diff options
| author | deraadt <> | 2014-04-17 12:14:26 +0000 |
|---|---|---|
| committer | deraadt <> | 2014-04-17 12:14:26 +0000 |
| commit | 568af76a0d1a807b73087c7dcdc4cb57b4c044df (patch) | |
| tree | af52f9c7f7962a9cca944bfe4ead5df91c5dfff3 | |
| parent | 90d4a4eef2b7d8b8f45fbaa5423ed8f8d574ed9b (diff) | |
| download | openbsd-568af76a0d1a807b73087c7dcdc4cb57b4c044df.tar.gz openbsd-568af76a0d1a807b73087c7dcdc4cb57b4c044df.tar.bz2 openbsd-568af76a0d1a807b73087c7dcdc4cb57b4c044df.zip | |
Do not feed RSA private key information to the random subsystem as
entropy. It might be fed to a pluggable random subsystem....
What were they thinking?!
ok guenther
| -rw-r--r-- | src/lib/libcrypto/evp/evp_pkey.c | 2 | ||||
| -rw-r--r-- | src/lib/libcrypto/pem/pem_lib.c | 1 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_crpt.c | 8 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/evp/evp_pkey.c | 2 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/pem/pem_lib.c | 1 | ||||
| -rw-r--r-- | src/lib/libssl/src/crypto/rsa/rsa_crpt.c | 8 |
6 files changed, 0 insertions, 22 deletions
diff --git a/src/lib/libcrypto/evp/evp_pkey.c b/src/lib/libcrypto/evp/evp_pkey.c index ceebf69284..c760cf1965 100644 --- a/src/lib/libcrypto/evp/evp_pkey.c +++ b/src/lib/libcrypto/evp/evp_pkey.c | |||
| @@ -150,8 +150,6 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) | |||
| 150 | EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | 150 | EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
| 151 | goto error; | 151 | goto error; |
| 152 | } | 152 | } |
| 153 | RAND_add(p8->pkey->value.octet_string->data, | ||
| 154 | p8->pkey->value.octet_string->length, 0.0); | ||
| 155 | return p8; | 153 | return p8; |
| 156 | error: | 154 | error: |
| 157 | PKCS8_PRIV_KEY_INFO_free(p8); | 155 | PKCS8_PRIV_KEY_INFO_free(p8); |
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c index 74baa2ec1c..0dfa7c7376 100644 --- a/src/lib/libcrypto/pem/pem_lib.c +++ b/src/lib/libcrypto/pem/pem_lib.c | |||
| @@ -384,7 +384,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, | |||
| 384 | } | 384 | } |
| 385 | kstr=(unsigned char *)buf; | 385 | kstr=(unsigned char *)buf; |
| 386 | } | 386 | } |
| 387 | RAND_add(data,i,0);/* put in the RSA key. */ | ||
| 388 | OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); | 387 | OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); |
| 389 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ | 388 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ |
| 390 | goto err; | 389 | goto err; |
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c index 7750366613..2e100ca457 100644 --- a/src/lib/libcrypto/rsa/rsa_crpt.c +++ b/src/lib/libcrypto/rsa/rsa_crpt.c | |||
| @@ -189,14 +189,6 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) | |||
| 189 | else | 189 | else |
| 190 | e = rsa->e; | 190 | e = rsa->e; |
| 191 | 191 | ||
| 192 | |||
| 193 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
| 194 | { | ||
| 195 | /* if PRNG is not properly seeded, resort to secret | ||
| 196 | * exponent as unpredictable seed */ | ||
| 197 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); | ||
| 198 | } | ||
| 199 | |||
| 200 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | 192 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 201 | { | 193 | { |
| 202 | /* Set BN_FLG_CONSTTIME flag */ | 194 | /* Set BN_FLG_CONSTTIME flag */ |
diff --git a/src/lib/libssl/src/crypto/evp/evp_pkey.c b/src/lib/libssl/src/crypto/evp/evp_pkey.c index ceebf69284..c760cf1965 100644 --- a/src/lib/libssl/src/crypto/evp/evp_pkey.c +++ b/src/lib/libssl/src/crypto/evp/evp_pkey.c | |||
| @@ -150,8 +150,6 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8_broken(EVP_PKEY *pkey, int broken) | |||
| 150 | EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); | 150 | EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); |
| 151 | goto error; | 151 | goto error; |
| 152 | } | 152 | } |
| 153 | RAND_add(p8->pkey->value.octet_string->data, | ||
| 154 | p8->pkey->value.octet_string->length, 0.0); | ||
| 155 | return p8; | 153 | return p8; |
| 156 | error: | 154 | error: |
| 157 | PKCS8_PRIV_KEY_INFO_free(p8); | 155 | PKCS8_PRIV_KEY_INFO_free(p8); |
diff --git a/src/lib/libssl/src/crypto/pem/pem_lib.c b/src/lib/libssl/src/crypto/pem/pem_lib.c index 74baa2ec1c..0dfa7c7376 100644 --- a/src/lib/libssl/src/crypto/pem/pem_lib.c +++ b/src/lib/libssl/src/crypto/pem/pem_lib.c | |||
| @@ -384,7 +384,6 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, | |||
| 384 | } | 384 | } |
| 385 | kstr=(unsigned char *)buf; | 385 | kstr=(unsigned char *)buf; |
| 386 | } | 386 | } |
| 387 | RAND_add(data,i,0);/* put in the RSA key. */ | ||
| 388 | OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); | 387 | OPENSSL_assert(enc->iv_len <= (int)sizeof(iv)); |
| 389 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ | 388 | if (RAND_pseudo_bytes(iv,enc->iv_len) < 0) /* Generate a salt */ |
| 390 | goto err; | 389 | goto err; |
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c index 7750366613..2e100ca457 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c | |||
| @@ -189,14 +189,6 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) | |||
| 189 | else | 189 | else |
| 190 | e = rsa->e; | 190 | e = rsa->e; |
| 191 | 191 | ||
| 192 | |||
| 193 | if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL) | ||
| 194 | { | ||
| 195 | /* if PRNG is not properly seeded, resort to secret | ||
| 196 | * exponent as unpredictable seed */ | ||
| 197 | RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0); | ||
| 198 | } | ||
| 199 | |||
| 200 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | 192 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
| 201 | { | 193 | { |
| 202 | /* Set BN_FLG_CONSTTIME flag */ | 194 | /* Set BN_FLG_CONSTTIME flag */ |