NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0055c9c634
kumquat-buildroot/package/libspdm/0003-cryptlib_openssl-ec-Remove-internal-OpenSSL-crypto-i.patch
Alistair Francis a837a609a8 package/libspdm: new package 
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-09-10 20:52:19 +02:00

83 lines
2.7 KiB
Diff
Raw Blame History

From 567b1c8ea731fe42650d43ede50a105b772dc7aa Mon Sep 17 00:00:00 2001
From: Alistair Francis <alistair.francis@wdc.com>
Date: Fri, 11 Aug 2023 16:24:23 -0400
Subject: [PATCH] cryptlib_openssl: ec: Remove internal OpenSSL crypto include
The OpenSSL source code describes the crypto include as:
"Internal EC functions for other submodules: not for application use"
- https://github.com/openssl/openssl/blob/master/include/crypto/ec.h
Using the internal APIS makes it difficult to use libspdm as a library
with other packages. So let's remove the uses of the internal API and
instead use the public API.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Upstream: https://github.com/DMTF/libspdm/commit/567b1c8ea731fe42650d43ede50a105b772dc7aa
---
os_stub/cryptlib_openssl/pk/ec.c | 26 ++++++++++++++++++++++----
1 file changed, 22 insertions(+), 4 deletions(-)
diff --git a/os_stub/cryptlib_openssl/pk/ec.c b/os_stub/cryptlib_openssl/pk/ec.c
index 7dd9a8b0f8..09df0b9a25 100644
--- a/os_stub/cryptlib_openssl/pk/ec.c
+++ b/os_stub/cryptlib_openssl/pk/ec.c
@@ -15,7 +15,6 @@
#include <openssl/bn.h>
#include <openssl/ec.h>
#include <openssl/objects.h>
-#include <crypto/ec.h>
/**
* Allocates and Initializes one Elliptic Curve context for subsequent use
@@ -854,7 +853,7 @@ static int libspdm_ecdsa_sign_setup_random(EC_KEY *eckey, BIGNUM **kinvp, BIGNUM
uint8_t* random, size_t random_len)
{
BN_CTX *ctx = NULL;
- BIGNUM *k = NULL, *r = NULL, *X = NULL;
+ BIGNUM *k = NULL, *r = NULL, *X = NULL, *e = NULL;
const BIGNUM *order;
EC_POINT *tmp_point = NULL;
const EC_GROUP *group;
@@ -901,6 +900,11 @@ static int libspdm_ecdsa_sign_setup_random(EC_KEY *eckey, BIGNUM **kinvp, BIGNUM
goto err;
}
+ e = BN_CTX_get(ctx);
+ if (e == NULL) {
+ return 0;
+ }
+
/*random number*/
k = BN_bin2bn(random, random_len, NULL);
@@ -915,10 +919,24 @@ static int libspdm_ecdsa_sign_setup_random(EC_KEY *eckey, BIGNUM **kinvp, BIGNUM
goto err;
}
- /* compute the inverse of k */
- if (!ossl_ec_group_do_inverse_ord(group, k, k, ctx)) {
+ /*
+ * compute the inverse of k
+ * Based on ossl_ec_group_do_inverse_ord() from OpenSSL
+ */
+ BN_CTX_start(ctx);
+ if (!BN_set_word(e, 2)) {
+ BN_CTX_end(ctx);
+ goto err;
+ }
+ if (!BN_sub(e, order, e)) {
+ BN_CTX_end(ctx);
+ goto err;
+ }
+ if (!BN_mod_exp_mont(k, k, e, order, ctx, EC_GROUP_get_mont_data(group))) {
+ BN_CTX_end(ctx);
goto err;
}
+ BN_CTX_end(ctx);
/* clear old values if necessary */
BN_clear_free(*rp);
--
2.40.1
Reference in New Issue View Git Blame Copy Permalink