const char *ERR_reason_error_string(unsigned long e) { ERR_STRING_DATA d,*p=NULL; unsigned long l,r; l=ERR_GET_LIB(e); r=ERR_GET_REASON(e); CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH); if (error_hash != NULL) { d.error=ERR_PACK(l,0,r); p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); if (p == NULL) { d.error=ERR_PACK(0,0,r); p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); } } CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH); return((p == NULL)?NULL:p->string); }
void iotssl_log_errors(lcbio_XSSL *xs) { unsigned long curerr; while ((curerr = ERR_get_error())) { char errbuf[4096]; ERR_error_string_n(curerr, errbuf, sizeof errbuf); lcb_log(LOGARGS(xs->ssl, LCB_LOG_ERROR), "%s", errbuf); if (xs->errcode != LCB_SUCCESS) { continue; /* Already set */ } if (ERR_GET_LIB(curerr) == ERR_LIB_SSL) { switch (ERR_GET_REASON(curerr)) { case SSL_R_CERTIFICATE_VERIFY_FAILED: case SSL_R_MISSING_VERIFY_MESSAGE: xs->errcode = LCB_SSL_CANTVERIFY; break; case SSL_R_BAD_PROTOCOL_VERSION_NUMBER: case SSL_R_UNKNOWN_PROTOCOL: case SSL_R_WRONG_VERSION_NUMBER: case SSL_R_UNKNOWN_SSL_VERSION: case SSL_R_UNSUPPORTED_SSL_VERSION: xs->errcode = LCB_PROTOCOL_ERROR; break; default: xs->errcode = LCB_SSL_ERROR; } } } }
static isc_result_t toresult(isc_result_t fallback) { isc_result_t result = fallback; unsigned long err = ERR_get_error(); #ifdef HAVE_OPENSSL_ECDSA int lib = ERR_GET_LIB(err); #endif int reason = ERR_GET_REASON(err); switch (reason) { /* * ERR_* errors are globally unique; others * are unique per sublibrary */ case ERR_R_MALLOC_FAILURE: result = ISC_R_NOMEMORY; break; default: #ifdef HAVE_OPENSSL_ECDSA if (lib == ERR_R_ECDSA_LIB && reason == ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED) { result = ISC_R_NOENTROPY; break; } #endif break; } return (result); }
/** * Fetch OpenSSL error code and generate a string interpretation of it. * * @param[out] buf buffer to put string into * @param[in] buflen size of buffer * * @returns buf **/ gchar * z_ssl_get_error_str(gchar *buf, int buflen) { const char *ls, *fs, *rs; unsigned long e, l, f, r; unsigned long new_error = 0; gint count = -1; do { e = new_error; new_error= ERR_get_error(); ++count; } while (new_error); l = ERR_GET_LIB(e); f = ERR_GET_FUNC(e); r = ERR_GET_REASON(e); ls = ERR_lib_error_string(e); fs = ERR_func_error_string(e); rs = ERR_reason_error_string(e); if (count) g_snprintf(buf, buflen, "error:%08lX:%s:lib(%lu):%s:func(%lu):%s:reason(%lu), supressed %d messages", e, ls ? ls : "(null)", l, fs ? fs : "(null)", f, rs ? rs : "(null)", r, count); else g_snprintf(buf, buflen, "error:%08lX:%s:lib(%lu):%s:func(%lu):%s:reason(%lu)", e, ls ? ls : "(null)", l, fs ? fs : "(null)", f, rs ? rs : "(null)", r); return buf; }
/* static unsigned long err_hash(ERR_STRING_DATA *a) */ static unsigned long err_hash(const void *a_void) { unsigned long ret,l; l=((const ERR_STRING_DATA *)a_void)->error; ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l); return(ret^ret%19*13); }
static unsigned long err_string_data_hash(const ERR_STRING_DATA *a) { unsigned long ret, l; l = a->error; ret = l ^ ERR_GET_LIB(l) ^ ERR_GET_FUNC(l); return (ret ^ ret % 19 * 13); }
