diff options
| author | levitte <levitte> | 2003-04-16 06:41:51 +0000 |
|---|---|---|
| committer | levitte <levitte> | 2003-04-16 06:41:51 +0000 |
| commit | a18be7fa251497ec1a5ed8b1d8056907d1d4de7e (patch) | |
| tree | 029d80f18e712c33f3d94fbbc1aba0cc675cb8f8 | |
| parent | 93a637457f2d308482d96152d25162060590a5a2 (diff) | |
| download | openssl-a18be7fa251497ec1a5ed8b1d8056907d1d4de7e.tar.gz | |
Recent changes from 0.9.6-stable.
| -rw-r--r-- | crypto/rsa/rsa.h | 11 | ||||
| -rw-r--r-- | crypto/rsa/rsa_eay.c | 2 | ||||
| -rw-r--r-- | crypto/rsa/rsa_lib.c | 8 |
3 files changed, 13 insertions, 8 deletions
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 47981457e..7c5ba1b7b 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -156,11 +156,6 @@ struct rsa_st #define RSA_FLAG_CACHE_PUBLIC 0x02 #define RSA_FLAG_CACHE_PRIVATE 0x04 #define RSA_FLAG_BLINDING 0x08 -#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in - * RSA implementation now uses blinding by - * default (ignoring RSA_FLAG_BLINDING), - * but other engines might not need it - */ #define RSA_FLAG_THREAD_SAFE 0x10 /* This flag means the private key operations will be handled by rsa_mod_exp * and that they do not depend on the private key components being present: @@ -173,7 +168,11 @@ struct rsa_st */ #define RSA_FLAG_SIGN_VER 0x40 -#define RSA_FLAG_NO_BLINDING 0x80 +#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in + * RSA implementation now uses blinding by + * default (ignoring RSA_FLAG_BLINDING), + * but other engines might not need it + */ #define RSA_PKCS1_PADDING 1 #define RSA_SSLV23_PADDING 2 diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 0ba50b8e8..4480b2516 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -491,6 +491,8 @@ err: if (ctx != NULL) BN_CTX_free(ctx); BN_clear_free(&f); BN_clear_free(&ret); + if (local_blinding) + BN_BLINDING_free(blinding); if (buf != NULL) { OPENSSL_cleanse(buf,num); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index e1419145a..ea48087ae 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -313,7 +313,7 @@ void RSA_blinding_off(RSA *rsa) int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) { - BIGNUM *A,*Ai; + BIGNUM *A,*Ai = NULL; BN_CTX *ctx; int ret=0; @@ -324,8 +324,12 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) else ctx=p_ctx; + /* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */ if (rsa->blinding != NULL) + { BN_BLINDING_free(rsa->blinding); + rsa->blinding = NULL; + } /* NB: similar code appears in setup_blinding (rsa_eay.c); * this should be placed in a new function of its own, but for reasons @@ -354,9 +358,9 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) rsa->blinding->thread_id = CRYPTO_thread_id(); rsa->flags |= RSA_FLAG_BLINDING; rsa->flags &= ~RSA_FLAG_NO_BLINDING; - BN_free(Ai); ret=1; err: + if (Ai != NULL) BN_free(Ai); BN_CTX_end(ctx); if (ctx != p_ctx) BN_CTX_free(ctx); return(ret); |