import of openssl-0.9.7j

4 files changed, 78 insertions, 6 deletions

diff --git a/src/lib/libcrypto/bn/Makefile b/src/lib/libcrypto/bn/Makefile
index f693d35d87..9969d242cc 100644
--- a/src/lib/libcrypto/bn/Makefile
+++ b/src/lib/libcrypto/bn/Makefile
@@ -1,5 +1,5 @@
 #
-# SSLeay/crypto/bn/Makefile
+# OpenSSL/crypto/bn/Makefile
 #
 
 DIR=    bn
@@ -31,12 +31,12 @@ LIB=$(TOP)/libcrypto.a
 LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_ctx.c bn_mul.c bn_mod.c \
         bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
         bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
-        bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c
+        bn_recp.c bn_mont.c bn_mpi.c bn_exp2.c bn_x931p.c
 
 LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_ctx.o bn_mul.o bn_mod.o \
         bn_print.o bn_rand.o bn_shift.o bn_word.o bn_blind.o \
         bn_kron.o bn_sqrt.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o $(BN_ASM) \
-        bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o
+        bn_recp.o bn_mont.o bn_mpi.o bn_exp2.o bn_x931p.o
 
 SRC= $(LIBSRC)
 
@@ -329,3 +329,5 @@ bn_word.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
 bn_word.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 bn_word.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 bn_word.o: ../cryptlib.h bn_lcl.h bn_word.c
+bn_x931p.o: ../../include/openssl/bn.h ../../include/openssl/e_os2.h
+bn_x931p.o: ../../include/openssl/opensslconf.h bn_x931p.c
diff --git a/src/lib/libcrypto/bn/bntest.c b/src/lib/libcrypto/bn/bntest.c
index 28cd3339da..685007d330 100644
--- a/src/lib/libcrypto/bn/bntest.c
+++ b/src/lib/libcrypto/bn/bntest.c
@@ -86,6 +86,7 @@ int test_mont(BIO *bp,BN_CTX *ctx);
 int test_mod(BIO *bp,BN_CTX *ctx);
 int test_mod_mul(BIO *bp,BN_CTX *ctx);
 int test_mod_exp(BIO *bp,BN_CTX *ctx);
+int test_mod_exp_mont_consttime(BIO *bp,BN_CTX *ctx);
 int test_exp(BIO *bp,BN_CTX *ctx);
 int test_kron(BIO *bp,BN_CTX *ctx);
 int test_sqrt(BIO *bp,BN_CTX *ctx);
@@ -213,6 +214,10 @@ int main(int argc, char *argv[])
         if (!test_mod_exp(out,ctx)) goto err;
         BIO_flush(out);
 
+        message(out,"BN_mod_exp_mont_consttime");
+        if (!test_mod_exp_mont_consttime(out,ctx)) goto err;
+        BIO_flush(out);
+
         message(out,"BN_exp");
         if (!test_exp(out,ctx)) goto err;
         BIO_flush(out);
@@ -813,6 +818,57 @@ int test_mod_exp(BIO *bp, BN_CTX *ctx)
         return(1);
         }
 
