Obtain lock CRYPTO_LOCK_RSA before creating BN_MONT_CTX
authorBodo Möller <bodo@openssl.org>
Mon, 18 Dec 2000 09:00:48 +0000 (09:00 +0000)
committerBodo Möller <bodo@openssl.org>
Mon, 18 Dec 2000 09:00:48 +0000 (09:00 +0000)
structures and setting rsa->_method_mod_{n,p,q}.

Submitted by: "Reddie, Steven" <Steven.Reddie@ca.com>

CHANGES
crypto/rsa/rsa_eay.c

diff --git a/CHANGES b/CHANGES
index fd7e2d3..419823b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,15 @@
 
  Changes between 0.9.6 and 0.9.7  [xx XXX 2000]
 
+  *) In RSA_eay_public_{en,ed}crypt and RSA_eay_mod_exp (rsa_eay.c),
+     obtain lock CRYPTO_LOCK_RSA before creating BN_MONT_CTX
+     structures and setting rsa->_method_mod_{n,p,q}.
+
+     (RSA objects have a reference count access to which is protected
+     by CRYPTO_LOCK_RSA [see rsa_lib.c, s3_srvr.c, ssl_cert.c, ssl_rsa.c],
+     so they are meant to be shared between threads.)
+     [patch submitted by "Reddie, Steven" <Steven.Reddie@ca.com>]
+
   *) Make mkdef.pl parse some of the ASN1 macros and add apropriate
      entries for variables.
 
index 37baaac..e675d0a 100644 (file)
@@ -141,9 +141,24 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
        
        if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
                {
-               if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
-                       if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
-                           goto err;
+               CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+               if (rsa->_method_mod_n == NULL)
+                       {
+                       BN_MONT_CTX* bn_mont_ctx;
+                       if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                               {
+                               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                               goto err;
+                               }
+                       if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
+                               {
+                               BN_MONT_CTX_free(bn_mont_ctx);
+                               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                               goto err;
+                               }
+                       rsa->_method_mod_n = bn_mont_ctx;
+                       }
+               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
                }
 
        if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
@@ -378,9 +393,24 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
        /* do the decrypt */
        if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
                {
-               if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
-                       if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
-                           goto err;
+               CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+               if (rsa->_method_mod_n == NULL)
+                       {
+                       BN_MONT_CTX* bn_mont_ctx;
+                       if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                               {
+                               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                               goto err;
+                               }
+                       if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
+                               {
+                               BN_MONT_CTX_free(bn_mont_ctx);
+                               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                               goto err;
+                               }
+                       rsa->_method_mod_n = bn_mont_ctx;
+                       }
+               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
                }
 
        if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
@@ -432,17 +462,45 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
                {
                if (rsa->_method_mod_p == NULL)
                        {
-                       if ((rsa->_method_mod_p=BN_MONT_CTX_new()) != NULL)
-                               if (!BN_MONT_CTX_set(rsa->_method_mod_p,rsa->p,
-                                                    ctx))
+                       CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                       if (rsa->_method_mod_p == NULL)
+                               {
+                               BN_MONT_CTX* bn_mont_ctx;
+                               if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                                       {
+                                       CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                                       goto err;
+                                       }
+                               if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx))
+                                       {
+                                       BN_MONT_CTX_free(bn_mont_ctx);
+                                       CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
                                        goto err;
+                                       }
+                               rsa->_method_mod_p = bn_mont_ctx;
+                               }
+                               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
                        }
                if (rsa->_method_mod_q == NULL)
                        {
-                       if ((rsa->_method_mod_q=BN_MONT_CTX_new()) != NULL)
-                               if (!BN_MONT_CTX_set(rsa->_method_mod_q,rsa->q,
-                                                    ctx))
+                       CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+                       if (rsa->_method_mod_q == NULL)
+                               {
+                               BN_MONT_CTX* bn_mont_ctx;
+                               if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+                                       {
+                                       CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+                                       goto err;
+                                       }
+                               if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
+                                       {
+                                       BN_MONT_CTX_free(bn_mont_ctx);
+                                       CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
                                        goto err;
+                                       }
+                               rsa->_method_mod_q = bn_mont_ctx;
+                               }
+                       CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
                        }
                }