Skip to content
  1. Nov 26, 2015
    • Matt Caswell's avatar
      Tighten up BN_with_flags usage and avoid a reachable assert · fd7d2520
      Matt Caswell authored
      
      
      The function rsa_ossl_mod_exp uses the function BN_with_flags to create a
      temporary copy (local_r1) of a BIGNUM (r1) with modified flags. This
      temporary copy shares some state with the original r1. If the state of r1
      gets updated then local_r1's state will be stale. This was occurring in the
      function so that when local_r1 was freed a call to bn_check_top was made
      which failed an assert due to the stale state. To resolve this we must free
      local_r1 immediately after we have finished using it and not wait until the
      end of the function.
      
      This problem prompted a review of all BN_with_flag usage within the
      codebase. All other usage appears to be correct, although often not
      obviously so. This commit refactors things to make it much clearer for
      these other uses.
      
      Reviewed-by: default avatarEmilia Käsper <emilia@openssl.org>
      fd7d2520
  2. Nov 25, 2015
  3. Nov 24, 2015
  4. Nov 23, 2015
  5. Nov 22, 2015
  6. Nov 21, 2015