int SSL_CTX_use_certificate_chain_mem(SSL_CTX *ctx, void *data, int data_len) { pem_password_cb *psw_fn = ctx->default_passwd_callback; void *psw_arg = ctx->default_passwd_callback_userdata; X509 *cert; BIO *bio = NULL; int ok; ERR_clear_error(); /* Read from memory */ bio = BIO_new_mem_buf(data, data_len); if (!bio) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_BUF_LIB); goto failed; } /* Load primary cert */ cert = PEM_read_bio_X509_AUX(bio, NULL, psw_fn, psw_arg); if (!cert) { SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_CHAIN_FILE, ERR_R_PEM_LIB); goto failed; } /* Increments refcount */ ok = SSL_CTX_use_certificate(ctx, cert); X509_free(cert); if (!ok || ERR_peek_error()) goto failed; /* Load extra certs */ ok = SSL_CTX_clear_extra_chain_certs(ctx); while (ok) { cert = PEM_read_bio_X509(bio, NULL, psw_fn, psw_arg); if (!cert) { /* Is it EOF? */ unsigned long err = ERR_peek_last_error(); if (ERR_GET_LIB(err) != ERR_LIB_PEM) break; if (ERR_GET_REASON(err) != PEM_R_NO_START_LINE) break; /* On EOF do successful exit */ BIO_free(bio); ERR_clear_error(); return 1; } /* Does not increment refcount */ ok = SSL_CTX_add_extra_chain_cert(ctx, cert); if (!ok) X509_free(cert); } failed: if (bio) BIO_free(bio); return 0; }
const char *openssl_iostream_key_load_error(void) { unsigned long err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_X509 && ERR_GET_REASON(err) == X509_R_KEY_VALUES_MISMATCH) return "Key is for a different cert than ssl_cert"; else return openssl_iostream_error(); }
const char *ERR_reason_error_string(uint32_t packed_error) { const char *reason_str = err_component_error_string( ERR_PACK(ERR_GET_LIB(packed_error), 0, ERR_GET_REASON(packed_error))); if (reason_str != NULL) { return reason_str; } return err_component_error_string( ERR_PACK(0, 0, ERR_GET_REASON(packed_error))); }
const char *ERR_lib_error_string(unsigned long e) { ERR_STRING_DATA d,*p; unsigned long l; err_fns_check(); l=ERR_GET_LIB(e); d.error=ERR_PACK(l,0,0); p=ERRFN(err_get_item)(&d); return((p == NULL)?NULL:p->string); }
static int checkX509_STORE_error(char* err, size_t err_len) { unsigned long errCode = ERR_peek_last_error(); if (ERR_GET_LIB(errCode) != ERR_LIB_X509 || ERR_GET_REASON(errCode) != X509_R_CERT_ALREADY_IN_HASH_TABLE) { snprintf(err, err_len, "Error adding certificate to X509 store: %s", ERR_reason_error_string(errCode)); return 0; } return 1; }
const char *ERR_lib_error_string(unsigned long e) { ERR_STRING_DATA d, *p; unsigned long l; CRYPTO_THREAD_run_once(&err_string_init, do_err_strings_init); l = ERR_GET_LIB(e); d.error = ERR_PACK(l, 0, 0); p = int_err_get_item(&d); return ((p == NULL) ? NULL : p->string); }
void ERR_error_string_n(unsigned long e, char *buf, size_t len) { char lsbuf[64], fsbuf[64], rsbuf[64]; const char *ls, *fs, *rs; unsigned long l, f, r; if (len == 0) return; l = ERR_GET_LIB(e); f = ERR_GET_FUNC(e); r = ERR_GET_REASON(e); ls = ERR_lib_error_string(e); fs = ERR_func_error_string(e); rs = ERR_reason_error_string(e); if (ls == NULL) BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); if (fs == NULL) BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); if (rs == NULL) BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls ? ls : lsbuf, fs ? fs : fsbuf, rs ? rs : rsbuf); if (strlen(buf) == len - 1) { /* * output may be truncated; make sure we always have 5 * colon-separated fields, i.e. 4 colons ... */ #define NUM_COLONS 4 if (len > NUM_COLONS) { /* ... if possible */ int i; char *s = buf; for (i = 0; i < NUM_COLONS; i++) { char *colon = strchr(s, ':'); if (colon == NULL || colon > &buf[len - 1] - NUM_COLONS + i) { /* * set colon no. i at last possible position (buf[len-1] * is the terminating 0) */ colon = &buf[len - 1] - NUM_COLONS + i; *colon = ':'; } s = colon + 1; } } } }
