openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Revert "Limit size of modulus for BN_mod_exp_mont_consttime()" 

This reverts commit 4378e3cd2a.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20005)
This commit is contained in:
Bernd Edlinger 2023-01-07 07:58:21 +01:00
parent b639475a94
commit 92d306b32b
2 changed files with 0 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/bn/bn_exp.c
View File

@ -615,15 +615,6 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top;
if (in_mont != NULL && BN_is_zero(&in_mont->N)) {
ERR_raise(ERR_LIB_BN, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
if ((unsigned int)top > INT_MAX / sizeof(m->d[0]) / (1 << 8)) {
/* Prevent overflowing the powerbufLen computation below */
ERR_raise(ERR_LIB_BN, BN_R_BIGNUM_TOO_LONG);
return 0;
}
/*
* Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
* whether the top bits are zero.

20
test/exptest.c
View File

@ -50,7 +50,6 @@ static int test_mod_exp_zero(void)
BN_ULONG one_word = 1;
BN_CTX *ctx = BN_CTX_new();
int ret = 0, failed = 0;
BN_MONT_CTX *mont = NULL;
if (!TEST_ptr(m = BN_new())
|| !TEST_ptr(a = BN_new())
@ -95,24 +94,6 @@ static int test_mod_exp_zero(void)
if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a)))
failed = 1;
if (!TEST_ptr(mont = BN_MONT_CTX_new()))
goto err;
ERR_set_mark();
/* mont is not set but passed in */
if (!TEST_false(BN_mod_exp_mont_consttime(r, a, p, m, ctx, mont)))
goto err;
ERR_pop_to_mark();
if (!TEST_true(BN_MONT_CTX_set(mont, m, ctx)))
goto err;
if (!TEST_true(BN_mod_exp_mont_consttime(r, a, p, m, ctx, mont)))
goto err;
if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a)))
failed = 1;
/*
* A different codepath exists for single word multiplication
* in non-constant-time only.
@ -133,7 +114,6 @@ static int test_mod_exp_zero(void)
BN_free(a);
BN_free(p);
BN_free(m);
BN_MONT_CTX_free(mont);
BN_CTX_free(ctx);
return ret;