diff options
| author | bcook <> | 2016-06-30 02:02:06 +0000 |
|---|---|---|
| committer | bcook <> | 2016-06-30 02:02:06 +0000 |
| commit | f38e0f193e7bb5faea955cd4afea248b830afa18 (patch) | |
| tree | 0ceecace65c38593a01c1d41cce469bd98529f43 /src/lib/libcrypto/dsa | |
| parent | aa239d08d6dc87fdd121f62e3130aa5d5357cfff (diff) | |
| download | openbsd-f38e0f193e7bb5faea955cd4afea248b830afa18.tar.gz openbsd-f38e0f193e7bb5faea955cd4afea248b830afa18.tar.bz2 openbsd-f38e0f193e7bb5faea955cd4afea248b830afa18.zip | |
Remove flags for disabling constant-time operations.
This removes support for DSA_FLAG_NO_EXP_CONSTTIME, DH_FLAG_NO_EXP_CONSTTIME,
and RSA_FLAG_NO_CONSTTIME flags, making all of these operations unconditionally
constant-time.
Based on the original patch by César Pereid. ok beck@
Diffstat (limited to 'src/lib/libcrypto/dsa')
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa.h | 5 | ||||
| -rw-r--r-- | src/lib/libcrypto/dsa/dsa_key.c | 14 |
2 files changed, 5 insertions, 14 deletions
diff --git a/src/lib/libcrypto/dsa/dsa.h b/src/lib/libcrypto/dsa/dsa.h index f7f81cfa94..b4d7c1ff0f 100644 --- a/src/lib/libcrypto/dsa/dsa.h +++ b/src/lib/libcrypto/dsa/dsa.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa.h,v 1.20 2016/06/21 04:16:53 bcook Exp $ */ | 1 | /* $OpenBSD: dsa.h,v 1.21 2016/06/30 02:02:06 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -89,9 +89,6 @@ | |||
| 89 | #endif | 89 | #endif |
| 90 | 90 | ||
| 91 | #define DSA_FLAG_CACHE_MONT_P 0x01 | 91 | #define DSA_FLAG_CACHE_MONT_P 0x01 |
| 92 | #define DSA_FLAG_NO_EXP_CONSTTIME 0x00 /* Does nothing. Previously this switched off | ||
| 93 | * constant time behaviour. | ||
| 94 | */ | ||
| 95 | 92 | ||
| 96 | /* If this flag is set the DSA method is FIPS compliant and can be used | 93 | /* If this flag is set the DSA method is FIPS compliant and can be used |
| 97 | * in FIPS mode. This is set in the validated module method. If an | 94 | * in FIPS mode. This is set in the validated module method. If an |
diff --git a/src/lib/libcrypto/dsa/dsa_key.c b/src/lib/libcrypto/dsa/dsa_key.c index 4732c471ed..fc4eb9c433 100644 --- a/src/lib/libcrypto/dsa/dsa_key.c +++ b/src/lib/libcrypto/dsa/dsa_key.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: dsa_key.c,v 1.21 2016/06/21 04:16:53 bcook Exp $ */ | 1 | /* $OpenBSD: dsa_key.c,v 1.22 2016/06/30 02:02:06 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -104,18 +104,12 @@ dsa_builtin_keygen(DSA *dsa) | |||
| 104 | pub_key=dsa->pub_key; | 104 | pub_key=dsa->pub_key; |
| 105 | 105 | ||
| 106 | { | 106 | { |
| 107 | BIGNUM *prk = BN_new(); | 107 | BIGNUM prk; |
| 108 | 108 | ||
| 109 | if (prk == NULL) | 109 | BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME); |
| 110 | goto err; | ||
| 111 | |||
| 112 | BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); | ||
| 113 | 110 | ||
| 114 | if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx)) { | 111 | if (!BN_mod_exp(pub_key, dsa->g, &prk, dsa->p, ctx)) |
| 115 | BN_free(prk); | ||
| 116 | goto err; | 112 | goto err; |
| 117 | } | ||
| 118 | BN_free(prk); | ||
| 119 | } | 113 | } |
| 120 | 114 | ||
| 121 | dsa->priv_key = priv_key; | 115 | dsa->priv_key = priv_key; |