Port BN_MONT_CTX_set_locked() from stable branch.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 26 Apr 2005 23:58:54 +0000 (23:58 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 26 Apr 2005 23:58:54 +0000 (23:58 +0000)
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.

CHANGES
ChangeLog.0_9_7-stable_not-in-head
crypto/bn/bn.h
crypto/bn/bn_mont.c
crypto/dh/dh_key.c
crypto/dsa/dsa_ossl.c
crypto/rsa/rsa_eay.c

diff --git a/CHANGES b/CHANGES
index 90b64f4..103a74c 100644 (file)
--- a/CHANGES
+++ b/CHANGES
 
  Changes between 0.9.7g and 0.9.7h  [XX xxx XXXX]
 
+  *) New function BN_MONT_CTX_set_locked() to set montgomery parameters in
+     a threadsafe manner. Modify rsa code to use new function and add calls
+     to dsa and dh code (which had race conditions before).
+     [Steve Henson]
+
   *) Include the fixed error library code in the C error file definitions
      instead of fixing them up at runtime. This keeps the error code
      structures constant.
index 3796e19..943c8ff 100644 (file)
@@ -837,31 +837,3 @@ be added to the end of this file.
 
        Enable shared link on HP-UX.
 
-2005-04-22 07:17  steve
-
-       Changed:
-               CHANGES (1.977.2.156), "Exp", lines: +5 -0
-               crypto/bn/bn.h (1.66.2.4), "Exp", lines: +2 -0
-               crypto/bn/bn_mont.c (1.30.2.3), "Exp", lines: +20 -0
-               crypto/dh/dh_key.c (1.16.2.4), "Exp", lines: +14 -10
-               crypto/dsa/dsa_ossl.c (1.12.2.7), "Exp", lines: +12 -9
-               crypto/rsa/rsa_eay.c (1.28.2.10), "Exp", lines: +16 -90
-               fips/fipshashes.c (1.1.2.5), "Exp", lines: +3 -3
-               fips/dh/fips_dh_key.c (1.1.2.4), "Exp", lines: +13 -10
-               fips/dsa/fips_dsa_ossl.c (1.1.2.8), "Exp", lines: +12 -9
-               fips/rsa/fips_rsa_eay.c (1.1.4.5), "Exp", lines: +17 -90
-
-       New function BN_MONT_CTX_set_locked, to set montgomery parameters
-       in a threadsafe manner.
-
-               Modify or add calls to use it in rsa, dsa and dh
-       algorithms.
-
-2005-04-23 06:46  nils
-
-       Changed:
-               crypto/dsa/dsa_ossl.c (1.12.2.8), "Exp", lines: +1 -1
-               crypto/rsa/rsa_eay.c (1.28.2.11), "Exp", lines: +4 -4
-
-       fix typo
-
index 1c75fd0..d118fc6 100644 (file)
@@ -510,6 +510,8 @@ int BN_from_montgomery(BIGNUM *r,const BIGNUM *a,
 void BN_MONT_CTX_free(BN_MONT_CTX *mont);
 int BN_MONT_CTX_set(BN_MONT_CTX *mont,const BIGNUM *mod,BN_CTX *ctx);
 BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to,BN_MONT_CTX *from);
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+                                       const BIGNUM *mod, BN_CTX *ctx);
 
 /* BN_BLINDING flags */
 #define        BN_BLINDING_NO_UPDATE   0x00000001
index 6141648..6bcc9ad 100644 (file)
@@ -350,3 +350,21 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from)
        return(to);
        }
 
+BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock,
+                                       const BIGNUM *mod, BN_CTX *ctx)
+       {
+       if (*pmont)
+               return *pmont;
+       CRYPTO_w_lock(lock);
+       if (!*pmont)
+               {
+               *pmont = BN_MONT_CTX_new();
+               if (*pmont && !BN_MONT_CTX_set(*pmont, mod, ctx))
+                       {
+                       BN_MONT_CTX_free(*pmont);
+                       *pmont = NULL;
+                       }
+               }
+       CRYPTO_w_unlock(lock);
+       return *pmont;
+       }
index ad026cb..1439a7a 100644 (file)
@@ -127,13 +127,15 @@ static int generate_key(DH *dh)
        else
                pub_key=dh->pub_key;
 
