The branch OpenSSL_1_0_2-stable has been updated via 23bfb5b556a4e534fd61fb30719851d4b7b1fc82 (commit) from 8bfde2578ce28f2f24bc5d53c374b14290436c0b (commit)
- Log ----------------------------------------------------------------- commit 23bfb5b556a4e534fd61fb30719851d4b7b1fc82 Author: Andy Polyakov <ap...@openssl.org> Date: Wed Nov 7 22:07:22 2018 +0100 rsa/rsa_eay.c: cache MONT_CTX for public modulus earlier. Blinding is performed more efficiently and securely if MONT_CTX for public modulus is available by the time blinding parameter are instantiated. So make sure it's the case. Reviewed-by: Matt Caswell <m...@openssl.org> Reviewed-by: Richard Levitte <levi...@openssl.org> Reviewed-by: Matthias St. Pierre <matthias.st.pie...@ncp-e.com> (manually cherry picked from commit 2cc3f68cde77af23c61fbad65470602ee86f2575) (Merged from https://github.com/openssl/openssl/pull/7586) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_eay.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index be948a4..1155583 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -397,6 +397,11 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, goto err; } + if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) + if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, + rsa->n, ctx)) + goto err; + if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) { blinding = rsa_get_blinding(rsa, &local_blinding, ctx); if (blinding == NULL) { @@ -431,11 +436,6 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, } else d = rsa->d; - if (rsa->flags & RSA_FLAG_CACHE_PUBLIC) - if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, - rsa->n, ctx)) - goto err; - if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx, rsa->_method_mod_n)) goto err; _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits