early-access version 2698

externals/libressl/crypto/ecdsa/ecs_asn1.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_asn1.c,v 1.9 2018/03/17 15:24:44 tb Exp $ */
+/* $OpenBSD: ecs_asn1.c,v 1.10 2022/01/05 20:39:04 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
  *
@@ -123,6 +123,18 @@ ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
 		*ps = sig->s;
 }
 
+const BIGNUM *
+ECDSA_SIG_get0_r(const ECDSA_SIG *sig)
+{
+	return sig->r;
+}
+
+const BIGNUM *
+ECDSA_SIG_get0_s(const ECDSA_SIG *sig)
+{
+	return sig->s;
+}
+
 int
 ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
 {

externals/libressl/crypto/ecdsa/ecs_err.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_err.c,v 1.5 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ecs_err.c,v 1.6 2022/01/27 20:31:21 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
  *
@@ -62,8 +62,8 @@
 
 #include <openssl/opensslconf.h>
 
-#include <openssl/err.h>
 #include <openssl/ecdsa.h>
+#include <openssl/err.h>
 
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR

externals/libressl/crypto/ecdsa/ecs_locl.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_locl.h,v 1.6 2019/01/19 01:07:00 tb Exp $ */
+/* $OpenBSD: ecs_locl.h,v 1.7 2022/01/14 08:31:03 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -73,6 +73,11 @@ typedef struct ecdsa_data_st {
 	CRYPTO_EX_DATA ex_data;
 } ECDSA_DATA;
 
+struct ECDSA_SIG_st {
+	BIGNUM *r;
+	BIGNUM *s;
+};
+
 /** ecdsa_check
  * checks whether ECKEY->meth_data is a pointer to a ECDSA_DATA structure
  * and if not it removes the old meth_data and creates a ECDSA_DATA structure.

externals/libressl/crypto/ecdsa/ecs_ossl.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_ossl.c,v 1.20 2019/06/04 18:15:27 tb Exp $ */
+/* $OpenBSD: ecs_ossl.c,v 1.24 2022/04/07 17:37:25 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -163,6 +163,11 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 		goto err;
 	}
 
+	if (BN_cmp(order, BN_value_one()) <= 0) {
+		ECDSAerror(EC_R_INVALID_GROUP_ORDER);
+		goto err;
+	}
+
 	/* Preallocate space. */
 	order_bits = BN_num_bits(order);
 	if (!BN_set_bit(k, order_bits) ||
@@ -205,30 +210,18 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 			ECDSAerror(ERR_R_EC_LIB);
 			goto err;
 		}
-		if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-		    NID_X9_62_prime_field) {
-			if (!EC_POINT_get_affine_coordinates_GFp(group, point,
-			    X, NULL, ctx)) {
-				ECDSAerror(ERR_R_EC_LIB);
-				goto err;
-			}
+		if (!EC_POINT_get_affine_coordinates(group, point, X, NULL,
+		    ctx)) {
+			ECDSAerror(ERR_R_EC_LIB);
+			goto err;
 		}
-#ifndef OPENSSL_NO_EC2M
-		else {	/* NID_X9_62_characteristic_two_field */
-			if (!EC_POINT_get_affine_coordinates_GF2m(group, point,
-			    X, NULL, ctx)) {
-				ECDSAerror(ERR_R_EC_LIB);
-				goto err;
-			}
-		}
-#endif
 		if (!BN_nnmod(r, X, order, ctx)) {
 			ECDSAerror(ERR_R_BN_LIB);
 			goto err;
 		}
 	} while (BN_is_zero(r));
 
-	if (!BN_mod_inverse_ct(k, k, order, ctx)) {
+	if (BN_mod_inverse_ct(k, k, order, ctx) == NULL) {
 		ECDSAerror(ERR_R_BN_LIB);
 		goto err;
 	}
@@ -499,7 +492,7 @@ ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
 	if (!ecdsa_prepare_digest(dgst, dgst_len, order, m))
 		goto err;
 
-	if (!BN_mod_inverse_ct(u2, sig->s, order, ctx)) {	/* w = inv(s) */
+	if (BN_mod_inverse_ct(u2, sig->s, order, ctx) == NULL) { /* w = inv(s) */
 		ECDSAerror(ERR_R_BN_LIB);
 		goto err;
 	}
@@ -521,23 +514,10 @@ ecdsa_do_verify(const unsigned char *dgst, int dgst_len, const ECDSA_SIG *sig,
 		ECDSAerror(ERR_R_EC_LIB);
 		goto err;
 	}
-	if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
-	    NID_X9_62_prime_field) {
-		if (!EC_POINT_get_affine_coordinates_GFp(group, point, X, NULL,
-		    ctx)) {
-			ECDSAerror(ERR_R_EC_LIB);
-			goto err;
-		}
+	if (!EC_POINT_get_affine_coordinates(group, point, X, NULL, ctx)) {
+		ECDSAerror(ERR_R_EC_LIB);
+		goto err;
 	}
-#ifndef OPENSSL_NO_EC2M
-	else { /* NID_X9_62_characteristic_two_field */
-		if (!EC_POINT_get_affine_coordinates_GF2m(group, point, X, NULL,
-		    ctx)) {
-			ECDSAerror(ERR_R_EC_LIB);
-			goto err;
-		}
-	}
-#endif
 	if (!BN_nnmod(u1, X, order, ctx)) {
 		ECDSAerror(ERR_R_BN_LIB);
 		goto err;

externals/libressl/crypto/ecdsa/ecs_sign.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_sign.c,v 1.7 2019/01/19 01:07:00 tb Exp $ */
+/* $OpenBSD: ecs_sign.c,v 1.9 2022/01/27 20:30:29 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
  *
@@ -58,7 +58,10 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/err.h>
+#include <openssl/evp.h>
 
+#include "bn_lcl.h"
 #include "ecs_locl.h"
 #include "ec_lcl.h"
 

externals/libressl/crypto/ecdsa/ecs_vrf.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecs_vrf.c,v 1.7 2019/01/19 01:12:48 tb Exp $ */
+/* $OpenBSD: ecs_vrf.c,v 1.9 2022/01/27 20:30:29 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -58,11 +58,15 @@
 
 #include <openssl/opensslconf.h>
 
-#include "ecs_locl.h"
-#include "ec_lcl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#include <openssl/err.h>
+#include <openssl/evp.h>
+
+#include "bn_lcl.h"
+#include "ecs_locl.h"
+#include "ec_lcl.h"
 
 /* returns
  *      1: correct signature