X-Git-Url: http://wagner.pp.ru/gitweb/?a=blobdiff_plain;f=gost_ec_sign.c;h=61d50261a98e0dd6abca787f6a2c54afd33cd1cf;hb=30860f940321eb4762d6449ffef48fc93ad2d2e8;hp=3db118af1481d2680aa8f468176a7a4cc8d0935e;hpb=3652da53812f398d0b1db39c425d9136a15eb968;p=openssl-gost%2Fengine.git

diff --git a/gost_ec_sign.c b/gost_ec_sign.c
index 3db118a..61d5026 100644
--- a/gost_ec_sign.c
+++ b/gost_ec_sign.c
@@ -23,35 +23,20 @@ void dump_dsa_sig(const char *message, ECDSA_SIG *sig);
 # define dump_dsa_sig(a,b)
 #endif
 
-/* Convert little-endian byte array into bignum */
-BIGNUM *hashsum2bn(const unsigned char *dgst, int len)
-{
-    unsigned char buf[64];
-    int i;
-
-    if (len > sizeof(buf))
-        return NULL;
-
-    for (i = 0; i < len; i++) {
-        buf[len - i - 1] = dgst[i];
-    }
-    return BN_bin2bn(buf, len, NULL);
-}
-
 static R3410_ec_params *gost_nid2params(int nid)
 {
     R3410_ec_params *params;
 
     /* Map tc26-2012 256-bit parameters to cp-2001 parameters */
     switch (nid) {
-	case NID_id_tc26_gost_3410_2012_256_paramSetB:
-	    nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
-	    break;
-	case NID_id_tc26_gost_3410_2012_256_paramSetC:
-	    nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
-	    break;
-	case NID_id_tc26_gost_3410_2012_256_paramSetD:
-	    nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
+    case NID_id_tc26_gost_3410_2012_256_paramSetB:
+        nid = NID_id_GostR3410_2001_CryptoPro_A_ParamSet;
+        break;
+    case NID_id_tc26_gost_3410_2012_256_paramSetC:
+        nid = NID_id_GostR3410_2001_CryptoPro_B_ParamSet;
+        break;
+    case NID_id_tc26_gost_3410_2012_256_paramSetD:
+        nid = NID_id_GostR3410_2001_CryptoPro_C_ParamSet;
     }
 
     /* Search nid in 2012 paramset */
@@ -183,14 +168,14 @@ ECDSA_SIG *gost_ec_sign(const unsigned char *dgst, int dlen, EC_KEY *eckey)
 
     OPENSSL_assert(dgst != NULL && eckey != NULL);
 
-    if (!(ctx = BN_CTX_new())) {
+    if (!(ctx = BN_CTX_secure_new())) {
         GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE);
         return NULL;
     }
 
     BN_CTX_start(ctx);
     OPENSSL_assert(dlen == 32 || dlen == 64);
-    md = hashsum2bn(dgst, dlen);
+    md = BN_lebin2bn(dgst, dlen, NULL);
     newsig = ECDSA_SIG_new();
     if (!newsig || !md) {
         GOSTerr(GOST_F_GOST_EC_SIGN, ERR_R_MALLOC_FAILURE);
@@ -367,7 +352,7 @@ int gost_ec_verify(const unsigned char *dgst, int dgst_len,
     }
 
     OPENSSL_assert(dgst_len == 32 || dgst_len == 64);
-    md = hashsum2bn(dgst, dgst_len);
+    md = BN_lebin2bn(dgst, dgst_len, NULL);
     if (!md || !BN_mod(e, md, order, ctx)) {
         GOSTerr(GOST_F_GOST_EC_VERIFY, ERR_R_INTERNAL_ERROR);
         goto err;
@@ -454,7 +439,7 @@ int gost_ec_compute_public(EC_KEY *ec)
         return 0;
     }
 
-    ctx = BN_CTX_new();
+    ctx = BN_CTX_secure_new();
     if (!ctx) {
         GOSTerr(GOST_F_GOST_EC_COMPUTE_PUBLIC, ERR_R_MALLOC_FAILURE);
         return 0;
@@ -508,7 +493,7 @@ int gost_ec_keygen(EC_KEY *ec)
     }
 
     order = BN_new();
-    d = BN_new();
+    d = BN_secure_new();
     if (!order || !d) {
         GOSTerr(GOST_F_GOST_EC_KEYGEN, ERR_R_MALLOC_FAILURE);
         goto end;