diff options
Diffstat (limited to 'src/crypto/ec')
-rw-r--r-- | src/crypto/ec/CMakeLists.txt | 2 | ||||
-rw-r--r-- | src/crypto/ec/ec.c | 127 | ||||
-rw-r--r-- | src/crypto/ec/ec_asn1.c | 77 | ||||
-rw-r--r-- | src/crypto/ec/ec_key.c | 32 | ||||
-rw-r--r-- | src/crypto/ec/ec_montgomery.c | 12 | ||||
-rw-r--r-- | src/crypto/ec/oct.c | 59 | ||||
-rw-r--r-- | src/crypto/ec/p256-64.c | 26 | ||||
-rw-r--r-- | src/crypto/ec/simple.c | 20 | ||||
-rw-r--r-- | src/crypto/ec/wnaf.c | 58 |
9 files changed, 223 insertions, 190 deletions
diff --git a/src/crypto/ec/CMakeLists.txt b/src/crypto/ec/CMakeLists.txt index 38a91f8..b5ebefa 100644 --- a/src/crypto/ec/CMakeLists.txt +++ b/src/crypto/ec/CMakeLists.txt @@ -1,4 +1,4 @@ -include_directories(../../include) +include_directories(. .. ../../include) add_library( ec diff --git a/src/crypto/ec/ec.c b/src/crypto/ec/ec.c index 3117f16..f38eba6 100644 --- a/src/crypto/ec/ec.c +++ b/src/crypto/ec/ec.c @@ -222,11 +222,7 @@ const struct built_in_curve OPENSSL_built_in_curves[] = { {NID_secp224r1, &P224, 0}, { NID_X9_62_prime256v1, &P256, - /* MSAN appears to have a bug that causes this P-256 code to be miscompiled - * in opt mode. While that is being looked at, don't run the uint128_t - * P-256 code under MSAN for now. */ -#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) && \ - !defined(MEMORY_SANITIZER) +#if defined(OPENSSL_64_BIT) && !defined(OPENSSL_WINDOWS) EC_GFp_nistp256_method, #else 0, @@ -241,18 +237,18 @@ EC_GROUP *ec_group_new(const EC_METHOD *meth) { EC_GROUP *ret; if (meth == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_SLOT_FULL); + OPENSSL_PUT_ERROR(EC, ec_group_new, EC_R_SLOT_FULL); return NULL; } if (meth->group_init == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof(EC_GROUP)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_group_new, ERR_R_MALLOC_FAILURE); return NULL; } memset(ret, 0, sizeof(EC_GROUP)); @@ -280,7 +276,8 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, } if (ret->meth->group_set_curve == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_new_curve_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (!ret->meth->group_set_curve(ret, p, a, b, ctx)) { @@ -332,7 +329,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { EC_GROUP *group = NULL; EC_POINT *P = NULL; BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = NULL; int ok = 0; unsigned param_len; const EC_METHOD *meth; @@ -340,7 +337,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { const uint8_t *params; if ((ctx = BN_CTX_new()) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_MALLOC_FAILURE); goto err; } @@ -351,7 +348,7 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { if (!(p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) || !(a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) || !(b = BN_bin2bn(params + 2 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); goto err; } @@ -359,39 +356,45 @@ static EC_GROUP *ec_group_new_from_data(const struct built_in_curve *curve) { meth = curve->method(); if (((group = ec_group_new(meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } } else { if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } } if ((P = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } if (!(x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) || !(y = BN_bin2bn(params + 4 * param_len, param_len, NULL))) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); goto err; } if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_EC_LIB); goto err; } - if (!BN_bin2bn(params + 5 * param_len, param_len, &group->order) || - !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + if (!(order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) || + !BN_set_word(x, (BN_ULONG)data->cofactor)) { + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); goto err; } group->generator = P; P = NULL; + if (!BN_copy(&group->order, order) || + !BN_set_word(&group->cofactor, (BN_ULONG)data->cofactor)) { + OPENSSL_PUT_ERROR(EC, ec_group_new_from_data, ERR_R_BN_LIB); + goto err; + } + ok = 1; err: @@ -404,6 +407,7 @@ err: BN_free(p); BN_free(a); BN_free(b); + BN_free(order); BN_free(x); BN_free(y); return group; @@ -423,7 +427,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name(int nid) { } if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_GROUP); + OPENSSL_PUT_ERROR(EC, EC_GROUP_new_by_curve_name, EC_R_UNKNOWN_GROUP); return NULL; } @@ -451,11 +455,11 @@ void EC_GROUP_free(EC_GROUP *group) { int ec_group_copy(EC_GROUP *dest, const EC_GROUP *src) { if (dest->meth->group_copy == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_GROUP_copy, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -550,7 +554,8 @@ int EC_GROUP_get_cofactor(const EC_GROUP *group, BIGNUM *cofactor, int EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *out_p, BIGNUM *out_a, BIGNUM *out_b, BN_CTX *ctx) { if (group->meth->group_get_curve == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_get_curve_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_curve(group, out_p, out_a, out_b, ctx); @@ -560,7 +565,8 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group) { return group->curve_name; } int EC_GROUP_get_degree(const EC_GROUP *group) { if (group->meth->group_get_degree == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_GROUP_get_degree, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } return group->meth->group_get_degree(group); @@ -596,17 +602,17 @@ EC_POINT *EC_POINT_new(const EC_GROUP *group) { EC_POINT *ret; if (group == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (group->meth->point_init == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return NULL; } ret = OPENSSL_malloc(sizeof *ret); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_POINT_new, ERR_R_MALLOC_FAILURE); return NULL; } @@ -647,11 +653,11 @@ void EC_POINT_clear_free(EC_POINT *point) { int EC_POINT_copy(EC_POINT *dest, const EC_POINT *src) { if (dest->meth->point_copy == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_copy, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (dest->meth != src->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_copy, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (dest == src) { @@ -670,7 +676,7 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { t = EC_POINT_new(group); if (t == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_POINT_dup, ERR_R_MALLOC_FAILURE); return NULL; } r = EC_POINT_copy(t, a); @@ -684,11 +690,12 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) { int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { if (group->meth->point_set_to_infinity == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_to_infinity, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_to_infinity(group, point); @@ -696,11 +703,12 @@ int EC_POINT_set_to_infinity(const EC_GROUP *group, EC_POINT *point) { int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { if (group->meth->is_at_infinity == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_at_infinity, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_at_infinity(group, point); @@ -709,11 +717,12 @@ int EC_POINT_is_at_infinity(const EC_GROUP *group, const EC_POINT *point) { int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) { if (group->meth->is_on_curve == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_is_on_curve, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->is_on_curve(group, point, ctx); @@ -722,11 +731,11 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->point_cmp == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return -1; } if ((group->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_cmp, EC_R_INCOMPATIBLE_OBJECTS); return -1; } return group->meth->point_cmp(group, a, b, ctx); @@ -734,11 +743,12 @@ int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx) { if (group->meth->make_affine == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_make_affine, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->make_affine(group, point, ctx); @@ -749,12 +759,13 @@ int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], size_t i; if (group->meth->points_make_affine == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINTs_make_affine, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -765,11 +776,13 @@ int EC_POINT_get_affine_coordinates_GFp(const EC_GROUP *group, const EC_POINT *point, BIGNUM *x, BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_get_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_get_affine_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_get_affine_coordinates(group, point, x, y, ctx); @@ -779,11 +792,13 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x, const BIGNUM *y, BN_CTX *ctx) { if (group->meth->point_set_affine_coordinates == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_affine_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_affine_coordinates(group, point, x, y, ctx); @@ -792,12 +807,12 @@ int EC_POINT_set_affine_coordinates_GFp(const EC_GROUP *group, EC_POINT *point, int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx) { if (group->meth->add == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_add, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth) || (a->meth != b->meth)) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_add, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->add(group, r, a, b, ctx); @@ -807,11 +822,11 @@ int EC_POINT_add(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, BN_CTX *ctx) { if (group->meth->dbl == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if ((group->meth != r->meth) || (r->meth != a->meth)) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_dbl, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->dbl(group, r, a, ctx); @@ -820,11 +835,11 @@ int EC_POINT_dbl(const EC_GROUP *group, EC_POINT *r, const EC_POINT *a, int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx) { if (group->meth->invert == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_invert, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != a->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_invert, EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->invert(group, a, ctx); @@ -859,11 +874,13 @@ int ec_point_set_Jprojective_coordinates_GFp(const EC_GROUP *group, EC_POINT *po const BIGNUM *x, const BIGNUM *y, const BIGNUM *z, BN_CTX *ctx) { if (group->meth->point_set_Jprojective_coordinates_GFp == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, ec_point_set_Jprojective_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } return group->meth->point_set_Jprojective_coordinates_GFp(group, point, x, y, diff --git a/src/crypto/ec/ec_asn1.c b/src/crypto/ec/ec_asn1.c index 31d8944..ff3dca6 100644 --- a/src/crypto/ec/ec_asn1.c +++ b/src/crypto/ec/ec_asn1.c @@ -168,7 +168,7 @@ ECPKPARAMETERS *ec_asn1_group2pkparameters(const EC_GROUP *group, if (ret == NULL) { ret = ECPKPARAMETERS_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_asn1_group2pkparameters, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -196,7 +196,7 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { int nid = NID_undef; if (params == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PARAMETERS); + OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_MISSING_PARAMETERS); return NULL; } @@ -222,13 +222,14 @@ EC_GROUP *ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { } if (nid == NID_undef) { - OPENSSL_PUT_ERROR(EC, EC_R_NON_NAMED_CURVE); + OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, EC_R_NON_NAMED_CURVE); return NULL; } ret = EC_GROUP_new_by_curve_name(nid); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_asn1_pkparameters2group, + EC_R_EC_GROUP_NEW_BY_NAME_FAILURE); return NULL; } @@ -242,14 +243,14 @@ static EC_GROUP *d2i_ECPKParameters(EC_GROUP **groupp, const uint8_t **inp, params = d2i_ECPKPARAMETERS(NULL, inp, len); if (params == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_D2I_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_D2I_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(params); return NULL; } group = ec_asn1_pkparameters2group(params); if (group == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_PKPARAMETERS2GROUP_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECPKParameters, EC_R_PKPARAMETERS2GROUP_FAILURE); ECPKPARAMETERS_free(params); return NULL; } @@ -267,12 +268,12 @@ static int i2d_ECPKParameters(const EC_GROUP *group, uint8_t **outp) { int ret = 0; ECPKPARAMETERS *tmp = ec_asn1_group2pkparameters(group, NULL); if (tmp == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_GROUP2PKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_GROUP2PKPARAMETERS_FAILURE); return 0; } ret = i2d_ECPKPARAMETERS(tmp, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, EC_R_I2D_ECPKPARAMETERS_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPKParameters, EC_R_I2D_ECPKPARAMETERS_FAILURE); ECPKPARAMETERS_free(tmp); return 0; } @@ -287,14 +288,14 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { priv_key = d2i_EC_PRIVATEKEY(NULL, in, len); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); return NULL; } if (a == NULL || *a == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } } else { @@ -307,7 +308,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { } if (ret->group == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } @@ -318,18 +319,18 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { BN_bin2bn(M_ASN1_STRING_data(priv_key->privateKey), M_ASN1_STRING_length(priv_key->privateKey), ret->priv_key); if (ret->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_BN_LIB); goto err; } } else { - OPENSSL_PUT_ERROR(EC, EC_R_MISSING_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_MISSING_PRIVATE_KEY); goto err; } EC_POINT_free(ret->pub_key); ret->pub_key = EC_POINT_new(ret->group); if (ret->pub_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } @@ -341,20 +342,20 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const uint8_t **in, long len) { pub_oct_len = M_ASN1_STRING_length(priv_key->publicKey); /* The first byte (the point conversion form) must be present. */ if (pub_oct_len <= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, EC_R_BUFFER_TOO_SMALL); goto err; } /* Save the point conversion form. */ ret->conv_form = (point_conversion_form_t)(pub_oct[0] & ~0x01); if (!EC_POINT_oct2point(ret->group, ret->pub_key, pub_oct, pub_oct_len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } } else { if (!EC_POINT_mul(ret->group, ret->pub_key, ret->priv_key, NULL, NULL, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECPrivateKey, ERR_R_EC_LIB); goto err; } /* Remember the original private-key-only encoding. */ @@ -386,13 +387,13 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { EC_PRIVATEKEY *priv_key = NULL; if (key == NULL || key->group == NULL || key->priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_PASSED_NULL_PARAMETER); goto err; } priv_key = EC_PRIVATEKEY_new(); if (priv_key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } @@ -401,17 +402,17 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { buf_len = BN_num_bytes(&key->group->order); buffer = OPENSSL_malloc(buf_len); if (buffer == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } if (!BN_bn2bin_padded(buffer, buf_len, key->priv_key)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_BN_LIB); goto err; } if (!M_ASN1_OCTET_STRING_set(priv_key->privateKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); goto err; } @@ -419,7 +420,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PARAMETERS)) { if ((priv_key->parameters = ec_asn1_group2pkparameters( key->group, priv_key->parameters)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); goto err; } } @@ -428,7 +429,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!(key->enc_flag & EC_PKEY_NO_PUBKEY) && key->pub_key != NULL) { priv_key->publicKey = M_ASN1_BIT_STRING_new(); if (priv_key->publicKey == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } @@ -438,7 +439,7 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (tmp_len > buf_len) { uint8_t *tmp_buffer = OPENSSL_realloc(buffer, tmp_len); if (!tmp_buffer) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_MALLOC_FAILURE); goto err; } buffer = tmp_buffer; @@ -447,21 +448,21 @@ int i2d_ECPrivateKey(const EC_KEY *key, uint8_t **outp) { if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, buffer, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); goto err; } priv_key->publicKey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); priv_key->publicKey->flags |= ASN1_STRING_FLAG_BITS_LEFT; if (!M_ASN1_BIT_STRING_set(priv_key->publicKey, buffer, buf_len)) { - OPENSSL_PUT_ERROR(EC, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_ASN1_LIB); goto err; } } ret = i2d_EC_PRIVATEKEY(priv_key, outp); if (ret == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2d_ECPrivateKey, ERR_R_EC_LIB); goto err; } ok = 1; @@ -474,7 +475,7 @@ err: int i2d_ECParameters(const EC_KEY *key, uint8_t **outp) { if (key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, i2d_ECParameters, ERR_R_PASSED_NULL_PARAMETER); return 0; } return i2d_ECPKParameters(key->group, outp); @@ -484,14 +485,14 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { EC_KEY *ret; if (inp == NULL || *inp == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_PASSED_NULL_PARAMETER); return NULL; } if (key == NULL || *key == NULL) { ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_MALLOC_FAILURE); return NULL; } } else { @@ -499,7 +500,7 @@ EC_KEY *d2i_ECParameters(EC_KEY **key, const uint8_t **inp, long len) { } if (!d2i_ECPKParameters(&ret->group, inp, len)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, d2i_ECParameters, ERR_R_EC_LIB); if (key == NULL || *key == NULL) { EC_KEY_free(ret); } @@ -516,17 +517,17 @@ EC_KEY *o2i_ECPublicKey(EC_KEY **keyp, const uint8_t **inp, long len) { EC_KEY *ret = NULL; if (keyp == NULL || *keyp == NULL || (*keyp)->group == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); return 0; } ret = *keyp; if (ret->pub_key == NULL && (ret->pub_key = EC_POINT_new(ret->group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_MALLOC_FAILURE); return 0; } if (!EC_POINT_oct2point(ret->group, ret->pub_key, *inp, len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, o2i_ECPublicKey, ERR_R_EC_LIB); return 0; } /* save the point conversion form */ @@ -540,7 +541,7 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { int new_buffer = 0; if (key == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -555,14 +556,14 @@ int i2o_ECPublicKey(const EC_KEY *key, uint8_t **outp) { if (*outp == NULL) { *outp = OPENSSL_malloc(buf_len); if (*outp == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_MALLOC_FAILURE); return 0; } new_buffer = 1; } if (!EC_POINT_point2oct(key->group, key->pub_key, key->conv_form, *outp, buf_len, NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, i2o_ECPublicKey, ERR_R_EC_LIB); if (new_buffer) { OPENSSL_free(*outp); *outp = NULL; diff --git a/src/crypto/ec/ec_key.c b/src/crypto/ec/ec_key.c index 0defa98..e5cbfed 100644 --- a/src/crypto/ec/ec_key.c +++ b/src/crypto/ec/ec_key.c @@ -87,7 +87,7 @@ EC_KEY *EC_KEY_new(void) { return EC_KEY_new_method(NULL); } EC_KEY *EC_KEY_new_method(const ENGINE *engine) { EC_KEY *ret = (EC_KEY *)OPENSSL_malloc(sizeof(EC_KEY)); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_KEY_new_method, ERR_R_MALLOC_FAILURE); return NULL; } @@ -127,7 +127,7 @@ err1: EC_KEY *EC_KEY_new_by_curve_name(int nid) { EC_KEY *ret = EC_KEY_new(); if (ret == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, EC_KEY_new_by_curve_name, ERR_R_MALLOC_FAILURE); return NULL; } ret->group = EC_GROUP_new_by_curve_name(nid); @@ -166,7 +166,7 @@ void EC_KEY_free(EC_KEY *r) { EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { if (dest == NULL || src == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_copy, ERR_R_PASSED_NULL_PARAMETER); return NULL; } /* Copy the parameters. */ @@ -300,12 +300,12 @@ int EC_KEY_check_key(const EC_KEY *eckey) { EC_POINT *point = NULL; if (!eckey || !eckey->group || !eckey->pub_key) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_PASSED_NULL_PARAMETER); return 0; } if (EC_POINT_is_at_infinity(eckey->group, eckey->pub_key)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_AT_INFINITY); goto err; } @@ -319,7 +319,7 @@ int EC_KEY_check_key(const EC_KEY *eckey) { /* testing whether the pub_key is on the elliptic curve */ if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } /* testing whether pub_key * order is the point at infinity */ @@ -327,15 +327,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { * to check the private key, below? */ order = &eckey->group->order; if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_GROUP_ORDER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_GROUP_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, NULL, eckey->pub_key, order, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); goto err; } if (!EC_POINT_is_at_infinity(eckey->group, point)) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); goto err; } /* in case the priv_key is present : @@ -343,15 +343,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { */ if (eckey->priv_key) { if (BN_cmp(eckey->priv_key, order) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_WRONG_ORDER); goto err; } if (!EC_POINT_mul(eckey->group, point, eckey->priv_key, NULL, NULL, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_EC_LIB); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, ERR_R_EC_LIB); goto err; } if (EC_POINT_cmp(eckey->group, point, eckey->pub_key, ctx) != 0) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_PRIVATE_KEY); + OPENSSL_PUT_ERROR(EC, EC_KEY_check_key, EC_R_INVALID_PRIVATE_KEY); goto err; } } @@ -371,7 +371,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, int ok = 0; if (!key || !key->group || !x || !y) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, + ERR_R_PASSED_NULL_PARAMETER); return 0; } ctx = BN_CTX_new(); @@ -393,7 +394,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, /* Check if retrieved coordinates match originals: if not values * are out of range. */ if (BN_cmp(x, tx) || BN_cmp(y, ty)) { - OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, EC_KEY_set_public_key_affine_coordinates, + EC_R_COORDINATES_OUT_OF_RANGE); goto err; } @@ -420,7 +422,7 @@ int EC_KEY_generate_key(EC_KEY *eckey) { EC_POINT *pub_key = NULL; if (!eckey || !eckey->group) { - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, EC_KEY_generate_key, ERR_R_PASSED_NULL_PARAMETER); return 0; } diff --git a/src/crypto/ec/ec_montgomery.c b/src/crypto/ec/ec_montgomery.c index b897000..74dbc6c 100644 --- a/src/crypto/ec/ec_montgomery.c +++ b/src/crypto/ec/ec_montgomery.c @@ -200,7 +200,7 @@ int ec_GFp_mont_group_set_curve(EC_GROUP *group, const BIGNUM *p, goto err; } if (!BN_MONT_CTX_set(mont, p, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_group_set_curve, ERR_R_BN_LIB); goto err; } one = BN_new(); @@ -232,7 +232,7 @@ err: int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_mul, EC_R_NOT_INITIALIZED); return 0; } @@ -242,7 +242,7 @@ int ec_GFp_mont_field_mul(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_sqr, EC_R_NOT_INITIALIZED); return 0; } @@ -252,7 +252,7 @@ int ec_GFp_mont_field_sqr(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_encode, EC_R_NOT_INITIALIZED); return 0; } @@ -262,7 +262,7 @@ int ec_GFp_mont_field_encode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) { if (group->mont == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_decode, EC_R_NOT_INITIALIZED); return 0; } @@ -272,7 +272,7 @@ int ec_GFp_mont_field_decode(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a, int ec_GFp_mont_field_set_to_one(const EC_GROUP *group, BIGNUM *r, BN_CTX *ctx) { if (group->one == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_NOT_INITIALIZED); + OPENSSL_PUT_ERROR(EC, ec_GFp_mont_field_set_to_one, EC_R_NOT_INITIALIZED); return 0; } diff --git a/src/crypto/ec/oct.c b/src/crypto/ec/oct.c index cb50e17..816a42f 100644 --- a/src/crypto/ec/oct.c +++ b/src/crypto/ec/oct.c @@ -85,7 +85,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, if ((form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FORM); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_INVALID_FORM); goto err; } @@ -93,7 +93,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* encodes to a single 0 octet */ if (buf != NULL) { if (len < 1) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); return 0; } buf[0] = 0; @@ -110,7 +110,7 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, /* if 'buf' is NULL, just return required length */ if (buf != NULL) { if (len < ret) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, EC_R_BUFFER_TOO_SMALL); goto err; } @@ -142,21 +142,21 @@ static size_t ec_GFp_simple_point2oct(const EC_GROUP *group, i = 1; if (!BN_bn2bin_padded(buf + i, field_len, x)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; if (form == POINT_CONVERSION_UNCOMPRESSED) { if (!BN_bn2bin_padded(buf + i, field_len, y)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } i += field_len; } if (i != ret) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point2oct, ERR_R_INTERNAL_ERROR); goto err; } } @@ -187,7 +187,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, int ret = 0; if (len == 0) { - OPENSSL_PUT_ERROR(EC, EC_R_BUFFER_TOO_SMALL); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_BUFFER_TOO_SMALL); return 0; } form = buf[0]; @@ -195,17 +195,17 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, form = form & ~1U; if ((form != 0) && (form != POINT_CONVERSION_COMPRESSED) && (form != POINT_CONVERSION_UNCOMPRESSED)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if ((form == 0 || form == POINT_CONVERSION_UNCOMPRESSED) && y_bit) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } if (form == 0) { if (len != 1) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } @@ -217,7 +217,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, (form == POINT_CONVERSION_COMPRESSED) ? 