diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_blinding.c | 14 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_eay.c | 28 | ||||
| -rw-r--r-- | src/lib/libcrypto/rsa/rsa_local.h | 4 |
3 files changed, 18 insertions, 28 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_blinding.c b/src/lib/libcrypto/rsa/rsa_blinding.c index e6fd67242d..cac5bd91d2 100644 --- a/src/lib/libcrypto/rsa/rsa_blinding.c +++ b/src/lib/libcrypto/rsa/rsa_blinding.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_blinding.c,v 1.2 2023/08/09 09:26:43 tb Exp $ */ | 1 | /* $OpenBSD: rsa_blinding.c,v 1.3 2023/08/09 12:09:06 tb Exp $ */ |
| 2 | /* ==================================================================== | 2 | /* ==================================================================== |
| 3 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. | 3 | * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. |
| 4 | * | 4 | * |
| @@ -109,6 +109,7 @@ | |||
| 109 | * [including the GNU Public Licence.] | 109 | * [including the GNU Public Licence.] |
| 110 | */ | 110 | */ |
| 111 | 111 | ||
| 112 | #include <pthread.h> | ||
| 112 | #include <stdio.h> | 113 | #include <stdio.h> |
| 113 | 114 | ||
| 114 | #include <openssl/opensslconf.h> | 115 | #include <openssl/opensslconf.h> |
| @@ -126,7 +127,7 @@ struct bn_blinding_st { | |||
| 126 | BIGNUM *Ai; | 127 | BIGNUM *Ai; |
| 127 | BIGNUM *e; | 128 | BIGNUM *e; |
| 128 | BIGNUM *mod; | 129 | BIGNUM *mod; |
| 129 | CRYPTO_THREADID tid; | 130 | pthread_t tid; |
| 130 | int counter; | 131 | int counter; |
| 131 | BN_MONT_CTX *m_ctx; | 132 | BN_MONT_CTX *m_ctx; |
| 132 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, | 133 | int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, |
| @@ -157,7 +158,7 @@ BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, | |||
| 157 | 158 | ||
| 158 | /* Update on first use. */ | 159 | /* Update on first use. */ |
| 159 | ret->counter = BN_BLINDING_COUNTER - 1; | 160 | ret->counter = BN_BLINDING_COUNTER - 1; |
| 160 | CRYPTO_THREADID_current(&ret->tid); | 161 | ret->tid = pthread_self(); |
| 161 | 162 | ||
| 162 | if (bn_mod_exp != NULL) | 163 | if (bn_mod_exp != NULL) |
| 163 | ret->bn_mod_exp = bn_mod_exp; | 164 | ret->bn_mod_exp = bn_mod_exp; |
| @@ -254,10 +255,10 @@ BN_BLINDING_invert(BIGNUM *n, const BIGNUM *inv, BN_BLINDING *b, BN_CTX *ctx) | |||
| 254 | return BN_mod_mul(n, n, inv, b->mod, ctx); | 255 | return BN_mod_mul(n, n, inv, b->mod, ctx); |
| 255 | } | 256 | } |
| 256 | 257 | ||
| 257 | CRYPTO_THREADID * | 258 | int |
| 258 | BN_BLINDING_thread_id(BN_BLINDING *b) | 259 | BN_BLINDING_is_local(BN_BLINDING *b) |
| 259 | { | 260 | { |
| 260 | return &b->tid; | 261 | return pthread_equal(pthread_self(), b->tid) != 0; |
| 261 | } | 262 | } |
| 262 | 263 | ||
| 263 | static BIGNUM * | 264 | static BIGNUM * |
| @@ -320,7 +321,6 @@ RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx) | |||
| 320 | RSAerror(ERR_R_BN_LIB); | 321 | RSAerror(ERR_R_BN_LIB); |
| 321 | goto err; | 322 | goto err; |
| 322 | } | 323 | } |
| 323 | CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret)); | ||
| 324 | 324 | ||
| 325 | err: | 325 | err: |
| 326 | BN_CTX_end(ctx); | 326 | BN_CTX_end(ctx); |
diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 35b32f6d02..c2e1e22f9a 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_eay.c,v 1.64 2023/08/09 09:32:23 tb Exp $ */ | 1 | /* $OpenBSD: rsa_eay.c,v 1.65 2023/08/09 12:09:06 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -222,7 +222,6 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) | |||
