diff options
Diffstat (limited to 'src/lib/libcrypto/rsa')
| -rw-r--r-- | src/lib/libcrypto/rsa/Makefile | 13 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa.h | 2 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_eay.c | 39 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_ssl.c | 2 |
4 files changed, 34 insertions, 22 deletions
diff --git a/src/lib/libcrypto/rsa/Makefile b/src/lib/libcrypto/rsa/Makefile index 13900812ac..8f1c611800 100644 --- a/src/lib/libcrypto/rsa/Makefile +++ b/src/lib/libcrypto/rsa/Makefile | |||
| @@ -133,12 +133,17 @@ rsa_gen.o: ../cryptlib.h rsa_gen.c | |||
| 133 | rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h | 133 | rsa_lib.o: ../../e_os.h ../../include/openssl/asn1.h |
| 134 | rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 134 | rsa_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
| 135 | rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h | 135 | rsa_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h |
| 136 | rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/engine.h | 136 | rsa_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h |
| 137 | rsa_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h | 137 | rsa_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h |
| 138 | rsa_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h | ||
| 139 | rsa_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h | ||
| 140 | rsa_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h | ||
| 138 | rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h | 141 | rsa_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h |
| 139 | rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rand.h | 142 | rsa_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h |
| 140 | rsa_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h | 143 | rsa_lib.o: ../../include/openssl/rand.h ../../include/openssl/rsa.h |
| 144 | rsa_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h | ||
| 141 | rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h | 145 | rsa_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h |
| 146 | rsa_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h | ||
| 142 | rsa_lib.o: ../cryptlib.h rsa_lib.c | 147 | rsa_lib.o: ../cryptlib.h rsa_lib.c |
| 143 | rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h | 148 | rsa_none.o: ../../e_os.h ../../include/openssl/asn1.h |
| 144 | rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h | 149 | rsa_none.o: ../../include/openssl/bio.h ../../include/openssl/bn.h |
diff --git a/src/lib/libcrypto/rsa/rsa.h b/src/lib/libcrypto/rsa/rsa.h index 6b5e4f8a9a..3699afaaaf 100644 --- a/src/lib/libcrypto/rsa/rsa.h +++ b/src/lib/libcrypto/rsa/rsa.h | |||
| @@ -281,6 +281,7 @@ int RSA_print_fp(FILE *fp, const RSA *r,int offset); | |||
| 281 | int RSA_print(BIO *bp, const RSA *r,int offset); | 281 | int RSA_print(BIO *bp, const RSA *r,int offset); |
| 282 | #endif | 282 | #endif |
| 283 | 283 | ||
| 284 | #ifndef OPENSSL_NO_RC4 | ||
| 284 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, | 285 | int i2d_RSA_NET(const RSA *a, unsigned char **pp, |
| 285 | int (*cb)(char *buf, int len, const char *prompt, int verify), | 286 | int (*cb)(char *buf, int len, const char *prompt, int verify), |
| 286 | int sgckey); | 287 | int sgckey); |
| @@ -294,6 +295,7 @@ int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, | |||
| 294 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, | 295 | RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, |
| 295 | int (*cb)(char *buf, int len, const char *prompt, | 296 | int (*cb)(char *buf, int len, const char *prompt, |
| 296 | int verify)); | 297 | int verify)); |
| 298 | #endif | ||
| 297 | 299 | ||
| 298 | /* The following 2 functions sign and verify a X509_SIG ASN1 object | 300 | /* The following 2 functions sign and verify a X509_SIG ASN1 object |
| 299 | * inside PKCS#1 padded RSA encryption */ | 301 | * inside PKCS#1 padded RSA encryption */ |
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 272c5eed18..5a6eda7961 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c | |||
| @@ -150,16 +150,6 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) | |||
| 150 | return(&rsa_pkcs1_eay_meth); | 150 | return(&rsa_pkcs1_eay_meth); |
| 151 | } | 151 | } |
| 152 | 152 | ||
| 153 | /* Usage example; | ||
| 154 | * MONT_HELPER(rsa->_method_mod_p, bn_ctx, rsa->p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | ||
| 155 | */ | ||
| 156 | #define MONT_HELPER(method_mod, ctx, m, pre_cond, err_instr) \ | ||
