From e932d0c4e982d4c0835583cf4a13169ac99d004c Mon Sep 17 00:00:00 2001 From: Nadav Barak Date: Sun, 17 Nov 2024 18:03:37 +0200 Subject: [PATCH] Better checking for BN_CTX_get --- src/common/cosigner/mta.cpp | 11 +++++++++++ .../crypto/GFp_curve_algebra/GFp_curve_algebra.c | 2 +- src/common/crypto/commitments/ring_pedersen.c | 3 ++- 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/common/cosigner/mta.cpp b/src/common/cosigner/mta.cpp index 9ecea35..fda85a4 100644 --- a/src/common/cosigner/mta.cpp +++ b/src/common/cosigner/mta.cpp @@ -818,6 +818,11 @@ void response_verifier::process_paillier(const BIGNUM* e, const BIGNUM* request, BIGNUM* B = BN_CTX_get(_ctx.get()); BIGNUM* gamma = BN_CTX_get(_ctx.get()); + if (!tmp1 || !tmp2 || !B || !gamma) + { + throw cosigner_exception(cosigner_exception::NO_MEM); + } + if (is_coprime_fast(response, _my_paillier->pub.n, _ctx.get()) != 1) { LOG_ERROR("response is not a valid ciphertext"); @@ -953,6 +958,12 @@ void response_verifier::process_ring_pedersen(const BIGNUM* e, const mta_range_z BIGNUM* tmp1 = BN_CTX_get(_ctx.get()); BIGNUM* tmp2 = BN_CTX_get(_ctx.get()); uint8_t gamma[2 * sizeof(uint64_t)]; + + if (!tmp1 || !tmp2) + { + throw cosigner_exception(cosigner_exception::NO_MEM); + } + if (!RAND_bytes(gamma, 2 * sizeof(uint64_t))) { LOG_ERROR("Failed to get random number, error %lu", ERR_get_error()); diff --git a/src/common/crypto/GFp_curve_algebra/GFp_curve_algebra.c b/src/common/crypto/GFp_curve_algebra/GFp_curve_algebra.c index ea30bc0..70a05a7 100644 --- a/src/common/crypto/GFp_curve_algebra/GFp_curve_algebra.c +++ b/src/common/crypto/GFp_curve_algebra/GFp_curve_algebra.c @@ -344,10 +344,10 @@ elliptic_curve_algebra_status GFp_curve_algebra_verify_linear_combination(const } zero = BN_CTX_get(bn_ctx); - BN_zero(zero); tmp = EC_POINT_new(ctx->curve); if (!zero || !tmp) goto cleanup; + BN_zero(zero); if (!EC_POINTs_mul(ctx->curve, tmp, zero, points_count, (const EC_POINT**)points, (const BIGNUM**)coeff, bn_ctx)) { status = ELLIPTIC_CURVE_ALGEBRA_UNKNOWN_ERROR; diff --git a/src/common/crypto/commitments/ring_pedersen.c b/src/common/crypto/commitments/ring_pedersen.c index 67743df..8338e52 100644 --- a/src/common/crypto/commitments/ring_pedersen.c +++ b/src/common/crypto/commitments/ring_pedersen.c @@ -816,10 +816,11 @@ ring_pedersen_status ring_pedersen_verify_batch_commitments_internal(const ring_ B = BN_CTX_get(ctx); tmp1 = BN_CTX_get(ctx); tmp2 = BN_CTX_get(ctx); - BN_one(B); if (!t_exp || !B || !tmp1 || !tmp2) goto cleanup; + + BN_one(B); ring_pedersen_init_mont(&priv->pub, ctx); status = RING_PEDERSEN_UNKNOWN_ERROR;