From: Dmitry Belyavskiy Date: Sat, 3 Oct 2015 18:21:57 +0000 (+0300) Subject: Fixes of error codes. Check result of EC_POINT_mul X-Git-Tag: v1.1.0.2~45 X-Git-Url: http://www.wagner.pp.ru/gitweb/?p=openssl-gost%2Fengine.git;a=commitdiff_plain;h=671a6236ffa2e92bc635db1429ed0d7ae8d3a959 Fixes of error codes. Check result of EC_POINT_mul --- diff --git a/e_gost_err.c b/e_gost_err.c index c641c60..ab0a7f4 100644 --- a/e_gost_err.c +++ b/e_gost_err.c @@ -72,17 +72,13 @@ static ERR_STRING_DATA GOST_str_functs[] = { {ERR_FUNC(GOST_F_DECODE_GOST_ALGOR_PARAMS), "DECODE_GOST_ALGOR_PARAMS"}, {ERR_FUNC(GOST_F_ENCODE_GOST_ALGOR_PARAMS), "ENCODE_GOST_ALGOR_PARAMS"}, - {ERR_FUNC(GOST_F_FILL_GOST94_PARAMS), "FILL_GOST94_PARAMS"}, {ERR_FUNC(GOST_F_FILL_GOST_EC_PARAMS), "FILL_GOST_EC_PARAMS"}, {ERR_FUNC(GOST_F_GET_ENCRYPTION_PARAMS), "GET_ENCRYPTION_PARAMS"}, {ERR_FUNC(GOST_F_GOST89_GET_ASN1_PARAMETERS), "GOST89_GET_ASN1_PARAMETERS"}, {ERR_FUNC(GOST_F_GOST89_SET_ASN1_PARAMETERS), "GOST89_SET_ASN1_PARAMETERS"}, - {ERR_FUNC(GOST_F_GOST94_COMPUTE_PUBLIC), "GOST94_COMPUTE_PUBLIC"}, {ERR_FUNC(GOST_F_GOST_CIPHER_CTL), "GOST_CIPHER_CTL"}, - {ERR_FUNC(GOST_F_GOST_DO_SIGN), "GOST_DO_SIGN"}, - {ERR_FUNC(GOST_F_GOST_DO_VERIFY), "GOST_DO_VERIFY"}, {ERR_FUNC(GOST_F_GOST_EC_COMPUTE_PUBLIC), "GOST_EC_COMPUTE_PUBLIC"}, {ERR_FUNC(GOST_F_GOST_EC_KEYGEN), "GOST_EC_KEYGEN"}, {ERR_FUNC(GOST_F_GOST_EC_SIGN), "GOST_EC_SIGN"}, @@ -90,13 +86,9 @@ static ERR_STRING_DATA GOST_str_functs[] = { {ERR_FUNC(GOST_F_GOST_IMIT_CTRL), "GOST_IMIT_CTRL"}, {ERR_FUNC(GOST_F_GOST_IMIT_FINAL), "GOST_IMIT_FINAL"}, {ERR_FUNC(GOST_F_GOST_IMIT_UPDATE), "GOST_IMIT_UPDATE"}, - {ERR_FUNC(GOST_F_GOST_SIGN_KEYGEN), "GOST_SIGN_KEYGEN"}, - {ERR_FUNC(GOST_F_PARAM_COPY_GOST01), "PARAM_COPY_GOST01"}, {ERR_FUNC(GOST_F_PARAM_COPY_GOST_EC), "PARAM_COPY_GOST_EC"}, {ERR_FUNC(GOST_F_PKEY_GOST01_PARAMGEN), "PKEY_GOST01_PARAMGEN"}, {ERR_FUNC(GOST_F_PKEY_GOST12_PARAMGEN), "PKEY_GOST12_PARAMGEN"}, - {ERR_FUNC(GOST_F_PKEY_GOST94_CTRL_STR), "PKEY_GOST94_CTRL_STR"}, - {ERR_FUNC(GOST_F_PKEY_GOST94_PARAMGEN), "PKEY_GOST94_PARAMGEN"}, {ERR_FUNC(GOST_F_PKEY_GOST_CTRL), "PKEY_GOST_CTRL"}, {ERR_FUNC(GOST_F_PKEY_GOST_ECCP_DECRYPT), "PKEY_GOST_ECCP_DECRYPT"}, {ERR_FUNC(GOST_F_PKEY_GOST_ECCP_ENCRYPT), "PKEY_GOST_ECCP_ENCRYPT"}, @@ -108,13 +100,8 @@ static ERR_STRING_DATA GOST_str_functs[] = { {ERR_FUNC(GOST_F_PKEY_GOST_MAC_KEYGEN), "PKEY_GOST_MAC_KEYGEN"}, {ERR_FUNC(GOST_F_PRINT_GOST_EC_PUB), "PRINT_GOST_EC_PUB"}, {ERR_FUNC(GOST_F_PRIV_DECODE_GOST), "PRIV_DECODE_GOST"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST01), "PUB_DECODE_GOST01"}, - {ERR_FUNC(GOST_F_PUB_DECODE_GOST94), "PUB_DECODE_GOST94"}, {ERR_FUNC(GOST_F_PUB_DECODE_GOST_EC), "PUB_DECODE_GOST_EC"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST01), "PUB_ENCODE_GOST01"}, - {ERR_FUNC(GOST_F_PUB_ENCODE_GOST94), "PUB_ENCODE_GOST94"}, {ERR_FUNC(GOST_F_PUB_ENCODE_GOST_EC), "PUB_ENCODE_GOST_EC"}, - {ERR_FUNC(GOST_F_UNPACK_CC_SIGNATURE), "UNPACK_CC_SIGNATURE"}, {ERR_FUNC(GOST_F_UNPACK_CP_SIGNATURE), "UNPACK_CP_SIGNATURE"}, {ERR_FUNC(GOST_F_VKO_COMPUTE_KEY), "VKO_COMPUTE_KEY"}, {0, NULL} @@ -132,6 +119,7 @@ static ERR_STRING_DATA GOST_str_reasons[] = { "error computing shared key"}, {ERR_REASON(GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO), "error parsing key transport info"}, + {ERR_REASON(GOST_R_ERROR_POINT_MUL), "error point mul"}, {ERR_REASON(GOST_R_INCOMPATIBLE_ALGORITHMS), "incompatible algorithms"}, {ERR_REASON(GOST_R_INCOMPATIBLE_PEER_KEY), "incompatible peer key"}, {ERR_REASON(GOST_R_INVALID_CIPHER_PARAMS), "invalid cipher params"}, @@ -140,21 +128,15 @@ static ERR_STRING_DATA GOST_str_reasons[] = { {ERR_REASON(GOST_R_INVALID_IV_LENGTH), "invalid iv length"}, {ERR_REASON(GOST_R_INVALID_MAC_KEY_LENGTH), "invalid mac key length"}, {ERR_REASON(GOST_R_INVALID_PARAMSET), "invalid paramset"}, - {ERR_REASON(GOST_R_KEY_IS_NOT_INITALIZED), "key is not initalized"}, {ERR_REASON(GOST_R_KEY_IS_NOT_INITIALIZED), "key is not initialized"}, {ERR_REASON(GOST_R_KEY_PARAMETERS_MISSING), "key parameters missing"}, {ERR_REASON(GOST_R_MAC_KEY_NOT_SET), "mac key not set"}, - {ERR_REASON(GOST_R_MALLOC_FAILURE), "malloc failure"}, - {ERR_REASON(GOST_R_NO_MEMORY), "no memory"}, {ERR_REASON(GOST_R_NO_PARAMETERS_SET), "no parameters set"}, {ERR_REASON(GOST_R_NO_PEER_KEY), "no peer key"}, {ERR_REASON(GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR), "no private part of non ephemeral keypair"}, {ERR_REASON(GOST_R_PUBLIC_KEY_UNDEFINED), "public key undefined"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_ERROR), "random generator error"}, - {ERR_REASON(GOST_R_RANDOM_GENERATOR_FAILURE), "random generator failure"}, - {ERR_REASON(GOST_R_RANDOM_NUMBER_GENERATOR_FAILED), - "random number generator failed"}, + {ERR_REASON(GOST_R_RNG_ERROR), "rng error"}, {ERR_REASON(GOST_R_SIGNATURE_MISMATCH), "signature mismatch"}, {ERR_REASON(GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q), "signature parts greater than q"}, diff --git a/e_gost_err.h b/e_gost_err.h index 5e7e8e4..1caaa94 100644 --- a/e_gost_err.h +++ b/e_gost_err.h @@ -74,49 +74,36 @@ void ERR_GOST_error(int function, int reason, char *file, int line); /* Function codes. */ # define GOST_F_DECODE_GOST_ALGOR_PARAMS 100 # define GOST_F_ENCODE_GOST_ALGOR_PARAMS 101 -# define GOST_F_FILL_GOST94_PARAMS 102 -# define GOST_F_FILL_GOST_EC_PARAMS 103 -# define GOST_F_GET_ENCRYPTION_PARAMS 104 -# define GOST_F_GOST89_GET_ASN1_PARAMETERS 