sync code with last fixes and improvements from OpenBSD

lib/libcrypto/ecdsa/ecdsa.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa.c,v 1.12 2023/07/10 19:10:51 tb Exp $ */
+/* $OpenBSD: ecdsa.c,v 1.16 2023/07/28 09:18:10 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 2000-2002 The OpenSSL Project.  All rights reserved.
  *
@@ -57,15 +57,11 @@
 #include <stdlib.h>
 #include <string.h>
 
-#include <openssl/opensslconf.h>
-
 #include <openssl/asn1.h>
 #include <openssl/asn1t.h>
 #include <openssl/bn.h>
-#include <openssl/ecdsa.h>
 #include <openssl/ec.h>
 #include <openssl/err.h>
-#include <openssl/evp.h>
 
 #include "bn_local.h"
 #include "ec_local.h"
@@ -225,11 +221,16 @@ ecdsa_sign(int type, const unsigned char *digest, int digest_len,
     unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
     const BIGNUM *r, EC_KEY *key)
 {
-	ECDSA_SIG *sig;
+	ECDSA_SIG *sig = NULL;
 	int out_len = 0;
 	int ret = 0;
 
-	if ((sig = ECDSA_do_sign_ex(digest, digest_len, kinv, r, key)) == NULL)
+	if (kinv != NULL || r != NULL) {
+		ECerror(EC_R_NOT_IMPLEMENTED);
+		goto err;
+	}
+
+	if ((sig = ECDSA_do_sign(digest, digest_len, key)) == NULL)
 		goto err;
 
 	if ((out_len = i2d_ECDSA_SIG(sig, &signature)) < 0) {
@@ -246,6 +247,19 @@ ecdsa_sign(int type, const unsigned char *digest, int digest_len,
 	return ret;
 }
 
+int
+ECDSA_sign(int type, const unsigned char *digest, int digest_len,
+    unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
+{
+	if (key->meth->sign == NULL) {
+		ECerror(EC_R_NOT_IMPLEMENTED);
+		return 0;
+	}
+	return key->meth->sign(type, digest, digest_len, signature,
+	    signature_len, NULL, NULL, key);
+}
+LCRYPTO_ALIAS(ECDSA_sign);
+
 /*
  * FIPS 186-5, section 6.4.1, steps 3-8 and 11: Generate k, calculate r and
  * kinv. If r == 0, try again with a new random k.
@@ -391,6 +405,17 @@ ecdsa_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv, BIGNUM **out_r)
 	return ret;
 }
 
+static int
+ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
+    BIGNUM **out_r)
+{
+	if (key->meth->sign_setup == NULL) {
+		ECerror(EC_R_NOT_IMPLEMENTED);
+		return 0;
+	}
+	return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
+}
+
 /*
  * FIPS 186-5, section 6.4.1, step 9: compute s = inv(k)(e + xr) mod order.
  * In order to reduce the possibility of a side-channel attack, the following
@@ -519,10 +544,14 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
 	BN_CTX *ctx = NULL;
 	BIGNUM *kinv = NULL, *r = NULL, *s = NULL;
 	BIGNUM *e;
-	int caller_supplied_values = 0;
 	int attempts = 0;
 	ECDSA_SIG *sig = NULL;
 
+	if (in_kinv != NULL || in_r != NULL) {
+		ECerror(EC_R_NOT_IMPLEMENTED);
+		goto err;
+	}
+
 	if ((ctx = BN_CTX_new()) == NULL) {
 		ECerror(ERR_R_MALLOC_FAILURE);
 		goto err;
@@ -537,31 +566,11 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
 	if (!ecdsa_prepare_digest(digest, digest_len, key, e))
 		goto err;
 
-	if (in_kinv != NULL && in_r != NULL) {
-		/*
-		 * Use the caller's kinv and r. Don't call ECDSA_sign_setup().
-		 * If we're unable to compute a valid signature, the caller
-		 * must provide new values.
-		 */
-		caller_supplied_values = 1;
-
-		if ((kinv = BN_dup(in_kinv)) == NULL) {
-			ECerror(ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-		if ((r = BN_dup(in_r)) == NULL) {
-			ECerror(ERR_R_MALLOC_FAILURE);
-			goto err;
-		}
-	}
-
 	do {
 		/* Steps 3-8: calculate kinv and r. */
-		if (!caller_supplied_values) {
-			if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) {
-				ECerror(ERR_R_EC_LIB);
-				goto err;
-			}
+		if (!ECDSA_sign_setup(key, ctx, &kinv, &r)) {
+			ECerror(ERR_R_EC_LIB);
+			goto err;
 		}
 
 		/*
@@ -572,11 +581,6 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
 		if (s != NULL)
 			break;
 
-		if (caller_supplied_values) {
-			ECerror(EC_R_NEED_NEW_SETUP_VALUES);
-			goto err;
-		}
-
 		if (++attempts > ECDSA_MAX_SIGN_ITERATIONS) {
 			ECerror(EC_R_WRONG_CURVE_PARAMETERS);
 			goto err;
@@ -605,6 +609,17 @@ ecdsa_sign_sig(const unsigned char *digest, int digest_len,
 	return sig;
 }
 
+ECDSA_SIG *
+ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
+{
+	if (key->meth->sign_sig == NULL) {
+		ECerror(EC_R_NOT_IMPLEMENTED);
+		return 0;
+	}
+	return key->meth->sign_sig(digest, digest_len, NULL, NULL, key);
+}
+LCRYPTO_ALIAS(ECDSA_do_sign);
+
 int
 ecdsa_verify(int type, const unsigned char *digest, int digest_len,
     const unsigned char *sigbuf, int sig_len, EC_KEY *key)
@@ -637,6 +652,18 @@ ecdsa_verify(int type, const unsigned char *digest, int digest_len,
 	return ret;
 }
 
+int
+ECDSA_verify(int type, const unsigned char *digest, int digest_len,
+    const unsigned char *sigbuf, int sig_len, EC_KEY *key)
+{
+	if (key->meth->verify == NULL) {
+		ECerror(EC_R_NOT_IMPLEMENTED);
+		return 0;
+	}
+	return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
+}
+LCRYPTO_ALIAS(ECDSA_verify);
+
 /*
  * FIPS 186-5, section 6.4.2: ECDSA signature verification.
  * The caller provides us with the hash of the message, so has performed step 2.
@@ -755,60 +782,6 @@ ecdsa_verify_sig(const unsigned char *digest, int digest_len,
 	return ret;
 }
 
-ECDSA_SIG *
-ECDSA_do_sign(const unsigned char *digest, int digest_len, EC_KEY *key)
-{
-	return ECDSA_do_sign_ex(digest, digest_len, NULL, NULL, key);
-}
-LCRYPTO_ALIAS(ECDSA_do_sign);
-
-ECDSA_SIG *
-ECDSA_do_sign_ex(const unsigned char *digest, int digest_len,
-    const BIGNUM *kinv, const BIGNUM *out_r, EC_KEY *key)
-{
-	if (key->meth->sign_sig == NULL) {
-		ECerror(EC_R_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return key->meth->sign_sig(digest, digest_len, kinv, out_r, key);
-}
-LCRYPTO_ALIAS(ECDSA_do_sign_ex);
-
-int
-ECDSA_sign(int type, const unsigned char *digest, int digest_len,
-    unsigned char *signature, unsigned int *signature_len, EC_KEY *key)
-{
-	return ECDSA_sign_ex(type, digest, digest_len, signature, signature_len,
-	    NULL, NULL, key);
-}
-LCRYPTO_ALIAS(ECDSA_sign);
-
-int
-ECDSA_sign_ex(int type, const unsigned char *digest, int digest_len,
-    unsigned char *signature, unsigned int *signature_len, const BIGNUM *kinv,
-    const BIGNUM *r, EC_KEY *key)
-{
-	if (key->meth->sign == NULL) {
-		ECerror(EC_R_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return key->meth->sign(type, digest, digest_len, signature,
-	    signature_len, kinv, r, key);
-}
-LCRYPTO_ALIAS(ECDSA_sign_ex);
-
-int
-ECDSA_sign_setup(EC_KEY *key, BN_CTX *in_ctx, BIGNUM **out_kinv,
-    BIGNUM **out_r)
-{
-	if (key->meth->sign_setup == NULL) {
-		ECerror(EC_R_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return key->meth->sign_setup(key, in_ctx, out_kinv, out_r);
-}
-LCRYPTO_ALIAS(ECDSA_sign_setup);
-
 int
 ECDSA_do_verify(const unsigned char *digest, int digest_len,
     const ECDSA_SIG *sig, EC_KEY *key)
@@ -820,15 +793,3 @@ ECDSA_do_verify(const unsigned char *digest, int digest_len,
 	return key->meth->verify_sig(digest, digest_len, sig, key);
 }
 LCRYPTO_ALIAS(ECDSA_do_verify);
-
-int
-ECDSA_verify(int type, const unsigned char *digest, int digest_len,
-    const unsigned char *sigbuf, int sig_len, EC_KEY *key)
-{
-	if (key->meth->verify == NULL) {
-		ECerror(EC_R_NOT_IMPLEMENTED);
-		return 0;
-	}
-	return key->meth->verify(type, digest, digest_len, sigbuf, sig_len, key);
-}
-LCRYPTO_ALIAS(ECDSA_verify);

