generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Turn on RSA blinding by default.

Browse Source
This commit is contained in:
Ben Laurie 2003-03-18 12:12:10 +00:00
parent 4fc2bf07b5
commit 96c15b8aad
3 changed files with 36 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,6 +4,12 @@
Changes between 0.9.7a and 0.9.7b [xx XXX 2003] Changes between 0.9.7a and 0.9.7b [xx XXX 2003]
*) Turn on RSA blinding by default, to avoid a timing attack. Applications
that don't want it can call RSA_blinding_off(). They would be ill-advised
to do so in most cases. The automatic enabling can also be turned off
by defining OPENSSL_FORCE_NO_RSA_BLINDING at compile-time.
[Ben Laurie, Steve Henson, Geoff Thorpe]
*) Fixed a typo bug that would cause ENGINE_set_default() to set an *) Fixed a typo bug that would cause ENGINE_set_default() to set an
ENGINE as defaults for all supported algorithms irrespective of ENGINE as defaults for all supported algorithms irrespective of
the 'flags' parameter. 'flags' is now honoured, so applications the 'flags' parameter. 'flags' is now honoured, so applications

27
crypto/rsa/rsa_eay.c
View File

@ -195,6 +195,25 @@ err:
return(r); return(r);
} }
static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx)
{
int ret = 1;
CRYPTO_w_lock(CRYPTO_LOCK_RSA);
/* Check again inside the lock - the macro's check is racey */
if(rsa->blinding == NULL)
ret = RSA_blinding_on(rsa, ctx);
CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
return ret;
}
#define BLINDING_HELPER(rsa, ctx, err_instr) \
do { \
if(((rsa)->flags & RSA_FLAG_BLINDING) && \
((rsa)->blinding == NULL) && \
!rsa_eay_blinding(rsa, ctx)) \
err_instr \
} while(0)
/* signing */ /* signing */
static int RSA_eay_private_encrypt(int flen, const unsigned char *from, static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding) unsigned char *to, RSA *rsa, int padding)
@ -239,8 +258,8 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
goto err; goto err;
} }
if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) BLINDING_HELPER(rsa, ctx, goto err;);
RSA_blinding_on(rsa,ctx);
if (rsa->flags & RSA_FLAG_BLINDING) if (rsa->flags & RSA_FLAG_BLINDING)
if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
@ -318,8 +337,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
goto err; goto err;
} }
if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) BLINDING_HELPER(rsa, ctx, goto err;);
RSA_blinding_on(rsa,ctx);
if (rsa->flags & RSA_FLAG_BLINDING) if (rsa->flags & RSA_FLAG_BLINDING)
if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;

8
crypto/rsa/rsa_lib.c
View File

@ -72,7 +72,13 @@ static const RSA_METHOD *default_RSA_meth=NULL;
RSA *RSA_new(void) RSA *RSA_new(void)
{ {
return(RSA_new_method(NULL)); RSA *r=RSA_new_method(NULL);
#ifndef OPENSSL_NO_FORCE_RSA_BLINDING
r->flags|=RSA_FLAG_BLINDING;
#endif
return r;
} }
void RSA_set_default_method(const RSA_METHOD *meth) void RSA_set_default_method(const RSA_METHOD *meth)