summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorbcook <>2016-07-07 11:53:12 +0000
committerbcook <>2016-07-07 11:53:12 +0000
commitdb57abec05ccea8ab13e008bbc745b4c3a07cd3d (patch)
tree9434ecb0a90afc6e1067a82a6b09c4b1955d85a0 /src
parent1cb97ae56053ba3274ae88455d8fda3726315e58 (diff)
downloadopenbsd-db57abec05ccea8ab13e008bbc745b4c3a07cd3d.tar.gz
openbsd-db57abec05ccea8ab13e008bbc745b4c3a07cd3d.tar.bz2
openbsd-db57abec05ccea8ab13e008bbc745b4c3a07cd3d.zip
call BN_init on temporaries to avoid use-before-set warnings
ok beck@
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/dh/dh_key.c3
-rw-r--r--src/lib/libcrypto/rsa/rsa_crpt.c3
-rw-r--r--src/lib/libcrypto/rsa/rsa_eay.c11
-rw-r--r--src/lib/libssl/src/crypto/dh/dh_key.c3
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_crpt.c3
-rw-r--r--src/lib/libssl/src/crypto/rsa/rsa_eay.c11
6 files changed, 28 insertions, 6 deletions
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index 25e8968ef5..6eb1365bf6 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_key.c,v 1.24 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: dh_key.c,v 1.25 2016/07/07 11:53:12 bcook Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,6 +149,7 @@ generate_key(DH *dh)
149 { 149 {
150 BIGNUM prk; 150 BIGNUM prk;
151 151
152 BN_init(&prk);
152 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME); 153 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME);
153 154
154 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx, 155 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx,
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c
index b50e4a4a6f..ccb677c12b 100644
--- a/src/lib/libcrypto/rsa/rsa_crpt.c
+++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_crpt.c,v 1.15 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: rsa_crpt.c,v 1.16 2016/07/07 11:53:12 bcook Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -192,6 +192,7 @@ RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
192 } else 192 } else
193 e = rsa->e; 193 e = rsa->e;
194 194
195 BN_init(&n);
195 BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME); 196 BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
196 197
197 ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp, 198 ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp,
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c
index 6edfd7e5fd..2facd1c6f6 100644
--- a/src/lib/libcrypto/rsa/rsa_eay.c
+++ b/src/lib/libcrypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_eay.c,v 1.41 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: rsa_eay.c,v 1.42 2016/07/07 11:53:12 bcook Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -432,6 +432,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
432 } else { 432 } else {
433 BIGNUM d; 433 BIGNUM d;
434 434
435 BN_init(&d);
435 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); 436 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
436 437
437 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) 438 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -556,6 +557,7 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
556 } else { 557 } else {
557 BIGNUM d; 558 BIGNUM d;
558 559
560 BN_init(&d);
559 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); 561 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
560 562
561 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) 563 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -742,6 +744,8 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
742 * Make sure BN_mod_inverse in Montgomery intialization uses the 744 * Make sure BN_mod_inverse in Montgomery intialization uses the
743 * BN_FLG_CONSTTIME flag 745 * BN_FLG_CONSTTIME flag
744 */ 746 */
747 BN_init(&p);
748 BN_init(&q);
745 BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME); 749 BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
746 BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME); 750 BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME);
747 751
@@ -761,12 +765,14 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
761 goto err; 765 goto err;
762 766
763 /* compute I mod q */ 767 /* compute I mod q */
768 BN_init(&c);
764 BN_with_flags(&c, I, BN_FLG_CONSTTIME); 769 BN_with_flags(&c, I, BN_FLG_CONSTTIME);
765 770
766 if (!BN_mod(r1, &c, rsa->q, ctx)) 771 if (!BN_mod(r1, &c, rsa->q, ctx))
767 goto err; 772 goto err;
768 773
769 /* compute r1^dmq1 mod q */ 774 /* compute r1^dmq1 mod q */
775 BN_init(&dmq1);
770 BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME); 776 BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
771 777
772 if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx, 778 if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx,
@@ -780,6 +786,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
780 goto err; 786 goto err;
781 787
782 /* compute r1^dmp1 mod p */ 788 /* compute r1^dmp1 mod p */
789 BN_init(&dmp1);
783 BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME); 790 BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
784 791
785 if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx, 792 if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx,
@@ -801,6 +808,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
801 goto err; 808 goto err;
802 809
803 /* Turn BN_FLG_CONSTTIME flag on before division operation */ 810 /* Turn BN_FLG_CONSTTIME flag on before division operation */
811 BN_init(&pr1);
804 BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME); 812 BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME);
805 813
806 if (!BN_mod(r0, &pr1, rsa->p, ctx)) 814 if (!BN_mod(r0, &pr1, rsa->p, ctx))