/** exit with ssl error related to a file path */ static void ssl_path_err(const char* s, const char *path) { unsigned long err; err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_SYS && (ERR_GET_FUNC(err) == SYS_F_FOPEN || ERR_GET_FUNC(err) == SYS_F_FREAD) ) { fprintf(stderr, "error: %s\n%s: %s\n", s, path, ERR_reason_error_string(err)); exit(1); } else { ssl_err(s); } }
const char *ERR_lib_error_string(unsigned long e) { ERR_STRING_DATA d, *p; unsigned long l; if (!RUN_ONCE(&err_string_init, do_err_strings_init)) { return NULL; } l = ERR_GET_LIB(e); d.error = ERR_PACK(l, 0, 0); p = int_err_get_item(&d); return ((p == NULL) ? NULL : p->string); }
/* pseudo-random bytes that are guaranteed to be unique but not unpredictable */ static int ssleay_rand_pseudo_bytes(unsigned char *buf, int num) { int ret; unsigned long err; ret = RAND_bytes(buf, num); if (ret == 0) { err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_RAND && ERR_GET_REASON(err) == RAND_R_PRNG_NOT_SEEDED) ERR_clear_error(); } return (ret); }
void SafetPKCS12Private::setLastError() { unsigned long err = ERR_get_error(); if( ERR_GET_LIB(err) == ERR_LIB_PKCS12 ) { switch( ERR_GET_REASON(err) ) { case PKCS12_R_MAC_VERIFY_FAILURE: error = SafetPKCS12::InvalidPassword; break; default: error = SafetPKCS12::Unknown; break; } } else error = SafetPKCS12::Unknown; errorString = ERR_error_string( err, NULL ); }
EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx) { const EC_METHOD *meth; EC_GROUP *ret; meth = EC_GFp_nist_method(); ret = EC_GROUP_new(meth); if (ret == NULL) return NULL; if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) { unsigned long err; err = ERR_peek_last_error(); if (!(ERR_GET_LIB(err) == ERR_LIB_EC && ((ERR_GET_REASON(err) == EC_R_NOT_A_NIST_PRIME) || (ERR_GET_REASON(err) == EC_R_NOT_A_SUPPORTED_NIST_PRIME)))) { /* real error */ EC_GROUP_clear_free(ret); return NULL; } /* not an actual error, we just cannot use EC_GFp_nist_method */ ERR_clear_error(); EC_GROUP_clear_free(ret); meth = EC_GFp_mont_method(); ret = EC_GROUP_new(meth); if (ret == NULL) return NULL; if (!EC_GROUP_set_curve_GFp(ret, p, a, b, ctx)) { EC_GROUP_clear_free(ret); return NULL; } } return ret; }
const char *ERR_reason_error_string(unsigned long e) { ERR_STRING_DATA d,*p=NULL; unsigned long l,r; err_fns_check(); l=ERR_GET_LIB(e); r=ERR_GET_REASON(e); d.error=ERR_PACK(l,0,r); p=ERRFN(err_get_item)(&d); if (!p) { d.error=ERR_PACK(0,0,r); p=ERRFN(err_get_item)(&d); } return((p == NULL)?NULL:p->string); }
const char *ERR_reason_error_string(unsigned long e) { ERR_STRING_DATA d, *p = NULL; unsigned long l, r; CRYPTO_THREAD_run_once(&err_string_init, do_err_strings_init); l = ERR_GET_LIB(e); r = ERR_GET_REASON(e); d.error = ERR_PACK(l, 0, r); p = int_err_get_item(&d); if (!p) { d.error = ERR_PACK(0, 0, r); p = int_err_get_item(&d); } return ((p == NULL) ? NULL : p->string); }
