVATE_BYTES],
+ const char *propq)
{
/* pass the private key through oneshot_hash function */
/* and keep the first X448_PRIVATE_BYTES bytes */
return oneshot_hash(ctx, x, X448_PRIVATE_BYTES, ed,
- EDDSA_448_PRIVATE_BYTES);
+ EDDSA_448_PRIVATE_BYTES, propq);
}
c448_error_t c448_ed448_derive_public_key(
OPENSSL_CTX *ctx,
uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
- const uint8_t privkey[EDDSA_448_PRIVATE_BYTES])
+ const uint8_t privkey[EDDSA_448_PRIVATE_BYTES],
+ const char *propq)
{
/* only this much used for keygen */
uint8_t secret_scalar_ser[EDDSA_448_PRIVATE_BYTES];
@@ -116,7 +120,8 @@ c448_error_t c448_ed448_derive_public_key(
if (!oneshot_hash(ctx, secret_scalar_ser, sizeof(secret_scalar_ser),
privkey,
- EDDSA_448_PRIVATE_BYTES))
+ EDDSA_448_PRIVATE_BYTES,
+ propq))
return C448_FAILURE;
clamp(secret_scalar_ser);
@@ -154,7 +159,7 @@ c448_error_t c448_ed448_sign(
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t *message, size_t message_len,
uint8_t prehashed, const uint8_t *context,
- size_t context_len)
+ size_t context_len, const char *propq)
{
curve448_scalar_t secret_scalar;
EVP_MD_CTX *hashctx = EVP_MD_CTX_new();
@@ -175,7 +180,7 @@ c448_error_t c448_ed448_sign(
uint8_t expanded[EDDSA_448_PRIVATE_BYTES * 2];
if (!oneshot_hash(ctx, expanded, sizeof(expanded), privkey,
- EDDSA_448_PRIVATE_BYTES))
+ EDDSA_448_PRIVATE_BYTES, propq))
goto err;
clamp(expanded);
curve448_scalar_decode_long(secret_scalar, expanded,
@@ -183,7 +188,7 @@ c448_error_t c448_ed448_sign(
/* Hash to create the nonce */
if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context,
- context_len)
+ context_len, propq)
|| !EVP_DigestUpdate(hashctx,
expanded + EDDSA_448_PRIVATE_BYTES,
EDDSA_448_PRIVATE_BYTES)
@@ -224,7 +229,8 @@ c448_error_t c448_ed448_sign(
uint8_t challenge[2 * EDDSA_448_PRIVATE_BYTES];
/* Compute the challenge */
- if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context, context_len)
+ if (!hash_init_with_dom(ctx, hashctx, prehashed, 0, context, context_len,
+ propq)
|| !EVP_DigestUpdate(hashctx, nonce_point, sizeof(nonce_point))
|| !EVP_DigestUpdate(hashctx, pubkey, EDDSA_448_PUBLIC_BYTES)
|| !EVP_DigestUpdate(hashctx, message, message_len)
@@ -260,10 +266,10 @@ c448_error_t c448_ed448_sign_prehash(
const uint8_t privkey[EDDSA_448_PRIVATE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64], const uint8_t *context,
- size_t context_len)
+ size_t context_len, const char *propq)
{
return c448_ed448_sign(ctx, signature, privkey, pubkey, hash, 64, 1,
- context, context_len);
+ context, context_len, propq);
}
c448_error_t c448_ed448_verify(
@@ -272,7 +278,7 @@ c448_error_t c448_ed448_verify(
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t *message, size_t message_len,
uint8_t prehashed, const uint8_t *context,
- uint8_t context_len)
+ uint8_t context_len, const char *propq)
{
curve448_point_t pk_point, r_point;
c448_error_t error;
@@ -321,7 +327,7 @@ c448_error_t c448_ed448_verify(
if (hashctx == NULL
