diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b1c45718c..4334e66a0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -256,7 +256,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: config - run: CC=clang ./config --strict-warnings enable-ssl-trace enable-zlib enable-zlib-dynamic enable-fips enable-ec_elgamal enable-twisted_ec_elgamal enable-paillier && perl configdata.pm --dump + run: CC=clang ./config --strict-warnings enable-ssl-trace enable-zlib enable-zlib-dynamic enable-ec_elgamal enable-twisted_ec_elgamal enable-paillier && perl configdata.pm --dump - name: make run: make -s -j4 - name: make test diff --git a/Configure b/Configure index 9e8ead4ee..2067a6680 100755 --- a/Configure +++ b/Configure @@ -1125,6 +1125,13 @@ if (!defined($disabled{'ec_elgamal'})) { $config{api}=$apitable->{"1.1.1"}; } +if (!defined($disabled{'twisted_ec_elgamal'})) { + die "twisted_ec_elgamal only supports api with 1.1.1\n" + if ($config{api} && $config{api} != $apitable->{"1.1.1"}); + die "twisted_ec_elgamal depends on ec_elgamal\n" + if (defined($disabled{'ec_elgamal'})); +} + if (!defined($disabled{'bulletproofs'})) { die "bulletproofs only supports api with 1.1.1\n" if ($config{api} && $config{api} != $apitable->{"1.1.1"}); diff --git a/crypto/ec/ec_elgamal_crypt.c b/crypto/ec/ec_elgamal_crypt.c index ebfc27f8d..697e47c63 100644 --- a/crypto/ec/ec_elgamal_crypt.c +++ b/crypto/ec/ec_elgamal_crypt.c @@ -9,66 +9,11 @@ #include "ec_elgamal.h" #include -#include #include DEFINE_STACK_OF(EC_KEY) DEFINE_STACK_OF(EC_POINT) -#define HASH_TO_EC_POINT_TRY_COUNT 1000 - -/* - * Functions for convert string to ec_point on the elliptic curve. - * This implementation belongs to the ad-hoc method, but it is also the - * recommended implementation in the mcl library, the google open source project - * and the cryptography conference paper. - * \param group underlying EC_GROUP object - * \param r EC_POINT object for the result - * \param str string pointer - * \param len length of the string - * \return 1 on success and 0 if an error occurred - */ -int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r, - const unsigned char *str, size_t len) -{ - int ret = 0, i = 0; - unsigned char hash_res[SHA256_DIGEST_LENGTH]; - unsigned char *p = (unsigned char *)str; - BN_CTX *bn_ctx = NULL; - BIGNUM *x; - - memset(hash_res, 0, sizeof(hash_res)); - - if ((bn_ctx = BN_CTX_new_ex(group->libctx)) == NULL) - goto end; - - BN_CTX_start(bn_ctx); - if ((x = BN_CTX_get(bn_ctx)) == NULL) - goto end; - - do { - if (!SHA256(p, len, hash_res)) - goto end; - - BN_bin2bn(hash_res, SHA256_DIGEST_LENGTH, x); - - p = &hash_res[0]; - len = sizeof(hash_res); - - if(EC_POINT_set_compressed_coordinates(group, r, x, 0, bn_ctx) == 1) { - ret = 1; - break; - } - - ERR_clear_error(); - } while (i++ < HASH_TO_EC_POINT_TRY_COUNT); - -end: - BN_CTX_end(bn_ctx); - BN_CTX_free(bn_ctx); - return ret; -} - /** Creates a new EC_ELGAMAL_CTX object * \param key EC_KEY to use * \param h EC_POINT object pointer diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 26a23afad..e92f582db 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -24,6 +24,8 @@ #include "internal/nelem.h" #include "ec_local.h" +#define HASH_TO_EC_POINT_TRY_COUNT 1000 + /* functions for EC_GROUP objects */ EC_GROUP *ossl_ec_group_new_ex(OSSL_LIB_CTX *libctx, const char *propq, @@ -978,6 +980,60 @@ EC_POINT *EC_POINT_dup(const EC_POINT *a, const EC_GROUP *group) return t; } +#ifndef FIPS_MODULE +/* + * Functions for convert string to ec_point on the elliptic curve. + * This implementation belongs to the ad-hoc method, but it is also the + * recommended implementation in the