Manuel Pégourié-Gonnard 88fca3ef0e Fix thread safety issue in RSA operations ...

The race was due to mpi_exp_mod storing a Montgomery coefficient in the
context (RM, RP, RQ).

The fix was verified with -fsanitize-thread using ssl_pthread_server and two
concurrent clients.

A more fine-grained fix should be possible, locking just enough time to check
if those values are OK and set them if not, rather than locking for the whole
mpi_exp_mod() operation, but it will be for later.

2015-03-27 15:12:05 +01:00

45 KiB

Raw Blame History

View Raw