|| !hash_init_with_dom(ctx, hashctx, prehashed, 0, context,
- context_len)
+ context_len, propq)
|| !EVP_DigestUpdate(hashctx, signature, EDDSA_448_PUBLIC_BYTES)
|| !EVP_DigestUpdate(hashctx, pubkey, EDDSA_448_PUBLIC_BYTES)
|| !EVP_DigestUpdate(hashctx, message, message_len)
@@ -354,50 +360,51 @@ c448_error_t c448_ed448_verify_prehash(
const uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES],
const uint8_t hash[64], const uint8_t *context,
- uint8_t context_len)
+ uint8_t context_len, const char *propq)
{
return c448_ed448_verify(ctx, signature, pubkey, hash, 64, 1, context,
- context_len);
+ context_len, propq);
}
int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message,
size_t message_len, const uint8_t public_key[57],
const uint8_t private_key[57], const uint8_t *context,
- size_t context_len)
+ size_t context_len, const char *propq)
{
return c448_ed448_sign(ctx, out_sig, private_key, public_key, message,
- message_len, 0, context, context_len)
+ message_len, 0, context, context_len,propq)
== C448_SUCCESS;
}
int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len,
const uint8_t signature[114], const uint8_t public_key[57],
- const uint8_t *context, size_t context_len)
+ const uint8_t *context, size_t context_len, const char *propq)
{
return c448_ed448_verify(ctx, signature, public_key, message, message_len,
- 0, context, (uint8_t)context_len) == C448_SUCCESS;
+ 0, context, (uint8_t)context_len,
+ propq) == C448_SUCCESS;
}
int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64],
const uint8_t public_key[57], const uint8_t private_key[57],
- const uint8_t *context, size_t context_len)
+ const uint8_t *context, size_t context_len, const char *propq)
{
return c448_ed448_sign_prehash(ctx, out_sig, private_key, public_key, hash,
- context, context_len) == C448_SUCCESS;
+ context, context_len, propq) == C448_SUCCESS;
}
int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64],
const uint8_t signature[114], const uint8_t public_key[57],
- const uint8_t *context, size_t context_len)
+ const uint8_t *context, size_t context_len, const char *propq)
{
return c448_ed448_verify_prehash(ctx, signature, public_key, hash, context,
- (uint8_t)context_len) == C448_SUCCESS;
+ (uint8_t)context_len, propq) == C448_SUCCESS;
}
int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57],
- const uint8_t private_key[57])
+ const uint8_t private_key[57], const char *propq)
{
- return c448_ed448_derive_public_key(ctx, out_public_key, private_key)
+ return c448_ed448_derive_public_key(ctx, out_public_key, private_key, propq)
== C448_SUCCESS;
}
diff --git a/crypto/ec/ecx_backend.c b/crypto/ec/ecx_backend.c
index 042f9ca8da..d1e652ae4f 100644
--- a/crypto/ec/ecx_backend.c
+++ b/crypto/ec/ecx_backend.c
@@ -27,7 +27,8 @@ int ecx_public_from_private(ECX_KEY *key)
X25519_public_from_private(key->pubkey, key->privkey);
break;
case ECX_KEY_TYPE_ED25519:
- if (!ED25519_public_from_private(key->libctx, key->pubkey, key->privkey)) {
+ if (!ED25519_public_from_private(key->libctx, key->pubkey, key->privkey,