| 157 | if ((pre_cond) && ((method_mod) == NULL) && \ | ||
| 158 | !BN_MONT_CTX_set_locked(&(method_mod), \ | ||
| 159 | CRYPTO_LOCK_RSA, \ | ||
| 160 | (m), (ctx))) \ | ||
| 161 | err_instr | ||
| 162 | |||
| 163 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | 153 | static int RSA_eay_public_encrypt(int flen, const unsigned char *from, |
| 164 | unsigned char *to, RSA *rsa, int padding) | 154 | unsigned char *to, RSA *rsa, int padding) |
| 165 | { | 155 | { |
| @@ -233,7 +223,9 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, | |||
| 233 | goto err; | 223 | goto err; |
| 234 | } | 224 | } |
| 235 | 225 | ||
| 236 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 226 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 227 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 228 | goto err; | ||
| 237 | 229 | ||
| 238 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, | 230 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 239 | rsa->_method_mod_n)) goto err; | 231 | rsa->_method_mod_n)) goto err; |
| @@ -460,7 +452,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, | |||
| 460 | else | 452 | else |
| 461 | d= rsa->d; | 453 | d= rsa->d; |
| 462 | 454 | ||
| 463 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 455 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 456 | if(!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 457 | goto err; | ||
| 464 | 458 | ||
| 465 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | 459 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, |
| 466 | rsa->_method_mod_n)) goto err; | 460 | rsa->_method_mod_n)) goto err; |
| @@ -581,7 +575,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, | |||
| 581 | else | 575 | else |
| 582 | d = rsa->d; | 576 | d = rsa->d; |
| 583 | 577 | ||
| 584 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 578 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 579 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 580 | goto err; | ||
| 585 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, | 581 | if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx, |
| 586 | rsa->_method_mod_n)) | 582 | rsa->_method_mod_n)) |
| 587 | goto err; | 583 | goto err; |
| @@ -691,7 +687,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, | |||
| 691 | goto err; | 687 | goto err; |
| 692 | } | 688 | } |
| 693 | 689 | ||
| 694 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 690 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 691 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 692 | goto err; | ||
| 695 | 693 | ||
| 696 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, | 694 | if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, |
| 697 | rsa->_method_mod_n)) goto err; | 695 | rsa->_method_mod_n)) goto err; |
| @@ -769,11 +767,18 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) | |||
| 769 | q = rsa->q; | 767 | q = rsa->q; |
| 770 | } | 768 | } |
| 771 | 769 | ||
| 772 | MONT_HELPER(rsa->_method_mod_p, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | 770 | if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) |
| 773 | MONT_HELPER(rsa->_method_mod_q, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); | 771 | { |
| 772 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx)) | ||
| 773 | goto err; | ||
| 774 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx)) | ||
| 775 | goto err; | ||
| 776 | } | ||
| 774 | } | 777 | } |
| 775 | 778 | ||
| 776 | MONT_HELPER(rsa->_method_mod_n, ctx, rsa->n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); | 779 | if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) |
| 780 | if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx)) | ||
| 781 | goto err; | ||
| 777 | 782 | ||
| 778 | /* compute I mod q */ | 783 | /* compute I mod q */ |
| 779 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) | 784 | if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) |
diff --git a/src/lib/libcrypto/rsa/rsa_ssl.c b/src/lib/libcrypto/rsa/rsa_ssl.c index ea72629494..cfeff15bc9 100644 --- a/src/lib/libcrypto/rsa/rsa_ssl.c +++ b/src/lib/libcrypto/rsa/rsa_ssl.c | |||
| @@ -130,7 +130,7 @@ int RSA_padding_check_SSLv23(unsigned char *to, int tlen, | |||
| 130 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING); | 130 | RSAerr(RSA_F_RSA_PADDING_CHECK_SSLV23,RSA_R_NULL_BEFORE_BLOCK_MISSING); |
| 131 | return(-1); | 131 | return(-1); |
| 132 | } | 132 | } |
| 133 | for (k= -8; k<0; k++) | 133 | for (k = -9; k<-1; k++) |
| 134 | { | 134 | { |
| 135 | if (p[k] != 0x03) break; | 135 | if (p[k] != 0x03) break; |
| 136 | } | 136 | } |