[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Kurt Roeckx kurt at openssl.org
Wed Oct 7 18:43:36 UTC 2015


The branch OpenSSL_1_0_1-stable has been updated
       via  91dc4497dec6fcb1e0ecf61f257c9c13364328b4 (commit)
       via  11ca27c912888460a7a06b9308fd85170e1db194 (commit)
      from  a0ba92ccde949582e498cb42bced205ec1c95a3c (commit)


- Log -----------------------------------------------------------------
commit 91dc4497dec6fcb1e0ecf61f257c9c13364328b4
Author: Pascal Cuoq <cuoq at trust-in-soft.com>
Date:   Tue May 5 11:20:39 2015 +0200

    Move BN_CTX_start() call so the error case can always call BN_CTX_end().
    
    Signed-off-by: Kurt Roeckx <kurt at roeckx.be>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    MR #1231
    
    (cherry picked from commit 99c203337574d967c86ffbfa13f40ace51048485)

commit 11ca27c912888460a7a06b9308fd85170e1db194
Author: Pascal Cuoq <cuoq at trust-in-soft.com>
Date:   Wed May 6 11:31:27 2015 +0200

    Set flags to 0 before calling BN_with_flags()
    
    BN_with_flags() will read the dest->flags to keep the BN_FLG_MALLOCED but
    overwrites everything else.
    
    Signed-off-by: Kurt Roeckx <kurt at roeckx.be>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    MR #1231
    
    (cherry picked from commit f92768e6f5259069bd21dbed2b98b3423c1dfca4)

-----------------------------------------------------------------------

Summary of changes:
 crypto/bn/bn_gcd.c   | 2 ++
 crypto/dsa/dsa_gen.c | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
index 97c55ab..ce59fe7 100644
--- a/crypto/bn/bn_gcd.c
+++ b/crypto/bn/bn_gcd.c
@@ -583,6 +583,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
          * BN_div_no_branch will be called eventually.
          */
         pB = &local_B;
+        local_B.flags = 0;
         BN_with_flags(pB, B, BN_FLG_CONSTTIME);
         if (!BN_nnmod(B, pB, A, ctx))
             goto err;
@@ -610,6 +611,7 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
          * BN_div_no_branch will be called eventually.
          */
         pA = &local_A;
+        local_A.flags = 0;
         BN_with_flags(pA, A, BN_FLG_CONSTTIME);
 
         /* (D, M) := (A/B, A%B) ... */
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
index defa499..0dada3d 100644
--- a/crypto/dsa/dsa_gen.c
+++ b/crypto/dsa/dsa_gen.c
@@ -177,10 +177,11 @@ int dsa_builtin_paramgen(DSA *ret, size_t bits, size_t qbits,
     if ((ctx = BN_CTX_new()) == NULL)
         goto err;
 
+    BN_CTX_start(ctx);
+
     if ((mont = BN_MONT_CTX_new()) == NULL)
         goto err;
 
-    BN_CTX_start(ctx);
     r0 = BN_CTX_get(ctx);
     g = BN_CTX_get(ctx);
     W = BN_CTX_get(ctx);


More information about the openssl-commits mailing list