diff options
Diffstat (limited to 'src/crypto/fipsmodule/ec/ec_key.c')
-rw-r--r-- | src/crypto/fipsmodule/ec/ec_key.c | 41 |
1 files changed, 20 insertions, 21 deletions
diff --git a/src/crypto/fipsmodule/ec/ec_key.c b/src/crypto/fipsmodule/ec/ec_key.c index acabb068..e5e8b1a3 100644 --- a/src/crypto/fipsmodule/ec/ec_key.c +++ b/src/crypto/fipsmodule/ec/ec_key.c @@ -165,9 +165,9 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { OPENSSL_PUT_ERROR(EC, ERR_R_PASSED_NULL_PARAMETER); return NULL; } - /* Copy the parameters. */ + // Copy the parameters. if (src->group) { - /* TODO(fork): duplicating the group seems wasteful. */ + // TODO(fork): duplicating the group seems wasteful. EC_GROUP_free(dest->group); dest->group = EC_GROUP_dup(src->group); if (dest->group == NULL) { @@ -175,7 +175,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { } } - /* Copy the public key. */ + // Copy the public key. if (src->pub_key && src->group) { EC_POINT_free(dest->pub_key); dest->pub_key = EC_POINT_dup(src->pub_key, src->group); @@ -184,7 +184,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { } } - /* copy the private key */ + // copy the private key if (src->priv_key) { if (dest->priv_key == NULL) { dest->priv_key = BN_new(); @@ -196,14 +196,14 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) { return NULL; } } - /* copy method/extra data */ + // copy method/extra data if (src->ecdsa_meth) { METHOD_unref(dest->ecdsa_meth); dest->ecdsa_meth = src->ecdsa_meth; METHOD_ref(dest->ecdsa_meth); } - /* copy the rest */ + // copy the rest dest->enc_flag = src->enc_flag; dest->conv_form = src->conv_form; @@ -235,13 +235,13 @@ const EC_GROUP *EC_KEY_get0_group(const EC_KEY *key) { return key->group; } int EC_KEY_set_group(EC_KEY *key, const EC_GROUP *group) { EC_GROUP_free(key->group); - /* TODO(fork): duplicating the group seems wasteful but see - * |EC_KEY_set_conv_form|. */ + // TODO(fork): duplicating the group seems wasteful but see + // |EC_KEY_set_conv_form|. key->group = EC_GROUP_dup(group); if (key->group == NULL) { return 0; } - /* XXX: |BN_cmp| is not constant time. */ + // XXX: |BN_cmp| is not constant time. if (key->priv_key != NULL && BN_cmp(key->priv_key, EC_GROUP_get0_order(group)) >= 0) { return 0; @@ -254,7 +254,7 @@ const BIGNUM *EC_KEY_get0_private_key(const EC_KEY *key) { } int EC_KEY_set_private_key(EC_KEY *key, const BIGNUM *priv_key) { - /* XXX: |BN_cmp| is not constant time. */ + // XXX: |BN_cmp| is not constant time. if (key->group != NULL && BN_cmp(priv_key, EC_GROUP_get0_order(key->group)) >= 0) { OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); @@ -310,16 +310,15 @@ int EC_KEY_check_key(const EC_KEY *eckey) { goto err; } - /* testing whether the pub_key is on the elliptic curve */ + // testing whether the pub_key is on the elliptic curve if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { OPENSSL_PUT_ERROR(EC, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } - /* in case the priv_key is present : - * check if generator * priv_key == pub_key - */ + // in case the priv_key is present : + // check if generator * priv_key == pub_key if (eckey->priv_key) { - /* XXX: |BN_cmp| is not constant time. */ + // XXX: |BN_cmp| is not constant time. if (BN_cmp(eckey->priv_key, EC_GROUP_get0_order(eckey->group)) >= 0) { OPENSSL_PUT_ERROR(EC, EC_R_WRONG_ORDER); goto err; @@ -345,7 +344,7 @@ err: int EC_KEY_check_fips(const EC_KEY *key) { if (EC_KEY_is_opaque(key)) { - /* Opaque keys can't be checked. */ + // Opaque keys can't be checked. OPENSSL_PUT_ERROR(EC, EC_R_PUBLIC_KEY_VALIDATION_FAILED); return 0; } @@ -408,8 +407,8 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, goto err; } - /* Check if retrieved coordinates match originals: if not values - * are out of range. */ + // Check if retrieved coordinates match originals: if not values + // are out of range. if (BN_cmp(x, tx) || BN_cmp(y, ty)) { OPENSSL_PUT_ERROR(EC, EC_R_COORDINATES_OUT_OF_RANGE); goto err; @@ -453,14 +452,14 @@ int EC_KEY_generate_key(EC_KEY *eckey) { const BIGNUM *order = EC_GROUP_get0_order(eckey->group); - /* Check that the size of the group order is FIPS compliant (FIPS 186-4 - * B.4.2). */ + // Check that the size of the group order is FIPS compliant (FIPS 186-4 + // B.4.2). if (BN_num_bits(order) < 160) { OPENSSL_PUT_ERROR(EC, EC_R_INVALID_GROUP_ORDER); goto err; } - /* Generate the private key by testing candidates (FIPS 186-4 B.4.2). */ + // Generate the private key by testing candidates (FIPS 186-4 B.4.2). if (!BN_rand_range_ex(priv_key, 1, order)) { goto err; } |