X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fbn%2Fbn_ctx.c;h=9366ce6d7f2a8165bbbeabfd975bfbce6dda7398;hp=93d08152f732360a7dfa851ef54403250d7703d1;hb=e7716b7a197d551a22dfdb4df6021db8e92bae5d;hpb=eb5a6a55c51a7409da9433afc15efa9d5ec2f93a

diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c
index 93d08152f7..9366ce6d7f 100644
--- a/crypto/bn/bn_ctx.c
+++ b/crypto/bn/bn_ctx.c
@@ -54,22 +54,55 @@
  *
  */
 
-#ifndef BN_CTX_DEBUG
-# undef NDEBUG /* avoid conflicting definitions */
-# define NDEBUG
+#if !defined(BN_CTX_DEBUG) && !defined(BN_DEBUG)
+#ifndef NDEBUG
+#define NDEBUG
+#endif
 #endif
 
 #include <stdio.h>
 #include <assert.h>
+
 #include "cryptlib.h"
-#include <openssl/bn.h>
+#include "bn_lcl.h"
+
+/* BN_CTX structure details */
+#define BN_CTX_NUM	32
+#define BN_CTX_NUM_POS	12
+struct bignum_ctx
+	{
+	int tos;
+	BIGNUM bn[BN_CTX_NUM];
+	int flags;
+	int depth;
+	int pos[BN_CTX_NUM_POS];
+	int too_many;
+	};
 
+#ifndef OPENSSL_NO_DEPRECATED
+void BN_CTX_init(BN_CTX *ctx)
+#else
+static void BN_CTX_init(BN_CTX *ctx)
+#endif
+	{
+#if 0 /* explicit version */
+	int i;
+	ctx->tos = 0;
+	ctx->flags = 0;
+	ctx->depth = 0;
+	ctx->too_many = 0;
+	for (i = 0; i < BN_CTX_NUM; i++)
+		BN_init(&(ctx->bn[i]));
+#else
+	memset(ctx, 0, sizeof *ctx);
+#endif
+	}
 
 BN_CTX *BN_CTX_new(void)
 	{
 	BN_CTX *ret;
 
-	ret=(BN_CTX *)Malloc(sizeof(BN_CTX));
+	ret=(BN_CTX *)OPENSSL_malloc(sizeof(BN_CTX));
 	if (ret == NULL)
 		{
 		BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
@@ -81,17 +114,6 @@ BN_CTX *BN_CTX_new(void)
 	return(ret);
 	}
 
-void BN_CTX_init(BN_CTX *ctx)
-	{
-	int i;
-	ctx->tos = 0;
-	ctx->flags = 0;
-	ctx->depth = 0;
-	ctx->too_many = 0;
-	for (i = 0; i < BN_CTX_NUM; i++)
-		BN_init(&(ctx->bn[i]));
-	}
-
 void BN_CTX_free(BN_CTX *ctx)
 	{
 	int i;
@@ -99,10 +121,13 @@ void BN_CTX_free(BN_CTX *ctx)
 	if (ctx == NULL) return;
 	assert(ctx->depth == 0);
 
-	for (i=0; i < BN_CTX_NUM; i++)
-		BN_clear_free(&(ctx->bn[i]));
+	for (i=0; i < BN_CTX_NUM; i++) {
+		bn_check_top(&(ctx->bn[i]));
+		if (ctx->bn[i].d)
+			BN_clear_free(&(ctx->bn[i]));
+	}
 	if (ctx->flags & BN_FLG_MALLOCED)
-		Free(ctx);
+		OPENSSL_free(ctx);
 	}
 
 void BN_CTX_start(BN_CTX *ctx)
@@ -112,18 +137,26 @@ void BN_CTX_start(BN_CTX *ctx)
 	ctx->depth++;
 	}
 
+
 BIGNUM *BN_CTX_get(BN_CTX *ctx)
 	{
+	/* Note: If BN_CTX_get is ever changed to allocate BIGNUMs dynamically,
+	 * make sure that if BN_CTX_get fails once it will return NULL again
+	 * until BN_CTX_end is called.  (This is so that callers have to check
+	 * only the last return value.)
+	 */
 	if (ctx->depth > BN_CTX_NUM_POS || ctx->tos >= BN_CTX_NUM)
 		{
 		if (!ctx->too_many)
 			{
 			BNerr(BN_F_BN_CTX_GET,BN_R_TOO_MANY_TEMPORARY_VARIABLES);
-			/* disable error code until SSL_CTX_end is called: */
+			/* disable error code until BN_CTX_end is called: */
 			ctx->too_many = 1;
 			}
 		return NULL;
 		}
+	/* always return a 'zeroed' bignum */
+	ctx->bn[ctx->tos].top = 0;
 	return (&(ctx->bn[ctx->tos++]));
 	}
 
@@ -140,5 +173,10 @@ void BN_CTX_end(BN_CTX *ctx)
 	ctx->too_many = 0;
 	ctx->depth--;
 	if (ctx->depth < BN_CTX_NUM_POS)
+#ifndef BN_DEBUG
 		ctx->tos = ctx->pos[ctx->depth];
+#else
+		while(ctx->tos > ctx->pos[ctx->depth])
+			bn_check_top(&ctx->bn[--(ctx->tos)]);
+#endif
 	}