summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa
diff options
context:
space:
mode:
authorbeck <>2017-01-21 09:38:59 +0000
committerbeck <>2017-01-21 09:38:59 +0000
commita0a595cda97de2b217b0582cfa601ee4c746bfce (patch)
treea68beae7892dad13fd8d76ba1fc45e6570e3360b /src/lib/libcrypto/dsa
parent0150f186622a6f660c4e80dc9a36dc843ac87b7c (diff)
downloadopenbsd-a0a595cda97de2b217b0582cfa601ee4c746bfce.tar.gz
openbsd-a0a595cda97de2b217b0582cfa601ee4c746bfce.tar.bz2
openbsd-a0a595cda97de2b217b0582cfa601ee4c746bfce.zip
Make explicit _ct and _nonct versions of bn_mod_exp funcitons that
matter for constant time, and make the public interface only used external to the library. This moves us to a model where the important things are constant time versions unless you ask for them not to be, rather than the opposite. I'll continue with this method by method. Add regress tests for same. ok jsing@
Diffstat (limited to 'src/lib/libcrypto/dsa')
-rw-r--r--src/lib/libcrypto/dsa/dsa_ameth.c6
-rw-r--r--src/lib/libcrypto/dsa/dsa_gen.c5
-rw-r--r--src/lib/libcrypto/dsa/dsa_key.c5
-rw-r--r--src/lib/libcrypto/dsa/dsa_ossl.c6
4 files changed, 13 insertions, 9 deletions
diff --git a/src/lib/libcrypto/dsa/dsa_ameth.c b/src/lib/libcrypto/dsa/dsa_ameth.c
index 3e434701aa..92ad02e187 100644
--- a/src/lib/libcrypto/dsa/dsa_ameth.c
+++ b/src/lib/libcrypto/dsa/dsa_ameth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ameth.c,v 1.20 2016/10/19 16:49:11 jsing Exp $ */ 1/* $OpenBSD: dsa_ameth.c,v 1.21 2017/01/21 09:38:59 beck Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006. 3 * project 2006.
4 */ 4 */
@@ -66,8 +66,8 @@
66#include <openssl/err.h> 66#include <openssl/err.h>
67#include <openssl/x509.h> 67#include <openssl/x509.h>
68 68
69
70#include "asn1_locl.h" 69#include "asn1_locl.h"
70#include "bn_lcl.h"
71 71
72static int 72static int
73dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey) 73dsa_pub_decode(EVP_PKEY *pkey, X509_PUBKEY *pubkey)
@@ -224,7 +224,7 @@ dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8)
224 goto dsaerr; 224 goto dsaerr;
225 } 225 }
226 226
227 if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) { 227 if (!BN_mod_exp_ct(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
228 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR); 228 DSAerr(DSA_F_DSA_PRIV_DECODE,DSA_R_BN_ERROR);
229 goto dsaerr; 229 goto dsaerr;
230 } 230 }
diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c
index 7ddb7fec5e..d627e5ae9c 100644
--- a/src/lib/libcrypto/dsa/dsa_gen.c
+++ b/src/lib/libcrypto/dsa/dsa_gen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_gen.c,v 1.22 2015/07/15 18:34:37 miod Exp $ */ 1/* $OpenBSD: dsa_gen.c,v 1.23 2017/01/21 09:38:59 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -68,6 +68,7 @@
68#include <openssl/evp.h> 68#include <openssl/evp.h>
69#include <openssl/sha.h> 69#include <openssl/sha.h>
70 70
71#include "bn_lcl.h"
71#include "dsa_locl.h" 72#include "dsa_locl.h"
72 73
73int 74int
@@ -315,7 +316,7 @@ end:
315 316
316 for (;;) { 317 for (;;) {
317 /* g=test^r0%p */ 318 /* g=test^r0%p */
318 if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont)) 319 if (!BN_mod_exp_mont_ct(g, test, r0, p, ctx, mont))
319 goto err; 320 goto err;
320 if (!BN_is_one(g)) 321 if (!BN_is_one(g))
321 break; 322 break;
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c
index fc4eb9c433..cb95e1369c 100644
--- a/src/lib/libcrypto/dsa/dsa_key.c
+++ b/src/lib/libcrypto/dsa/dsa_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_key.c,v 1.22 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: dsa_key.c,v 1.23 2017/01/21 09:38:59 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -65,6 +65,7 @@
65 65
66#include <openssl/bn.h> 66#include <openssl/bn.h>
67#include <openssl/dsa.h> 67#include <openssl/dsa.h>
68#include "bn_lcl.h"
68 69
69static int dsa_builtin_keygen(DSA *dsa); 70static int dsa_builtin_keygen(DSA *dsa);
70 71
@@ -108,7 +109,7 @@ dsa_builtin_keygen(DSA *dsa)
108 109
109 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME); 110 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME);
110 111
111 if (!BN_mod_exp(pub_key, dsa->g, &prk, dsa->p, ctx)) 112 if (!BN_mod_exp_ct(pub_key, dsa->g, &prk, dsa->p, ctx))
112 goto err; 113 goto err;
113 } 114 }
114 115
diff --git a/src/lib/libcrypto/dsa/dsa_ossl.c b/src/lib/libcrypto/dsa/dsa_ossl.c
index a28d3e9d1a..3f01a83a44 100644
--- a/src/lib/libcrypto/dsa/dsa_ossl.c
+++ b/src/lib/libcrypto/dsa/dsa_ossl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dsa_ossl.c,v 1.26 2016/06/21 04:16:53 bcook Exp $ */ 1/* $OpenBSD: dsa_ossl.c,v 1.27 2017/01/21 09:38:59 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -66,6 +66,8 @@
66#include <openssl/err.h> 66#include <openssl/err.h>
67#include <openssl/sha.h> 67#include <openssl/sha.h>
68 68
69#include "bn_lcl.h"
70
69static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa); 71static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa);
70static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, 72static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
71 BIGNUM **rp); 73 BIGNUM **rp);
@@ -238,7 +240,7 @@ dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
238 dsa->method_mont_p)) 240 dsa->method_mont_p))
239 goto err; 241 goto err;
240 } else { 242 } else {
241 if (!BN_mod_exp_mont(r, dsa->g, &k, dsa->p, ctx, dsa->method_mont_p)) 243 if (!BN_mod_exp_mont_ct(r, dsa->g, &k, dsa->p, ctx, dsa->method_mont_p))
242 goto err; 244 goto err;
243 } 245 }
244 246
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-04 11:16:16 +0000