1 files changed, 33 insertions, 10 deletions

diff --git a/app/openssl/crypto/ecdsa/ecs_ossl.c b/app/openssl/crypto/ecdsa/ecs_ossl.c
index 1bbf328d..325aca8c 100644
--- a/app/openssl/crypto/ecdsa/ecs_ossl.c
+++ b/app/openssl/crypto/ecdsa/ecs_ossl.c
@@ -60,11 +60,13 @@
 #include <openssl/err.h>
 #include <openssl/obj_mac.h>
 #include <openssl/bn.h>
+#include <openssl/rand.h>
 
 static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dlen, 
 		const BIGNUM *, const BIGNUM *, EC_KEY *eckey);
-static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, 
-		BIGNUM **rp);
+static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
+			    BIGNUM **kinvp, BIGNUM **rp,
+			    const unsigned char *dgst, int dlen);
 static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len, 
 		const ECDSA_SIG *sig, EC_KEY *eckey);
 
@@ -86,8 +88,9 @@ const ECDSA_METHOD *ECDSA_OpenSSL(void)
 	return &openssl_ecdsa_meth;
 }
 
-static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
-		BIGNUM **rp)
+static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
+			    BIGNUM **kinvp, BIGNUM **rp,
+			    const unsigned char *dgst, int dlen)
 {
 	BN_CTX   *ctx = NULL;
 	BIGNUM	 *k = NULL, *r = NULL, *order = NULL, *X = NULL;
@@ -136,11 +139,28 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 	{
 		/* get random k */	
 		do
-			if (!BN_rand_range(k, order))
+#ifndef OPENSSL_NO_SHA512
+			if (EC_KEY_get_nonce_from_hash(eckey))
 			{
-				ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
-				 ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);	
-				goto err;
+				if (!BN_generate_dsa_nonce(
+					k, order,
+					EC_KEY_get0_private_key(eckey),
+					dgst, dlen, ctx))
+					{
+					ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
+						 ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
+					goto err;
+					}
+			}
+			else
+#endif
+			{
+				if (!BN_rand_range(k, order))
+				{
+					ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP,
+					 ECDSA_R_RANDOM_NUMBER_GENERATION_FAILED);
+					goto err;
+				}
 			}
 		while (BN_is_zero(k));
 
@@ -167,6 +187,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 				goto err;
 			}
 		}
+#ifndef OPENSSL_NO_EC2M
 		else /* NID_X9_62_characteristic_two_field */
 		{
 			if (!EC_POINT_get_affine_coordinates_GF2m(group,
@@ -176,6 +197,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp,
 				goto err;
 			}
 		}
+#endif
 		if (!BN_nnmod(r, X, order, ctx))
 		{
 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_BN_LIB);
@@ -280,7 +302,7 @@ static ECDSA_SIG *ecdsa_do_sign(const unsigned char *dgst, int dgst_len,
 	{
 		if (in_kinv == NULL || in_r == NULL)
 		{
-			if (!ECDSA_sign_setup(eckey, ctx, &kinv, &ret->r))
+			if (!ecdsa->meth->ecdsa_sign_setup(eckey, ctx, &kinv, &ret->r, dgst, dgst_len))
 			{
 				ECDSAerr(ECDSA_F_ECDSA_DO_SIGN,ERR_R_ECDSA_LIB);
 				goto err;
@@ -454,6 +476,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 			goto err;
 		}
 	}
+#ifndef OPENSSL_NO_EC2M
 	else /* NID_X9_62_characteristic_two_field */
 	{
 		if (!EC_POINT_get_affine_coordinates_GF2m(group,
@@ -463,7 +486,7 @@ static int ecdsa_do_verify(const unsigned char *dgst, int dgst_len,
 			goto err;
 		}
 	}
-	
+#endif	
 	if (!BN_nnmod(u1, X, order, ctx))
 	{
 		ECDSAerr(ECDSA_F_ECDSA_DO_VERIFY, ERR_R_BN_LIB);