diff options
Diffstat (limited to 'deps/openssl/openssl/crypto/ecdsa')
-rw-r--r-- | deps/openssl/openssl/crypto/ecdsa/ecdsa.h | 2 | ||||
-rw-r--r-- | deps/openssl/openssl/crypto/ecdsa/ecdsatest.c | 14 | ||||
-rw-r--r-- | deps/openssl/openssl/crypto/ecdsa/ecs_err.c | 4 | ||||
-rw-r--r-- | deps/openssl/openssl/crypto/ecdsa/ecs_lib.c | 32 | ||||
-rw-r--r-- | deps/openssl/openssl/crypto/ecdsa/ecs_locl.h | 8 | ||||
-rw-r--r-- | deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c | 5 |
6 files changed, 11 insertions, 54 deletions
diff --git a/deps/openssl/openssl/crypto/ecdsa/ecdsa.h b/deps/openssl/openssl/crypto/ecdsa/ecdsa.h index 7fb5254b62..e61c539812 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecdsa.h +++ b/deps/openssl/openssl/crypto/ecdsa/ecdsa.h @@ -238,7 +238,6 @@ void ERR_load_ECDSA_strings(void); /* Error codes for the ECDSA functions. */ /* Function codes. */ -#define ECDSA_F_ECDSA_CHECK 104 #define ECDSA_F_ECDSA_DATA_NEW_METHOD 100 #define ECDSA_F_ECDSA_DO_SIGN 101 #define ECDSA_F_ECDSA_DO_VERIFY 102 @@ -250,7 +249,6 @@ void ERR_load_ECDSA_strings(void); #define ECDSA_R_ERR_EC_LIB 102 #define ECDSA_R_MISSING_PARAMETERS 103 #define ECDSA_R_NEED_NEW_SETUP_VALUES 106 -#define ECDSA_R_NON_FIPS_METHOD 107 #define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED 104 #define ECDSA_R_SIGNATURE_MALLOC_FAILED 105 diff --git a/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c b/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c index 537bb30362..54cfb8c753 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c +++ b/deps/openssl/openssl/crypto/ecdsa/ecdsatest.c @@ -262,7 +262,6 @@ int x9_62_tests(BIO *out) "3238135532097973577080787768312505059318910517550078427819" "78505179448783")) goto x962_err; -#ifndef OPENSSL_NO_EC2M if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1, "87194383164871543355722284926904419997237591535066528048", "308992691965804947361541664549085895292153777025772063598")) @@ -273,7 +272,7 @@ int x9_62_tests(BIO *out) "1970303740007316867383349976549972270528498040721988191026" "49413465737174")) goto x962_err; -#endif + ret = 1; x962_err: if (!restore_rand()) @@ -290,8 +289,7 @@ int test_builtin(BIO *out) ECDSA_SIG *ecdsa_sig = NULL; unsigned char digest[20], wrong_digest[20]; unsigned char *signature = NULL; - const unsigned char *sig_ptr; - unsigned char *sig_ptr2; + unsigned char *sig_ptr; unsigned char *raw_buf = NULL; unsigned int sig_len, degree, r_len, s_len, bn_len, buf_len; int nid, ret = 0; @@ -466,8 +464,8 @@ int test_builtin(BIO *out) (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL)) goto builtin_err; - sig_ptr2 = signature; - sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2); + sig_ptr = signature; + sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr); if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) { BIO_printf(out, " failed\n"); @@ -479,8 +477,8 @@ int test_builtin(BIO *out) (BN_bin2bn(raw_buf + bn_len, bn_len, ecdsa_sig->s) == NULL)) goto builtin_err; - sig_ptr2 = signature; - sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr2); + sig_ptr = signature; + sig_len = i2d_ECDSA_SIG(ecdsa_sig, &sig_ptr); if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) { BIO_printf(out, " failed\n"); diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_err.c b/deps/openssl/openssl/crypto/ecdsa/ecs_err.c index 81542e6d15..98e38d537f 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecs_err.c +++ b/deps/openssl/openssl/crypto/ecdsa/ecs_err.c @@ -1,6 +1,6 @@ /* crypto/ecdsa/ecs_err.c */ /* ==================================================================== - * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -70,7 +70,6 @@ static ERR_STRING_DATA ECDSA_str_functs[]= { -{ERR_FUNC(ECDSA_F_ECDSA_CHECK), "ECDSA_CHECK"}, {ERR_FUNC(ECDSA_F_ECDSA_DATA_NEW_METHOD), "ECDSA_DATA_NEW_METHOD"}, {ERR_FUNC(ECDSA_F_ECDSA_DO_SIGN), "ECDSA_do_sign"}, {ERR_FUNC(ECDSA_F_ECDSA_DO_VERIFY), "ECDSA_do_verify"}, @@ -85,7 +84,6 @@ static ERR_STRING_DATA ECDSA_str_reasons[]= {ERR_REASON(ECDSA_R_ERR_EC_LIB) ,"err ec lib"}, {ERR_REASON(ECDSA_R_MISSING_PARAMETERS) ,"missing parameters"}, {ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES),"need new setup values"}, -{ERR_REASON(ECDSA_R_NON_FIPS_METHOD) ,"non fips method"}, {ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED),"random number generation failed"}, {ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED),"signature malloc failed"}, {0,NULL} diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c b/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c index 814a6bf404..2ebae3aa27 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c +++ b/deps/openssl/openssl/crypto/ecdsa/ecs_lib.c @@ -60,9 +60,6 @@ #endif #include <openssl/err.h> #include <openssl/bn.h> -#ifdef OPENSSL_FIPS -#include <openssl/fips.h> -#endif const char ECDSA_version[]="ECDSA" OPENSSL_VERSION_PTEXT; @@ -80,16 +77,7 @@ void ECDSA_set_default_method(const ECDSA_METHOD *meth) const ECDSA_METHOD *ECDSA_get_default_method(void) { if(!default_ECDSA_method) - { -#ifdef OPENSSL_FIPS - if (FIPS_mode()) - return FIPS_ecdsa_openssl(); - else - return ECDSA_OpenSSL(); -#else default_ECDSA_method = ECDSA_OpenSSL(); -#endif - } return default_ECDSA_method; } @@ -200,26 +188,12 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key) ecdsa_data = (ECDSA_DATA *)ecdsa_data_new(); if (ecdsa_data == NULL) return NULL; - data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data, - ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free); - if (data != NULL) - { - /* Another thread raced us to install the key_method - * data and won. */ - ecdsa_data_free(ecdsa_data); - ecdsa_data = (ECDSA_DATA *)data; - } + EC_KEY_insert_key_method_data(key, (void *)ecdsa_data, + ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free); } else ecdsa_data = (ECDSA_DATA *)data; -#ifdef OPENSSL_FIPS - if (FIPS_mode() && !(ecdsa_data->flags & ECDSA_FLAG_FIPS_METHOD) - && !(EC_KEY_get_flags(key) & EC_FLAG_NON_FIPS_ALLOW)) - { - ECDSAerr(ECDSA_F_ECDSA_CHECK, ECDSA_R_NON_FIPS_METHOD); - return NULL; - } -#endif + return ecdsa_data; } diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h b/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h index cb3be13cfc..3a69a840e2 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h +++ b/deps/openssl/openssl/crypto/ecdsa/ecs_locl.h @@ -82,14 +82,6 @@ struct ecdsa_method char *app_data; }; -/* If this flag is set the ECDSA method is FIPS compliant and can be used - * in FIPS mode. This is set in the validated module method. If an - * application sets this flag in its own methods it is its responsibility - * to ensure the result is compliant. - */ - -#define ECDSA_FLAG_FIPS_METHOD 0x1 - typedef struct ecdsa_data_st { /* EC_KEY_METH_DATA part */ int (*init)(EC_KEY *); diff --git a/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c b/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c index 7725935610..1bbf328de5 100644 --- a/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c +++ b/deps/openssl/openssl/crypto/ecdsa/ecs_ossl.c @@ -167,7 +167,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, goto err; } } -#ifndef OPENSSL_NO_EC2M else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(group, @@ -177,7 +176,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, goto err; } } -#endif if (!BN_nnmod(r, X, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB); @@ -456,7 +454,6 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, goto err; } } -#ifndef OPENSSL_NO_EC2M else /* NID_X9_62_characteristic_two_field */ { if (!EC_POINT_get_affine_coordinates_GF2m(group, @@ -466,7 +463,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, goto err; } } -#endif + if (!BN_nnmod(u1, X, order, ctx)) { ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB); |