Merge pull request #495 from wa5i/bugfix

Move the EC_POINT_from_string to ec_lib.c to make it more generic.

.github/workflows/ci.yml

@@ -256,7 +256,7 @@ jobs:
     steps:
       - uses: actions/checkout@v2
       - name: config
-        run: CC=clang ./config --strict-warnings enable-ssl-trace enable-zlib enable-zlib-dynamic enable-fips enable-ec_elgamal enable-twisted_ec_elgamal enable-paillier && perl configdata.pm --dump
+        run: CC=clang ./config --strict-warnings enable-ssl-trace enable-zlib enable-zlib-dynamic enable-ec_elgamal enable-twisted_ec_elgamal enable-paillier && perl configdata.pm --dump
       - name: make
         run: make -s -j4
       - name: make test

Configure

@@ -1125,6 +1125,13 @@ if (!defined($disabled{'ec_elgamal'})) {
     $config{api}=$apitable->{"1.1.1"};
 }
 
+if (!defined($disabled{'twisted_ec_elgamal'})) {
+    die "twisted_ec_elgamal only supports api with 1.1.1\n"
+        if ($config{api} && $config{api} != $apitable->{"1.1.1"});
+    die "twisted_ec_elgamal depends on ec_elgamal\n"
+        if (defined($disabled{'ec_elgamal'}));
+}
+
 if (!defined($disabled{'bulletproofs'})) {
     die "bulletproofs only supports api with 1.1.1\n"
         if ($config{api} && $config{api} != $apitable->{"1.1.1"});

crypto/ec/ec_elgamal_crypt.c

@@ -9,66 +9,11 @@
 
 #include "ec_elgamal.h"
 #include <openssl/err.h>
-#include <openssl/sha.h>
 #include <string.h>
 
 DEFINE_STACK_OF(EC_KEY)
 DEFINE_STACK_OF(EC_POINT)
 
-#define HASH_TO_EC_POINT_TRY_COUNT  1000
-
-/*
- * Functions for convert string to ec_point on the elliptic curve.
- * This implementation belongs to the ad-hoc method, but it is also the
- * recommended implementation in the mcl library, the google open source project
- * and the cryptography conference paper.
- *  \param  group   underlying EC_GROUP object
- *  \param  r       EC_POINT object for the result
- *  \param  str     string pointer
- *  \param  len     length of the string
- *  \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r,
-                         const unsigned char *str, size_t len)
-{
-    int ret = 0, i = 0;
-    unsigned char hash_res[SHA256_DIGEST_LENGTH];
-    unsigned char *p = (unsigned char *)str;
-    BN_CTX *bn_ctx = NULL;
-    BIGNUM *x;
-
-    memset(hash_res, 0, sizeof(hash_res));
-
-    if ((bn_ctx = BN_CTX_new_ex(group->libctx)) == NULL)
-        goto end;
-
-    BN_CTX_start(bn_ctx);
-    if ((x = BN_CTX_get(bn_ctx)) == NULL)
-        goto end;
-
-    do {
-        if (!SHA256(p, len, hash_res))
-            goto end;
-
-        BN_bin2bn(hash_res, SHA256_DIGEST_LENGTH, x);
-
-        p  = &hash_res[0];
-        len = sizeof(hash_res);
-
-        if(EC_POINT_set_compressed_coordinates(group, r, x, 0, bn_ctx) == 1) {
-            ret = 1;
-            break;
-        }
-
-        ERR_clear_error();
-    } while (i++ < HASH_TO_EC_POINT_TRY_COUNT);
-
-end:
-    BN_CTX_end(bn_ctx);
-    BN_CTX_free(bn_ctx);
-    return ret;
-}
-
 /** Creates a new EC_ELGAMAL_CTX object
  *  \param  key      EC_KEY to use
  *  \param  h        EC_POINT object pointer

crypto/ec/ec_lib.c

@@ -24,6 +24,8 @@
 #include "internal/nelem.h"
 #include "ec_local.h"
 
+#define HASH_TO_EC_POINT_TRY_COUNT  1000
+
 /* functions for EC_GROUP objects */
 
 EC_GROUP *ossl_ec_group_new_ex(OSSL_LIB_CTX *libctx, const char *propq,
@@ -978,6 +980,60 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group)
     return t;
 }
 