@@ -847,6 +855,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
847 */ 855 */
848 BIGNUM d; 856 BIGNUM d;
849 857
858 BN_init(&d);
850 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); 859 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
851 860
852 if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx, 861 if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx,
diff --git a/src/lib/libssl/src/crypto/dh/dh_key.c b/src/lib/libssl/src/crypto/dh/dh_key.c
index 25e8968ef5..6eb1365bf6 100644
--- a/src/lib/libssl/src/crypto/dh/dh_key.c
+++ b/src/lib/libssl/src/crypto/dh/dh_key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dh_key.c,v 1.24 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: dh_key.c,v 1.25 2016/07/07 11:53:12 bcook Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -149,6 +149,7 @@ generate_key(DH *dh)
149 { 149 {
150 BIGNUM prk; 150 BIGNUM prk;
151 151
152 BN_init(&prk);
152 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME); 153 BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME);
153 154
154 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx, 155 if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx,
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c
index b50e4a4a6f..ccb677c12b 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_crpt.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_crpt.c,v 1.15 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: rsa_crpt.c,v 1.16 2016/07/07 11:53:12 bcook Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -192,6 +192,7 @@ RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
192 } else 192 } else
193 e = rsa->e; 193 e = rsa->e;
194 194
195 BN_init(&n);
195 BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME); 196 BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
196 197
197 ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp, 198 ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp,
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_eay.c b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
index 6edfd7e5fd..2facd1c6f6 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_eay.c,v 1.41 2016/06/30 02:02:06 bcook Exp $ */ 1/* $OpenBSD: rsa_eay.c,v 1.42 2016/07/07 11:53:12 bcook Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -432,6 +432,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
432 } else { 432 } else {
433 BIGNUM d; 433 BIGNUM d;
434 434
435 BN_init(&d);
435 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); 436 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
436 437
437 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) 438 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -556,6 +557,7 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
556 } else { 557 } else {
557 BIGNUM d; 558 BIGNUM d;
558 559
560 BN_init(&d);
559 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); 561 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
560 562
561 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) 563 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -742,6 +744,8 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
742 * Make sure BN_mod_inverse in Montgomery intialization uses the 744 * Make sure BN_mod_inverse in Montgomery intialization uses the
743 * BN_FLG_CONSTTIME flag 745 * BN_FLG_CONSTTIME flag
744 */ 746 */
747 BN_init(&p);
748 BN_init(&q);
745 BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME); 749 BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
746 BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME); 750 BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME);
747 751
@@ -761,12 +765,14 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
761 goto err; 765 goto err;
762 766
763 /* compute I mod q */ 767 /* compute I mod q */
768 BN_init(&c);
764 BN_with_flags(&c, I, BN_FLG_CONSTTIME); 769 BN_with_flags(&c, I, BN_FLG_CONSTTIME);
765 770
766 if (!BN_mod(r1, &c, rsa->q, ctx)) 771 if (!BN_mod(r1, &c, rsa->q, ctx))
767 goto err; 772 goto err;
768 773
769 /* compute r1^dmq1 mod q */ 774 /* compute r1^dmq1 mod q */
775 BN_init(&dmq1);
770 BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME); 776 BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
771 777
772 if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx, 778 if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx,
@@ -780,6 +786,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
780 goto err; 786 goto err;
781 787
782 /* compute r1^dmp1 mod p */ 788 /* compute r1^dmp1 mod p */
789 BN_init(&dmp1);
783 BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME); 790 BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
784 791
785 if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx, 792 if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx,
@@ -801,6 +808,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
801 goto err; 808 goto err;
802 809
803 /* Turn BN_FLG_CONSTTIME flag on before division operation */ 810 /* Turn BN_FLG_CONSTTIME flag on before division operation */
811 BN_init(&pr1);
804 BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME); 812 BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME);
805 813
806 if (!BN_mod(r0, &pr1, rsa->p, ctx)) 814 if (!BN_mod(r0, &pr1, rsa->p, ctx))
@@ -847,6 +855,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
847 */ 855 */
848 BIGNUM d; 856 BIGNUM d;
849 857
858 BN_init(&d);
850 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME); 859 BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
851 860
852 if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx, 861 if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx,