summaryrefslogtreecommitdiffstats
path: root/lib/libssl/src
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libssl/src')
-rw-r--r--lib/libssl/src/crypto/dh/dh_key.c3
-rw-r--r--lib/libssl/src/crypto/rsa/rsa_crpt.c3
-rw-r--r--lib/libssl/src/crypto/rsa/rsa_eay.c11
3 files changed, 14 insertions, 3 deletions
diff --git a/lib/libssl/src/crypto/dh/dh_key.c b/lib/libssl/src/crypto/dh/dh_key.c
index 25e8968ef59..6eb1365bf64 100644
--- a/lib/libssl/src/crypto/dh/dh_key.c
+++ b/lib/libssl/src/crypto/dh/dh_key.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dh_key.c,v 1.24 2016/06/30 02:02:06 bcook Exp $ */
+/* $OpenBSD: dh_key.c,v 1.25 2016/07/07 11:53:12 bcook Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -149,6 +149,7 @@ generate_key(DH *dh)
{
BIGNUM prk;
+ BN_init(&prk);
BN_with_flags(&prk, priv_key, BN_FLG_CONSTTIME);
if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, &prk, dh->p, ctx,
diff --git a/lib/libssl/src/crypto/rsa/rsa_crpt.c b/lib/libssl/src/crypto/rsa/rsa_crpt.c
index b50e4a4a6fc..ccb677c12b0 100644
--- a/lib/libssl/src/crypto/rsa/rsa_crpt.c
+++ b/lib/libssl/src/crypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_crpt.c,v 1.15 2016/06/30 02:02:06 bcook Exp $ */
+/* $OpenBSD: rsa_crpt.c,v 1.16 2016/07/07 11:53:12 bcook Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -192,6 +192,7 @@ RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
} else
e = rsa->e;
+ BN_init(&n);
BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
ret = BN_BLINDING_create_param(NULL, e, &n, ctx, rsa->meth->bn_mod_exp,
diff --git a/lib/libssl/src/crypto/rsa/rsa_eay.c b/lib/libssl/src/crypto/rsa/rsa_eay.c
index 6edfd7e5fdc..2facd1c6f6a 100644
--- a/lib/libssl/src/crypto/rsa/rsa_eay.c
+++ b/lib/libssl/src/crypto/rsa/rsa_eay.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_eay.c,v 1.41 2016/06/30 02:02:06 bcook Exp $ */
+/* $OpenBSD: rsa_eay.c,v 1.42 2016/07/07 11:53:12 bcook Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -432,6 +432,7 @@ RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
} else {
BIGNUM d;
+ BN_init(&d);
BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -556,6 +557,7 @@ RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
} else {
BIGNUM d;
+ BN_init(&d);
BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
@@ -742,6 +744,8 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
* Make sure BN_mod_inverse in Montgomery intialization uses the
* BN_FLG_CONSTTIME flag
*/
+ BN_init(&p);
+ BN_init(&q);
BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
BN_with_flags(&q, rsa->q, BN_FLG_CONSTTIME);
@@ -761,12 +765,14 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
goto err;
/* compute I mod q */
+ BN_init(&c);
BN_with_flags(&c, I, BN_FLG_CONSTTIME);
if (!BN_mod(r1, &c, rsa->q, ctx))
goto err;
/* compute r1^dmq1 mod q */
+ BN_init(&dmq1);
BN_with_flags(&dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
if (!rsa->meth->bn_mod_exp(m1, r1, &dmq1, rsa->q, ctx,
@@ -780,6 +786,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
goto err;
/* compute r1^dmp1 mod p */
+ BN_init(&dmp1);
BN_with_flags(&dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
if (!rsa->meth->bn_mod_exp(r0, r1, &dmp1, rsa->p, ctx,
@@ -801,6 +808,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
goto err;
/* Turn BN_FLG_CONSTTIME flag on before division operation */
+ BN_init(&pr1);
BN_with_flags(&pr1, r1, BN_FLG_CONSTTIME);
if (!BN_mod(r0, &pr1, rsa->p, ctx))
@@ -847,6 +855,7 @@ RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
*/
BIGNUM d;
+ BN_init(&d);
BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
if (!rsa->meth->bn_mod_exp(r0, I, &d, rsa->n, ctx,
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.