Skip to content

Commit

Permalink
Support constant BN for DH parameters
Browse files Browse the repository at this point in the history
If BN_FLG_STATIC_DATA is set don't cleanse a->d as it will reside
in read only memory. If BN_FLG_MALLOCED is not set don't modify the
BIGNUM at all.

This change applies to BN_clear_free() and BN_free(). Now the BIGNUM
structure is opaque applications cannot create a BIGNUM structure
without BN_FLG_MALLOCED being set so they are unaffected.

Update internal DH routines so they only copy pointers for read only
parameters.

Reviewed-by: Andy Polyakov <[email protected]>
(Merged from openssl#4485)
  • Loading branch information
snhenson committed Oct 12, 2017
1 parent 8e826a3 commit 5f2d9c4
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 22 deletions.
21 changes: 5 additions & 16 deletions crypto/bn/bn_lib.c
Original file line number Diff line number Diff line change
Expand Up @@ -179,37 +179,26 @@ static void bn_free_d(BIGNUM *a)

void BN_clear_free(BIGNUM *a)
{
int i;

if (a == NULL)
return;
bn_check_top(a);
if (a->d != NULL) {
if (a->d != NULL && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
bn_free_d(a);
bn_free_d(a);
}
i = BN_get_flags(a, BN_FLG_MALLOCED);
OPENSSL_cleanse(a, sizeof(*a));
if (i)
if (BN_get_flags(a, BN_FLG_MALLOCED)) {
OPENSSL_cleanse(a, sizeof(*a));
OPENSSL_free(a);
}
}

void BN_free(BIGNUM *a)
{
if (a == NULL)
return;
bn_check_top(a);
if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
bn_free_d(a);
if (a->flags & BN_FLG_MALLOCED)
OPENSSL_free(a);
else {
#if OPENSSL_API_COMPAT < 0x00908000L
a->flags |= BN_FLG_FREE;
#endif
a->d = NULL;
}
}

void bn_init(BIGNUM *a)
Expand Down
18 changes: 12 additions & 6 deletions crypto/dh/dh_ameth.c
Original file line number Diff line number Diff line change
Expand Up @@ -374,13 +374,19 @@ static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
static int int_dh_bn_cpy(BIGNUM **dst, const BIGNUM *src)
{
BIGNUM *a;
if (src) {
a = BN_dup(src);
if (!a)
return 0;
} else

/*
* If source is read only just copy the pointer, so
* we don't have to reallocate it.
*/
if (src == NULL)
a = NULL;
BN_free(*dst);
else if (BN_get_flags(src, BN_FLG_STATIC_DATA)
&& !BN_get_flags(src, BN_FLG_MALLOCED))
a = (BIGNUM *)src;
else if ((a = BN_dup(src)) == NULL)
return 0;
BN_clear_free(*dst);
*dst = a;
return 1;
}
Expand Down

0 comments on commit 5f2d9c4

Please sign in to comment.