mcl library, the google open source project + * and the cryptography conference paper. + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result + * \param str string pointer + * \param len length of the string + * \return 1 on success and 0 if an error occurred + */ +int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r, + const unsigned char *str, size_t len) +{ + int ret = 0, i = 0; + unsigned char hash_res[SHA256_DIGEST_LENGTH]; + unsigned char *p = (unsigned char *)str; + BN_CTX *bn_ctx = NULL; + BIGNUM *x; + + memset(hash_res, 0, sizeof(hash_res)); + + if ((bn_ctx = BN_CTX_new_ex(group->libctx)) == NULL) + goto end; + + BN_CTX_start(bn_ctx); + if ((x = BN_CTX_get(bn_ctx)) == NULL) + goto end; + + do { + if (!SHA256(p, len, hash_res)) + goto end; + + BN_bin2bn(hash_res, SHA256_DIGEST_LENGTH, x); + + p = &hash_res[0]; + len = sizeof(hash_res); + + if(EC_POINT_set_compressed_coordinates(group, r, x, 0, bn_ctx) == 1) { + ret = 1; + break; + } + + ERR_clear_error(); + } while (i++ < HASH_TO_EC_POINT_TRY_COUNT); + +end: + BN_CTX_end(bn_ctx); + BN_CTX_free(bn_ctx); + return ret; +} +#endif + #ifndef OPENSSL_NO_DEPRECATED_3_0 const EC_METHOD *EC_POINT_method_of(const EC_POINT *point) { diff --git a/crypto/zkp/common/zkp_util.h b/crypto/zkp/common/zkp_util.h index b0a49551a..f6663e259 100644 --- a/crypto/zkp/common/zkp_util.h +++ b/crypto/zkp/common/zkp_util.h @@ -117,5 +117,3 @@ STACK_OF(EC_POINT) *zkp_stack_of_point_decode(const unsigned char *in, int *len, # endif #endif - - diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 9254b85db..156c4a4b6 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -661,6 +661,19 @@ int EC_POINT_copy(EC_POINT *dst, const EC_POINT *src); */ EC_POINT *EC_POINT_dup(const EC_POINT *src, const EC_GROUP *group); +#ifndef FIPS_MODULE +/* + * Functions for convert string to ec_point on the elliptic curve. + * \param group underlying EC_GROUP object + * \param r EC_POINT object for the result + * \param str string pointer + * \param len length of the string + * \return 1 on success and 0 if an error occurred + */ +int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r, + const unsigned char *str, size_t len); +#endif + /** Sets a point to infinity (neutral element) * \param group underlying EC_GROUP object * \param point EC_POINT to set to infinity @@ -2050,17 +2063,6 @@ size_t EC_ELGAMAL_MR_CIPHERTEXT_encode(EC_ELGAMAL_MR_CTX *ctx, unsigned char *ou int EC_ELGAMAL_MR_CIPHERTEXT_decode(EC_ELGAMAL_MR_CTX *ctx, EC_ELGAMAL_MR_CIPHERTEXT *r, unsigned char *in, size_t size); -/* - * Functions for convert string to ec_point on the elliptic curve. - * \param group underlying EC_GROUP object - * \param r EC_POINT object for the result - * \param str string pointer - * \param len length of the string - * \return 1 on success and 0 if an error occurred - */ -int EC_POINT_from_string(const EC_GROUP *group, EC_POINT *r, - const unsigned char *str, size_t len); - # endif # endif diff --git a/util/libcrypto.num b/util/libcrypto.num index 7e48891a5..27a7e2693 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5431,7 +5431,7 @@ ENGINE_get_bn_meth 5715 3_0_3 EXIST::FUNCTION:BN_METHOD,ENG ENGINE_set_default_bn_meth 5716 3_0_3 EXIST::FUNCTION:BN_METHOD,ENGINE ENGINE_get_default_bn_meth 5717 3_0_3 EXIST::FUNCTION:BN_METHOD,ENGINE EC_ELGAMAL_DECRYPT_TABLE_new_ex 5718 3_0_3 EXIST::FUNCTION:EC,EC_ELGAMAL -EC_POINT_from_string 5719 3_0_3 EXIST::FUNCTION:EC,EC_ELGAMAL +EC_POINT_from_string 5719 3_0_3 EXIST::FUNCTION:EC PAILLIER_CTX_set_engine 5720 3_0_3 EXIST::FUNCTION:ENGINE,PAILLIER EVP_sm4_gcm 5721 3_0_3 EXIST::FUNCTION:SM4 EVP_sm4_ccm 5722 3_0_3 EXIST::FUNCTION:SM4