Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(92)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/crypto/bn/bn_blind.c

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « openssl/crypto/bn/bn_asm.c ('k') | openssl/crypto/bn/bn_ctx.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* crypto/bn/bn_blind.c */ 1 /* crypto/bn/bn_blind.c */
2 /* ==================================================================== 2 /* ====================================================================
3 * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
(...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after
114 #include "bn_lcl.h" 114 #include "bn_lcl.h"
115 115
116 #define BN_BLINDING_COUNTER 32 116 #define BN_BLINDING_COUNTER 32
117 117
118 struct bn_blinding_st 118 struct bn_blinding_st
119 { 119 {
120 BIGNUM *A; 120 BIGNUM *A;
121 BIGNUM *Ai; 121 BIGNUM *Ai;
122 BIGNUM *e; 122 BIGNUM *e;
123 BIGNUM *mod; /* just a reference */ 123 BIGNUM *mod; /* just a reference */
124 #ifndef OPENSSL_NO_DEPRECATED
124 unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b; 125 unsigned long thread_id; /* added in OpenSSL 0.9.6j and 0.9.7b;
125 * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */ 126 * used only by crypto/rsa/rsa_eay.c, rsa_lib.c */
126 » unsigned int counter; 127 #endif
128 » CRYPTO_THREADID tid;
129 » int counter;
127 unsigned long flags; 130 unsigned long flags;
128 BN_MONT_CTX *m_ctx; 131 BN_MONT_CTX *m_ctx;
129 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 132 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
130 const BIGNUM *m, BN_CTX *ctx, 133 const BIGNUM *m, BN_CTX *ctx,
131 BN_MONT_CTX *m_ctx); 134 BN_MONT_CTX *m_ctx);
132 }; 135 };
133 136
134 BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, /* const */ BIGN UM *mod) 137 BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
135 { 138 {
136 BN_BLINDING *ret=NULL; 139 BN_BLINDING *ret=NULL;
137 140
138 bn_check_top(mod); 141 bn_check_top(mod);
139 142
140 if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL) 143 if ((ret=(BN_BLINDING *)OPENSSL_malloc(sizeof(BN_BLINDING))) == NULL)
141 { 144 {
142 BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE); 145 BNerr(BN_F_BN_BLINDING_NEW,ERR_R_MALLOC_FAILURE);
143 return(NULL); 146 return(NULL);
144 } 147 }
145 memset(ret,0,sizeof(BN_BLINDING)); 148 memset(ret,0,sizeof(BN_BLINDING));
146 if (A != NULL) 149 if (A != NULL)
147 { 150 {
148 if ((ret->A = BN_dup(A)) == NULL) goto err; 151 if ((ret->A = BN_dup(A)) == NULL) goto err;
149 } 152 }
150 if (Ai != NULL) 153 if (Ai != NULL)
151 { 154 {
152 if ((ret->Ai = BN_dup(Ai)) == NULL) goto err; 155 if ((ret->Ai = BN_dup(Ai)) == NULL) goto err;
153 } 156 }
154 157
155 /* save a copy of mod in the BN_BLINDING structure */ 158 /* save a copy of mod in the BN_BLINDING structure */
156 if ((ret->mod = BN_dup(mod)) == NULL) goto err; 159 if ((ret->mod = BN_dup(mod)) == NULL) goto err;
157 if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) 160 if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
158 BN_set_flags(ret->mod, BN_FLG_CONSTTIME); 161 BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
159 162
160 » ret->counter = BN_BLINDING_COUNTER; 163 » /* Set the counter to the special value -1
164 » * to indicate that this is never-used fresh blinding
165 » * that does not need updating before first use. */
166 » ret->counter = -1;
167 » CRYPTO_THREADID_current(&ret->tid);
161 return(ret); 168 return(ret);
162 err: 169 err:
163 if (ret != NULL) BN_BLINDING_free(ret); 170 if (ret != NULL) BN_BLINDING_free(ret);
164 return(NULL); 171 return(NULL);
165 } 172 }
166 173
167 void BN_BLINDING_free(BN_BLINDING *r) 174 void BN_BLINDING_free(BN_BLINDING *r)
168 { 175 {
169 if(r == NULL) 176 if(r == NULL)
170 return; 177 return;
171 178
172 if (r->A != NULL) BN_free(r->A ); 179 if (r->A != NULL) BN_free(r->A );
173 if (r->Ai != NULL) BN_free(r->Ai); 180 if (r->Ai != NULL) BN_free(r->Ai);
174 if (r->e != NULL) BN_free(r->e ); 181 if (r->e != NULL) BN_free(r->e );
175 if (r->mod != NULL) BN_free(r->mod); 182 if (r->mod != NULL) BN_free(r->mod);
176 OPENSSL_free(r); 183 OPENSSL_free(r);
177 } 184 }
178 185
179 int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) 186 int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
180 { 187 {
181 int ret=0; 188 int ret=0;
182 189
183 if ((b->A == NULL) || (b->Ai == NULL)) 190 if ((b->A == NULL) || (b->Ai == NULL))
184 { 191 {
185 BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED); 192 BNerr(BN_F_BN_BLINDING_UPDATE,BN_R_NOT_INITIALIZED);
186 goto err; 193 goto err;
187 } 194 }
188 195
189 » if (--(b->counter) == 0 && b->e != NULL && 196 » if (b->counter == -1)
197 » » b->counter = 0;
198
199 » if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL &&
190 !(b->flags & BN_BLINDING_NO_RECREATE)) 200 !(b->flags & BN_BLINDING_NO_RECREATE))
191 { 201 {
192 /* re-create blinding parameters */ 202 /* re-create blinding parameters */
193 if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL)) 203 if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL))
194 goto err; 204 goto err;
195 } 205 }
196 else if (!(b->flags & BN_BLINDING_NO_UPDATE)) 206 else if (!(b->flags & BN_BLINDING_NO_UPDATE))
