Hi, the changes to enable blinding by default in 0.9.7b appear to break
when an ENGINE is in use (for all the ENGINEs I've tested), with an
assertion failure:
openssl: bn_lib.c:254: BN_num_bits: Assertion `l != 0' failed.
and backtrace as follows:
#4 0x080b97c7 in BN_num_bits (a=0x81e4fd4) at bn_lib.c:254
#5 0x080ce940 in ubsec_mod_exp (r=0x81e4fd4, a=0x81e4fd4, p=0x81cdde8,
m=0x81cdfb8, ctx=0x81e4fd0)
at hw_ubsec.c:578
#6 0x080cee37 in ubsec_mod_exp_mont (r=0x81e4fd4, a=0x81e4fd4,
p=0x81cdde8, m=0x81cdfb8, ctx=0x81e4fd0,
m_ctx=0x0) at hw_ubsec.c:722
#7 0x080bf6e6 in RSA_blinding_on (rsa=0x81cdf28, p_ctx=0x81e4fd0) at
rsa_lib.c:354
#8 0x080bd1aa in rsa_eay_blinding (rsa=0x81cdf28, ctx=0x81e4fd0) at
rsa_eay.c:202
#9 0x080bd574 in RSA_eay_private_encrypt (flen=36,
etc
As I understand it, blinding is not needed when using a hardware
accelerator. So, is the correct fix to set RSA_FLAG_NO_BLINDING on a
per-engine basis, for example as below, or is there something more
subtle that can be done?
--- ./crypto/engine/hw_ubsec.c.blind Thu Jun 5 12:49:08 2003
+++ ./crypto/engine/hw_ubsec.c Thu Jun 5 12:55:15 2003
@@ -118,6 +118,12 @@
static int ubsec_rand_status(void);
#endif
+static int ubsec_rsa_init(RSA *r)
+{
+ r->flags |= RSA_FLAG_NO_BLINDING;
+ return(1);
+}
+
#define UBSEC_CMD_SO_PATH ENGINE_CMD_BASE
static const ENGINE_CMD_DEFN ubsec_cmd_defns[] = {
{UBSEC_CMD_SO_PATH,
@@ -138,6 +144,7 @@
NULL,
ubsec_rsa_mod_exp,
ubsec_mod_exp_mont,
+ ubsec_rsa_init,
NULL,
NULL,
0,
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
