From c9abfe422b3e387555f922dfcc280299b6e92975 Mon Sep 17 00:00:00 2001
From: Robert Sloan <varomodt@google.com>
Date: Mon, 26 Nov 2018 12:19:07 -0800
Subject: external/boringssl: Sync to 9113e0996fd445ce187ae9dfeabfc95805b947a2.

This includes the following changes:

https://boringssl.googlesource.com/boringssl/+log/fa3aadcd40ec4fd27a6e9492ef099b3dcc6eb2af..9113e0996fd445ce187ae9dfeabfc95805b947a2

Test: atest CtsLibcoreTestCases
Change-Id: I31ed8a7c9481e7b42f0454f0ee64c26e17a85d52
---
 src/crypto/fipsmodule/ecdh/ecdh.c | 63 ++++++++-------------------------------
 1 file changed, 12 insertions(+), 51 deletions(-)

(limited to 'src/crypto/fipsmodule/ecdh')

diff --git a/src/crypto/fipsmodule/ecdh/ecdh.c b/src/crypto/fipsmodule/ecdh/ecdh.c
index cd9d7eaf..b9dc2374 100644
--- a/src/crypto/fipsmodule/ecdh/ecdh.c
+++ b/src/crypto/fipsmodule/ecdh/ecdh.c
@@ -66,10 +66,8 @@
 
 #include <openssl/ecdh.h>
 
-#include <limits.h>
 #include <string.h>
 
-#include <openssl/bn.h>
 #include <openssl/ec.h>
 #include <openssl/ec_key.h>
 #include <openssl/err.h>
@@ -86,50 +84,20 @@ int ECDH_compute_key_fips(uint8_t *out, size_t out_len, const EC_POINT *pub_key,
     return 0;
   }
   const EC_SCALAR *const priv = &priv_key->priv_key->scalar;
-
-  BN_CTX *ctx = BN_CTX_new();
-  if (ctx == NULL) {
-    return 0;
-  }
-  BN_CTX_start(ctx);
-
-  int ret = 0;
-  size_t buflen = 0;
-  uint8_t *buf = NULL;
-
   const EC_GROUP *const group = EC_KEY_get0_group(priv_key);
-  EC_POINT *shared_point = EC_POINT_new(group);
-  if (shared_point == NULL) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE);
-    goto err;
-  }
-
-  if (!ec_point_mul_scalar(group, shared_point, NULL, pub_key, priv, ctx)) {
-    OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE);
-    goto err;
-  }
-
-  BIGNUM *x = BN_CTX_get(ctx);
-  if (!x) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE);
-    goto err;
+  if (EC_GROUP_cmp(group, pub_key->group, NULL) != 0) {
+    OPENSSL_PUT_ERROR(EC, EC_R_INCOMPATIBLE_OBJECTS);
+    return 0;
   }
 
-  if (!EC_POINT_get_affine_coordinates_GFp(group, shared_point, x, NULL, ctx)) {
+  EC_RAW_POINT shared_point;
+  uint8_t buf[EC_MAX_BYTES];
+  size_t buflen;
+  if (!ec_point_mul_scalar(group, &shared_point, NULL, &pub_key->raw, priv) ||
+      !ec_point_get_affine_coordinate_bytes(group, buf, NULL, &buflen,
+                                            sizeof(buf), &shared_point)) {
     OPENSSL_PUT_ERROR(ECDH, ECDH_R_POINT_ARITHMETIC_FAILURE);
-    goto err;
-  }
-
-  buflen = (EC_GROUP_get_degree(group) + 7) / 8;
-  buf = OPENSSL_malloc(buflen);
-  if (buf == NULL) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_MALLOC_FAILURE);
-    goto err;
-  }
-
-  if (!BN_bn2bin_padded(buf, buflen, x)) {
-    OPENSSL_PUT_ERROR(ECDH, ERR_R_INTERNAL_ERROR);
-    goto err;
+    return 0;
   }
 
   switch (out_len) {
@@ -147,15 +115,8 @@ int ECDH_compute_key_fips(uint8_t *out, size_t out_len, const EC_POINT *pub_key,
       break;
     default:
       OPENSSL_PUT_ERROR(ECDH, ECDH_R_UNKNOWN_DIGEST_LENGTH);
-      goto err;
+      return 0;
   }
 
-  ret = 1;
-
-err:
-  OPENSSL_free(buf);
-  EC_POINT_free(shared_point);
-  BN_CTX_end(ctx);
-  BN_CTX_free(ctx);
-  return ret;
+  return 1;
 }
-- 
cgit v1.2.3