Remove RSA_memory_lock(). This undocumented function sort-of serializes your

RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
author: miod <> 2014-07-09 08:55:32 +0000
committer: miod <> 2014-07-09 08:55:32 +0000
commit: a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d (patch)
tree: 2ec32e3be23a5e22a38511c5477a7619f55849cc /src
parent: 647c5790bf6cd9db48b1ec80ad028bdea7918d20 (diff)
download: openbsd-a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d.tar.gz
openbsd-a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d.tar.bz2
openbsd-a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d.zip
4 files changed, 4 insertions, 102 deletions
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h
index 3c49c13215..daea33ff60 100644
--- a/src/lib/libcrypto/rsa/rsa.h
+++ b/src/lib/libcrypto/rsa/rsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.h,v 1.19 2014/06/12 15:49:30 deraadt Exp $ */
+/* $OpenBSD: rsa.h,v 1.20 2014/07/09 08:55:32 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -155,7 +155,6 @@ struct rsa_st
        /* all BIGNUM values are actually in the following data, if it is not
         * NULL */
-        char *bignum_data;
        BN_BLINDING *blinding;
        BN_BLINDING *mt_blinding;
        };
@@ -312,9 +311,6 @@ const RSA_METHOD *RSA_get_default_method(void);
 const RSA_METHOD *RSA_get_method(const RSA *rsa);
 int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-/* This function needs the memory locking malloc callbacks to be installed */
-int RSA_memory_lock(RSA *r);
 /* these are the actual SSLeay RSA functions */
 const RSA_METHOD *RSA_PKCS1_SSLeay(void);
diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c
index 5ccdfe9810..62d415a27b 100644
--- a/src/lib/libcrypto/rsa/rsa_lib.c
+++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_lib.c,v 1.22 2014/07/09 08:44:53 miod Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.23 2014/07/09 08:55:32 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -265,48 +265,3 @@ RSA_get_ex_data(const RSA *r, int idx)
 {
        return CRYPTO_get_ex_data(&r->ex_data, idx);
 }
-int RSA_memory_lock(RSA *r)
-        {
-        int i,j,k,off;
-        char *p;
-        BIGNUM *bn,**t[6],*b;
-        BN_ULONG *ul;
-        if (r->d == NULL) return(1);
-        t[0]= &r->d;
-        t[1]= &r->p;
-        t[2]= &r->q;
-        t[3]= &r->dmp1;
-        t[4]= &r->dmq1;
-        t[5]= &r->iqmp;
-        k=sizeof(BIGNUM)*6;
-        off=k/sizeof(BN_ULONG)+1;
-        j=1;
-        for (i=0; i<6; i++)
-                j+= (*t[i])->top;
-        if ((p=reallocarray(NULL, (off+j), sizeof(BN_ULONG))) == NULL)
-                {
-                RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
-                return(0);
-                }
-        bn=(BIGNUM *)p;
-        ul=(BN_ULONG *)&(p[off]);
-        for (i=0; i<6; i++)
-                {
-                b= *(t[i]);
-                *(t[i])= &(bn[i]);
-                memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
-                bn[i].flags=BN_FLG_STATIC_DATA;
-                bn[i].d=ul;
-                memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
-                ul+=b->top;
-                BN_clear_free(b);
-                }
-        
-        /* I should fix this so it can still be done */
-        r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
-        r->bignum_data=p;
-        return(1);
-        }
diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h
index 3c49c13215..daea33ff60 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa.h
+++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa.h,v 1.19 2014/06/12 15:49:30 deraadt Exp $ */
+/* $OpenBSD: rsa.h,v 1.20 2014/07/09 08:55:32 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -155,7 +155,6 @@ struct rsa_st
        /* all BIGNUM values are actually in the following data, if it is not
         * NULL */
-        char *bignum_data;
        BN_BLINDING *blinding;
        BN_BLINDING *mt_blinding;
        };
@@ -312,9 +311,6 @@ const RSA_METHOD *RSA_get_default_method(void);
 const RSA_METHOD *RSA_get_method(const RSA *rsa);
 int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
-/* This function needs the memory locking malloc callbacks to be installed */
-int RSA_memory_lock(RSA *r);
 /* these are the actual SSLeay RSA functions */
 const RSA_METHOD *RSA_PKCS1_SSLeay(void);
diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
index 5ccdfe9810..62d415a27b 100644
--- a/src/lib/libssl/src/crypto/rsa/rsa_lib.c
+++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_lib.c,v 1.22 2014/07/09 08:44:53 miod Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.23 2014/07/09 08:55:32 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -265,48 +265,3 @@ RSA_get_ex_data(const RSA *r, int idx)
 {
        return CRYPTO_get_ex_data(&r->ex_data, idx);
 }
-int RSA_memory_lock(RSA *r)
-        {
-        int i,j,k,off;
-        char *p;
-        BIGNUM *bn,**t[6],*b;
-        BN_ULONG *ul;
-        if (r->d == NULL) return(1);
-        t[0]= &r->d;
-        t[1]= &r->p;
-        t[2]= &r->q;
-        t[3]= &r->dmp1;
-        t[4]= &r->dmq1;
-        t[5]= &r->iqmp;
-        k=sizeof(BIGNUM)*6;
-        off=k/sizeof(BN_ULONG)+1;
-        j=1;
-        for (i=0; i<6; i++)
-                j+= (*t[i])->top;
-        if ((p=reallocarray(NULL, (off+j), sizeof(BN_ULONG))) == NULL)
-                {
-                RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
-                return(0);
-                }
-        bn=(BIGNUM *)p;
-        ul=(BN_ULONG *)&(p[off]);
-        for (i=0; i<6; i++)
-                {
-                b= *(t[i]);
-                *(t[i])= &(bn[i]);
-                memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM));
-                bn[i].flags=BN_FLG_STATIC_DATA;
-                bn[i].d=ul;
-                memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top);
-                ul+=b->top;
-                BN_clear_free(b);
-                }
-        
-        /* I should fix this so it can still be done */
-        r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC);
-        r->bignum_data=p;
-        return(1);
-        }
author	miod <>	2014-07-09 08:55:32 +0000
committer	miod <>	2014-07-09 08:55:32 +0000
commit	a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d (patch)
tree	2ec32e3be23a5e22a38511c5477a7619f55849cc /src
parent	647c5790bf6cd9db48b1ec80ad028bdea7918d20 (diff)
download	openbsd-a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d.tar.gz openbsd-a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d.tar.bz2 openbsd-a0d8435d26cdfa75eed61b864f9a1dfc0d6c956d.zip

diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index 3c49c13215..daea33ff60 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa.h,v 1.19 2014/06/12 15:49:30 deraadt Exp $ */	1	/* $OpenBSD: rsa.h,v 1.20 2014/07/09 08:55:32 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -155,7 +155,6 @@ struct rsa_st
155		155
156	/* all BIGNUM values are actually in the following data, if it is not	156	/* all BIGNUM values are actually in the following data, if it is not
157	* NULL */	157	* NULL */
158	char *bignum_data;
159	BN_BLINDING *blinding;	158	BN_BLINDING *blinding;
160	BN_BLINDING *mt_blinding;	159	BN_BLINDING *mt_blinding;
161	};	160	};
@@ -312,9 +311,6 @@ const RSA_METHOD *RSA_get_default_method(void);
312	const RSA_METHOD RSA_get_method(const RSA rsa);	311	const RSA_METHOD RSA_get_method(const RSA rsa);
313	int RSA_set_method(RSA rsa, const RSA_METHOD meth);	312	int RSA_set_method(RSA rsa, const RSA_METHOD meth);
314		313
315	/* This function needs the memory locking malloc callbacks to be installed */
316	int RSA_memory_lock(RSA *r);
317
318	/* these are the actual SSLeay RSA functions */	314	/* these are the actual SSLeay RSA functions */
319	const RSA_METHOD *RSA_PKCS1_SSLeay(void);	315	const RSA_METHOD *RSA_PKCS1_SSLeay(void);
320		316


diff --git a/src/lib/libcrypto/rsa/rsa_lib.c b/src/lib/libcrypto/rsa/rsa_lib.c index 5ccdfe9810..62d415a27b 100644 --- a/src/lib/libcrypto/rsa/rsa_lib.c +++ b/src/lib/libcrypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_lib.c,v 1.22 2014/07/09 08:44:53 miod Exp $ */	1	/* $OpenBSD: rsa_lib.c,v 1.23 2014/07/09 08:55:32 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -265,48 +265,3 @@ RSA_get_ex_data(const RSA *r, int idx)
265	{	265	{
266	return CRYPTO_get_ex_data(&r->ex_data, idx);	266	return CRYPTO_get_ex_data(&r->ex_data, idx);
267	}	267	}
268
269	int RSA_memory_lock(RSA *r)
270	{
271	int i,j,k,off;
272	char *p;
273	BIGNUM bn,t[6],b;
274	BN_ULONG *ul;
275
276	if (r->d == NULL) return(1);
277	t[0]= &r->d;
278	t[1]= &r->p;
279	t[2]= &r->q;
280	t[3]= &r->dmp1;
281	t[4]= &r->dmq1;
282	t[5]= &r->iqmp;
283	k=sizeof(BIGNUM)*6;
284	off=k/sizeof(BN_ULONG)+1;
285	j=1;
286	for (i=0; i<6; i++)
287	j+= (*t[i])->top;
288	if ((p=reallocarray(NULL, (off+j), sizeof(BN_ULONG))) == NULL)
289	{
290	RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
291	return(0);
292	}
293	bn=(BIGNUM *)p;
294	ul=(BN_ULONG *)&(p[off]);
295	for (i=0; i<6; i++)
296	{
297	b= *(t[i]);
298	*(t[i])= &(bn[i]);
299	memcpy((char )&(bn[i]),(char )b,sizeof(BIGNUM));
300	bn[i].flags=BN_FLG_STATIC_DATA;
301	bn[i].d=ul;
302	memcpy((char )ul,b->d,sizeof(BN_ULONG)b->top);
303	ul+=b->top;
304	BN_clear_free(b);
305	}
306
307	/* I should fix this so it can still be done */
308	r->flags&= ~(RSA_FLAG_CACHE_PRIVATE\|RSA_FLAG_CACHE_PUBLIC);
309
310	r->bignum_data=p;
311	return(1);
312	}


