From ba6ce9bed8f8560a2a264d63723eadba535bd5ec Mon Sep 17 00:00:00 2001 From: jsing Date: Sat, 3 Sep 2022 16:01:23 +0000 Subject: [PATCH] Stop using CBIGNUM_it internal to libcrypto. CBIGNUM_it is supposed to be the "clear bignum" or "secure" bignum - that is one which zeros its memory after use and ensures that the constant time flags are set... in LibreSSL we always do both of these things for BIGNUMs, so just use BIGNUM_it instead. ok tb@ --- lib/libcrypto/asn1/asn1t.h | 7 +++++-- lib/libcrypto/dsa/dsa_asn1.c | 6 +++--- lib/libcrypto/ecdsa/ecs_asn1.c | 6 +++--- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/lib/libcrypto/asn1/asn1t.h b/lib/libcrypto/asn1/asn1t.h index d02fde4ced1..bb49be286fd 100644 --- a/lib/libcrypto/asn1/asn1t.h +++ b/lib/libcrypto/asn1/asn1t.h @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1t.h,v 1.21 2022/05/12 19:11:14 jsing Exp $ */ +/* $OpenBSD: asn1t.h,v 1.22 2022/09/03 16:01:23 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -882,11 +882,14 @@ extern const ASN1_ITEM ASN1_BOOLEAN_it; extern const ASN1_ITEM ASN1_TBOOLEAN_it; extern const ASN1_ITEM ASN1_FBOOLEAN_it; extern const ASN1_ITEM ASN1_SEQUENCE_it; -extern const ASN1_ITEM CBIGNUM_it; extern const ASN1_ITEM BIGNUM_it; extern const ASN1_ITEM LONG_it; extern const ASN1_ITEM ZLONG_it; +#ifndef LIBRESSL_INTERNAL +extern const ASN1_ITEM CBIGNUM_it; +#endif + DECLARE_STACK_OF(ASN1_VALUE) /* Functions used internally by the ASN1 code */ diff --git a/lib/libcrypto/dsa/dsa_asn1.c b/lib/libcrypto/dsa/dsa_asn1.c index daa970e316a..47e544c9cbf 100644 --- a/lib/libcrypto/dsa/dsa_asn1.c +++ b/lib/libcrypto/dsa/dsa_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_asn1.c,v 1.24 2022/01/14 08:29:06 tb Exp $ */ +/* $OpenBSD: dsa_asn1.c,v 1.25 2022/09/03 16:01:23 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -97,14 +97,14 @@ static const ASN1_TEMPLATE DSA_SIG_seq_tt[] = { .tag = 0, .offset = offsetof(DSA_SIG, r), .field_name = "r", - .item = &CBIGNUM_it, + .item = &BIGNUM_it, }, { .flags = 0, .tag = 0, .offset = offsetof(DSA_SIG, s), .field_name = "s", - .item = &CBIGNUM_it, + .item = &BIGNUM_it, }, }; diff --git a/lib/libcrypto/ecdsa/ecs_asn1.c b/lib/libcrypto/ecdsa/ecs_asn1.c index 9a7a04468bf..d4cbf1e3085 100644 --- a/lib/libcrypto/ecdsa/ecs_asn1.c +++ b/lib/libcrypto/ecdsa/ecs_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecs_asn1.c,v 1.10 2022/01/05 20:39:04 tb Exp $ */ +/* $OpenBSD: ecs_asn1.c,v 1.11 2022/09/03 16:01:23 jsing Exp $ */ /* ==================================================================== * Copyright (c) 2000-2002 The OpenSSL Project. All rights reserved. * @@ -63,14 +63,14 @@ static const ASN1_TEMPLATE ECDSA_SIG_seq_tt[] = { .tag = 0, .offset = offsetof(ECDSA_SIG, r), .field_name = "r", - .item = &CBIGNUM_it, + .item = &BIGNUM_it, }, { .flags = 0, .tag = 0, .offset = offsetof(ECDSA_SIG, s), .field_name = "s", - .item = &CBIGNUM_it, + .item = &BIGNUM_it, }, }; -- 2.20.1