#define RSA_FLAG_CACHE_PUBLIC 0x02
#define RSA_FLAG_CACHE_PRIVATE 0x04
#define RSA_FLAG_BLINDING 0x08
-#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
- * RSA implementation now uses blinding by
- * default (ignoring RSA_FLAG_BLINDING),
- * but other engines might not need it
- */
#define RSA_FLAG_THREAD_SAFE 0x10
/* This flag means the private key operations will be handled by rsa_mod_exp
* and that they do not depend on the private key components being present:
*/
#define RSA_FLAG_SIGN_VER 0x40
-#define RSA_FLAG_NO_BLINDING 0x80
+#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in
+ * RSA implementation now uses blinding by
+ * default (ignoring RSA_FLAG_BLINDING),
+ * but other engines might not need it
+ */
#define RSA_PKCS1_PADDING 1
#define RSA_SSLV23_PADDING 2
if (ctx != NULL) BN_CTX_free(ctx);
BN_clear_free(&f);
BN_clear_free(&ret);
+ if (local_blinding)
+ BN_BLINDING_free(blinding);
if (buf != NULL)
{
OPENSSL_cleanse(buf,num);
int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
{
- BIGNUM *A,*Ai;
+ BIGNUM *A,*Ai = NULL;
BN_CTX *ctx;
int ret=0;
else
ctx=p_ctx;
+ /* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */
if (rsa->blinding != NULL)
+ {
BN_BLINDING_free(rsa->blinding);
+ rsa->blinding = NULL;
+ }
/* NB: similar code appears in setup_blinding (rsa_eay.c);
* this should be placed in a new function of its own, but for reasons
rsa->blinding->thread_id = CRYPTO_thread_id();
rsa->flags |= RSA_FLAG_BLINDING;
rsa->flags &= ~RSA_FLAG_NO_BLINDING;
- BN_free(Ai);
ret=1;
err:
+ if (Ai != NULL) BN_free(Ai);
BN_CTX_end(ctx);
if (ctx != p_ctx) BN_CTX_free(ctx);
return(ret);
projects / oweals / openssl.git / commitdiff