From d7d2735b3bfc925a72116d82cd0515de75328df8 Mon Sep 17 00:00:00 2001 From: tb <> Date: Wed, 9 Aug 2023 12:09:06 +0000 Subject: Rework BN_BLINDING to use pthread_t directly Instead of CRYPTO_THREADID, which passes pthread_via through unsigned long, we can use pthread_self() and pthread_equal() directly. This commit keeps using the awkward 'local' nomenclature as that is used throughout the rsa code. This will be changed after the blinding code will have been fully merged into rsa_blinding.c. ok jsing --- src/lib/libcrypto/rsa/rsa_eay.c | 28 +++++++++------------------- 1 file changed, 9 insertions(+), 19 deletions(-) (limited to 'src/lib/libcrypto/rsa/rsa_eay.c') diff --git a/src/lib/libcrypto/rsa/rsa_eay.c b/src/lib/libcrypto/rsa/rsa_eay.c index 35b32f6d02..c2e1e22f9a 100644 --- a/src/lib/libcrypto/rsa/rsa_eay.c +++ b/src/lib/libcrypto/rsa/rsa_eay.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_eay.c,v 1.64 2023/08/09 09:32:23 tb Exp $ */ +/* $OpenBSD: rsa_eay.c,v 1.65 2023/08/09 12:09:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -222,7 +222,6 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) { BN_BLINDING *ret; int got_write_lock = 0; - CRYPTO_THREADID cur; CRYPTO_r_lock(CRYPTO_LOCK_RSA); @@ -235,24 +234,14 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) rsa->blinding = RSA_setup_blinding(rsa, ctx); } - ret = rsa->blinding; - if (ret == NULL) + if ((ret = rsa->blinding) == NULL) goto err; - CRYPTO_THREADID_current(&cur); - if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) { - /* rsa->blinding is ours! */ - *local = 1; - } else { - /* resort to rsa->mt_blinding instead */ - /* - * Instruct rsa_blinding_convert(), rsa_blinding_invert() - * that the BN_BLINDING is shared, meaning that accesses - * require locks, and that the blinding factor must be - * stored outside the BN_BLINDING - */ - *local = 0; - + /* + * We need a shared blinding. Accesses require locks and a copy of the + * blinding factor needs to be retained on use. + */ + if ((*local = BN_BLINDING_is_local(ret)) == 0) { if (rsa->mt_blinding == NULL) { if (!got_write_lock) { CRYPTO_r_unlock(CRYPTO_LOCK_RSA); @@ -266,11 +255,12 @@ rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) ret = rsa->mt_blinding; } -err: + err: if (got_write_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RSA); else CRYPTO_r_unlock(CRYPTO_LOCK_RSA); + return ret; } -- cgit v1.2.3-55-g6feb