You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
62 lines
2.0 KiB
Diff
62 lines
2.0 KiB
Diff
From ee34d8cfbd0fbf7ba7429531d4bee1c43b074d8b Mon Sep 17 00:00:00 2001
|
|
From: Jouni Malinen <jouni@codeaurora.org>
|
|
Date: Thu, 25 Apr 2019 19:23:05 +0300
|
|
Subject: [PATCH 3/6] OpenSSL: Use BN_bn2binpad() or BN_bn2bin_padded() if
|
|
available
|
|
|
|
This converts crypto_bignum_to_bin() to use the OpenSSL/BoringSSL
|
|
functions BN_bn2binpad()/BN_bn2bin_padded(), when available, to avoid
|
|
differences in runtime and memory access patterns depending on the
|
|
leading bytes of the BIGNUM value.
|
|
|
|
OpenSSL 1.0.2 and LibreSSL do not include such functions, so those cases
|
|
are still using the previous implementation where the BN_num_bytes()
|
|
call may result in different memory access pattern.
|
|
|
|
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
|
|
(cherry picked from commit 1e237903f5b5d3117342daf006c5878cdb45e3d3)
|
|
---
|
|
src/crypto/crypto_openssl.c | 16 ++++++++++++++++
|
|
1 file changed, 16 insertions(+)
|
|
|
|
--- a/src/crypto/crypto_openssl.c
|
|
+++ b/src/crypto/crypto_openssl.c
|
|
@@ -1227,7 +1227,13 @@ void crypto_bignum_deinit(struct crypto_
|
|
int crypto_bignum_to_bin(const struct crypto_bignum *a,
|
|
u8 *buf, size_t buflen, size_t padlen)
|
|
{
|
|
+#ifdef OPENSSL_IS_BORINGSSL
|
|
+#else /* OPENSSL_IS_BORINGSSL */
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
|
+#else
|
|
int num_bytes, offset;
|
|
+#endif
|
|
+#endif /* OPENSSL_IS_BORINGSSL */
|
|
|
|
if (TEST_FAIL())
|
|
return -1;
|
|
@@ -1235,6 +1241,14 @@ int crypto_bignum_to_bin(const struct cr
|
|
if (padlen > buflen)
|
|
return -1;
|
|
|
|
+#ifdef OPENSSL_IS_BORINGSSL
|
|
+ if (BN_bn2bin_padded(buf, padlen, (const BIGNUM *) a) == 0)
|
|
+ return -1;
|
|
+ return padlen;
|
|
+#else /* OPENSSL_IS_BORINGSSL */
|
|
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
|
+ return BN_bn2binpad((const BIGNUM *) a, buf, padlen);
|
|
+#else
|
|
num_bytes = BN_num_bytes((const BIGNUM *) a);
|
|
if ((size_t) num_bytes > buflen)
|
|
return -1;
|
|
@@ -1247,6 +1261,8 @@ int crypto_bignum_to_bin(const struct cr
|
|
BN_bn2bin((const BIGNUM *) a, buf + offset);
|
|
|
|
return num_bytes + offset;
|
|
+#endif
|
|
+#endif /* OPENSSL_IS_BORINGSSL */
|
|
}
|
|
|
|
|