diff options
author | Rich Salz <rsalz@openssl.org> | 2017-04-07 12:07:42 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2017-04-07 12:19:46 -0400 |
commit | 076fc55527a1499391fa6de109c8387895199ee9 (patch) | |
tree | 8a7d5eba7a2baf36080d6f4925dee48157a2e304 /crypto/rsa | |
parent | 2f881d2d9065342454fe352eac9e835cefa0ba90 (diff) |
Make default_method mostly compile-time
Document thread-safety issues
Have RSA_null return NULL (always fails)
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2244)
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/build.info | 2 | ||||
-rw-r--r-- | crypto/rsa/rsa_err.c | 5 | ||||
-rw-r--r-- | crypto/rsa/rsa_lib.c | 24 | ||||
-rw-r--r-- | crypto/rsa/rsa_null.c | 93 | ||||
-rw-r--r-- | crypto/rsa/rsa_ossl.c | 23 |
5 files changed, 20 insertions, 127 deletions
diff --git a/crypto/rsa/build.info b/crypto/rsa/build.info index 39b7464b0e..4575b28879 100644 --- a/crypto/rsa/build.info +++ b/crypto/rsa/build.info @@ -1,6 +1,6 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]=\ rsa_ossl.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ - rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ + rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c \ rsa_pss.c rsa_x931.c rsa_asn1.c rsa_depr.c rsa_ameth.c rsa_prn.c \ rsa_pmeth.c rsa_crpt.c rsa_x931g.c rsa_meth.c diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c index 112e5a46ec..c3698986be 100644 --- a/crypto/rsa/rsa_err.c +++ b/crypto/rsa/rsa_err.c @@ -41,11 +41,6 @@ static ERR_STRING_DATA RSA_str_functs[] = { {ERR_FUNC(RSA_F_RSA_METH_SET1_NAME), "RSA_meth_set1_name"}, {ERR_FUNC(RSA_F_RSA_MGF1_TO_MD), "rsa_mgf1_to_md"}, {ERR_FUNC(RSA_F_RSA_NEW_METHOD), "RSA_new_method"}, - {ERR_FUNC(RSA_F_RSA_NULL), "RSA_NULL"}, - {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_DECRYPT), "RSA_null_private_decrypt"}, - {ERR_FUNC(RSA_F_RSA_NULL_PRIVATE_ENCRYPT), "RSA_null_private_encrypt"}, - {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_DECRYPT), "RSA_null_public_decrypt"}, - {ERR_FUNC(RSA_F_RSA_NULL_PUBLIC_ENCRYPT), "RSA_null_public_encrypt"}, {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_DECRYPT), "rsa_ossl_private_decrypt"}, {ERR_FUNC(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT), "rsa_ossl_private_encrypt"}, {ERR_FUNC(RSA_F_RSA_OSSL_PUBLIC_DECRYPT), "rsa_ossl_public_decrypt"}, diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 0fbda9a9b1..3c2354bbb4 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -17,31 +17,9 @@ #include "internal/evp_int.h" #include "rsa_locl.h" -static const RSA_METHOD *default_RSA_meth = NULL; - RSA *RSA_new(void) { - RSA *r = RSA_new_method(NULL); - - return r; -} - -void RSA_set_default_method(const RSA_METHOD *meth) -{ - default_RSA_meth = meth; -} - -const RSA_METHOD *RSA_get_default_method(void) -{ - if (default_RSA_meth == NULL) { -#ifdef RSA_NULL - default_RSA_meth = RSA_null_method(); -#else - default_RSA_meth = RSA_PKCS1_OpenSSL(); -#endif - } - - return default_RSA_meth; + return RSA_new_method(NULL); } const RSA_METHOD *RSA_get_method(const RSA *rsa) diff --git a/crypto/rsa/rsa_null.c b/crypto/rsa/rsa_null.c deleted file mode 100644 index d339494120..0000000000 --- a/crypto/rsa/rsa_null.c +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include "internal/cryptlib.h" -#include <openssl/bn.h> -#include "rsa_locl.h" - -/* - * This is a dummy RSA implementation that just returns errors when called. - * It is designed to allow some RSA functions to work while stopping those - * covered by the RSA patent. That is RSA, encryption, decryption, signing - * and verify is not allowed but RSA key generation, key checking and other - * operations (like storing RSA keys) are permitted. - */ - -static int RSA_null_public_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int RSA_null_private_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int RSA_null_public_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int RSA_null_private_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding); -static int RSA_null_init(RSA *rsa); -static int RSA_null_finish(RSA *rsa); -static RSA_METHOD rsa_null_meth = { - "Null RSA", - RSA_null_public_encrypt, - RSA_null_public_decrypt, - RSA_null_private_encrypt, - RSA_null_private_decrypt, - NULL, - NULL, - RSA_null_init, - RSA_null_finish, - 0, - NULL, - NULL, - NULL, - NULL -}; - -const RSA_METHOD *RSA_null_method(void) -{ - return (&rsa_null_meth); -} - -static int RSA_null_public_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - RSAerr(RSA_F_RSA_NULL_PUBLIC_ENCRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); - return -1; -} - -static int RSA_null_private_encrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - RSAerr(RSA_F_RSA_NULL_PRIVATE_ENCRYPT, - RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); - return -1; -} - -static int RSA_null_private_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - RSAerr(RSA_F_RSA_NULL_PRIVATE_DECRYPT, - RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); - return -1; -} - -static int RSA_null_public_decrypt(int flen, const unsigned char *from, - unsigned char *to, RSA *rsa, int padding) -{ - RSAerr(RSA_F_RSA_NULL_PUBLIC_DECRYPT, RSA_R_RSA_OPERATIONS_NOT_SUPPORTED); - return -1; -} - -static int RSA_null_init(RSA *rsa) -{ - return (1); -} - -static int RSA_null_finish(RSA *rsa) -{ - return (1); -} diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index 782606645b..5e0ad92cb1 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -11,8 +11,6 @@ #include "internal/bn_int.h" #include "rsa_locl.h" -#ifndef RSA_NULL - static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding); static int rsa_ossl_private_encrypt(int flen, const unsigned char *from, @@ -26,7 +24,7 @@ static int rsa_ossl_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, static int rsa_ossl_init(RSA *rsa); static int rsa_ossl_finish(RSA *rsa); static RSA_METHOD rsa_pkcs1_ossl_meth = { - "OpenSSL PKCS#1 RSA (from Eric Young)", + "OpenSSL PKCS#1 RSA", rsa_ossl_public_encrypt, rsa_ossl_public_decrypt, /* signature verification */ rsa_ossl_private_encrypt, /* signing */ @@ -43,11 +41,28 @@ static RSA_METHOD rsa_pkcs1_ossl_meth = { NULL /* rsa_keygen */ }; +static const RSA_METHOD *default_RSA_meth = &rsa_pkcs1_ossl_meth; + +void RSA_set_default_method(const RSA_METHOD *meth) +{ + default_RSA_meth = meth; +} + +const RSA_METHOD *RSA_get_default_method(void) +{ + return default_RSA_meth; +} + const RSA_METHOD *RSA_PKCS1_OpenSSL(void) { return &rsa_pkcs1_ossl_meth; } +const RSA_METHOD *RSA_null_method(void) +{ + return NULL; +} + static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { @@ -786,5 +801,3 @@ static int rsa_ossl_finish(RSA *rsa) BN_MONT_CTX_free(rsa->_method_mod_q); return (1); } - -#endif |