/* Based on Node's SSL_CTX_use_certificate_chain, in src/node_crypto.cc */ selene_error_t *read_certificate_chain(selene_conf_t *conf, BIO *in, selene_cert_chain_t **p_certs) { X509 *x = NULL; selene_cert_chain_t *chain; selene_cert_t *tmpc; x = PEM_read_bio_X509_AUX(in, NULL, NULL, NULL); if (x == NULL) { return selene_error_create(SELENE_ENOMEM, "Failed to parse certificate"); } SELENE_ERR(sln_cert_chain_create(conf, &chain)); SELENE_ERR(sln_cert_create(conf, x, 0, &tmpc)); SLN_CERT_CHAIN_INSERT_TAIL(chain, tmpc); { /** * If we could set up our certificate, now proceed to * the CA certificates. */ X509 *ca; unsigned long err; while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) { SELENE_ERR(sln_cert_create(conf, ca, 0, &tmpc)); SLN_CERT_CHAIN_INSERT_TAIL(chain, tmpc); } /* When the while loop ends, it's usually just EOF. */ err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { ERR_clear_error(); } else { /* some real error */ /* TODO: handle parse errors of the ca certs */ ERR_clear_error(); } } *p_certs = chain; return SELENE_SUCCESS; }
/* * Read a bio that contains our certificate in "PEM" format, * possibly followed by a sequence of CA certificates that should be * sent to the peer in the Certificate message. */ static int ssl_ctx_use_certificate_chain_bio(SSL_CTX *ctx, BIO *in) { X509 *ca, *x = NULL; unsigned long err; int ret = 0; if ((x = PEM_read_bio_X509_AUX(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata)) == NULL) { SSLerrorx(ERR_R_PEM_LIB); goto err; } if (!SSL_CTX_use_certificate(ctx, x)) goto err; if (!ssl_cert_set0_chain(ctx->internal->cert, NULL)) goto err; /* Process any additional CA certificates. */ while ((ca = PEM_read_bio_X509(in, NULL, ctx->default_passwd_callback, ctx->default_passwd_callback_userdata)) != NULL) { if (!ssl_cert_add0_chain_cert(ctx->internal->cert, ca)) { X509_free(ca); goto err; } } /* When the while loop ends, it's usually just EOF. */ err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { ERR_clear_error(); ret = 1; } err: X509_free(x); return (ret); }
const char *ERR_func_error_string(unsigned long e) { ERR_STRING_DATA d,*p=NULL; unsigned long l,f; l=ERR_GET_LIB(e); f=ERR_GET_FUNC(e); CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH); if (error_hash != NULL) { d.error=ERR_PACK(l,f,0); p=(ERR_STRING_DATA *)lh_retrieve(error_hash,&d); } CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH); return((p == NULL)?NULL:p->string); }
static char * tlso_session_errmsg( tls_session *sess, int rc, char *buf, size_t len ) { char err[256] = ""; const char *certerr=NULL; tlso_session *s = (tlso_session *)sess; rc = ERR_peek_error(); if ( rc ) { ERR_error_string_n( rc, err, sizeof(err) ); if ( ( ERR_GET_LIB(rc) == ERR_LIB_SSL ) && ( ERR_GET_REASON(rc) == SSL_R_CERTIFICATE_VERIFY_FAILED ) ) { int certrc = SSL_get_verify_result(s); certerr = (char *)X509_verify_cert_error_string(certrc); } snprintf(buf, len, "%s%s%s%s", err, certerr ? " (" :"", certerr ? certerr : "", certerr ? ")" : "" ); return buf; } return NULL; }