| 222 | { | 222 | { |
| 223 | BN_BLINDING *ret; | 223 | BN_BLINDING *ret; |
| 224 | int got_write_lock = 0; | 224 | int got_write_lock = 0; |
| 225 | CRYPTO_THREADID cur; | ||
| 226 | 225 | ||
| 227 | CRYPTO_r_lock(CRYPTO_LOCK_RSA); | 226 | CRYPTO_r_lock(CRYPTO_LOCK_RSA); |
| 228 | 227 | ||
| @@ -235,24 +234,14 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) | |||
| 235 | rsa->blinding = RSA_setup_blinding(rsa, ctx); | 234 | rsa->blinding = RSA_setup_blinding(rsa, ctx); |
| 236 | } | 235 | } |
| 237 | 236 | ||
| 238 | ret = rsa->blinding; | 237 | if ((ret = rsa->blinding) == NULL) |
| 239 | if (ret == NULL) | ||
| 240 | goto err; | 238 | goto err; |
| 241 | 239 | ||
| 242 | CRYPTO_THREADID_current(&cur); | 240 | /* |
| 243 | if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) { | 241 | * We need a shared blinding. Accesses require locks and a copy of the |
| 244 | /* rsa->blinding is ours! */ | 242 | * blinding factor needs to be retained on use. |
| 245 | *local = 1; | 243 | */ |
| 246 | } else { | 244 | if ((*local = BN_BLINDING_is_local(ret)) == 0) { |
| 247 | /* resort to rsa->mt_blinding instead */ | ||
| 248 | /* | ||
| 249 | * Instruct rsa_blinding_convert(), rsa_blinding_invert() | ||
| 250 | * that the BN_BLINDING is shared, meaning that accesses | ||
| 251 | * require locks, and that the blinding factor must be | ||
| 252 | * stored outside the BN_BLINDING | ||
| 253 | */ | ||
| 254 | *local = 0; | ||
| 255 | |||
| 256 | if (rsa->mt_blinding == NULL) { | 245 | if (rsa->mt_blinding == NULL) { |
| 257 | if (!got_write_lock) { | 246 | if (!got_write_lock) { |
| 258 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); | 247 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| @@ -266,11 +255,12 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) | |||
| 266 | ret = rsa->mt_blinding; | 255 | ret = rsa->mt_blinding; |
| 267 | } | 256 | } |
| 268 | 257 | ||
| 269 | err: | 258 | err: |
| 270 | if (got_write_lock) | 259 | if (got_write_lock) |
| 271 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); | 260 | CRYPTO_w_unlock(CRYPTO_LOCK_RSA); |
| 272 | else | 261 | else |
| 273 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); | 262 | CRYPTO_r_unlock(CRYPTO_LOCK_RSA); |
| 263 | |||
| 274 | return ret; | 264 | return ret; |
| 275 | } | 265 | } |
| 276 | 266 | ||
diff --git a/src/lib/libcrypto/rsa/rsa_local.h b/src/lib/libcrypto/rsa/rsa_local.h index 30d18bfa92..51ed925908 100644 --- a/src/lib/libcrypto/rsa/rsa_local.h +++ b/src/lib/libcrypto/rsa/rsa_local.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: rsa_local.h,v 1.5 2023/08/09 09:23:03 tb Exp $ */ | 1 | /* $OpenBSD: rsa_local.h,v 1.6 2023/08/09 12:09:06 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -159,7 +159,7 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *e, const BIGNUM *mod, BN_CTX *ctx, | |||
| 159 | void BN_BLINDING_free(BN_BLINDING *b); | 159 | void BN_BLINDING_free(BN_BLINDING *b); |
| 160 | int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); | 160 | int BN_BLINDING_convert(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *); |
| 161 | int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); | 161 | int BN_BLINDING_invert(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *); |
| 162 | CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *); | 162 | int BN_BLINDING_is_local(BN_BLINDING *b); |
| 163 | BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); | 163 | BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *ctx); |
| 164 | 164 | ||
| 165 | __END_HIDDEN_DECLS | 165 | __END_HIDDEN_DECLS |