lib/libcrypto/ecdsa/ecdsa.h

@@ -1,191 +1,6 @@
-/* $OpenBSD: ecdsa.h,v 1.16 2023/06/19 09:12:41 tb Exp $ */
+/* $OpenBSD: ecdsa.h,v 1.20 2023/07/28 09:16:17 tb Exp $ */
 /*
- * Written by Nils Larsch for the OpenSSL project
+ * Public domain.
  */
-/* ====================================================================
- * Copyright (c) 2000-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#ifndef HEADER_ECDSA_H
-#define HEADER_ECDSA_H
 
-#include <openssl/opensslconf.h>
-
-#ifdef OPENSSL_NO_ECDSA
-#error ECDSA is disabled.
-#endif
-
-#include <openssl/bn.h>
 #include <openssl/ec.h>
-
-#include <openssl/ossl_typ.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-typedef struct ECDSA_SIG_st ECDSA_SIG;
-
-struct ecdsa_method {
-	const char *name;
-	ECDSA_SIG *(*ecdsa_do_sign)(const unsigned char *dgst, int dgst_len,
-	    const BIGNUM *inv, const BIGNUM *rp, EC_KEY *eckey);
-	int (*ecdsa_sign_setup)(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-	    BIGNUM **r);
-	int (*ecdsa_do_verify)(const unsigned char *dgst, int dgst_len,
-	    const ECDSA_SIG *sig, EC_KEY *eckey);
-	int flags;
-	char *app_data;
-};
-
-/*
- * If this flag is set, the ECDSA method is FIPS compliant and can be used
- * in FIPS mode. This is set in the validated module method. If an
- * application sets this flag in its own methods it is its responsibility
- * to ensure the result is compliant.
- */
-
-#define ECDSA_FLAG_FIPS_METHOD  0x1
-
-ECDSA_SIG *ECDSA_SIG_new(void);
-void ECDSA_SIG_free(ECDSA_SIG *sig);
-int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
-ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
-void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps);
-
-const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
-const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
-int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
-
-ECDSA_SIG *ECDSA_do_sign(const unsigned char *dgst, int dgst_len,
-    EC_KEY *eckey);
-ECDSA_SIG *ECDSA_do_sign_ex(const unsigned char *dgst, int dgstlen,
-    const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey);
-int ECDSA_do_verify(const unsigned char *dgst, int dgst_len,
-    const ECDSA_SIG *sig, EC_KEY* eckey);
-
-const ECDSA_METHOD *ECDSA_OpenSSL(void);
-void ECDSA_set_default_method(const ECDSA_METHOD *meth);
-const ECDSA_METHOD *ECDSA_get_default_method(void);
-int ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth);
-int ECDSA_size(const EC_KEY *eckey);
-
-int ECDSA_sign_setup(EC_KEY *eckey, BN_CTX *ctx, BIGNUM **kinv,
-    BIGNUM **rp);
-int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
-    unsigned char *sig, unsigned int *siglen, EC_KEY *eckey);
-int ECDSA_sign_ex(int type, const unsigned char *dgst, int dgstlen,
-    unsigned char *sig, unsigned int *siglen, const BIGNUM *kinv,
-    const BIGNUM *rp, EC_KEY *eckey);
-int ECDSA_verify(int type, const unsigned char *dgst, int dgstlen,