197 { 207 {
198 if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err; 208 if (!BN_mod_mul(b->A,b->A,b->A,b->mod,ctx)) goto err;
199 if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err; 209 if (!BN_mod_mul(b->Ai,b->Ai,b->Ai,b->mod,ctx)) goto err;
200 } 210 }
201 211
202 ret=1; 212 ret=1;
203 err: 213 err:
204 » if (b->counter == 0) 214 » if (b->counter == BN_BLINDING_COUNTER)
205 » » b->counter = BN_BLINDING_COUNTER; 215 » » b->counter = 0;
206 return(ret); 216 return(ret);
207 } 217 }
208 218
209 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) 219 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
210 { 220 {
211 return BN_BLINDING_convert_ex(n, NULL, b, ctx); 221 return BN_BLINDING_convert_ex(n, NULL, b, ctx);
212 } 222 }
213 223
214 int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) 224 int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
215 { 225 {
216 int ret = 1; 226 int ret = 1;
217 227
218 bn_check_top(n); 228 bn_check_top(n);
219 229
220 if ((b->A == NULL) || (b->Ai == NULL)) 230 if ((b->A == NULL) || (b->Ai == NULL))
221 { 231 {
222 BNerr(BN_F_BN_BLINDING_CONVERT_EX,BN_R_NOT_INITIALIZED); 232 BNerr(BN_F_BN_BLINDING_CONVERT_EX,BN_R_NOT_INITIALIZED);
223 return(0); 233 return(0);
224 } 234 }
225 235
236 if (b->counter == -1)
237 /* Fresh blinding, doesn't need updating. */
238 b->counter = 0;
239 else if (!BN_BLINDING_update(b,ctx))
240 return(0);
241
226 if (r != NULL) 242 if (r != NULL)
227 { 243 {
228 if (!BN_copy(r, b->Ai)) ret=0; 244 if (!BN_copy(r, b->Ai)) ret=0;
229 } 245 }
230 246
231 if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0; 247 if (!BN_mod_mul(n,n,b->A,b->mod,ctx)) ret=0;
232 248
233 return ret; 249 return ret;
234 } 250 }
235 251
236 int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) 252 int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
237 { 253 {
238 return BN_BLINDING_invert_ex(n, NULL, b, ctx); 254 return BN_BLINDING_invert_ex(n, NULL, b, ctx);
239 } 255 }
240 256
241 int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ct x) 257 int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ct x)
242 { 258 {
243 int ret; 259 int ret;
244 260
245 bn_check_top(n); 261 bn_check_top(n);
246 if ((b->A == NULL) || (b->Ai == NULL))
247 {
248 BNerr(BN_F_BN_BLINDING_INVERT_EX,BN_R_NOT_INITIALIZED);
249 return(0);
250 }
251 262
252 if (r != NULL) 263 if (r != NULL)
253 ret = BN_mod_mul(n, n, r, b->mod, ctx); 264 ret = BN_mod_mul(n, n, r, b->mod, ctx);
254 else 265 else
266 {
267 if (b->Ai == NULL)
268 {
269 BNerr(BN_F_BN_BLINDING_INVERT_EX,BN_R_NOT_INITIALIZED);
270 return(0);
271 }
255 ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx); 272 ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx);
273 }
256 274
257 if (ret >= 0)
258 {
259 if (!BN_BLINDING_update(b,ctx))
260 return(0);
261 }
262 bn_check_top(n); 275 bn_check_top(n);
263 return(ret); 276 return(ret);
264 } 277 }
265 278
279 #ifndef OPENSSL_NO_DEPRECATED
266 unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b) 280 unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)
267 { 281 {
268 return b->thread_id; 282 return b->thread_id;
269 } 283 }
270 284
271 void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n) 285 void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)
272 { 286 {
273 b->thread_id = n; 287 b->thread_id = n;
274 } 288 }
289 #endif
290
291 CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)
292 {
293 return &b->tid;
294 }
275 295
276 unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b) 296 unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)
277 { 297 {
278 return b->flags; 298 return b->flags;
279 } 299 }
280 300
281 void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) 301 void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
282 { 302 {
283 b->flags = flags; 303 b->flags = flags;
284 } 304 }
285 305
286 BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, 306 BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
287 » const BIGNUM *e, /* const */ BIGNUM *m, BN_CTX *ctx, 307 » const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
288 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, 308 int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
289 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx), 309 const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),
290 BN_MONT_CTX *m_ctx) 310 BN_MONT_CTX *m_ctx)
291 { 311 {
292 int retry_counter = 32; 312 int retry_counter = 32;
293 BN_BLINDING *ret = NULL; 313 BN_BLINDING *ret = NULL;
294 314
295 if (b == NULL) 315 if (b == NULL)
296 ret = BN_BLINDING_new(NULL, NULL, m); 316 ret = BN_BLINDING_new(NULL, NULL, m);
297 else 317 else
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after
356 return ret; 376 return ret;
357 err: 377 err:
358 if (b == NULL && ret != NULL) 378 if (b == NULL && ret != NULL)
359 { 379 {
360 BN_BLINDING_free(ret); 380 BN_BLINDING_free(ret);
361 ret = NULL; 381 ret = NULL;
362 } 382 }
363 383
364 return ret; 384 return ret;
365 } 385 }
OLDNEW
« no previous file with comments | « openssl/crypto/bn/bn_asm.c ('k') | openssl/crypto/bn/bn_ctx.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698