Support constant BN for DH parameters (5f2d9c4d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

crypto/bn/bn_lib.c

+5 −16

Original line number	Diff line number	Diff line
		@@ -179,37 +179,26 @@ static void bn_free_d(BIGNUM *a)

		void BN_clear_free(BIGNUM *a)
		{
		int i;

		if (a == NULL)
		return;
		bn_check_top(a);
		if (a->d != NULL) {
		if (a->d != NULL && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
		OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
		if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
		bn_free_d(a);
		}
		i = BN_get_flags(a, BN_FLG_MALLOCED);
		if (BN_get_flags(a, BN_FLG_MALLOCED)) {
		OPENSSL_cleanse(a, sizeof(*a));
		if (i)
		OPENSSL_free(a);
		}
		}

		void BN_free(BIGNUM *a)
		{
		if (a == NULL)
		return;
		bn_check_top(a);
		if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
		bn_free_d(a);
		if (a->flags & BN_FLG_MALLOCED)
		OPENSSL_free(a);
		else {
		#if OPENSSL_API_COMPAT < 0x00908000L
		a->flags \|= BN_FLG_FREE;
		#endif
		a->d = NULL;
		}
		}

		void bn_init(BIGNUM *a)

+12 −6

Original line number	Diff line number	Diff line
		@@ -374,13 +374,19 @@ static int dh_cmp_parameters(const EVP_PKEY a, const EVP_PKEY b)
		static int int_dh_bn_cpy(BIGNUM *dst, const BIGNUM src)
		{
		BIGNUM *a;
		if (src) {
		a = BN_dup(src);
		if (!a)
		return 0;
		} else

		/*
		* If source is read only just copy the pointer, so
		* we don't have to reallocate it.
		*/
		if (src == NULL)
		a = NULL;
		BN_free(*dst);
		else if (BN_get_flags(src, BN_FLG_STATIC_DATA)
		&& !BN_get_flags(src, BN_FLG_MALLOCED))
		a = (BIGNUM *)src;
		else if ((a = BN_dup(src)) == NULL)
		return 0;
		BN_clear_free(*dst);
		*dst = a;
		return 1;
		}