105 -# define GOST_F_GOST89_SET_ASN1_PARAMETERS 106 -# define GOST_F_GOST94_COMPUTE_PUBLIC 107 -# define GOST_F_GOST_CIPHER_CTL 108 -# define GOST_F_GOST_DO_SIGN 109 -# define GOST_F_GOST_DO_VERIFY 110 -# define GOST_F_GOST_EC_COMPUTE_PUBLIC 111 -# define GOST_F_GOST_EC_KEYGEN 112 -# define GOST_F_GOST_EC_SIGN 113 -# define GOST_F_GOST_EC_VERIFY 114 -# define GOST_F_GOST_IMIT_CTRL 115 -# define GOST_F_GOST_IMIT_FINAL 116 -# define GOST_F_GOST_IMIT_UPDATE 117 -# define GOST_F_GOST_SIGN_KEYGEN 118 -# define GOST_F_PARAM_COPY_GOST01 119 -# define GOST_F_PARAM_COPY_GOST_EC 120 -# define GOST_F_PKEY_GOST01_PARAMGEN 121 -# define GOST_F_PKEY_GOST12_PARAMGEN 122 -# define GOST_F_PKEY_GOST94_CTRL_STR 123 -# define GOST_F_PKEY_GOST94_PARAMGEN 124 -# define GOST_F_PKEY_GOST_CTRL 125 -# define GOST_F_PKEY_GOST_ECCP_DECRYPT 126 -# define GOST_F_PKEY_GOST_ECCP_ENCRYPT 127 -# define GOST_F_PKEY_GOST_EC_CTRL_STR_256 128 -# define GOST_F_PKEY_GOST_EC_CTRL_STR_512 129 -# define GOST_F_PKEY_GOST_EC_DERIVE 130 -# define GOST_F_PKEY_GOST_MAC_CTRL 131 -# define GOST_F_PKEY_GOST_MAC_CTRL_STR 132 -# define GOST_F_PKEY_GOST_MAC_KEYGEN 133 -# define GOST_F_PRINT_GOST_EC_PUB 134 -# define GOST_F_PRIV_DECODE_GOST 135 -# define GOST_F_PUB_DECODE_GOST01 136 -# define GOST_F_PUB_DECODE_GOST94 137 -# define GOST_F_PUB_DECODE_GOST_EC 138 -# define GOST_F_PUB_ENCODE_GOST01 139 -# define GOST_F_PUB_ENCODE_GOST94 140 -# define GOST_F_PUB_ENCODE_GOST_EC 141 -# define GOST_F_UNPACK_CC_SIGNATURE 142 -# define GOST_F_UNPACK_CP_SIGNATURE 143 -# define GOST_F_VKO_COMPUTE_KEY 144 +# define GOST_F_FILL_GOST_EC_PARAMS 102 +# define GOST_F_GET_ENCRYPTION_PARAMS 103 +# define GOST_F_GOST89_GET_ASN1_PARAMETERS 104 +# define GOST_F_GOST89_SET_ASN1_PARAMETERS 105 +# define GOST_F_GOST_CIPHER_CTL 106 +# define GOST_F_GOST_EC_COMPUTE_PUBLIC 107 +# define GOST_F_GOST_EC_KEYGEN 108 +# define GOST_F_GOST_EC_SIGN 109 +# define GOST_F_GOST_EC_VERIFY 110 +# define GOST_F_GOST_IMIT_CTRL 111 +# define GOST_F_GOST_IMIT_FINAL 112 +# define GOST_F_GOST_IMIT_UPDATE 113 +# define GOST_F_PARAM_COPY_GOST_EC 114 +# define GOST_F_PKEY_GOST01_PARAMGEN 115 +# define GOST_F_PKEY_GOST12_PARAMGEN 116 +# define GOST_F_PKEY_GOST_CTRL 117 +# define GOST_F_PKEY_GOST_ECCP_DECRYPT 118 +# define GOST_F_PKEY_GOST_ECCP_ENCRYPT 119 +# define GOST_F_PKEY_GOST_EC_CTRL_STR_256 120 +# define GOST_F_PKEY_GOST_EC_CTRL_STR_512 121 +# define GOST_F_PKEY_GOST_EC_DERIVE 122 +# define GOST_F_PKEY_GOST_MAC_CTRL 123 +# define GOST_F_PKEY_GOST_MAC_CTRL_STR 124 +# define GOST_F_PKEY_GOST_MAC_KEYGEN 125 +# define GOST_F_PRINT_GOST_EC_PUB 126 +# define GOST_F_PRIV_DECODE_GOST 127 +# define GOST_F_PUB_DECODE_GOST_EC 128 +# define GOST_F_PUB_ENCODE_GOST_EC 129 +# define