diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 3f4376415..3319c3914 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -7207,7 +7207,7 @@ int wc_ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime) #endif } -#ifndef WOLFSSL_SP_MATH +#if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_VALIDATE_ECC_IMPORT) /* validate privkey * generator == pubkey, 0 on success */ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime) { @@ -7290,7 +7290,7 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime) return err; } -#endif +#endif /* !WOLFSSL_SP_MATH || WOLFSSL_VALIDATE_ECC_IMPORT */ #ifdef WOLFSSL_VALIDATE_ECC_IMPORT @@ -7536,15 +7536,15 @@ int wc_ecc_check_key(ecc_key* key) /* pubkey point cannot be at infinity */ #ifndef WOLFSSL_SP_NO_256 if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP256R1) { - err = sp_ecc_check_key_256(key->pubkey.x, key->pubkey.y, &key->k, - key->heap); + err = sp_ecc_check_key_256(key->pubkey.x, key->pubkey.y, + key->type == ECC_PRIVATEKEY ? &key->k : NULL, key->heap); } else #endif #ifdef WOLFSSL_SP_384 if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) { - err = sp_ecc_check_key_384(key->pubkey.x, key->pubkey.y, &key->k, - key->heap); + err = sp_ecc_check_key_384(key->pubkey.x, key->pubkey.y, + key->type == ECC_PRIVATEKEY ? &key->k : NULL, key->heap); } else #endif diff --git a/wolfcrypt/src/sp_arm32.c b/wolfcrypt/src/sp_arm32.c index 3b916b7cd..857d83217 100644 --- a/wolfcrypt/src/sp_arm32.c +++ b/wolfcrypt/src/sp_arm32.c @@ -37369,7 +37369,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_8(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 8, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -37386,7 +37386,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 8, pX); sp_256_from_mp(pub->y, 8, pY); sp_256_from_bin(pub->z, 8, one, (int)sizeof(one)); - sp_256_from_mp(priv, 8, privm); + if (privm) + sp_256_from_mp(priv, 8, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_8(pub->x) != 0) && @@ -37420,15 +37421,17 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_8(p->x, pub->x) != 0 || - sp_256_cmp_8(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_8(p->x, pub->x) != 0 || + sp_256_cmp_8(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -46114,7 +46117,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_12(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 12, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -46131,7 +46134,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 12, pX); sp_384_from_mp(pub->y, 12, pY); sp_384_from_bin(pub->z, 12, one, (int)sizeof(one)); - sp_384_from_mp(priv, 12, privm); + if (privm) + sp_384_from_mp(priv, 12, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_12(pub->x) != 0) && @@ -46165,15 +46169,17 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_12(p->x, pub->x) != 0 || - sp_384_cmp_12(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_12(p->x, pub->x) != 0 || + sp_384_cmp_12(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } diff --git a/wolfcrypt/src/sp_arm64.c b/wolfcrypt/src/sp_arm64.c index 2e2f12aec..5aa7a8c50 100644 --- a/wolfcrypt/src/sp_arm64.c +++ b/wolfcrypt/src/sp_arm64.c @@ -37774,7 +37774,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_4(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 4, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -37791,7 +37791,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 4, pX); sp_256_from_mp(pub->y, 4, pY); sp_256_from_bin(pub->z, 4, one, (int)sizeof(one)); - sp_256_from_mp(priv, 4, privm); + if (privm) + sp_256_from_mp(priv, 4, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_4(pub->x) != 0) && @@ -37825,15 +37826,17 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_256_ecc_mulmod_base_4(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_4(p->x, pub->x) != 0 || - sp_256_cmp_4(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_256_ecc_mulmod_base_4(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_4(p->x, pub->x) != 0 || + sp_256_cmp_4(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -44223,7 +44226,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_6(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 6, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -44240,7 +44243,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 6, pX); sp_384_from_mp(pub->y, 6, pY); sp_384_from_bin(pub->z, 6, one, (int)sizeof(one)); - sp_384_from_mp(priv, 6, privm); + if (privm) + sp_384_from_mp(priv, 6, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_6(pub->x) != 0) && @@ -44274,15 +44278,17 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_384_ecc_mulmod_base_6(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_6(p->x, pub->x) != 0 || - sp_384_cmp_6(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_384_ecc_mulmod_base_6(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_6(p->x, pub->x) != 0 || + sp_384_cmp_6(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } diff --git a/wolfcrypt/src/sp_armthumb.c b/wolfcrypt/src/sp_armthumb.c index ac072c921..36ada03aa 100644 --- a/wolfcrypt/src/sp_armthumb.c +++ b/wolfcrypt/src/sp_armthumb.c @@ -22142,7 +22142,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_8(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 8, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -22159,7 +22159,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 8, pX); sp_256_from_mp(pub->y, 8, pY); sp_256_from_bin(pub->z, 8, one, (int)sizeof(one)); - sp_256_from_mp(priv, 8, privm); + if (privm) + sp_256_from_mp(priv, 8, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_8(pub->x) != 0) && @@ -22193,15 +22194,17 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_8(p->x, pub->x) != 0 || - sp_256_cmp_8(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_8(p->x, pub->x) != 0 || + sp_256_cmp_8(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -28956,7 +28959,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_12(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 12, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -28973,7 +28976,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 12, pX); sp_384_from_mp(pub->y, 12, pY); sp_384_from_bin(pub->z, 12, one, (int)sizeof(one)); - sp_384_from_mp(priv, 12, privm); + if (privm) + sp_384_from_mp(priv, 12, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_12(pub->x) != 0) && @@ -29007,15 +29011,17 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_12(p->x, pub->x) != 0 || - sp_384_cmp_12(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_12(p->x, pub->x) != 0 || + sp_384_cmp_12(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } diff --git a/wolfcrypt/src/sp_c32.c b/wolfcrypt/src/sp_c32.c index 971ba5d0d..be1e0b9d4 100644 --- a/wolfcrypt/src/sp_c32.c +++ b/wolfcrypt/src/sp_c32.c @@ -18566,7 +18566,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_10(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 10, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -18583,7 +18583,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 10, pX); sp_256_from_mp(pub->y, 10, pY); sp_256_from_bin(pub->z, 10, one, (int)sizeof(one)); - sp_256_from_mp(priv, 10, privm); + if (privm) + sp_256_from_mp(priv, 10, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_10(pub->x) != 0) && @@ -18617,15 +18618,17 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_256_ecc_mulmod_base_10(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_10(p->x, pub->x) != 0 || - sp_256_cmp_10(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_256_ecc_mulmod_base_10(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_10(p->x, pub->x) != 0 || + sp_256_cmp_10(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -25891,7 +25894,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_15(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 15, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -25908,7 +25911,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 15, pX); sp_384_from_mp(pub->y, 15, pY); sp_384_from_bin(pub->z, 15, one, (int)sizeof(one)); - sp_384_from_mp(priv, 15, privm); + if (privm) + sp_384_from_mp(priv, 15, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_15(pub->x) != 0) && @@ -25942,15 +25946,17 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_384_ecc_mulmod_base_15(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_15(p->x, pub->x) != 0 || - sp_384_cmp_15(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_384_ecc_mulmod_base_15(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_15(p->x, pub->x) != 0 || + sp_384_cmp_15(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } diff --git a/wolfcrypt/src/sp_c64.c b/wolfcrypt/src/sp_c64.c index ff0b50aae..5d21e7d16 100644 --- a/wolfcrypt/src/sp_c64.c +++ b/wolfcrypt/src/sp_c64.c @@ -18292,7 +18292,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_5(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 5, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -18309,7 +18309,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 5, pX); sp_256_from_mp(pub->y, 5, pY); sp_256_from_bin(pub->z, 5, one, (int)sizeof(one)); - sp_256_from_mp(priv, 5, privm); + if (privm) + sp_256_from_mp(priv, 5, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_5(pub->x) != 0) && @@ -18343,15 +18344,17 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_256_ecc_mulmod_base_5(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_5(p->x, pub->x) != 0 || - sp_256_cmp_5(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_256_ecc_mulmod_base_5(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_5(p->x, pub->x) != 0 || + sp_256_cmp_5(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -25088,7 +25091,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_7(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 7, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -25105,7 +25108,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 7, pX); sp_384_from_mp(pub->y, 7, pY); sp_384_from_bin(pub->z, 7, one, (int)sizeof(one)); - sp_384_from_mp(priv, 7, privm); + if (privm) + sp_384_from_mp(priv, 7, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_7(pub->x) != 0) && @@ -25139,15 +25143,17 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_384_ecc_mulmod_base_7(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_7(p->x, pub->x) != 0 || - sp_384_cmp_7(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_384_ecc_mulmod_base_7(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_7(p->x, pub->x) != 0 || + sp_384_cmp_7(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } diff --git a/wolfcrypt/src/sp_cortexm.c b/wolfcrypt/src/sp_cortexm.c index 163e22c40..a757a1559 100644 --- a/wolfcrypt/src/sp_cortexm.c +++ b/wolfcrypt/src/sp_cortexm.c @@ -22148,7 +22148,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_8(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 8, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -22165,7 +22165,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 8, pX); sp_256_from_mp(pub->y, 8, pY); sp_256_from_bin(pub->z, 8, one, (int)sizeof(one)); - sp_256_from_mp(priv, 8, privm); + if (privm) + sp_256_from_mp(priv, 8, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_8(pub->x) != 0) && @@ -22199,15 +22200,17 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_8(p->x, pub->x) != 0 || - sp_256_cmp_8(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_256_ecc_mulmod_base_8(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_8(p->x, pub->x) != 0 || + sp_256_cmp_8(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -28752,7 +28755,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_12(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 12, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -28769,7 +28772,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 12, pX); sp_384_from_mp(pub->y, 12, pY); sp_384_from_bin(pub->z, 12, one, (int)sizeof(one)); - sp_384_from_mp(priv, 12, privm); + if (privm) + sp_384_from_mp(priv, 12, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_12(pub->x) != 0) && @@ -28803,15 +28807,17 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ - err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_12(p->x, pub->x) != 0 || - sp_384_cmp_12(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ + err = sp_384_ecc_mulmod_base_12(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_12(p->x, pub->x) != 0 || + sp_384_cmp_12(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } diff --git a/wolfcrypt/src/sp_x86_64.c b/wolfcrypt/src/sp_x86_64.c index 759d5e639..bc7190c2d 100644 --- a/wolfcrypt/src/sp_x86_64.c +++ b/wolfcrypt/src/sp_x86_64.c @@ -23898,7 +23898,7 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_256_point_new_4(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 4, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -23915,7 +23915,8 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_256_from_mp(pub->x, 4, pX); sp_256_from_mp(pub->y, 4, pY); sp_256_from_bin(pub->z, 4, one, (int)sizeof(one)); - sp_256_from_mp(priv, 4, privm); + if (privm) + sp_256_from_mp(priv, 4, privm); /* Check point at infinitiy. */ if ((sp_256_iszero_4(pub->x) != 0) && @@ -23954,20 +23955,22 @@ int sp_ecc_check_key_256(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ #ifdef HAVE_INTEL_AVX2 - if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) - err = sp_256_ecc_mulmod_base_avx2_4(p, priv, 1, 1, heap); - else + if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) + err = sp_256_ecc_mulmod_base_avx2_4(p, priv, 1, 1, heap); + else #endif - err = sp_256_ecc_mulmod_base_4(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_256_cmp_4(p->x, pub->x) != 0 || - sp_256_cmp_4(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + err = sp_256_ecc_mulmod_base_4(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_256_cmp_4(p->x, pub->x) != 0 || + sp_256_cmp_4(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } } @@ -30889,7 +30892,7 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) err = sp_384_point_new_6(heap, pd, p); } #if (defined(WOLFSSL_SP_SMALL) || defined(WOLFSSL_SMALL_STACK)) && !defined(WOLFSSL_SP_NO_MALLOC) - if (err == MP_OKAY) { + if (err == MP_OKAY && privm) { priv = (sp_digit*)XMALLOC(sizeof(sp_digit) * 6, heap, DYNAMIC_TYPE_ECC); if (priv == NULL) { @@ -30906,7 +30909,8 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) sp_384_from_mp(pub->x, 6, pX); sp_384_from_mp(pub->y, 6, pY); sp_384_from_bin(pub->z, 6, one, (int)sizeof(one)); - sp_384_from_mp(priv, 6, privm); + if (privm) + sp_384_from_mp(priv, 6, privm); /* Check point at infinitiy. */ if ((sp_384_iszero_6(pub->x) != 0) && @@ -30945,20 +30949,22 @@ int sp_ecc_check_key_384(mp_int* pX, mp_int* pY, mp_int* privm, void* heap) } } - if (err == MP_OKAY) { - /* Base * private = point */ + if (privm) { + if (err == MP_OKAY) { + /* Base * private = point */ #ifdef HAVE_INTEL_AVX2 - if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) - err = sp_384_ecc_mulmod_base_avx2_6(p, priv, 1, 1, heap); - else + if (IS_INTEL_BMI2(cpuid_flags) && IS_INTEL_ADX(cpuid_flags)) + err = sp_384_ecc_mulmod_base_avx2_6(p, priv, 1, 1, heap); + else #endif - err = sp_384_ecc_mulmod_base_6(p, priv, 1, 1, heap); - } - if (err == MP_OKAY) { - /* Check result is public key */ - if (sp_384_cmp_6(p->x, pub->x) != 0 || - sp_384_cmp_6(p->y, pub->y) != 0) { - err = ECC_PRIV_KEY_E; + err = sp_384_ecc_mulmod_base_6(p, priv, 1, 1, heap); + } + if (err == MP_OKAY) { + /* Check result is public key */ + if (sp_384_cmp_6(p->x, pub->x) != 0 || + sp_384_cmp_6(p->y, pub->y) != 0) { + err = ECC_PRIV_KEY_E; + } } }