/* BAD for multi-threaded, uses a local buffer if ret == NULL */ char *ERR_error_string(unsigned long e, char *ret) { #ifdef NO_ERR if(ret != NULL) { strcpy(ret, "No Error String Info."); } return "No Error String info."; #else static char buf[256]; const char *ls,*fs,*rs; unsigned long l,f,r; int i; l=ERR_GET_LIB(e); f=ERR_GET_FUNC(e); r=ERR_GET_REASON(e); ls=ERR_lib_error_string(e); fs=ERR_func_error_string(e); rs=ERR_reason_error_string(e); if (ret == NULL) ret=buf; sprintf(&(ret[0]),"error:%08lX:",e); i=strlen(ret); if (ls == NULL) sprintf(&(ret[i]),":lib(%lu) ",l); else sprintf(&(ret[i]),"%s",ls); i=strlen(ret); if (fs == NULL) sprintf(&(ret[i]),":func(%lu) ",f); else sprintf(&(ret[i]),":%s",fs); i=strlen(ret); if (rs == NULL) sprintf(&(ret[i]),":reason(%lu)",r); else sprintf(&(ret[i]),":%s",rs); return(ret); #endif }
/** * Read from a BIO, adding to the x509 store. */ static int X509_STORE_load_bio(X509_STORE *ca_store, BIO *in) { int ret = 1; X509 *ca; int r; int found = 0; unsigned long err; while ((ca = PEM_read_bio_X509(in, NULL, NULL, NULL))) { r = X509_STORE_add_cert(ca_store, ca); if (r == 0) { X509_free(ca); ret = 0; break; } found++; /** * The x509 cert object is reference counted by OpenSSL, so the STORE * keeps it alive after its been added. */ X509_free(ca); } /* When the while loop ends, it's usually just EOF. */ err = ERR_peek_last_error(); if (found != 0 && ERR_GET_LIB(err) == ERR_LIB_PEM && ERR_GET_REASON(err) == PEM_R_NO_START_LINE) { ERR_clear_error(); } else { /* some real error */ ret = 0; } return ret; }
SISCertificateChain* makeChain(const char* certData, EVP_PKEY** publicKey) { BIO* in = BIO_new_mem_buf((void*) certData, -1); BIO* out = BIO_new(BIO_s_mem()); while (true) { X509* cert = PEM_read_bio_X509(in, NULL, NULL, NULL); if (!cert) { unsigned long err = ERR_peek_last_error(); int lib = ERR_GET_LIB(err); int func = ERR_GET_FUNC(err); int reason = ERR_GET_REASON(err); if (lib == ERR_LIB_PEM && func == PEM_F_PEM_READ_BIO && reason == PEM_R_NO_START_LINE) break; ERR_print_errors_fp(stderr); throw SignBadCert; } if (!*publicKey) *publicKey = X509_PUBKEY_get(X509_get_X509_PUBKEY(cert)); i2d_X509_bio(out, cert); X509_OBJECT obj; obj.type = X509_LU_X509; obj.data.x509 = cert; X509_OBJECT_free_contents(&obj); } BIO_free_all(in); char* ptr; long length = BIO_get_mem_data(out, &ptr); if (length <= 0) { fprintf(stderr, "Bad certificate file\n"); throw SignBadCert; } SISBlob* blob = new SISBlob((uint8_t*) ptr, length); BIO_free_all(out); return new SISCertificateChain(blob); }
static int is_pem_password_error(struct openconnect_info *vpninfo) { unsigned long err = ERR_peek_error(); openconnect_report_ssl_errors(vpninfo); #ifndef EVP_F_EVP_DECRYPTFINAL_EX #define EVP_F_EVP_DECRYPTFINAL_EX EVP_F_EVP_DECRYPTFINAL #endif /* If the user fat-fingered the passphrase, try again */ if (ERR_GET_LIB(err) == ERR_LIB_EVP && ERR_GET_FUNC(err) == EVP_F_EVP_DECRYPTFINAL_EX && ERR_GET_REASON(err) == EVP_R_BAD_DECRYPT) { vpn_progress(vpninfo, PRG_ERR, _("Loading private key failed (wrong passphrase?)\n")); ERR_clear_error(); return 1; } vpn_progress(vpninfo, PRG_ERR, _("Loading private key failed (see above errors)\n")); return 0; }
void ERR_error_string_n(unsigned long e, char *buf, size_t len) { char lsbuf[64], fsbuf[64], rsbuf[64]; const char *ls, *fs, *rs; unsigned long l, f, r; if (len == 0) return; l = ERR_GET_LIB(e); ls = ERR_lib_error_string(e); if (ls == NULL) { BIO_snprintf(lsbuf, sizeof(lsbuf), "lib(%lu)", l); ls = lsbuf; } fs = ERR_func_error_string(e); f = ERR_GET_FUNC(e); if (fs == NULL) { BIO_snprintf(fsbuf, sizeof(fsbuf), "func(%lu)", f); fs = fsbuf; } rs = ERR_reason_error_string(e); r = ERR_GET_REASON(e); if (rs == NULL) { BIO_snprintf(rsbuf, sizeof(rsbuf), "reason(%lu)", r); rs = rsbuf; } BIO_snprintf(buf, len, "error:%08lX:%s:%s:%s", e, ls, fs, rs); if (strlen(buf) == len - 1) { /* Didn't fit; use a minimal format. */ BIO_snprintf(buf, len, "err:%lx:%lx:%lx:%lx", e, l, f, r); } }
int ec_GFp_simple_set_compressed_coordinates(const EC_GROUP *group, EC_POINT *point, const BIGNUM *x_, int y_bit, BN_CTX *ctx) { BN_CTX *new_ctx = NULL; BIGNUM *tmp1, *tmp2, *x, *y; int ret = 0; ERR_clear_error(); if (ctx == NULL) { ctx = new_ctx = BN_CTX_new(); if (ctx == NULL) { return 0; } } y_bit = (y_bit != 0); BN_CTX_start(ctx); tmp1 = BN_CTX_get(ctx); tmp2 = BN_CTX_get(ctx); x = BN_CTX_get(ctx); y = BN_CTX_get(ctx); if (y == NULL) { goto err; } /* Recover y. We have a Weierstrass equation * y^2 = x^3 + a*x + b, * so y is one of the square roots of x^3 + a*x + b. */ /* tmp1 := x^3 */ if (!BN_nnmod(x, x_, &group->field, ctx)) { goto err; } if (group->meth->field_decode == 0) { /* field_{sqr,mul} work on standard representation */ if (!group->meth->field_sqr(group, tmp2, x_, ctx) || !group->meth->field_mul(group, tmp1, tmp2, x_, ctx)) { goto err; } } else { if (!BN_mod_sqr(tmp2, x_, &group->field, ctx) || !BN_mod_mul(tmp1, tmp2, x_, &group->field, ctx)) { goto err; } } /* tmp1 := tmp1 + a*x */ if (group->a_is_minus3) { if (!BN_mod_lshift1_quick(tmp2, x, &group->field) || !BN_mod_add_quick(tmp2, tmp2, x, &group->field) || !BN_mod_sub_quick(tmp1, tmp1, tmp2, &group->field)) { goto err; } } else { if (group->meth->field_decode) { if (!group->meth->field_decode(group, tmp2, &group->a, ctx) || !BN_mod_mul(tmp2, tmp2, x, &group->field, ctx)) { goto err; } } else { /* field_mul works on standard representation */ if (!group->meth->field_mul(group, tmp2, &group->a, x, ctx)) { goto err; } } if (!BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) { goto err; } } /* tmp1 := tmp1 + b */ if (group->meth->field_decode) { if (!group->meth->field_decode(group, tmp2, &group->b, ctx) || !BN_mod_add_quick(tmp1, tmp1, tmp2, &group->field)) { goto err; } } else { if (!BN_mod_add_quick(tmp1, tmp1, &group->b, &group->field)) { goto err; } } if (!BN_mod_sqrt(y, tmp1, &group->field, ctx)) { unsigned long err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_BN && ERR_GET_REASON(err) == BN_R_NOT_A_SQUARE) { ERR_clear_error(); OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); } else { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_BN_LIB); } goto err; } if (y_bit != BN_is_odd(y)) { if (BN_is_zero(y)) { int kron; kron = BN_kronecker(x, &group->field, ctx); if (kron == -2) { goto err; } if (kron == 1) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSION_BIT); } else { /* BN_mod_sqrt() should have cought this error (not a square) */ OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, EC_R_INVALID_COMPRESSED_POINT); } goto err; } if (!BN_usub(y, &group->field, y)) { goto err; } } if (y_bit != BN_is_odd(y)) { OPENSSL_PUT_ERROR(EC, ec_GFp_simple_set_compressed_coordinates, ERR_R_INTERNAL_ERROR); goto err; } if (!EC_POINT_set_affine_coordinates_GFp(group, point, x, y, ctx)) goto err; ret = 1; err: BN_CTX_end(ctx); if (new_ctx != NULL) BN_CTX_free(new_ctx); return ret; }