-    const unsigned char *sig, int siglen, EC_KEY *eckey);
-
-int ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
-int ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg);
-void *ECDSA_get_ex_data(EC_KEY *d, int idx);
-
-/* XXX should be in ec.h, but needs ECDSA_SIG */
-void EC_KEY_METHOD_set_sign(EC_KEY_METHOD *meth,
-    int (*sign)(int type, const unsigned char *dgst,
-	int dlen, unsigned char *sig, unsigned int *siglen,
-	const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey),
-    int (*sign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
-	BIGNUM **kinvp, BIGNUM **rp),
-    ECDSA_SIG *(*sign_sig)(const unsigned char *dgst,
-	int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r,
-	EC_KEY *eckey));
-void EC_KEY_METHOD_set_verify(EC_KEY_METHOD *meth,
-    int (*verify)(int type, const unsigned char *dgst, int dgst_len,
-	const unsigned char *sigbuf, int sig_len, EC_KEY *eckey),
-    int (*verify_sig)(const unsigned char *dgst, int dgst_len,
-	const ECDSA_SIG *sig, EC_KEY *eckey));
-void EC_KEY_METHOD_get_sign(const EC_KEY_METHOD *meth,
-    int (**psign)(int type, const unsigned char *dgst,
-	int dlen, unsigned char *sig, unsigned int *siglen,
-	const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey),
-    int (**psign_setup)(EC_KEY *eckey, BN_CTX *ctx_in,
-	BIGNUM **kinvp, BIGNUM **rp),
-    ECDSA_SIG *(**psign_sig)(const unsigned char *dgst,
-	int dgst_len, const BIGNUM *in_kinv, const BIGNUM *in_r,
-	EC_KEY *eckey));
-void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
-    int (**pverify)(int type, const unsigned char *dgst, int dgst_len,
-	const unsigned char *sigbuf, int sig_len, EC_KEY *eckey),
-    int (**pverify_sig)(const unsigned char *dgst, int dgst_len,
-	const ECDSA_SIG *sig, EC_KEY *eckey));
-
-void ERR_load_ECDSA_strings(void);
-
-/* Error codes for the ECDSA functions. */
-
-/* Function codes. */
-#define ECDSA_F_ECDSA_CHECK				 104
-#define ECDSA_F_ECDSA_DATA_NEW_METHOD			 100
-#define ECDSA_F_ECDSA_DO_SIGN				 101
-#define ECDSA_F_ECDSA_DO_VERIFY				 102
-#define ECDSA_F_ECDSA_SIGN_SETUP			 103
-
-/* Reason codes. */
-#define ECDSA_R_BAD_SIGNATURE				 100
-#define ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE		 101
-#define ECDSA_R_ERR_EC_LIB				 102
-#define ECDSA_R_MISSING_PARAMETERS			 103
-#define ECDSA_R_NEED_NEW_SETUP_VALUES			 106
-#define ECDSA_R_NON_FIPS_METHOD				 107
-#define ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED		 104
-#define ECDSA_R_SIGNATURE_MALLOC_FAILED			 105
-
-#ifdef  __cplusplus
-}
-#endif
-#endif

lib/libcrypto/ecdsa/ecdsa_local.h

@@ -1,4 +1,4 @@
-/* $OpenBSD: ecdsa_local.h,v 1.1 2023/07/05 11:37:46 tb Exp $ */
+/* $OpenBSD: ecdsa_local.h,v 1.2 2023/07/28 15:50:33 tb Exp $ */
 /*
  * Written by Nils Larsch for the OpenSSL project
  */
@@ -59,7 +59,7 @@
 #ifndef HEADER_ECS_LOCAL_H
 #define HEADER_ECS_LOCAL_H
 
