summaryrefslogtreecommitdiff
path: root/crypto/ec/ec_key.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix segfault in RSA_free() (and DSA/DH/EC_KEY)Nicola Tuveri2018-09-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | `RSA_free()` and friends are called in case of error from `RSA_new_method(ENGINE *e)` (or the respective equivalent functions). For the rest of the description I'll talk about `RSA_*`, but the same applies for the equivalent `DSA_free()`, `DH_free()`, `EC_KEY_free()`. If `RSA_new_method()` fails because the engine does not implement the required method, when `RSA_free(RSA *r)` is called, `r->meth == NULL` and a segfault happens while checking if `r->meth->finish` is defined. This commit fixes this issue by ensuring that `r->meth` is not NULL before dereferencing it to check for `r->meth->finish`. Fixes #7102 . Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7121)
* Use the new non-curve type specific EC functions internallyMatt Caswell2018-07-311-25/+4
| | | | | | | Fixes #6646 Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6815)
* Update copyright yearRichard Levitte2018-04-171-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5990)
* Set error code on alloc failuresRich Salz2018-04-031-2/+4
| | | | | | | Almost all *alloc failures now set an error code. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5842)
* Move the REF_PRINT support from e_os.h to internal/refcount.h.Pauli2017-08-301-1/+1
| | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
* e_os.h removal from other headers and source files.Pauli2017-08-301-1/+2
| | | | | | | | | | | | | Removed e_os.h from all bar three headers (apps/apps.h crypto/bio/bio_lcl.h and ssl/ssl_locl.h). Added e_os.h into the files that need it now. Directly reference internal/nelem.h when required. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4188)
* Updates following feedback on OPENSSL_assert() removalMatt Caswell2017-08-211-2/+0
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Remove OPENSSL_assert() from crypto/ecMatt Caswell2017-08-211-1/+2
| | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3740)
* Add missing include of cryptlib.hRich Salz2017-08-061-1/+1
| | | | | | | Also use "" not <> for all include cryptlib Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4082)
* Add RAND_priv_bytes() for private keysRich Salz2017-08-031-1/+1
| | | | | | | | | | Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). Change callers to use the appropriate BN_priv... function. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4076)
* Modify Sun copyright to follow OpenSSL styleRich Salz2017-06-201-6/+1
| | | | | | | Approved by Oracle. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3585)
* Add EC_KEY_get0_engine()Richard Levitte2017-03-151-0/+5
| | | | | | | Just as for DH, DSA and RSA, this gives the engine associated with the key. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2960)
* Add support for reference counting using C11 atomicsKurt Roeckx2016-11-171-2/+2
| | | | | | | Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #1500
* Fix some style issues...FdaSilvaYY2016-08-021-1/+1
| | | | | | | extra spacing and 80 cols Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1366)
* Const EC_KEY_dupRichard J. Moore2016-08-011-2/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Constify EC_KEY_*_oct2priv() input bufferFdaSilvaYY2016-07-251-3/+4
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1300)
* Copyright consolidation 05/10Rich Salz2016-05-171-53/+6
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Adding missing BN_CTX_(start/end) in crypto/ec/ec_key.cSteven Valdez2016-05-111-1/+3
| | | | | | | RT#4363 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
* Avoid a NULL ptr deref if group is not setMatt Caswell2016-04-291-20/+21
| | | | | | | | | | | We should only copy parameters and keys if the group is set. Otherwise they don't really make any sense. Previously we copied the private key regardless of whether the group was set...but if it wasn't a NULL ptr deref could occur. It's unclear whether we could ever get into that situation, but since we were already checking it for the public key we should be consistent. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Fix EC_KEY_set_private_key() to call key->group->meth->set_private()Kazuki Yamaguchi2016-04-231-2/+2
| | | | | | | | | | | Fix a bug introduced by 6903e2e7e9a4 (Extended EC_METHOD customisation support., 2016-02-01). key->meth->set_private() is wrongly called where it should call key->group->meth->set_private(). PR#4517 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
* RT 4393: Call EC_GROUP_order_bits in priv2opt.David Benjamin2016-03-291-1/+1
| | | | | | | | The private key is a scalar and should be sized by the order, not the degree. See RFC 5915. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Remove #error from include files.Rich Salz2016-03-201-3/+1
| | | | | | | | Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Convert CRYPTO_LOCK_EC_* to new multi-threading APIAlessandro Ghedini2016-03-081-2/+7
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add default operations to EC_METHODDr. Stephen Henson2016-03-011-5/+1
| | | | Reviewed-by: Rich Salz <rsalz@openssl.org>
* Replace overrides.Dr. Stephen Henson2016-03-011-25/+65
| | | | | | | | Instead of overriding a default operation move default operation to a separate function which is then explicitly included in any EC_METHOD that uses it. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Add no signing flag.Dr. Stephen Henson2016-02-281-0/+8
| | | | | | | | | | Add a flag to EC_METHOD for curves which do not support signing. New function EC_KEY_can_sign() returns 1 is key can be used for signing. Return an explicit error is an attempt is made to sign with no signing curves. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Extract compression form in EC_KEY_oct2key().Dr. Stephen Henson2016-02-281-1/+12