GOST_F_UNPACK_CP_SIGNATURE 130 +# define GOST_F_VKO_COMPUTE_KEY 131 /* Reason codes. */ # define GOST_R_BAD_KEY_PARAMETERS_FORMAT 100 @@ -125,32 +112,28 @@ void ERR_GOST_error(int function, int reason, char *file, int line); # define GOST_R_CTRL_CALL_FAILED 103 # define GOST_R_ERROR_COMPUTING_SHARED_KEY 104 # define GOST_R_ERROR_PARSING_KEY_TRANSPORT_INFO 105 -# define GOST_R_INCOMPATIBLE_ALGORITHMS 106 -# define GOST_R_INCOMPATIBLE_PEER_KEY 107 -# define GOST_R_INVALID_CIPHER_PARAMS 108 -# define GOST_R_INVALID_CIPHER_PARAM_OID 109 -# define GOST_R_INVALID_DIGEST_TYPE 110 -# define GOST_R_INVALID_IV_LENGTH 111 -# define GOST_R_INVALID_MAC_KEY_LENGTH 112 -# define GOST_R_INVALID_PARAMSET 113 -# define GOST_R_KEY_IS_NOT_INITALIZED 114 +# define GOST_R_ERROR_POINT_MUL 106 +# define GOST_R_INCOMPATIBLE_ALGORITHMS 107 +# define GOST_R_INCOMPATIBLE_PEER_KEY 108 +# define GOST_R_INVALID_CIPHER_PARAMS 109 +# define GOST_R_INVALID_CIPHER_PARAM_OID 110 +# define GOST_R_INVALID_DIGEST_TYPE 111 +# define GOST_R_INVALID_IV_LENGTH 112 +# define GOST_R_INVALID_MAC_KEY_LENGTH 113 +# define GOST_R_INVALID_PARAMSET 114 # define GOST_R_KEY_IS_NOT_INITIALIZED 115 # define GOST_R_KEY_PARAMETERS_MISSING 116 # define GOST_R_MAC_KEY_NOT_SET 117 -# define GOST_R_MALLOC_FAILURE 118 -# define GOST_R_NO_MEMORY 119 -# define GOST_R_NO_PARAMETERS_SET 120 -# define GOST_R_NO_PEER_KEY 121 -# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 122 -# define GOST_R_PUBLIC_KEY_UNDEFINED 123 -# define GOST_R_RANDOM_GENERATOR_ERROR 124 -# define GOST_R_RANDOM_GENERATOR_FAILURE 125 -# define GOST_R_RANDOM_NUMBER_GENERATOR_FAILED 126 -# define GOST_R_SIGNATURE_MISMATCH 127 -# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 128 -# define GOST_R_UKM_NOT_SET 129 -# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 130 -# define GOST_R_UNSUPPORTED_PARAMETER_SET 131 +# define GOST_R_NO_PARAMETERS_SET 118 +# define GOST_R_NO_PEER_KEY 119 +# define GOST_R_NO_PRIVATE_PART_OF_NON_EPHEMERAL_KEYPAIR 120 +# define GOST_R_PUBLIC_KEY_UNDEFINED 121 +# define GOST_R_RNG_ERROR 122 +# define GOST_R_SIGNATURE_MISMATCH 123 +# define GOST_R_SIGNATURE_PARTS_GREATER_THAN_Q 124 +# define GOST_R_UKM_NOT_SET 125 +# define GOST_R_UNSUPPORTED_CIPHER_CTL_COMMAND 126 +# define GOST_R_UNSUPPORTED_PARAMETER_SET 127 #ifdef __cplusplus } diff --git a/gost_crypt.c b/gost_crypt.c index 668e881..5226395 100644 --- a/gost_crypt.c +++ b/gost_crypt.c @@ -464,8 +464,7 @@ int gost_cipher_ctl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr) case EVP_CTRL_RAND_KEY: { if (RAND_bytes((unsigned char *)ptr, ctx->key_len) <= 0) { - GOSTerr(GOST_F_GOST_CIPHER_CTL, - GOST_R_RANDOM_GENERATOR_ERROR); + GOSTerr(GOST_F_GOST_CIPHER_CTL, GOST_R_RNG_ERROR); return -1; } break; diff --git a/gost_ec_keyx.c b/gost_ec_keyx.c index 929c786..c2a465b 100644 --- a/gost_ec_keyx.c +++ b/gost_ec_keyx.c @@ -35,7 +35,7 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, half_len = buf_len >> 1; if (!ctx) { - GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_NO_MEMORY); + GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); return 0; } BN_CTX_start(ctx); @@ -43,7 +43,7 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, databuf = OPENSSL_malloc(buf_len); hashbuf = OPENSSL_malloc(buf_len); if (!databuf || !hashbuf) { - GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_MALLOC_FAILURE); + GOSTerr(GOST_F_VKO_COMPUTE_KEY, ERR_R_MALLOC_FAILURE); goto err; } @@ -60,7 +60,10 @@ static int VKO_compute_key(unsigned char *shared_key, size_t shared_key_size, Y = BN_CTX_get(ctx); EC_GROUP_get_order(EC_KEY_get0_group(priv_key), order, ctx); BN_mod_mul(p, key, UKM, order, ctx); - EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx); + if(!EC_POINT_mul(EC_KEY_get0_group(priv_key), pnt, NULL, pub_key, p, ctx)) { + GOSTerr(GOST_F_VKO_COMPUTE_KEY, GOST_R_ERROR_POINT_MUL); + goto err; + } EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(priv_key), pnt, X, Y, ctx); /* @@ -163,8 +166,7 @@ int pkey_GOST_ECcp_encrypt(EVP_PKEY_CTX *pctx, unsigned char *out, } else if (out) { if (RAND_bytes(ukm, 8) <= 0) { - GOSTerr(GOST_F_PKEY_GOST_ECCP_ENCRYPT, - GOST_R_RANDOM_GENERATOR_FAILURE); + GOSTerr(GOST_F_PKEY_GOST_ECCP_ENCRYPT, GOST_R_RNG_ERROR); return 0; } } diff --git a/gost_ec_sign.c b/gost_ec_sign.c index 8821799..9d542ce 100644 --- a/gost_ec_sign.c +++ b/gost_ec_sign.c @@ -175,7 +175,7 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) md = hashsum2bn(dgst, dlen); newsig = DSA_SIG_new(); if (!newsig || !md) { - GOSTerr(GOST_F_GOST_EC_SIGN, GOST_R_NO_MEMORY); + GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE); goto err; } group = EC_KEY_get0_group(eckey); @@ -218,8 +218,7 @@ DSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey) do { do { if (!BN_rand_range(k, order)) { - GOSTerr(GOST_F_GOST_EC_SIGN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); + GOSTerr(GOST_F_GOST_EC_SIGN, GOST_R_RNG_ERROR); goto err; } /* @@ -315,7 +314,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len, OPENSSL_assert(dgst != NULL && sig != NULL && group != NULL); if (!(ctx = BN_CTX_new())) { - GOSTerr(GOST_F_GOST_EC_VERIFY, GOST_R_NO_MEMORY); + GOSTerr(GOST_F_GOST_EC_VERIFY, ERR_R_MALLOC_FAILURE); return 0; } @@ -502,8 +501,7 @@ int gost_ec_keygen(EC_KEY *ec) do { if (!BN_rand_range(d, order)) { - GOSTerr(GOST_F_GOST_EC_KEYGEN, - GOST_R_RANDOM_NUMBER_GENERATOR_FAILED); + GOSTerr(GOST_F_GOST_EC_KEYGEN, GOST_R_RNG_ERROR); goto end; } }