+ key->propq)) {
ECerr(0, EC_R_FAILED_MAKING_PUBLIC_KEY);
return 0;
}
@@ -36,7 +37,8 @@ int ecx_public_from_private(ECX_KEY *key)
X448_public_from_private(key->pubkey, key->privkey);
break;
case ECX_KEY_TYPE_ED448:
- if (!ED448_public_from_private(key->libctx, key->pubkey, key->privkey)) {
+ if (!ED448_public_from_private(key->libctx, key->pubkey, key->privkey,
+ key->propq)) {
ECerr(0, EC_R_FAILED_MAKING_PUBLIC_KEY);
return 0;
}
diff --git a/crypto/ec/ecx_key.c b/crypto/ec/ecx_key.c
index 46abd57a74..dd4b872ab0 100644
--- a/crypto/ec/ecx_key.c
+++ b/crypto/ec/ecx_key.c
@@ -10,7 +10,8 @@
#include <openssl/err.h>
#include "crypto/ecx.h"
-ECX_KEY *ecx_key_new(OPENSSL_CTX *libctx, ECX_KEY_TYPE type, int haspubkey)
+ECX_KEY *ecx_key_new(OPENSSL_CTX *libctx, ECX_KEY_TYPE type, int haspubkey,
+ const char *propq)
{
ECX_KEY *ret = OPENSSL_zalloc(sizeof(*ret));
@@ -36,14 +37,21 @@ ECX_KEY *ecx_key_new(OPENSSL_CTX *libctx, ECX_KEY_TYPE type, int haspubkey)
ret->type = type;
ret->references = 1;
- ret->lock = CRYPTO_THREAD_lock_new();
- if (ret->lock == NULL) {
+ if (propq != NULL) {
+ ret->propq = OPENSSL_strdup(propq);
ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE);
- OPENSSL_free(ret);
- return NULL;
+ if (ret->propq == NULL)
+ goto err;
}
+ ret->lock = CRYPTO_THREAD_lock_new();
+ if (ret->lock == NULL)
+ goto err;
return ret;
+err:
+ ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE);
+ OPENSSL_free(ret);
+ return NULL;
}
void ecx_key_free(ECX_KEY *key)
@@ -59,6 +67,7 @@ void ecx_key_free(ECX_KEY *key)
return;
REF_ASSERT_ISNT(i < 0);
+ OPENSSL_free(key->propq);
OPENSSL_secure_clear_free(key->privkey, key->keylen);
CRYPTO_THREAD_lock_free(key->lock);
OPENSSL_free(key);
diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c
index 75693e35f7..99f1e480c1 100644
--- a/crypto/ec/ecx_meth.c
+++ b/crypto/ec/ecx_meth.c
@@ -59,7 +59,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg,
}
}
- key = ecx_key_new(libctx, KEYNID2TYPE(id), 1);
+ key = ecx_key_new(libctx, KEYNID2TYPE(id), 1, propq);
if (key == NULL) {
ECerr(EC_F_ECX_KEY_OP, ERR_R_MALLOC_FAILURE);
return 0;
@@ -75,7 +75,7 @@ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg,
goto err;
}
if (op == KEY_OP_KEYGEN) {
- if (RAND_priv_bytes(privkey, KEYLENID(id)) <= 0)
+ if (RAND_priv_bytes_ex(libctx, privkey, KEYLENID(id)) <= 0)
goto err;
if (id == EVP_PKEY_X25519) {
privkey[0] &= 248;
@@ -439,7 +439,8 @@ static int ecx_generic_import_from(const OSSL_PARAM params[], void *vpctx,
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
- ECX_KEY *ecx = ecx_key_new(pctx->libctx, KEYNID2TYPE(keytype), 0);
+ ECX_KEY *ecx = ecx_key_new(pctx->libctx, KEYNID2TYPE(keytype), 0,
+ pctx->propquery);
if (ecx == NULL) {
ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
@@ -862,12 +863,8 @@ static int pkey_ecd_digestsign448(EVP_MD_CTX *ctx, unsigned char *sig,
return 0;
}
- /*
- * TODO(3.0): We use NULL for the library context for now. Will need to
- * change later.