-#include <openssl/ecdsa.h>
+#include <openssl/ec.h>
 
 __BEGIN_HIDDEN_DECLS
 

lib/libcrypto/ecdsa/ecs_err.c

@@ -1,97 +0,0 @@
-/* $OpenBSD: ecs_err.c,v 1.8 2023/07/07 13:54:45 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-
-#include <openssl/opensslconf.h>
-
-#include <openssl/ecdsa.h>
-#include <openssl/err.h>
-
-#ifndef OPENSSL_NO_ERR
-
-#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ECDSA,func,0)
-#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ECDSA,0,reason)
-
-static ERR_STRING_DATA ECDSA_str_functs[]= {
-	{ERR_FUNC(0xfff), "CRYPTO_internal"},
-	{0, NULL}
-};
-
-static ERR_STRING_DATA ECDSA_str_reasons[]= {
-	{ERR_REASON(ECDSA_R_BAD_SIGNATURE)       , "bad signature"},
-	{ERR_REASON(ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE), "data too large for key size"},
-	{ERR_REASON(ECDSA_R_ERR_EC_LIB)          , "err ec lib"},
-	{ERR_REASON(ECDSA_R_MISSING_PARAMETERS)  , "missing parameters"},
-	{ERR_REASON(ECDSA_R_NEED_NEW_SETUP_VALUES), "need new setup values"},
-	{ERR_REASON(ECDSA_R_NON_FIPS_METHOD)     , "non fips method"},
-	{ERR_REASON(ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED), "random number generation failed"},
-	{ERR_REASON(ECDSA_R_SIGNATURE_MALLOC_FAILED), "signature malloc failed"},
-	{0, NULL}
-};
-
-#endif
-
-void
-ERR_load_ECDSA_strings(void)
-{
-#ifndef OPENSSL_NO_ERR
-	if (ERR_func_error_string(ECDSA_str_functs[0].error) == NULL) {
-		ERR_load_strings(0, ECDSA_str_functs);
-		ERR_load_strings(0, ECDSA_str_reasons);
-	}
-#endif
-}
-LCRYPTO_ALIAS(ERR_load_ECDSA_strings);

lib/libcrypto/ecdsa/ecs_lib.c

@@ -1,129 +0,0 @@
-/* $OpenBSD: ecs_lib.c,v 1.25 2023/07/07 13:54:45 beck Exp $ */
-/* ====================================================================
- * Copyright (c) 1998-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    openssl-core@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <string.h>
-
-#include <openssl/opensslconf.h>
-
-#ifndef OPENSSL_NO_ENGINE
-#include <openssl/engine.h>
-#endif
-#include <openssl/err.h>
-#include <openssl/bn.h>
-
-#include "ec_local.h"
-#include "ecdsa_local.h"
-
-static const ECDSA_METHOD *default_ECDSA_method = NULL;
-
-static const ECDSA_METHOD openssl_ecdsa_meth = {
-	.name = "OpenSSL ECDSA method",
-	.ecdsa_do_sign = ecdsa_sign_sig,
-	.ecdsa_sign_setup = ecdsa_sign_setup,
-	.ecdsa_do_verify = ecdsa_verify_sig,
-};
-
-const ECDSA_METHOD *
-ECDSA_OpenSSL(void)
-{
-	return &openssl_ecdsa_meth;
-}
-LCRYPTO_ALIAS(ECDSA_OpenSSL);
-
-void
-ECDSA_set_default_method(const ECDSA_METHOD *meth)
-{
-	default_ECDSA_method = meth;
-}
-LCRYPTO_ALIAS(ECDSA_set_default_method);
-
-const ECDSA_METHOD *
-ECDSA_get_default_method(void)
-{
-	if (!default_ECDSA_method) {
-		default_ECDSA_method = ECDSA_OpenSSL();
-	}
-	return default_ECDSA_method;
-}
-LCRYPTO_ALIAS(ECDSA_get_default_method);
-
-int
-ECDSA_set_method(EC_KEY *eckey, const ECDSA_METHOD *meth)
-{
-	return 0;
-}
-LCRYPTO_ALIAS(ECDSA_set_method);
-
-int
-ECDSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-	return -1;
-}
-LCRYPTO_ALIAS(ECDSA_get_ex_new_index);
-
-int
-ECDSA_set_ex_data(EC_KEY *d, int idx, void *arg)
-{
-	return 0;
-}
-LCRYPTO_ALIAS(ECDSA_set_ex_data);
-
-void *
-ECDSA_get_ex_data(EC_KEY *d, int idx)
-{
-	return NULL;
-}
-LCRYPTO_ALIAS(ECDSA_get_ex_data);