aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/ec/ec2_mult.c
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2017-01-26 18:32:12 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2017-01-26 18:32:12 +0000
commit5315173646e65b5025be33013edc33eb9658e683 (patch)
tree06e2ebfcb3177eeb3cba0775d8e3ed98577e77da /crypto/ec/ec2_mult.c
parente656c34a188598ebce6423c4fbc4860921d41be4 (diff)
downloadsrc-5315173646e65b5025be33013edc33eb9658e683.tar.gz
src-5315173646e65b5025be33013edc33eb9658e683.zip
Import OpenSSL 1.0.2k.vendor/openssl/1.0.2k
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=312823 svn path=/vendor-crypto/openssl/1.0.2k/; revision=312824; tag=vendor/openssl/1.0.2k
Diffstat (limited to 'crypto/ec/ec2_mult.c')
-rw-r--r--crypto/ec/ec2_mult.c20
1 files changed, 11 insertions, 9 deletions
diff --git a/crypto/ec/ec2_mult.c b/crypto/ec/ec2_mult.c
index 68cc8771d5eb..1f9cc00aead6 100644
--- a/crypto/ec/ec2_mult.c
+++ b/crypto/ec/ec2_mult.c
@@ -267,7 +267,7 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
BN_CTX *ctx)
{
BIGNUM *x1, *x2, *z1, *z2;
- int ret = 0, i;
+ int ret = 0, i, group_top;
BN_ULONG mask, word;
if (r == point) {
@@ -297,10 +297,12 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
x2 = &r->X;
z2 = &r->Y;
- bn_wexpand(x1, group->field.top);
- bn_wexpand(z1, group->field.top);
- bn_wexpand(x2, group->field.top);
- bn_wexpand(z2, group->field.top);
+ group_top = group->field.top;
+ if (bn_wexpand(x1, group_top) == NULL
+ || bn_wexpand(z1, group_top) == NULL
+ || bn_wexpand(x2, group_top) == NULL
+ || bn_wexpand(z2, group_top) == NULL)
+ goto err;
if (!BN_GF2m_mod_arr(x1, &point->X, group->poly))
goto err; /* x1 = x */
@@ -329,14 +331,14 @@ static int ec_GF2m_montgomery_point_multiply(const EC_GROUP *group,
for (; i >= 0; i--) {
word = scalar->d[i];
while (mask) {
- BN_consttime_swap(word & mask, x1, x2, group->field.top);
- BN_consttime_swap(word & mask, z1, z2, group->field.top);
+ BN_consttime_swap(word & mask, x1, x2, group_top);
+ BN_consttime_swap(word & mask, z1, z2, group_top);
if (!gf2m_Madd(group, &point->X, x2, z2, x1, z1, ctx))
goto err;
if (!gf2m_Mdouble(group, x1, z1, ctx))
goto err;
- BN_consttime_swap(word & mask, x1, x2, group->field.top);
- BN_consttime_swap(word & mask, z1, z2, group->field.top);
+ BN_consttime_swap(word & mask, x1, x2, group_top);
+ BN_consttime_swap(word & mask, z1, z2, group_top);
mask >>= 1;
}
mask = BN_TBIT;
generated by cgit v1.2.3 (git 2.25.1) at 2022-05-22 05:23:27 +0000