Loading CHANGES +28 −0 Original line number Diff line number Diff line Loading @@ -289,6 +289,10 @@ Changes between 0.9.8b and 0.9.8c [xx XXX xxxx] *) Fix RSA blinding Heisenbug (problems sometimes occured on dual-core machines) and other potential thread-safety issues. [Bodo Moeller] *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html). Loading Loading @@ -389,6 +393,9 @@ Changes between 0.9.7h and 0.9.8 [05 Jul 2005] [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after OpenSSL 0.9.8.] *) Add libcrypto.pc and libssl.pc for those who feel they need them. [Richard Levitte] Loading Loading @@ -1206,6 +1213,27 @@ differing sizes. [Richard Levitte] Changes between 0.9.7j and 0.9.7k [xx XXX xxxx] *) Fix RSA blinding Heisenbug (problems sometimes occured on dual-core machines) and other potential thread-safety issues. [Bodo Moeller] Changes between 0.9.7i and 0.9.7j [04 May 2006] *) Adapt fipsld and the build system to link against the validated FIPS module in FIPS mode. [Steve Henson] *) Fixes for VC++ 2005 build under Windows. [Steve Henson] *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make from a Windows bash shell such as MSYS. It is autodetected from the "config" script when run from a VC++ environment. Modify standard VC++ build to use fipscanister.o from the GNU make build. [Steve Henson] Changes between 0.9.7h and 0.9.7i [14 Oct 2005] *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS. Loading LICENSE +1 −1 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ --------------- /* ==================================================================== * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading crypto/bn/bn_mont.c +75 −10 Original line number Diff line number Diff line Loading @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ /* * Details about Montgomery multiplication algorithms can be found at Loading Loading @@ -427,9 +480,15 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, const BIGNUM *mod, BN_CTX *ctx) { if (*pmont) return *pmont; int got_write_lock = 0; CRYPTO_r_lock(lock); if (!*pmont) { CRYPTO_r_unlock(lock); CRYPTO_w_lock(lock); got_write_lock = 1; if (!*pmont) { BN_MONT_CTX *mtmp; Loading @@ -439,6 +498,12 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, else *pmont = mtmp; } } if (got_write_lock) CRYPTO_w_unlock(lock); else CRYPTO_r_unlock(lock); return *pmont; } crypto/err/err.c +13 −2 Original line number Diff line number Diff line Loading @@ -550,9 +550,20 @@ static void build_SYS_str_reasons(void) int i; static int init = 1; if (!init) return; CRYPTO_r_lock(CRYPTO_LOCK_ERR); if (!init) { CRYPTO_r_unlock(CRYPTO_LOCK_ERR); return; } CRYPTO_r_unlock(CRYPTO_LOCK_ERR); CRYPTO_w_lock(CRYPTO_LOCK_ERR); if (!init) { CRYPTO_w_unlock(CRYPTO_LOCK_ERR); return; } for (i = 1; i <= NUM_SYS_STR_REASONS; i++) { Loading crypto/rsa/rsa_eay.c +40 −17 Original line number Diff line number Diff line Loading @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -238,40 +238,63 @@ err: return(r); } static BN_BLINDING *rsa_get_blinding(RSA *rsa, BIGNUM **r, int *local, BN_CTX *ctx) static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) { BN_BLINDING *ret; int got_write_lock = 0; CRYPTO_r_lock(CRYPTO_LOCK_RSA); if (rsa->blinding == NULL) { if (rsa->blinding == NULL) { CRYPTO_r_unlock(CRYPTO_LOCK_RSA); CRYPTO_w_lock(CRYPTO_LOCK_RSA); got_write_lock = 1; if (rsa->blinding == NULL) rsa->blinding = RSA_setup_blinding(rsa, ctx); CRYPTO_w_unlock(CRYPTO_LOCK_RSA); } } ret = rsa->blinding; if (ret == NULL) return NULL; goto err; if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) { /* rsa->blinding is ours! */ if (BN_BLINDING_get_thread_id(ret) != CRYPTO_thread_id()) *local = 1; } else { *local = 0; /* resort to rsa->mt_blinding instead */ *local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert() * that the BN_BLINDING is shared, meaning that accesses * require locks, and that the blinding factor must be * stored outside the BN_BLINDING */ if (rsa->mt_blinding == NULL) { if (!got_write_lock) { CRYPTO_r_unlock(CRYPTO_LOCK_RSA); CRYPTO_w_lock(CRYPTO_LOCK_RSA); got_write_lock = 1; } if (rsa->mt_blinding == NULL) rsa->mt_blinding = RSA_setup_blinding(rsa, ctx); CRYPTO_w_unlock(CRYPTO_LOCK_RSA); } ret = rsa->mt_blinding; } else *local = 1; err: if (got_write_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RSA); else CRYPTO_r_unlock(CRYPTO_LOCK_RSA); return ret; } Loading Loading @@ -358,7 +381,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &br, &local_blinding, ctx); blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); Loading Loading @@ -479,7 +502,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &br, &local_blinding, ctx); blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); Loading Loading
CHANGES +28 −0 Original line number Diff line number Diff line Loading @@ -289,6 +289,10 @@ Changes between 0.9.8b and 0.9.8c [xx XXX xxxx] *) Fix RSA blinding Heisenbug (problems sometimes occured on dual-core machines) and other potential thread-safety issues. [Bodo Moeller] *) Add the symmetric cipher Camellia (128-bit, 192-bit, 256-bit key versions), which is now available for royalty-free use (see http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html). Loading Loading @@ -389,6 +393,9 @@ Changes between 0.9.7h and 0.9.8 [05 Jul 2005] [NB: OpenSSL 0.9.7i and later 0.9.7 patch levels were released after OpenSSL 0.9.8.] *) Add libcrypto.pc and libssl.pc for those who feel they need them. [Richard Levitte] Loading Loading @@ -1206,6 +1213,27 @@ differing sizes. [Richard Levitte] Changes between 0.9.7j and 0.9.7k [xx XXX xxxx] *) Fix RSA blinding Heisenbug (problems sometimes occured on dual-core machines) and other potential thread-safety issues. [Bodo Moeller] Changes between 0.9.7i and 0.9.7j [04 May 2006] *) Adapt fipsld and the build system to link against the validated FIPS module in FIPS mode. [Steve Henson] *) Fixes for VC++ 2005 build under Windows. [Steve Henson] *) Add new Windows build target VC-32-GMAKE for VC++. This uses GNU make from a Windows bash shell such as MSYS. It is autodetected from the "config" script when run from a VC++ environment. Modify standard VC++ build to use fipscanister.o from the GNU make build. [Steve Henson] Changes between 0.9.7h and 0.9.7i [14 Oct 2005] *) Wrapped the definition of EVP_MAX_MD_SIZE in a #ifdef OPENSSL_FIPS. Loading
LICENSE +1 −1 Original line number Diff line number Diff line Loading @@ -12,7 +12,7 @@ --------------- /* ==================================================================== * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading
crypto/bn/bn_mont.c +75 −10 Original line number Diff line number Diff line Loading @@ -55,6 +55,59 @@ * copied and put under another distribution licence * [including the GNU Public Licence.] */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this * software must display the following acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" * * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * openssl-core@openssl.org. * * 5. Products derived from this software may not be called "OpenSSL" * nor may "OpenSSL" appear in their names without prior written * permission of the OpenSSL Project. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * "This product includes software developed by the OpenSSL Project * for use in the OpenSSL Toolkit (http://www.openssl.org/)" * * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * ==================================================================== * * This product includes cryptographic software written by Eric Young * (eay@cryptsoft.com). This product includes software written by Tim * Hudson (tjh@cryptsoft.com). * */ /* * Details about Montgomery multiplication algorithms can be found at Loading Loading @@ -427,9 +480,15 @@ BN_MONT_CTX *BN_MONT_CTX_copy(BN_MONT_CTX *to, BN_MONT_CTX *from) BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, const BIGNUM *mod, BN_CTX *ctx) { if (*pmont) return *pmont; int got_write_lock = 0; CRYPTO_r_lock(lock); if (!*pmont) { CRYPTO_r_unlock(lock); CRYPTO_w_lock(lock); got_write_lock = 1; if (!*pmont) { BN_MONT_CTX *mtmp; Loading @@ -439,6 +498,12 @@ BN_MONT_CTX *BN_MONT_CTX_set_locked(BN_MONT_CTX **pmont, int lock, else *pmont = mtmp; } } if (got_write_lock) CRYPTO_w_unlock(lock); else CRYPTO_r_unlock(lock); return *pmont; }
crypto/err/err.c +13 −2 Original line number Diff line number Diff line Loading @@ -550,9 +550,20 @@ static void build_SYS_str_reasons(void) int i; static int init = 1; if (!init) return; CRYPTO_r_lock(CRYPTO_LOCK_ERR); if (!init) { CRYPTO_r_unlock(CRYPTO_LOCK_ERR); return; } CRYPTO_r_unlock(CRYPTO_LOCK_ERR); CRYPTO_w_lock(CRYPTO_LOCK_ERR); if (!init) { CRYPTO_w_unlock(CRYPTO_LOCK_ERR); return; } for (i = 1; i <= NUM_SYS_STR_REASONS; i++) { Loading
crypto/rsa/rsa_eay.c +40 −17 Original line number Diff line number Diff line Loading @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ /* ==================================================================== * Copyright (c) 1998-2005 The OpenSSL Project. All rights reserved. * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions Loading Loading @@ -238,40 +238,63 @@ err: return(r); } static BN_BLINDING *rsa_get_blinding(RSA *rsa, BIGNUM **r, int *local, BN_CTX *ctx) static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx) { BN_BLINDING *ret; int got_write_lock = 0; CRYPTO_r_lock(CRYPTO_LOCK_RSA); if (rsa->blinding == NULL) { if (rsa->blinding == NULL) { CRYPTO_r_unlock(CRYPTO_LOCK_RSA); CRYPTO_w_lock(CRYPTO_LOCK_RSA); got_write_lock = 1; if (rsa->blinding == NULL) rsa->blinding = RSA_setup_blinding(rsa, ctx); CRYPTO_w_unlock(CRYPTO_LOCK_RSA); } } ret = rsa->blinding; if (ret == NULL) return NULL; goto err; if (BN_BLINDING_get_thread_id(ret) == CRYPTO_thread_id()) { /* rsa->blinding is ours! */ if (BN_BLINDING_get_thread_id(ret) != CRYPTO_thread_id()) *local = 1; } else { *local = 0; /* resort to rsa->mt_blinding instead */ *local = 0; /* instructs rsa_blinding_convert(), rsa_blinding_invert() * that the BN_BLINDING is shared, meaning that accesses * require locks, and that the blinding factor must be * stored outside the BN_BLINDING */ if (rsa->mt_blinding == NULL) { if (!got_write_lock) { CRYPTO_r_unlock(CRYPTO_LOCK_RSA); CRYPTO_w_lock(CRYPTO_LOCK_RSA); got_write_lock = 1; } if (rsa->mt_blinding == NULL) rsa->mt_blinding = RSA_setup_blinding(rsa, ctx); CRYPTO_w_unlock(CRYPTO_LOCK_RSA); } ret = rsa->mt_blinding; } else *local = 1; err: if (got_write_lock) CRYPTO_w_unlock(CRYPTO_LOCK_RSA); else CRYPTO_r_unlock(CRYPTO_LOCK_RSA); return ret; } Loading Loading @@ -358,7 +381,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &br, &local_blinding, ctx); blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT, ERR_R_INTERNAL_ERROR); Loading Loading @@ -479,7 +502,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &br, &local_blinding, ctx); blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, ERR_R_INTERNAL_ERROR); Loading
