diff options
| author |   djm <djm@openbsd.org> | 2008-09-06 12:17:47 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2008-09-06 12:17:47 +0000 |
| commit | 4fcf65c5c59fcf6124cf9f1fd81aa546850f974c (patch) | |
| tree | 3c0b4c46d91bcb87c8eef7a1e84711159b17f71b /lib/libcrypto/dh/dh_key.c | |
| parent | import of OpenSSL 0.9.8h (diff) | |
| download | wireguard-openbsd-4fcf65c5c59fcf6124cf9f1fd81aa546850f974c.tar.xz wireguard-openbsd-4fcf65c5c59fcf6124cf9f1fd81aa546850f974c.zip | |
resolve conflicts
Diffstat (limited to 'lib/libcrypto/dh/dh_key.c')
| -rw-r--r-- | lib/libcrypto/dh/dh_key.c | 37 |
1 files changed, 17 insertions, 20 deletions
diff --git a/lib/libcrypto/dh/dh_key.c b/lib/libcrypto/dh/dh_key.c index 74de589204f..e7db440342f 100644 --- a/lib/libcrypto/dh/dh_key.c +++ b/lib/libcrypto/dh/dh_key.c @@ -62,8 +62,6 @@ #include <openssl/rand.h> #include <openssl/dh.h> -#ifndef OPENSSL_FIPS - static int generate_key(DH *dh); static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh); static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, @@ -91,6 +89,7 @@ dh_bn_mod_exp, dh_init, dh_finish, 0, +NULL, NULL }; @@ -131,8 +130,7 @@ static int generate_key(DH *dh) if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked( - (BN_MONT_CTX **)&dh->method_mont_p, + mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, CRYPTO_LOCK_DH, dh->p, ctx); if (!mont) goto err; @@ -152,7 +150,7 @@ static int generate_key(DH *dh) { BN_init(&local_prk); prk = &local_prk; - BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); + BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); } else prk = priv_key; @@ -165,7 +163,7 @@ static int generate_key(DH *dh) ok=1; err: if (ok != 1) - DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB); + DHerr(DH_F_GENERATE_KEY,ERR_R_BN_LIB); if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key); if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key); @@ -175,16 +173,16 @@ err: static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) { - BN_CTX *ctx; + BN_CTX *ctx=NULL; BN_MONT_CTX *mont=NULL; BIGNUM *tmp; int ret= -1; - int check_result; + int check_result; if (BN_num_bits(dh->p) > OPENSSL_DH_MAX_MODULUS_BITS) { - DHerr(DH_F_DH_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); - return -1; + DHerr(DH_F_COMPUTE_KEY,DH_R_MODULUS_TOO_LARGE); + goto err; } ctx = BN_CTX_new(); @@ -194,31 +192,32 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) if (dh->priv_key == NULL) { - DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); + DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE); goto err; } if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked( - (BN_MONT_CTX **)&dh->method_mont_p, + mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, CRYPTO_LOCK_DH, dh->p, ctx); if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) { /* XXX */ - BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME); + BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); } if (!mont) goto err; } - if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) + + if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result) { - DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY); + DHerr(DH_F_COMPUTE_KEY,DH_R_INVALID_PUBKEY); goto err; } + if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont)) { - DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB); + DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB); goto err; } @@ -259,8 +258,6 @@ static int dh_init(DH *dh) static int dh_finish(DH *dh) { if(dh->method_mont_p) - BN_MONT_CTX_free((BN_MONT_CTX *)dh->method_mont_p); + BN_MONT_CTX_free(dh->method_mont_p); return(1); } - -#endif |