+#ifndef FIPS_MODULE
+/*
+ * Functions for convert string to ec_point on the elliptic curve.
+ * This implementation belongs to the ad-hoc method, but it is also the
+ * recommended implementation in the mcl library, the google open source project
+ * and the cryptography conference paper.
+ *  \param  group   underlying EC_GROUP object
+ *  \param  r       EC_POINT object for the result
+ *  \param  str     string pointer
+ *  \param  len     length of the string
+ *  \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r,
+                         const unsigned char *str, size_t len)
+{
+    int ret = 0, i = 0;
+    unsigned char hash_res[SHA256_DIGEST_LENGTH];
+    unsigned char *p = (unsigned char *)str;
+    BN_CTX *bn_ctx = NULL;
+    BIGNUM *x;
+
+    memset(hash_res, 0, sizeof(hash_res));
+
+    if ((bn_ctx = BN_CTX_new_ex(group->libctx)) == NULL)
+        goto end;
+
+    BN_CTX_start(bn_ctx);
+    if ((x = BN_CTX_get(bn_ctx)) == NULL)
+        goto end;
+
+    do {
+        if (!SHA256(p, len, hash_res))
+            goto end;
+
+        BN_bin2bn(hash_res, SHA256_DIGEST_LENGTH, x);
+
+        p  = &hash_res[0];
+        len = sizeof(hash_res);
+
+        if(EC_POINT_set_compressed_coordinates(group, r, x, 0, bn_ctx) == 1) {
+            ret = 1;
+            break;
+        }
+
+        ERR_clear_error();
+    } while (i++ < HASH_TO_EC_POINT_TRY_COUNT);
+
+end:
+    BN_CTX_end(bn_ctx);
+    BN_CTX_free(bn_ctx);
+    return ret;
+}
+#endif
+
 #ifndef OPENSSL_NO_DEPRECATED_3_0
 const EC_METHOD *EC_POINT_method_of(const EC_POINT *point)
 {

crypto/zkp/common/zkp_util.h

@@ -117,5 +117,3 @@ STACK_OF(EC_POINT) *zkp_stack_of_point_decode(const unsigned char *in, int *len,
 # endif
 
 #endif
-
-

include/openssl/ec.h

@@ -661,6 +661,19 @@ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src);
  */
 EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group);
 
+#ifndef FIPS_MODULE
+/*
+ * Functions for convert string to ec_point on the elliptic curve.
+ *  \param  group   underlying EC_GROUP object
+ *  \param  r       EC_POINT object for the result
+ *  \param  str     string pointer
+ *  \param  len     length of the string
+ *  \return 1 on success and 0 if an error occurred
+ */
+int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r,
+                         const unsigned char *str, size_t len);
+#endif
+
 /** Sets a point to infinity (neutral element)
  *  \param  group  underlying EC_GROUP object
  *  \param  point  EC_POINT to set to infinity
@@ -2050,17 +2063,6 @@ size_t EC_ELGAMAL_MR_CIPHERTEXT_encode(EC_ELGAMAL_MR_CTX *ctx, unsigned char *ou
 int EC_ELGAMAL_MR_CIPHERTEXT_decode(EC_ELGAMAL_MR_CTX *ctx, EC_ELGAMAL_MR_CIPHERTEXT *r,
                                     unsigned char *in, size_t size);
 
-/*
- * Functions for convert string to ec_point on the elliptic curve.
- *  \param  group   underlying EC_GROUP object
- *  \param  r       EC_POINT object for the result
- *  \param  str     string pointer
- *  \param  len     length of the string
- *  \return 1 on success and 0 if an error occurred
- */
-int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r,
-                         const unsigned char *str, size_t len);
-
 #  endif
 
 # endif

util/libcrypto.num

@@ -5431,7 +5431,7 @@ ENGINE_get_bn_meth                      5715	3_0_3	EXIST::FUNCTION:BN_METHOD,ENG
 ENGINE_set_default_bn_meth              5716	3_0_3	EXIST::FUNCTION:BN_METHOD,ENGINE
 ENGINE_get_default_bn_meth              5717	3_0_3	EXIST::FUNCTION:BN_METHOD,ENGINE
 EC_ELGAMAL_DECRYPT_TABLE_new_ex         5718	3_0_3	EXIST::FUNCTION:EC,EC_ELGAMAL
-EC_POINT_from_string                    5719	3_0_3	EXIST::FUNCTION:EC,EC_ELGAMAL
+EC_POINT_from_string                    5719	3_0_3	EXIST::FUNCTION:EC
 PAILLIER_CTX_set_engine                 5720	3_0_3	EXIST::FUNCTION:ENGINE,PAILLIER
 EVP_sm4_gcm                             5721	3_0_3	EXIST::FUNCTION:SM4
 EVP_sm4_ccm                             5722	3_0_3	EXIST::FUNCTION:SM4