| | | | | | | | | Extract compression form in EC_KEY_oct2key() instead of manually in the ASN.1 code. For custom curves do not assume the initial octet is the compression form: it isn't for X25519 et al. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Extended EC_METHOD customisation support.Dr. Stephen Henson2016-02-281-0/+24
| | | | | | | | Add support for optional overrides of various private key operations in EC_METHOD. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Emilia Käsper <emilia@openssl.org>
* Revert "EC_KEY_priv2buf (): check parameter sanity"Rich Salz2016-02-261-2/+2
| | | | | | This reverts commit acae59bb29ddc769743ab4a8ae373b5ff2f42b57. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* EC_KEY_priv2buf (): check parameter sanityJ Mohan Rao Arisankala2016-02-261-2/+2
| | | | | | | | In EC_KEY_priv2buf(), check for pbuf sanity. If invoked with NULL, gracefully returns the key length. Signed-off-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* GH715: ENGINE_finish can take NULLRich Salz2016-02-251-3/+2
| | | | | | | Simplifies calling code. Also fixed up any !ptr tests that were nearby, turning them into NULL tests. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Move to REF_DEBUG, for consistency.Rich Salz2016-02-111-18/+5
| | | | | | | Add utility macros REF_ASSERT_NOT and REF_PRINT_COUNT This is also RT 4181 Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add EC_KEY_priv2buf()Dr. Stephen Henson2016-02-051-0/+19
| | | | | | | Add new function EC_KEY_priv2buf() to allocated and encode private key octet in one call. Update and simplify ASN.1 and print routines. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Use BN_bn2binpadDr. Stephen Henson2016-02-051-12/+2
| | | | Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* update EC ASN1 and print routinesDr. Stephen Henson2016-02-051-4/+4
| | | | | | | Update EC ASN.1 and print routines to use EC_KEY_oct2priv and EC_KEY_priv2oct. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Add EC_KEY_oct2priv and EC_KEY_priv2octDr. Stephen Henson2016-02-051-0/+53
| | | | | | | | New functions EC_KEY_oct2priv and EC_KEY_priv2oct. These are private key equivalents of EC_POINT_oct2point and EC_POINT_point2oct which convert between the private key octet format and EC_KEY. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Add EC_GROUP_order_bits, EC_GROUP_get0_order and EC_GROUP_get0_cofactorDr. Stephen Henson2016-01-311-5/+4
| | | | | | | | New functions to return internal pointer for order and cofactor. This avoids the need to allocate a new BIGNUM which to copy the value to. Simplify code to use new functions. Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove /* foo.c */ commentsRich Salz2016-01-261-1/+0
| | | | | | | | | | | | This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* RT3863 ECC: Add missing NULL check. Set a flagBilly Brumley2016-01-211-0/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Add CRYPTO_EX_DATA; remove EC_EXTRA_DATARich Salz2016-01-131-54/+7
| | | | | | | | | | | | Add CRYPTO_EX_DATA add EndC_KEY_[gs]et_method, From Roumen Petrov. Had to add various exdata calls to init/copy/free the exdata. Had to remove const from some EC functions because exdata isn't const-correct. :( Also remove EC_EXTRA_DATA and use a union to hold the possible pre-computed values and an enum to tell which value is in the union. (Rich Salz) Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* Fix no-engine.Ben Laurie2015-12-291-1/+1
| | | | Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* New EC functions.Dr. Stephen Henson2015-12-161-0/+20
| | | | | | | | | | New functions EC_POINT_point2buf and EC_KEY_key2buf which encode a point and allocate a buffer in one call. New function EC_KEY_oct2key() which sets public key in an EC_KEY structure from an encoded point. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Use NULL comparisonDr. Stephen Henson2015-12-091-21/+24
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add set methods.Dr. Stephen Henson2015-12-091-0/+10
| | | | | | | | | | Add set_group, set_public and set_private methods. An EC_KEY_METHOD can use these to perform any appropriate operation when the key components are set, such as caching data in some more convenient ENGINE specific format or returning an error if the parameters are invalid or the operation is not supported. Reviewed-by: Richard Levitte <levitte@openssl.org>
* EC_KEY_METHOD copy supportDr. Stephen Henson2015-12-091-1/+22
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* EC_KEY_METHOD init and finish supportDr. Stephen Henson2015-12-091-0/+3
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* ENGINE fixesDr. Stephen Henson2015-12-091-0/+8
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* EC_KEY_METHOD keygen support.Dr. Stephen Henson2015-12-091-5/+12
| | | | | | | Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through method and set the current EC key generation function as the default. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Support for EC_KEY_METHOD.Dr. Stephen Henson2015-12-091-11/+1
| | | | | | | | | | | | Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave more like other algorithms. Specifically: EC_KEY_METHOD is part of EC_KEY. It is part of ENGINE. Default or key specific implementations can be provided to redirect some or all operations. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Continue standardising malloc style for libcryptoMatt Caswell2015-11-091-2/+2
| | | | | | | Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: Kurt Roeckx <kurt@openssl.org>
View Lorry Controller Status