summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormiod <>2003-03-19 01:05:22 +0000
committermiod <>2003-03-19 01:05:22 +0000
commit3ca583df3c5813f2054dd9b42ad879000865c88d (patch)
tree30fbfc349cf64c5bcbca6ea6c218ed0f8fd47387
parent8d1a9d230c928e48c45a1800d762f52a13d614a0 (diff)
downloadopenbsd-3ca583df3c5813f2054dd9b42ad879000865c88d.tar.gz
openbsd-3ca583df3c5813f2054dd9b42ad879000865c88d.tar.bz2
openbsd-3ca583df3c5813f2054dd9b42ad879000865c88d.zip
Errata #024 (markus):
Enforce blinding on RSA operations involving private keys.
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_eay.c28
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_lib.c8
2 files changed, 31 insertions, 5 deletions
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
index cde5ca27d5..632a8adcb1 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -186,6 +186,26 @@ err:
186 return(r); 186 return(r);
187 } 187 }
188 188
189static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
190 {
191 int ret = 1;
192 CRYPTO_w_lock(CRYPTO_LOCK_RSA);
193 /* Check again inside the lock - the macro's check is racey */
194 if(rsa->blinding == NULL)
195 ret = RSA_blinding_on(rsa, ctx);
196 CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
197 return ret;
198 }
199
200#define BLINDING_HELPER(rsa, ctx, err_instr) \
201 do { \
202 if(((rsa)->flags & RSA_FLAG_BLINDING) && \
203 ((rsa)->blinding == NULL) && \
204 !rsa_eay_blinding(rsa, ctx)) \
205 err_instr \
206 } while(0)
207
208/* signing */
189static int RSA_eay_private_encrypt(int flen, unsigned char *from, 209static int RSA_eay_private_encrypt(int flen, unsigned char *from,
190 unsigned char *to, RSA *rsa, int padding) 210 unsigned char *to, RSA *rsa, int padding)
191 { 211 {
@@ -224,8 +244,8 @@ static int RSA_eay_private_encrypt(int flen, unsigned char *from,
224 244
225 if (BN_bin2bn(buf,num,&f) == NULL) goto err; 245 if (BN_bin2bn(buf,num,&f) == NULL) goto err;
226 246
227 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) 247 BLINDING_HELPER(rsa, ctx, goto err;);
228 RSA_blinding_on(rsa,ctx); 248
229 if (rsa->flags & RSA_FLAG_BLINDING) 249 if (rsa->flags & RSA_FLAG_BLINDING)
230 if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; 250 if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
231 251
@@ -299,8 +319,8 @@ static int RSA_eay_private_decrypt(int flen, unsigned char *from,
299 /* make data into a big number */ 319 /* make data into a big number */
300 if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; 320 if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
301 321
302 if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) 322 BLINDING_HELPER(rsa, ctx, goto err;);
303 RSA_blinding_on(rsa,ctx); 323
304 if (rsa->flags & RSA_FLAG_BLINDING) 324 if (rsa->flags & RSA_FLAG_BLINDING)
305 if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; 325 if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
306 326
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
index 94395cc22c..1e404c4eb1 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_lib.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
@@ -72,7 +72,13 @@ static STACK_OF(CRYPTO_EX_DATA_FUNCS) *rsa_meth=NULL;
72 72
73RSA *RSA_new(void) 73RSA *RSA_new(void)
74 { 74 {
75 return(RSA_new_method(NULL)); 75 RSA *r=RSA_new_method(NULL);
76
77#ifndef OPENSSL_NO_FORCE_RSA_BLINDING
78 r->flags|=RSA_FLAG_BLINDING;
79#endif
80
81 return r;
76 } 82 }
77 83
78void RSA_set_default_openssl_method(RSA_METHOD *meth) 84void RSA_set_default_openssl_method(RSA_METHOD *meth)