From: Richard Levitte Date: Wed, 16 Apr 2003 06:41:51 +0000 (+0000) Subject: Recent changes from 0.9.6-stable. X-Git-Tag: OpenSSL-engine-0_9_6k~9 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=7fd79b985892988927cb0c8fb97a23dc68ec6b28;p=oweals%2Fopenssl.git Recent changes from 0.9.6-stable. --- diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 47981457ec..7c5ba1b7ba 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -156,11 +156,6 @@ struct rsa_st #define RSA_FLAG_CACHE_PUBLIC 0x02 #define RSA_FLAG_CACHE_PRIVATE 0x04 #define RSA_FLAG_BLINDING 0x08 -#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in - * RSA implementation now uses blinding by - * default (ignoring RSA_FLAG_BLINDING), - * but other engines might not need it - */ #define RSA_FLAG_THREAD_SAFE 0x10 /* This flag means the private key operations will be handled by rsa_mod_exp * and that they do not depend on the private key components being present: @@ -173,7 +168,11 @@ struct rsa_st */ #define RSA_FLAG_SIGN_VER 0x40 -#define RSA_FLAG_NO_BLINDING 0x80 +#define RSA_FLAG_NO_BLINDING 0x80 /* new with 0.9.6j and 0.9.7b; the built-in + * RSA implementation now uses blinding by + * default (ignoring RSA_FLAG_BLINDING), + * but other engines might not need it + */ #define RSA_PKCS1_PADDING 1 #define RSA_SSLV23_PADDING 2 diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 0ba50b8e87..4480b2516e 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -491,6 +491,8 @@ err: if (ctx != NULL) BN_CTX_free(ctx); BN_clear_free(&f); BN_clear_free(&ret); + if (local_blinding) + BN_BLINDING_free(blinding); if (buf != NULL) { OPENSSL_cleanse(buf,num); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index e1419145a7..ea48087aed 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -313,7 +313,7 @@ void RSA_blinding_off(RSA *rsa) int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) { - BIGNUM *A,*Ai; + BIGNUM *A,*Ai = NULL; BN_CTX *ctx; int ret=0; @@ -324,8 +324,12 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) else ctx=p_ctx; + /* XXXXX: Shouldn't this be RSA_blinding_off(rsa)? */ if (rsa->blinding != NULL) + { BN_BLINDING_free(rsa->blinding); + rsa->blinding = NULL; + } /* NB: similar code appears in setup_blinding (rsa_eay.c); * this should be placed in a new function of its own, but for reasons @@ -354,9 +358,9 @@ int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx) rsa->blinding->thread_id = CRYPTO_thread_id(); rsa->flags |= RSA_FLAG_BLINDING; rsa->flags &= ~RSA_FLAG_NO_BLINDING; - BN_free(Ai); ret=1; err: + if (Ai != NULL) BN_free(Ai); BN_CTX_end(ctx); if (ctx != p_ctx) BN_CTX_free(ctx); return(ret);