-/* $OpenBSD: ecdsa.c,v 1.14 2023/07/28 08:54:41 tb Exp $ */
+/* $OpenBSD: ecdsa.c,v 1.15 2023/07/28 08:57:46 tb Exp $ */
/* ====================================================================
* Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved.
*
#include "ec_local.h"
#include "ecdsa_local.h"
-static int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *in_ctx, BIGNUM **out_kinv,
- BIGNUM **out_r);
-
static const ASN1_TEMPLATE ECDSA_SIG_seq_tt[] = {
{
.flags = 0,
return ret;
}
+int
+ECDSA_sign(int type, const unsigned char *digest, int digest_len,
+ unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
+{
+ if (key->meth->sign == NULL) {
+ ECerror(EC_R_NOT_IMPLEMENTED);
+ return 0;
+ }
+ return key->meth->sign(type, digest, digest_len, signature,
+ signature_len, NULL, NULL, key);
+}
+LCRYPTO_ALIAS(ECDSA_sign);
+
/*
* FIPS 186-5, section 6.4.1, steps 3-8 and 11: Generate k, calculate r and
* kinv. If r == 0, try again with a new random k.
return ret;
}
+static int
+ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
+ BIGNUM **out_r)
+{
+ if (key->meth->sign_setup == NULL) {
+ ECerror(EC_R_NOT_IMPLEMENTED);
+ return 0;
+ }
+ return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
+}
+
/*
* FIPS 186-5, section 6.4.1, step 9: compute s = inv(k)(e + xr) mod order.
* In order to reduce the possibility of a side-channel attack, the following
return sig;
}
+ECDSA_SIG *
+ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
+{
+ if (key->meth->sign_sig == NULL) {
+ ECerror(EC_R_NOT_IMPLEMENTED);
+ return 0;
+ }
+ return key->meth->sign_sig(digest, digest_len, NULL, NULL, key);
+}
+LCRYPTO_ALIAS(ECDSA_do_sign);
+
int
ecdsa_verify(int type, const unsigned char *digest, int digest_len,
const unsigned char *sigbuf, int sig_len, EC_KEY *key)
return ret;
}
+int
+ECDSA_verify(int type, const unsigned char *digest, int digest_len,
+ const unsigned char *sigbuf, int sig_len, EC_KEY *key)
+{
+ if (key->meth->verify == NULL) {
+ ECerror(EC_R_NOT_IMPLEMENTED);
+ return 0;
+ }
+ return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
+}
+LCRYPTO_ALIAS(ECDSA_verify);
+
/*
* FIPS 186-5, section 6.4.2: ECDSA signature verification.
* The caller provides us with the hash of the message, so has performed step 2.
return ret;
}
-ECDSA_SIG *
-ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
-{
- if (key->meth->sign_sig == NULL) {
- ECerror(EC_R_NOT_IMPLEMENTED);
- return 0;
- }
- return key->meth->sign_sig(digest, digest_len, NULL, NULL, key);
-}
-LCRYPTO_ALIAS(ECDSA_do_sign);
-
-int
-ECDSA_sign(int type, const unsigned char *digest, int digest_len,
- unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
-{
- if (key->meth->sign == NULL) {
- ECerror(EC_R_NOT_IMPLEMENTED);
- return 0;
- }
- return key->meth->sign(type, digest, digest_len, signature,
- signature_len, NULL, NULL, key);
-}
-LCRYPTO_ALIAS(ECDSA_sign);
-
-static int
-ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
- BIGNUM **out_r)
-{
- if (key->meth->sign_setup == NULL) {
- ECerror(EC_R_NOT_IMPLEMENTED);
- return 0;
- }
- return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
-}
-
int
ECDSA_do_verify(const unsigned char *digest, int digest_len,
const ECDSA_SIG *sig, EC_KEY *key)
return key->meth->verify_sig(digest, digest_len, sig, key);
}
LCRYPTO_ALIAS(ECDSA_do_verify);
-
-int
-ECDSA_verify(int type, const unsigned char *digest, int digest_len,
- const unsigned char *sigbuf, int sig_len, EC_KEY *key)
-{
- if (key->meth->verify == NULL) {
- ECerror(EC_R_NOT_IMPLEMENTED);
- return 0;
- }
- return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
-}
-LCRYPTO_ALIAS(ECDSA_verify);
projects / openbsd / commitdiff