-       if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+
+       if (dh->flags & DH_FLAG_CACHE_MONT_P)
                {
-               if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-                       if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
-                               dh->p,ctx)) goto err;
+               mont = BN_MONT_CTX_set_locked(
+                               (BN_MONT_CTX **)&dh->method_mont_p,
+                               CRYPTO_LOCK_DH, dh->p, ctx);
+               if (!mont)
+                       goto err;
                }
-       mont=(BN_MONT_CTX *)dh->method_mont_p;
 
        if (generate_new_key)
                {
@@ -173,14 +175,16 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
                DHerr(DH_F_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
                goto err;
                }
-       if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+
+       if (dh->flags & DH_FLAG_CACHE_MONT_P)
                {
-               if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-                       if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
-                               dh->p,ctx)) goto err;
+               mont = BN_MONT_CTX_set_locked(
+                               (BN_MONT_CTX **)&dh->method_mont_p,
+                               CRYPTO_LOCK_DH, dh->p, ctx);
+               if (!mont)
+                       goto err;
                }
 
-       mont=(BN_MONT_CTX *)dh->method_mont_p;
        if (!dh->meth->bn_mod_exp(dh, tmp, pub_key, dh->priv_key,dh->p,ctx,mont))
                {
                DHerr(DH_F_COMPUTE_KEY,ERR_R_BN_LIB);
index 033bf90..2f7fef1 100644 (file)
@@ -228,11 +228,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
                if (!BN_rand_range(&k, dsa->q)) goto err;
        while (BN_is_zero(&k));
 
-       if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+       if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
                {
-               if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-                       if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
-                               dsa->p,ctx)) goto err;
+               if (!BN_MONT_CTX_set_locked((BN_MONT_CTX **)&dsa->method_mont_p,
+                                               CRYPTO_LOCK_DSA,
+                                               dsa->p, ctx))
+                       goto err;
                }
 
        /* Compute r = (g^k mod p) mod q */
@@ -307,13 +308,15 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, DSA_SIG *sig,
        /* u2 = r * w mod q */
        if (!BN_mod_mul(&u2,sig->r,&u2,dsa->q,ctx)) goto err;
 
-       if ((dsa->method_mont_p == NULL) && (dsa->flags & DSA_FLAG_CACHE_MONT_P))
+
+       if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
                {
-               if ((dsa->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
-                       if (!BN_MONT_CTX_set((BN_MONT_CTX *)dsa->method_mont_p,
-                               dsa->p,ctx)) goto err;
+               mont = BN_MONT_CTX_set_locked(
+                                       (BN_MONT_CTX **)&dsa->method_mont_p,
+                                       CRYPTO_LOCK_DSA, dsa->p, ctx);
+               if (!mont)
+                       goto err;
                }
-       mont=(BN_MONT_CTX *)dsa->method_mont_p;
 
 
        DSA_MOD_EXP(goto err, dsa, &t1, dsa->g, &u1, dsa->pub_key, &u2, dsa->p, ctx, mont);
index 6bf681f..738ea0b 100644 (file)
@@ -97,40 +97,13 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void)
        return(&rsa_pkcs1_eay_meth);
        }
 
-/* Static helper to reduce oodles of code duplication. As a slight
- * optimisation, the "MONT_HELPER() macro must be used as front-end to this
- * function, to prevent unnecessary function calls - there is an initial test
- * that is performed by the macro-generated code. */
-static int rsa_eay_mont_helper(BN_MONT_CTX **ptr, const BIGNUM *modulus, BN_CTX *ctx)
-       {
-       BN_MONT_CTX *bn_mont_ctx;
-       if((bn_mont_ctx = BN_MONT_CTX_new()) == NULL)
-               return 0;
-       if(!BN_MONT_CTX_set(bn_mont_ctx, modulus, ctx))
-               {
-               BN_MONT_CTX_free(bn_mont_ctx);
-               return 0;
-               }
-       if (*ptr == NULL) /* other thread may have finished first */
-               {
-               CRYPTO_w_lock(CRYPTO_LOCK_RSA);
-               if (*ptr == NULL) /* check again in the lock to stop races */
-                       {
-                       *ptr = bn_mont_ctx;
-                       bn_mont_ctx = NULL;
-                       }
-               CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
-               }
-       if (bn_mont_ctx)
-               BN_MONT_CTX_free(bn_mont_ctx);
-       return 1;
-       }
 /* Usage example;
  *    MONT_HELPER(rsa, bn_ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err);
  */
 #define MONT_HELPER(rsa, ctx, m, pre_cond, err_instr) \
        if((pre_cond) && ((rsa)->_method_mod_##m == NULL) && \
-                       !rsa_eay_mont_helper(&((rsa)->_method_mod_##m), \
+                       !BN_MONT_CTX_set_locked(&((rsa)->_method_mod_##m), \
+                               CRYPTO_LOCK_RSA, \
                                (rsa)->m, (ctx))) \
                err_instr