From de5c4b5fb3c67f74af8bfe1171b11516180935b8 Mon Sep 17 00:00:00 2001 From: Miod Vallat Date: Wed, 9 Jul 2014 08:55:33 +0000 Subject: Remove RSA_memory_lock(). This undocumented function sort-of serializes your RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@ --- lib/libssl/src/crypto/rsa/rsa.h | 6 +---- lib/libssl/src/crypto/rsa/rsa_lib.c | 47 +------------------------------------ 2 files changed, 2 insertions(+), 51 deletions(-) (limited to 'lib/libssl') diff --git a/lib/libssl/src/crypto/rsa/rsa.h b/lib/libssl/src/crypto/rsa/rsa.h index 3c49c132153..daea33ff606 100644 --- a/lib/libssl/src/crypto/rsa/rsa.h +++ b/lib/libssl/src/crypto/rsa/rsa.h @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa.h,v 1.19 2014/06/12 15:49:30 deraadt Exp $ */ +/* $OpenBSD: rsa.h,v 1.20 2014/07/09 08:55:32 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -155,7 +155,6 @@ struct rsa_st /* all BIGNUM values are actually in the following data, if it is not * NULL */ - char *bignum_data; BN_BLINDING *blinding; BN_BLINDING *mt_blinding; }; @@ -312,9 +311,6 @@ const RSA_METHOD *RSA_get_default_method(void); const RSA_METHOD *RSA_get_method(const RSA *rsa); int RSA_set_method(RSA *rsa, const RSA_METHOD *meth); -/* This function needs the memory locking malloc callbacks to be installed */ -int RSA_memory_lock(RSA *r); - /* these are the actual SSLeay RSA functions */ const RSA_METHOD *RSA_PKCS1_SSLeay(void); diff --git a/lib/libssl/src/crypto/rsa/rsa_lib.c b/lib/libssl/src/crypto/rsa/rsa_lib.c index 5ccdfe98104..62d415a27be 100644 --- a/lib/libssl/src/crypto/rsa/rsa_lib.c +++ b/lib/libssl/src/crypto/rsa/rsa_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_lib.c,v 1.22 2014/07/09 08:44:53 miod Exp $ */ +/* $OpenBSD: rsa_lib.c,v 1.23 2014/07/09 08:55:32 miod Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -265,48 +265,3 @@ RSA_get_ex_data(const RSA *r, int idx) { return CRYPTO_get_ex_data(&r->ex_data, idx); } - -int RSA_memory_lock(RSA *r) - { - int i,j,k,off; - char *p; - BIGNUM *bn,**t[6],*b; - BN_ULONG *ul; - - if (r->d == NULL) return(1); - t[0]= &r->d; - t[1]= &r->p; - t[2]= &r->q; - t[3]= &r->dmp1; - t[4]= &r->dmq1; - t[5]= &r->iqmp; - k=sizeof(BIGNUM)*6; - off=k/sizeof(BN_ULONG)+1; - j=1; - for (i=0; i<6; i++) - j+= (*t[i])->top; - if ((p=reallocarray(NULL, (off+j), sizeof(BN_ULONG))) == NULL) - { - RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE); - return(0); - } - bn=(BIGNUM *)p; - ul=(BN_ULONG *)&(p[off]); - for (i=0; i<6; i++) - { - b= *(t[i]); - *(t[i])= &(bn[i]); - memcpy((char *)&(bn[i]),(char *)b,sizeof(BIGNUM)); - bn[i].flags=BN_FLG_STATIC_DATA; - bn[i].d=ul; - memcpy((char *)ul,b->d,sizeof(BN_ULONG)*b->top); - ul+=b->top; - BN_clear_free(b); - } - - /* I should fix this so it can still be done */ - r->flags&= ~(RSA_FLAG_CACHE_PRIVATE|RSA_FLAG_CACHE_PUBLIC); - - r->bignum_data=p; - return(1); - } -- cgit v1.2.3