- */
- if (ED448_sign(NULL, sig, tbs, tbslen, edkey->pubkey, edkey->privkey,
- NULL, 0) == 0)
+ if (ED448_sign(edkey->libctx, sig, tbs, tbslen, edkey->pubkey, edkey->privkey,
+ NULL, 0, edkey->propq) == 0)
return 0;
*siglen = ED448_SIGSIZE;
return 1;
@@ -882,7 +879,8 @@ static int pkey_ecd_digestverify25519(EVP_MD_CTX *ctx, const unsigned char *sig,
if (siglen != ED25519_SIGSIZE)
return 0;
- return ED25519_verify(tbs, tbslen, sig, edkey->pubkey, NULL, NULL);
+ return ED25519_verify(tbs, tbslen, sig, edkey->pubkey,
+ edkey->libctx, edkey->propq);
}
static int pkey_ecd_digestverify448(EVP_MD_CTX *ctx, const unsigned char *sig,
@@ -894,11 +892,8 @@ static int pkey_ecd_digestverify448(EVP_MD_CTX *ctx, const unsigned char *sig,
if (siglen != ED448_SIGSIZE)
return 0;
- /*
- * TODO(3.0): We send NULL for the OPENSSL_CTX for now. This will need to
- * change.
- */
- return ED448_verify(NULL, tbs, tbslen, sig, edkey->pubkey, NULL, 0);
+ return ED448_verify(edkey->libctx, tbs, tbslen, sig, edkey->pubkey, NULL, 0,
+ edkey->propq);
}
static int pkey_ecd_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
@@ -949,7 +944,8 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
- ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_X25519, 1);
+ ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_X25519, 1,
+ ctx->propquery);
unsigned char *privkey = NULL, *pubkey;
if (key == NULL) {
@@ -965,7 +961,7 @@ static int s390x_pkey_ecx_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
- if (RAND_priv_bytes(privkey, X25519_KEYLEN) <= 0)
+ if (RAND_priv_bytes_ex(ctx->libctx, privkey, X25519_KEYLEN) <= 0)
goto err;
privkey[0] &= 248;
@@ -991,7 +987,8 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
- ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_X448, 1);
+ ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_X448, 1,
+ ctx->propquery);
unsigned char *privkey = NULL, *pubkey;
if (key == NULL) {
@@ -1007,7 +1004,7 @@ static int s390x_pkey_ecx_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
- if (RAND_priv_bytes(privkey, X448_KEYLEN) <= 0)
+ if (RAND_priv_bytes_ex(ctx->libctx, privkey, X448_KEYLEN) <= 0)
goto err;
privkey[0] &= 252;
@@ -1036,7 +1033,8 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
};
unsigned char x_dst[32], buff[SHA512_DIGEST_LENGTH];
- ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_ED25519, 1);
+ ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_ED25519, 1,
+ ctx->propquery);
unsigned char *privkey = NULL, *pubkey;
unsigned int sz;
@@ -1053,7 +1051,7 @@ static int s390x_pkey_ecd_keygen25519(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
- if (RAND_priv_bytes(privkey, ED25519_KEYLEN) <= 0)
+ if (RAND_priv_bytes_ex(ctx->libctx, privkey, ED25519_KEYLEN) <= 0)
goto err;
if (!EVP_Digest(privkey, 32, buff, &sz, EVP_sha512(), NULL))
@@ -1093,7 +1091,8 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
0x24, 0xbc, 0xb6, 0x6e, 0x71, 0x46, 0x3f, 0x69, 0x00
};
unsigned char x_dst[57], buff[114];
- ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_ED448, 1);
+ ECX_KEY *key = ecx_key_new(ctx->libctx, ECX_KEY_TYPE_ED448, 1,
+ ctx->propquery);
unsigned char *privkey = NULL, *pubkey;
EVP_MD_CTX *hashctx = NULL;
@@ -1110,7 +1109,7 @@ static int s390x_pkey_ecd_keygen448(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
goto err;
}
- if (RAND_priv_bytes(privkey, ED448_KEYLEN) <= 0)
+ if (RAND_priv_bytes_ex(ctx->libctx, privkey, ED448_KEYLEN) <= 0)
goto err;
hashctx = EVP_MD_CTX_new();
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-21 19:11:21 +0000