diff options
| author |   Daniel Ahlberg <aliz@gentoo.org> | 2003-03-19 09:29:01 +0000 |
|---|---|---|
| committer | Daniel Ahlberg <aliz@gentoo.org> | 2003-03-19 09:29:01 +0000 |
| commit | f8a901bf08ac7f6bd09a12024abd069800e749f4 (patch) | |
| tree | c59862bd61f81d029dc0075c4fc2c3bce554e035 /dev-libs/openssl | |
| parent | Security update (diff) | |
| download | gentoo-2-f8a901bf08ac7f6bd09a12024abd069800e749f4.tar.gz gentoo-2-f8a901bf08ac7f6bd09a12024abd069800e749f4.tar.bz2 gentoo-2-f8a901bf08ac7f6bd09a12024abd069800e749f4.zip | |
patches
Diffstat (limited to 'dev-libs/openssl')
| -rw-r--r-- | dev-libs/openssl/files/openssl-0.9.6i-blinding.patch | 67 | ||||
| -rw-r--r-- | dev-libs/openssl/files/openssl-0.9.7a-blinding.patch | 67 |
2 files changed, 134 insertions, 0 deletions
diff --git a/dev-libs/openssl/files/openssl-0.9.6i-blinding.patch b/dev-libs/openssl/files/openssl-0.9.6i-blinding.patch new file mode 100644 index 000000000000..299ba83592fb --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.6i-blinding.patch @@ -0,0 +1,67 @@ +--- crypto/rsa/rsa_eay.c 30 Jan 2003 17:37:46 -0000 1.28.2.3 ++++ crypto/rsa/rsa_eay.c 16 Mar 2003 10:34:13 -0000 +@@ -195,6 +195,25 @@ + return(r); + } + ++static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) ++ { ++ int ret = 1; ++ CRYPTO_w_lock(CRYPTO_LOCK_RSA); ++ /* Check again inside the lock - the macro's check is racey */ ++ if(rsa->blinding == NULL) ++ ret = RSA_blinding_on(rsa, ctx); ++ CRYPTO_w_unlock(CRYPTO_LOCK_RSA); ++ return ret; ++ } ++ ++#define BLINDING_HELPER(rsa, ctx, err_instr) \ ++ do { \ ++ if(((rsa)->flags & RSA_FLAG_BLINDING) && \ ++ ((rsa)->blinding == NULL) && \ ++ !rsa_eay_blinding(rsa, ctx)) \ ++ err_instr \ ++ } while(0) ++ + /* signing */ + static int RSA_eay_private_encrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) +@@ -239,8 +258,8 @@ + goto err; + } + +- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) +- RSA_blinding_on(rsa,ctx); ++ BLINDING_HELPER(rsa, ctx, goto err;); ++ + if (rsa->flags & RSA_FLAG_BLINDING) + if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; + +@@ -318,8 +337,8 @@ + goto err; + } + +- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) +- RSA_blinding_on(rsa,ctx); ++ BLINDING_HELPER(rsa, ctx, goto err;); ++ + if (rsa->flags & RSA_FLAG_BLINDING) + if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; + +--- crypto/rsa/rsa_lib.c 30 Jan 2003 17:37:46 -0000 1.30.2.2 ++++ crypto/rsa/rsa_lib.c 16 Mar 2003 10:34:13 -0000 +@@ -72,7 +72,13 @@ + + RSA *RSA_new(void) + { +- return(RSA_new_method(NULL)); ++ RSA *r=RSA_new_method(NULL); ++ ++#ifndef OPENSSL_NO_FORCE_RSA_BLINDING ++ r->flags|=RSA_FLAG_BLINDING; ++#endif ++ ++ return r; + } + + void RSA_set_default_method(const RSA_METHOD *meth) diff --git a/dev-libs/openssl/files/openssl-0.9.7a-blinding.patch b/dev-libs/openssl/files/openssl-0.9.7a-blinding.patch new file mode 100644 index 000000000000..299ba83592fb --- /dev/null +++ b/dev-libs/openssl/files/openssl-0.9.7a-blinding.patch @@ -0,0 +1,67 @@ +--- crypto/rsa/rsa_eay.c 30 Jan 2003 17:37:46 -0000 1.28.2.3 ++++ crypto/rsa/rsa_eay.c 16 Mar 2003 10:34:13 -0000 +@@ -195,6 +195,25 @@ + return(r); + } + ++static int rsa_eay_blinding(RSA *rsa, BN_CTX *ctx) ++ { ++ int ret = 1; ++ CRYPTO_w_lock(CRYPTO_LOCK_RSA); ++ /* Check again inside the lock - the macro's check is racey */ ++ if(rsa->blinding == NULL) ++ ret = RSA_blinding_on(rsa, ctx); ++ CRYPTO_w_unlock(CRYPTO_LOCK_RSA); ++ return ret; ++ } ++ ++#define BLINDING_HELPER(rsa, ctx, err_instr) \ ++ do { \ ++ if(((rsa)->flags & RSA_FLAG_BLINDING) && \ ++ ((rsa)->blinding == NULL) && \ ++ !rsa_eay_blinding(rsa, ctx)) \ ++ err_instr \ ++ } while(0) ++ + /* signing */ + static int RSA_eay_private_encrypt(int flen, const unsigned char *from, + unsigned char *to, RSA *rsa, int padding) +@@ -239,8 +258,8 @@ + goto err; + } + +- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) +- RSA_blinding_on(rsa,ctx); ++ BLINDING_HELPER(rsa, ctx, goto err;); ++ + if (rsa->flags & RSA_FLAG_BLINDING) + if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; + +@@ -318,8 +337,8 @@ + goto err; + } + +- if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL)) +- RSA_blinding_on(rsa,ctx); ++ BLINDING_HELPER(rsa, ctx, goto err;); ++ + if (rsa->flags & RSA_FLAG_BLINDING) + if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err; + +--- crypto/rsa/rsa_lib.c 30 Jan 2003 17:37:46 -0000 1.30.2.2 ++++ crypto/rsa/rsa_lib.c 16 Mar 2003 10:34:13 -0000 +@@ -72,7 +72,13 @@ + + RSA *RSA_new(void) + { +- return(RSA_new_method(NULL)); ++ RSA *r=RSA_new_method(NULL); ++ ++#ifndef OPENSSL_NO_FORCE_RSA_BLINDING ++ r->flags|=RSA_FLAG_BLINDING; ++#endif ++ ++ return r; + } + + void RSA_set_default_method(const RSA_METHOD *meth) |