diff options
| author | tb <> | 2023-08-09 12:09:06 +0000 |
|---|---|---|
| committer | tb <> | 2023-08-09 12:09:06 +0000 |
| commit | d7d2735b3bfc925a72116d82cd0515de75328df8 (patch) | |
| tree | f4fecd7ecfa8d410a74dcbae6bc89fcfc2d35975 | |
| parent | bd98bb41d5e625bf39e15b2f99590f61f9496f22 (diff) | |
| download | openbsd-d7d2735b3bfc925a72116d82cd0515de75328df8.tar.gz openbsd-d7d2735b3bfc925a72116d82cd0515de75328df8.tar.bz2 openbsd-d7d2735b3bfc925a72116d82cd0515de75328df8.zip | |
Rework BN_BLINDING to use pthread_t directly
Instead of CRYPTO_THREADID, which passes pthread_via through unsigned long,
we can use pthread_self() and pthread_equal() directly. This commit keeps
using the awkward 'local' nomenclature as that is used throughout the rsa
code. This will be changed after the blinding code will have been fully
merged into rsa_blinding.c.
ok jsing
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_blinding.c | 14 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_eay.c | 28 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_local.h | 4 |
3 files changed, 18 insertions, 28 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_blinding.c b/src/lib/libcrypto/rsa/rsa_blinding.c index e6fd67242d..cac5bd91d2 100644 --- a/src/lib/libcrypto/rsa/rsa_blinding.c +++ b/src/lib/libcrypto/rsa/rsa_blinding.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_blinding.c,v 1.2 2023/08/09 09:26:43 tb Exp $ */ | 1 | /* $OpenBSD: rsa_blinding.c,v 1.3 2023/08/09 12:09:06 tb Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -109,6 +109,7 @@ | |||
| 109 | * [including the GNU Public Licence.] | 109 | * [including the GNU Public Licence.] |
| 110 | */ | 110 | */ |
| 111 | 111 | ||
| 112 | #include <pthread.h> | ||
| 112 | #include <stdio.h> | 113 | #include <stdio.h> |
| 113 | 114 | ||
| 114 | #include <openssl/opensslconf.h> | 115 | #include <openssl/opensslconf.h> |
| @@ -126,7 +127,7 @@ struct bn_blinding_st { | |||
| 126 | BIGNUM *Ai; | 127 | BIGNUM *Ai; |
| 127 | BIGNUM *e; | 128 | BIGNUM *e; |
| 128 | BIGNUM *mod; | 129 | BIGNUM *mod; |
| 129 | CRYPTO_THREADID tid; | 130 | pthread_t tid; |
| 130 | int counter; | 131 | int counter; |
| 131 | BN_MONT_CTX *m_ctx; | 132 | BN_MONT_CTX *m_ctx; |
| 132 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 133 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
| @@ -157,7 +158,7 @@ BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, | |||
| 157 | 158 | ||
| 158 | /* Update on first use. */ | 159 | /* Update on first use. */ |
| 159 | ret->counter = BN_BLINDING_COUNTER - 1; | 160 | ret->counter = BN_BLINDING_COUNTER - 1; |
| 160 | CRYPTO_THREADID_current(&ret->tid); | 161 | ret->tid = pthread_self(); |
| 161 | 162 | ||
| 162 | if (bn_mod_exp != NULL) | 163 | if (bn_mod_exp != NULL) |
| 163 | ret->bn_mod_exp = bn_mod_exp; | 164 | ret->bn_mod_exp = bn_mod_exp; |
| @@ -254,10 +255,10 @@ BN_BLINDING_invert(BIGNUM *n, const BIGNUM *inv, BN_BLINDING *b, BN_CTX *ctx) | |||
| 254 | return BN_mod_mul(n, n, inv, b->mod, ctx); | 255 | return BN_mod_mul(n, n, inv, b->mod, ctx); |
| 255 | } | 256 | } |
| 256 | 257 | ||
| 257 | CRYPTO_THREADID * | 258 | int |
| 258 | BN_BLINDING_thread_id(BN_BLINDING *b) | 259 | BN_BLINDING_is_local(BN_BLINDING *b) |
| 259 | { | 260 | { |
| 260 | return &b->tid; | 261 | return pthread_equal(pthread_self(), b->tid) != 0; |
| 261 | } | 262 | } |
| 262 | 263 | ||
| 263 | static BIGNUM * | 264 | static BIGNUM * |
| @@ -320,7 +321,6 @@ RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) | |||
| 320 | RSAerror(ERR_R_BN_LIB); | 321 | RSAerror(ERR_R_BN_LIB); |
| 321 | goto err; | 322 | goto err; |
| 322 | } | 323 | } |
| 323 | CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret)); | ||
| 324 | 324 | ||
| 325 | err: | 325 | err: |
| 326 | BN_CTX_end(ctx); | 326 | BN_CTX_end(ctx); |
