diff options
| author | Andy Polyakov <appro@openssl.org> | 2018-07-06 15:02:29 +0200 |
|---|---|---|
| committer | Andy Polyakov <appro@openssl.org> | 2018-08-01 16:14:51 +0200 |
| commit | 327b2c011342280c7fd5e312a4fff2a01083d2d6 (patch) | |
| tree | b67a8353681c9f5c9fd482a5be44607e69b87144 /crypto/bn/bn_lib.c | |
| parent | c1c0e4f1a358072767860764cd43335fc7316176 (diff) | |
bn/bn_lib.c: add BN_FLG_FIXED_TOP flag.
The new flag marks vectors that were not treated with bn_correct_top,
in other words such vectors are permitted to be zero padded. For now
it's BN_DEBUG-only flag, as initial use case for zero-padded vectors
would be controlled Montgomery multiplication/exponentiation, not
general purpose. For general purpose use another type might be more
appropriate. Advantage of this suggestion is that it's possible to
back-port it...
bn/bn_div.c: fix memory sanitizer problem.
bn/bn_sqr.c: harmonize with BN_mul.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6810)
(cherry picked from commit 305b68f1a2b6d4d0aa07a6ab47ac372f067a40bb)
Resolved conflicts:
crypto/bn/bn_lcl.h
crypto/bn/bn_lib.c
Diffstat (limited to 'crypto/bn/bn_lib.c')
| -rw-r--r-- | crypto/bn/bn_lib.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c index 7ee80f4449..c6005bf43f 100644 --- a/crypto/bn/bn_lib.c +++ b/crypto/bn/bn_lib.c @@ -492,14 +492,16 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b) memcpy(a->d, b->d, sizeof(b->d[0]) * b->top); #endif - a->top = b->top; a->neg = b->neg; + a->top = b->top; + a->flags |= b->flags & BN_FLG_FIXED_TOP; bn_check_top(a); return (a); } #define FLAGS_DATA(flags) ((flags) & (BN_FLG_STATIC_DATA \ - | BN_FLG_CONSTTIME)) + | BN_FLG_CONSTTIME \ + | BN_FLG_FIXED_TOP)) #define FLAGS_STRUCT(flags) ((flags) & (BN_FLG_MALLOCED)) void BN_swap(BIGNUM *a, BIGNUM *b) @@ -542,6 +544,7 @@ void BN_clear(BIGNUM *a) OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0])); a->top = 0; a->neg = 0; + a->flags &= ~BN_FLG_FIXED_TOP; } BN_ULONG BN_get_word(const BIGNUM *a) @@ -562,6 +565,7 @@ int BN_set_word(BIGNUM *a, BN_ULONG w) a->neg = 0; a->d[0] = w; a->top = (w ? 1 : 0); + a->flags &= ~BN_FLG_FIXED_TOP; bn_check_top(a); return (1); } @@ -708,6 +712,7 @@ int BN_set_bit(BIGNUM *a, int n) for (k = a->top; k < i + 1; k++) a->d[k] = 0; a->top = i + 1; + a->flags &= ~BN_FLG_FIXED_TOP; } a->d[i] |= (((BN_ULONG)1) << j); |