diff --git a/src/lib/libssl/src/crypto/rsa/rsa.h b/src/lib/libssl/src/crypto/rsa/rsa.h index 3c49c13215..daea33ff60 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa.h +++ b/src/lib/libssl/src/crypto/rsa/rsa.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa.h,v 1.19 2014/06/12 15:49:30 deraadt Exp $ */	1	/* $OpenBSD: rsa.h,v 1.20 2014/07/09 08:55:32 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -155,7 +155,6 @@ struct rsa_st
155		155
156	/* all BIGNUM values are actually in the following data, if it is not	156	/* all BIGNUM values are actually in the following data, if it is not
157	* NULL */	157	* NULL */
158	char *bignum_data;
159	BN_BLINDING *blinding;	158	BN_BLINDING *blinding;
160	BN_BLINDING *mt_blinding;	159	BN_BLINDING *mt_blinding;
161	};	160	};
@@ -312,9 +311,6 @@ const RSA_METHOD *RSA_get_default_method(void);
312	const RSA_METHOD RSA_get_method(const RSA rsa);	311	const RSA_METHOD RSA_get_method(const RSA rsa);
313	int RSA_set_method(RSA rsa, const RSA_METHOD meth);	312	int RSA_set_method(RSA rsa, const RSA_METHOD meth);
314		313
315	/* This function needs the memory locking malloc callbacks to be installed */
316	int RSA_memory_lock(RSA *r);
317
318	/* these are the actual SSLeay RSA functions */	314	/* these are the actual SSLeay RSA functions */
319	const RSA_METHOD *RSA_PKCS1_SSLeay(void);	315	const RSA_METHOD *RSA_PKCS1_SSLeay(void);
320		316


diff --git a/src/lib/libssl/src/crypto/rsa/rsa_lib.c b/src/lib/libssl/src/crypto/rsa/rsa_lib.c index 5ccdfe9810..62d415a27b 100644 --- a/src/lib/libssl/src/crypto/rsa/rsa_lib.c +++ b/src/lib/libssl/src/crypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_lib.c,v 1.22 2014/07/09 08:44:53 miod Exp $ */	1	/* $OpenBSD: rsa_lib.c,v 1.23 2014/07/09 08:55:32 miod Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -265,48 +265,3 @@ RSA_get_ex_data(const RSA *r, int idx)
265	{	265	{
266	return CRYPTO_get_ex_data(&r->ex_data, idx);	266	return CRYPTO_get_ex_data(&r->ex_data, idx);
267	}	267	}
268
269	int RSA_memory_lock(RSA *r)
270	{
271	int i,j,k,off;
272	char *p;
273	BIGNUM bn,t[6],b;
274	BN_ULONG *ul;
275
276	if (r->d == NULL) return(1);
277	t[0]= &r->d;
278	t[1]= &r->p;
279	t[2]= &r->q;
280	t[3]= &r->dmp1;
281	t[4]= &r->dmq1;
282	t[5]= &r->iqmp;
283	k=sizeof(BIGNUM)*6;
284	off=k/sizeof(BN_ULONG)+1;
285	j=1;
286	for (i=0; i<6; i++)
287	j+= (*t[i])->top;
288	if ((p=reallocarray(NULL, (off+j), sizeof(BN_ULONG))) == NULL)
289	{
290	RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
291	return(0);
292	}
293	bn=(BIGNUM *)p;
294	ul=(BN_ULONG *)&(p[off]);
295	for (i=0; i<6; i++)
296	{
297	b= *(t[i]);
298	*(t[i])= &(bn[i]);
299	memcpy((char )&(bn[i]),(char )b,sizeof(BIGNUM));
300	bn[i].flags=BN_FLG_STATIC_DATA;
301	bn[i].d=ul;
302	memcpy((char )ul,b->d,sizeof(BN_ULONG)b->top);
303	ul+=b->top;
304	BN_clear_free(b);
305	}
306
307	/* I should fix this so it can still be done */
308	r->flags&= ~(RSA_FLAG_CACHE_PRIVATE\|RSA_FLAG_CACHE_PUBLIC);
309
310	r->bignum_data=p;
311	return(1);
312	}