1 + field_len : 1 + 2 * field_len; if (len != enc_len) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); return 0; } @@ -231,7 +231,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, BN_CTX_start(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); - if (x == NULL || y == NULL) { + if (y == NULL) { goto err; } @@ -239,7 +239,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(x, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } @@ -252,7 +252,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, goto err; } if (BN_ucmp(y, &group->field) >= 0) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_ENCODING); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_INVALID_ENCODING); goto err; } @@ -263,7 +263,7 @@ static int ec_GFp_simple_oct2point(const EC_GROUP *group, EC_POINT *point, /* test required by X9.62 */ if (!EC_POINT_is_on_curve(group, point, ctx)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_oct2point, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } @@ -279,11 +279,12 @@ int EC_POINT_oct2point(const EC_GROUP *group, EC_POINT *point, const uint8_t *buf, size_t len, BN_CTX *ctx) { if (group->meth->oct2point == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_oct2point, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -298,11 +299,12 @@ size_t EC_POINT_point2oct(const EC_GROUP *group, const EC_POINT *point, size_t len, BN_CTX *ctx) { if (group->meth->point2oct == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_point2oct, EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { @@ -404,9 +406,9 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { ERR_clear_error(); - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); } else { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_BN_LIB); } goto err; } @@ -421,10 +423,12 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } if (kron == 1) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSION_BIT); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, + EC_R_INVALID_COMPRESSION_BIT); } else { /* BN_mod_sqrt() should have cought this error (not a square) */ - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_COMPRESSED_POINT); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, + EC_R_INVALID_COMPRESSED_POINT); } goto err; } @@ -433,7 +437,8 @@ int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, } } if (y_bit != BN_is_odd(y)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, + ERR_R_INTERNAL_ERROR); goto err; } @@ -454,11 +459,13 @@ int EC_POINT_set_compressed_coordinates_GFp(const EC_GROUP *group, int y_bit, BN_CTX *ctx) { if (group->meth->point_set_compressed_coordinates == 0 && !(group->meth->flags & EC_FLAGS_DEFAULT_OCT)) { - OPENSSL_PUT_ERROR(EC, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } if (group->meth != point->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, EC_POINT_set_compressed_coordinates_GFp, + EC_R_INCOMPATIBLE_OBJECTS); return 0; } if (group->meth->flags & EC_FLAGS_DEFAULT_OCT) { diff --git a/src/crypto/ec/p256-64.c b/src/crypto/ec/p256-64.c index 3946b29..fdb942c 100644 --- a/src/crypto/ec/p256-64.c +++ b/src/crypto/ec/p256-64.c @@ -125,7 +125,7 @@ static void flip_endian(u8 *out, const u8 *in, unsigned len) { /* BN_to_felem converts an OpenSSL BIGNUM into an felem. */ static int BN_to_felem(felem out, const BIGNUM *bn) { if (BN_is_negative(bn)) { - OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -134,7 +134,7 @@ static int BN_to_felem(felem out, const BIGNUM *bn) { memset(b_out, 0, sizeof(b_out)); unsigned num_bytes = BN_num_bytes(bn); if (num_bytes > sizeof(b_out)) { - OPENSSL_PUT_ERROR(EC, EC_R_BIGNUM_OUT_OF_RANGE); + OPENSSL_PUT_ERROR(EC, BN_to_felem, EC_R_BIGNUM_OUT_OF_RANGE); return 0; } @@ -1638,7 +1638,8 @@ int ec_GFp_nistp256_group_set_curve(EC_GROUP *group, const BIGNUM *p, if (BN_cmp(curve_p, p) || BN_cmp(curve_a, a) || BN_cmp(curve_b, b)) { - OPENSSL_PUT_ERROR(EC, EC_R_WRONG_CURVE_PARAMETERS); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_group_set_curve, + EC_R_WRONG_CURVE_PARAMETERS); goto err; } ret = ec_GFp_simple_group_set_curve(group, p, a, b, ctx); @@ -1660,7 +1661,8 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, longfelem tmp; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, + EC_R_POINT_AT_INFINITY); return 0; } if (!BN_to_felem(x_in, &point->X) || @@ -1675,7 +1677,8 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(x_in, tmp); felem_contract(x_out, x_in); if (x != NULL && !smallfelem_to_BN(x, x_out)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, + ERR_R_BN_LIB); return 0; } felem_mul(tmp, z1, z2); @@ -1684,7 +1687,8 @@ int ec_GFp_nistp256_point_get_affine_coordinates(const EC_GROUP *group, felem_reduce(y_in, tmp); felem_contract(y_out, y_in); if (y != NULL && !smallfelem_to_BN(y, y_out)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_point_get_affine_coordinates, + ERR_R_BN_LIB); return 0; } return 1; @@ -1759,7 +1763,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, g_pre_comp[0][1][0]) || !smallfelem_to_BN(y, g_pre_comp[0][1][1]) || !smallfelem_to_BN(z, g_pre_comp[0][1][2])) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } if (!ec_point_set_Jprojective_coordinates_GFp(group, generator, x, y, z, @@ -1790,7 +1794,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, } if (secrets == NULL || pre_comp == NULL || (mixed && tmp_smallfelems == NULL)) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_MALLOC_FAILURE); goto err; } @@ -1814,7 +1818,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, p_scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1859,7 +1863,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, /* this is an unusual input, and we don't guarantee * constant-timeness. */ if (!BN_nnmod(tmp_scalar, scalar, &group->order, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } num_bytes = BN_bn2bin(tmp_scalar, tmp); @@ -1885,7 +1889,7 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r, if (!smallfelem_to_BN(x, x_in) || !smallfelem_to_BN(y, y_in) || !smallfelem_to_BN(z, z_in)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_nistp256_points_mul, ERR_R_BN_LIB); goto err; } ret = ec_point_set_Jprojective_coordinates_GFp(group, r, x, y, z, ctx); diff --git a/src/crypto/ec/simple.c b/src/crypto/ec/simple.c index c62199c..69fd2e4 100644 --- a/src/crypto/ec/simple.c +++ b/src/crypto/ec/simple.c @@ -172,7 +172,7 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group, const BIGNUM *p, /* p must be a prime > 3 */ if (BN_num_bits(p) <= 2 || !BN_is_odd(p)) { - OPENSSL_PUT_ERROR(EC, EC_R_INVALID_FIELD); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_set_curve, EC_R_INVALID_FIELD); return 0; } @@ -283,7 +283,8 @@ int ec_GFp_simple_group_check_discriminant(const EC_GROUP *group, BN_CTX *ctx) { if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_group_check_discriminant, + ERR_R_MALLOC_FAILURE); goto err; } } @@ -491,7 +492,8 @@ int ec_GFp_simple_point_set_affine_coordinates(const EC_GROUP *group, const BIGNUM *y, BN_CTX *ctx) { if (x == NULL || y == NULL) { /* unlike for projective coordinates, we do not tolerate this */ - OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_set_affine_coordinates, + ERR_R_PASSED_NULL_PARAMETER); return 0; } @@ -508,7 +510,8 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, int ret = 0; if (EC_POINT_is_at_infinity(group, point)) { - OPENSSL_PUT_ERROR(EC, EC_R_POINT_AT_INFINITY); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, + EC_R_POINT_AT_INFINITY); return 0; } @@ -524,7 +527,7 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, Z_1 = BN_CTX_get(ctx); Z_2 = BN_CTX_get(ctx); Z_3 = BN_CTX_get(ctx); - if (Z == NULL || Z_1 == NULL || Z_2 == NULL || Z_3 == NULL) { + if (Z_3 == NULL) { goto err; } @@ -557,7 +560,8 @@ int ec_GFp_simple_point_get_affine_coordinates(const EC_GROUP *group, } } else { if (!BN_mod_inverse(Z_1, Z_, &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_point_get_affine_coordinates, + ERR_R_BN_LIB); goto err; } @@ -1179,7 +1183,7 @@ int ec_GFp_simple_make_affine(const EC_GROUP *group, EC_POINT *point, goto err; } if (!point->Z_is_one) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_make_affine, ERR_R_INTERNAL_ERROR); goto err; } @@ -1265,7 +1269,7 @@ int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, * non-zero points[i]->Z by its inverse. */ if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx)) { - OPENSSL_PUT_ERROR(EC, ERR_R_BN_LIB); + OPENSSL_PUT_ERROR(EC, ec_GFp_simple_points_make_affine, ERR_R_BN_LIB); goto err; } diff --git a/src/crypto/ec/wnaf.c b/src/crypto/ec/wnaf.c index 7fa0e1b..ae0d73f 100644 --- a/src/crypto/ec/wnaf.c +++ b/src/crypto/ec/wnaf.c @@ -100,7 +100,7 @@ static EC_PRE_COMP *ec_pre_comp_new(void) { ret = (EC_PRE_COMP *)OPENSSL_malloc(sizeof(EC_PRE_COMP)); if (!ret) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_pre_comp_new, ERR_R_MALLOC_FAILURE); return ret; } ret->blocksize = 8; /* default */ @@ -158,7 +158,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (BN_is_zero(scalar)) { r = OPENSSL_malloc(1); if (!r) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); goto err; } r[0] = 0; @@ -169,7 +169,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { if (w <= 0 || w > 7) /* 'signed char' can represent integers with absolute values less than 2^7 */ { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } bit = 1 << w; /* at most 128 */ @@ -181,7 +181,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (scalar->d == NULL || scalar->top == 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } @@ -192,7 +192,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * (*ret_len will be set to the actual length, i.e. at most * BN_num_bits(scalar) + 1) */ if (r == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_MALLOC_FAILURE); goto err; } window_val = scalar->d[0] & mask; @@ -225,7 +225,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { } if (digit <= -bit || digit >= bit || !(digit & 1)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } @@ -235,7 +235,7 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { * for modified window NAFs, it may also be 2^w */ if (window_val != 0 && window_val != next_bit && window_val != bit) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } } @@ -246,13 +246,13 @@ static signed char *compute_wNAF(const BIGNUM *scalar, int w, size_t *ret_len) { window_val += bit * BN_is_bit_set(scalar, j + w); if (window_val > next_bit) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } } if (j > len + 1) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, compute_wNAF, ERR_R_INTERNAL_ERROR); goto err; } len = j; @@ -316,7 +316,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, int ret = 0; if (group->meth != r->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); return 0; } @@ -326,7 +326,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, for (i = 0; i < num; i++) { if (group->meth != points[i]->meth) { - OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_INCOMPATIBLE_OBJECTS); return 0; } } @@ -341,7 +341,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (scalar != NULL) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, EC_R_UNDEFINED_GENERATOR); goto err; } @@ -366,7 +366,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* check that pre_comp looks sane */ if (pre_comp->num != (pre_comp->numblocks * pre_points_per_block)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } } else { @@ -391,7 +391,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (!wsize || !wNAF_len || !wNAF || !val_sub) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); goto err; } @@ -420,7 +420,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (pre_comp == NULL) { if (num_scalar != 1) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } /* we have already generated a wNAF for 'scalar' */ @@ -429,7 +429,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, size_t tmp_len = 0; if (num_scalar != 0) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } @@ -463,8 +463,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, /* possibly we can do with fewer blocks than estimated */ numblocks = (tmp_len + blocksize - 1) / blocksize; if (numblocks > pre_comp->numblocks) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); - OPENSSL_free(tmp_wNAF); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } totalnum = num + numblocks; @@ -478,8 +477,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, if (i < totalnum - 1) { wNAF_len[i] = blocksize; if (tmp_len < blocksize) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); - OPENSSL_free(tmp_wNAF); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } tmp_len -= blocksize; @@ -492,7 +490,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, wNAF[i + 1] = NULL; wNAF[i] = OPENSSL_malloc(wNAF_len[i]); if (wNAF[i] == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); OPENSSL_free(tmp_wNAF); goto err; } @@ -502,7 +500,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } if (*tmp_points == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); OPENSSL_free(tmp_wNAF); goto err; } @@ -521,7 +519,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, */ val = OPENSSL_malloc((num_val + 1) * sizeof val[0]); if (val == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_MALLOC_FAILURE); goto err; } val[num_val] = NULL; /* pivot element */ @@ -539,7 +537,7 @@ int ec_wNAF_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, } } if (!(v == val + num_val)) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_mul, ERR_R_INTERNAL_ERROR); goto err; } @@ -697,7 +695,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { generator = EC_GROUP_get0_generator(group); if (generator == NULL) { - OPENSSL_PUT_ERROR(EC, EC_R_UNDEFINED_GENERATOR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNDEFINED_GENERATOR); return 0; } @@ -723,7 +721,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { goto err; } if (BN_is_zero(order)) { - OPENSSL_PUT_ERROR(EC, EC_R_UNKNOWN_ORDER); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, EC_R_UNKNOWN_ORDER); goto err; } @@ -751,7 +749,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { points = OPENSSL_malloc(sizeof(EC_POINT *) * (num + 1)); if (!points) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); goto err; } @@ -759,13 +757,13 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { var[num] = NULL; /* pivot */ for (i = 0; i < num; i++) { if ((var[i] = EC_POINT_new(group)) == NULL) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); goto err; } } if (!(tmp_point = EC_POINT_new(group)) || !(base = EC_POINT_new(group))) { - OPENSSL_PUT_ERROR(EC, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_MALLOC_FAILURE); goto err; } @@ -797,7 +795,7 @@ int ec_wNAF_precompute_mult(EC_GROUP *group, BN_CTX *ctx) { size_t k; if (blocksize <= 2) { - OPENSSL_PUT_ERROR(EC, ERR_R_INTERNAL_ERROR); + OPENSSL_PUT_ERROR(EC, ec_wNAF_precompute_mult, ERR_R_INTERNAL_ERROR); goto err; } |