+int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx)
+        {
+        BIGNUM *a,*b,*c,*d,*e;
+        int i;
+
+        a=BN_new();
+        b=BN_new();
+        c=BN_new();
+        d=BN_new();
+        e=BN_new();
+
+        BN_bntest_rand(c,30,0,1); /* must be odd for montgomery */
+        for (i=0; i<num2; i++)
+                {
+                BN_bntest_rand(a,20+i*5,0,0); /**/
+                BN_bntest_rand(b,2+i,0,0); /**/
+
+                if (!BN_mod_exp_mont_consttime(d,a,b,c,ctx,NULL))
+                        return(00);
+
+                if (bp != NULL)
+                        {
+                        if (!results)
+                                {
+                                BN_print(bp,a);
+                                BIO_puts(bp," ^ ");
+                                BN_print(bp,b);
+                                BIO_puts(bp," % ");
+                                BN_print(bp,c);
+                                BIO_puts(bp," - ");
+                                }
+                        BN_print(bp,d);
+                        BIO_puts(bp,"\n");
+                        }
+                BN_exp(e,a,b,ctx);
+                BN_sub(e,e,d);
+                BN_div(a,b,e,c,ctx);
+                if(!BN_is_zero(b))
+                    {
+                    fprintf(stderr,"Modulo exponentiation test failed!\n");
+                    return 0;
+                    }
+                }
+        BN_free(a);
+        BN_free(b);
+        BN_free(c);
+        BN_free(d);
+        BN_free(e);
+        return(1);
+        }
+
 int test_exp(BIO *bp, BN_CTX *ctx)
         {
         BIGNUM *a,*b,*d,*e,*one;
diff --git a/src/lib/libcrypto/bn/expspeed.c b/src/lib/libcrypto/bn/expspeed.c
index 07a1bcf51c..4d5f221f33 100644
--- a/src/lib/libcrypto/bn/expspeed.c
+++ b/src/lib/libcrypto/bn/expspeed.c
@@ -321,7 +321,7 @@ void do_mul_exp(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx)
 #else /* TEST_SQRT */
                         "2*sqrt [prime == %d (mod 64)] %4d %4d mod %4d"
 #endif
-                        " -> %8.3fms %5.1f (%ld)\n",
+                        " -> %8.6fms %5.1f (%ld)\n",
 #ifdef TEST_SQRT
                         P_MOD_64,
 #endif
diff --git a/src/lib/libcrypto/bn/exptest.c b/src/lib/libcrypto/bn/exptest.c
index b09cf88705..28aaac2ac1 100644
--- a/src/lib/libcrypto/bn/exptest.c
+++ b/src/lib/libcrypto/bn/exptest.c
@@ -77,7 +77,7 @@ int main(int argc, char *argv[])
         BIO *out=NULL;
         int i,ret;
         unsigned char c;
-        BIGNUM *r_mont,*r_recp,*r_simple,*a,*b,*m;
+        BIGNUM *r_mont,*r_mont_const,*r_recp,*r_simple,*a,*b,*m;
 
         RAND_seed(rnd_seed, sizeof rnd_seed); /* or BN_rand may fail, and we don't
                                                * even check its return value
@@ -88,6 +88,7 @@ int main(int argc, char *argv[])
         ctx=BN_CTX_new();
         if (ctx == NULL) EXIT(1);
         r_mont=BN_new();
+        r_mont_const=BN_new();
         r_recp=BN_new();
         r_simple=BN_new();
         a=BN_new();
@@ -143,8 +144,17 @@ int main(int argc, char *argv[])
                         EXIT(1);
                         }
 
+                ret=BN_mod_exp_mont_consttime(r_mont_const,a,b,m,ctx,NULL);
+                if (ret <= 0)
+                        {
+                        printf("BN_mod_exp_mont_consttime() problems\n");
+                        ERR_print_errors(out);
+                        EXIT(1);
+                        }
+
                 if (BN_cmp(r_simple, r_mont) == 0
-                    && BN_cmp(r_simple,r_recp) == 0)
+                    && BN_cmp(r_simple,r_recp) == 0
+                        && BN_cmp(r_simple,r_mont_const) == 0)
                         {
                         printf(".");
                         fflush(stdout);
@@ -153,6 +163,8 @@ int main(int argc, char *argv[])
                         {
                         if (BN_cmp(r_simple,r_mont) != 0)
                                 printf("\nsimple and mont results differ\n");
+                        if (BN_cmp(r_simple,r_mont) != 0)
+                                printf("\nsimple and mont const time results differ\n");
                         if (BN_cmp(r_simple,r_recp) != 0)
                                 printf("\nsimple and recp results differ\n");
 
@@ -162,11 +174,13 @@ int main(int argc, char *argv[])
                         printf("\nsimple   ="); BN_print(out,r_simple);
                         printf("\nrecp     ="); BN_print(out,r_recp);
                         printf("\nmont     ="); BN_print(out,r_mont);
+                        printf("\nmont_ct  ="); BN_print(out,r_mont_const);
                         printf("\n");
                         EXIT(1);
                         }
                 }
         BN_free(r_mont);
+        BN_free(r_mont_const);
         BN_free(r_recp);
         BN_free(r_simple);
         BN_free(a);