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 35b32f6d02..c2e1e22f9a 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_eay.c,v 1.64 2023/08/09 09:32:23 tb Exp $ */ | 1 | /* $OpenBSD: rsa_eay.c,v 1.65 2023/08/09 12:09:06 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -222,7 +222,6 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) | |||
| 222 | { | 222 | { |
| 223 | BN_BLINDING *ret; | 223 | BN_BLINDING *ret; |
| 224 | int got_write_lock = 0; | 224 | int got_write_lock = 0; |
| 225 | CRYPTO_THREADID cur; | ||
| 226 | 225 | ||
| 227 | CRYPTO_r_lock(CRYPTO_LOCK_RSA); | 226 | CRYPTO_r_lock(CRYPTO_LOCK_RSA); |
| 228 | 227 | ||
| @@ -235,24 +234,14 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) | |||
| 235 | rsa->blinding = RSA_setup_blinding(rsa, ctx); | 234 | rsa->blinding = RSA_setup_blinding(rsa, ctx); |
| 236 | } | 235 | } |
| 237 | 236 | ||
| 238 | ret = rsa->blinding; | 237 | if ((ret = rsa->blinding) == NULL) |
| 239 | if (ret == NULL) | ||
| 240 | goto err; | 238 | goto err; |
| 241 | 239 | ||
| 242 | CRYPTO_THREADID_current(&cur); | 240 | /* |
| 243 | if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) { | 241 | * We need a shared blinding. Accesses require locks and a copy of the |
| 244 | /* rsa->blinding is ours! */ | 242 | * blinding factor needs to be retained on use. |
| 245 | *local = 1; | 243 | */ |
| 246 | } else { | 244 | if ((*local = BN_BLINDING_is_local(ret)) == 0) { |
| 247 | /* resort to rsa->mt_blinding instead */ | ||
| 248 | /* | ||
| 249 | * Instruct rsa_blinding_convert(), rsa_blinding_invert() | ||
| 250 | * that the BN_BLINDING is shared, meaning that accesses | ||
| 251 | * require locks, and that the blinding factor must be | ||
| 252 | * stored outside the BN_BLINDING | ||
| 253 | */ | ||
| 254 | *local = 0; | ||
| 255 | |||
| 256 | if (rsa->mt_blinding == NULL) { | 245 | if (rsa->mt_blinding == NULL) { |
| 257 | if (!got_write_lock) { | 246 | if (!got_write_lock) { |
| 258 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); | 247 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| @@ -266,11 +255,12 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) | |||
| 266 | ret = rsa->mt_blinding; | 255 | ret = rsa->mt_blinding; |
| 267 | } | 256 | } |
| 268 | 257 | ||
| 269 | err: | 258 | err: |
| 270 | if (got_write_lock) | 259 | if (got_write_lock) |
| 271 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | 260 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); |
| 272 | else | 261 | else |
| 273 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); | 262 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| 263 | |||
| 274 | return ret; | 264 | return ret; |
| 275 | } | 265 | } |
| 276 | 266 | ||
diff --git a/src/lib/libcrypto/rsa/rsa_local.h b/src/lib/libcrypto/rsa/rsa_local.h index 30d18bfa92..51ed925908 100644 --- a/src/lib/libcrypto/rsa/rsa_local.h +++ b/src/lib/libcrypto/rsa/rsa_local.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_local.h,v 1.5 2023/08/09 09:23:03 tb Exp $ */ | 1 | /* $OpenBSD: rsa_local.h,v 1.6 2023/08/09 12:09:06 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -159,7 +159,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, | |||
| 159 | void BN_BLINDING_free(BN_BLINDING *b); | 159 | void BN_BLINDING_free(BN_BLINDING *b); |
| 160 | int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); | 160 | int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); |
| 161 | int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); | 161 | int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); |
| 162 | CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); | 162 | int BN_BLINDING_is_local(BN_BLINDING *b); |
| 163 | BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); | 163 | BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); |
| 164 | 164 | ||
| 165 | __END_HIDDEN_DECLS | 165 | __END_HIDDEN_DECLS |