resolve conflicts

author: djm <> 2006-06-27 05:07:03 +0000
committer: djm <> 2006-06-27 05:07:03 +0000
commit: 7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d (patch)
tree: 224c33f66b0b932c84dda315d9ba4236bf125b1c /src/lib/libcrypto/dh
parent: 3f764f48d2626a43b6eeef7652c28303269d1204 (diff)
download: openbsd-7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d.tar.gz
openbsd-7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d.tar.bz2
openbsd-7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d.zip
4 files changed, 74 insertions, 32 deletions
diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h
index 0aff7fe21f..8562d16fb7 100644
--- a/src/lib/libcrypto/dh/dh.h
+++ b/src/lib/libcrypto/dh/dh.h
@@ -70,7 +70,14 @@
 #include <openssl/crypto.h>
 #include <openssl/ossl_typ.h>
        
-#define DH_FLAG_CACHE_MONT_P    0x01
+#define DH_FLAG_CACHE_MONT_P     0x01
+#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
+                                       * implementation now uses constant time
+                                       * modular exponentiation for secret exponents
+                                       * by default. This flag causes the
+                                       * faster variable sliding window method to
+                                       * be used for all exponents.
+                                       */
 #ifdef  __cplusplus
 extern "C" {
diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c
index 914b8a9c53..9336bfce6b 100644
--- a/src/lib/libcrypto/dh/dh_err.c
+++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /* crypto/dh/dh_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2003 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
@@ -64,22 +64,26 @@
 /* BEGIN ERROR CODES */
 #ifndef OPENSSL_NO_ERR
+#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
+#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
 static ERR_STRING_DATA DH_str_functs[]=
        {
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0),     "DHparams_print"},
+{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
-{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0),  "DHparams_print_fp"},
+{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP),      "DHparams_print_fp"},
-{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0),     "DH_compute_key"},
+{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0),    "DH_generate_key"},
+{ERR_FUNC(DH_F_DH_GENERATE_KEY),        "DH_generate_key"},
-{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0),     "DH_generate_parameters"},
+{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
-{ERR_PACK(0,DH_F_DH_NEW_METHOD,0),      "DH_new_method"},
+{ERR_FUNC(DH_F_DH_NEW_METHOD),  "DH_new_method"},
 {0,NULL}
        };
 static ERR_STRING_DATA DH_str_reasons[]=
        {
-{DH_R_BAD_GENERATOR                      ,"bad generator"},
+{ERR_REASON(DH_R_BAD_GENERATOR)          ,"bad generator"},
-{DH_R_NO_PRIVATE_VALUE                   ,"no private value"},
+{ERR_REASON(DH_R_NO_PRIVATE_VALUE)       ,"no private value"},
-{DH_R_INVALID_PUBKEY                     ,"invalid public key"},
+{ERR_REASON(DH_R_INVALID_PUBKEY)         ,"invalid public key"},
 {0,NULL}
        };
@@ -93,8 +97,8 @@ void ERR_load_DH_strings(void)
                {
                init=0;
 #ifndef OPENSSL_NO_ERR
-                ERR_load_strings(ERR_LIB_DH,DH_str_functs);
+                ERR_load_strings(0,DH_str_functs);
-                ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
+                ERR_load_strings(0,DH_str_reasons);
 #endif
                }
diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c
index 648766a6ec..e3641ec468 100644
--- a/src/lib/libcrypto/dh/dh_key.c
+++ b/src/lib/libcrypto/dh/dh_key.c
@@ -105,7 +105,7 @@ static int generate_key(DH *dh)
        int generate_new_key=0;
        unsigned l;
        BN_CTX *ctx;
-        BN_MONT_CTX *mont;
+        BN_MONT_CTX *mont=NULL;
        BIGNUM *pub_key=NULL,*priv_key=NULL;
        ctx = BN_CTX_new();
@@ -128,21 +128,37 @@ static int generate_key(DH *dh)
        else
                pub_key=dh->pub_key;
-        if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+        if (dh->flags & DH_FLAG_CACHE_MONT_P)
                {
-                if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                mont = BN_MONT_CTX_set_locked(
-                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
+                                (BN_MONT_CTX **)&dh->method_mont_p,
-                                dh->p,ctx)) goto err;
+                                CRYPTO_LOCK_DH, dh->p, ctx);
+                if (!mont)
+                        goto err;
                }
-        mont=(BN_MONT_CTX *)dh->method_mont_p;
        if (generate_new_key)
                {
                l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
                if (!BN_rand(priv_key, l, 0, 0)) goto err;
                }
-        if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))
-                goto err;
+        {
+                BIGNUM local_prk;
+                BIGNUM *prk;
+                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
+                        {
+                        BN_init(&local_prk);
+                        prk = &local_prk;
+                        BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
+                        }
+                else
+                        prk = priv_key;
+                if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
+        }
                
        dh->pub_key=pub_key;
        dh->priv_key=priv_key;
@@ -160,7 +176,7 @@ err:
 static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        {
        BN_CTX *ctx;
-        BN_MONT_CTX *mont;
+        BN_MONT_CTX *mont=NULL;
        BIGNUM *tmp;
        int ret= -1;
        int check_result;
@@ -175,15 +191,20 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
                DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
                goto err;
                }
-        if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))
+        if (dh->flags & DH_FLAG_CACHE_MONT_P)
                {
-                if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)
+                mont = BN_MONT_CTX_set_locked(
-                        if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,
+                                (BN_MONT_CTX **)&dh->method_mont_p,
-                                dh->p,ctx)) goto err;
+                                CRYPTO_LOCK_DH, dh->p, ctx);
+                if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
+                        {
+                        /* XXX */
+                        BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
+                        }
+                if (!mont)
+                        goto err;
                }
-        mont=(BN_MONT_CTX *)dh->method_mont_p;
        if (!DH_check_pub_key(dh, pub_key, &check_result) || check_result)
                {
                DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
@@ -197,8 +218,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
        ret=BN_bn2bin(tmp,key);
 err:
-        BN_CTX_end(ctx);
+        if (ctx != NULL)
-        BN_CTX_free(ctx);
+                {
+                BN_CTX_end(ctx);
+                BN_CTX_free(ctx);
+                }
        return(ret);
        }
@@ -207,7 +231,10 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r,
                        const BIGNUM *m, BN_CTX *ctx,
                        BN_MONT_CTX *m_ctx)
        {
-        if (a->top == 1)
+        /* If a is only one word long and constant time is false, use the faster
+         * exponenentiation function.
+         */
+        if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
                {
                BN_ULONG A = a->d[0];
                return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);
diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c
index d75077f9fa..b76dede771 100644
--- a/src/lib/libcrypto/dh/dhtest.c
+++ b/src/lib/libcrypto/dh/dhtest.c
@@ -136,6 +136,10 @@ int main(int argc, char *argv[])
        b->g=BN_dup(a->g);
        if ((b->p == NULL) || (b->g == NULL)) goto err;
+        /* Set a to run with normal modexp and b to use constant time */
+        a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
+        b->flags |= DH_FLAG_NO_EXP_CONSTTIME;
        if (!DH_generate_key(a)) goto err;
        BIO_puts(out,"pri 1=");
        BN_print(out,a->priv_key);
author	djm <>	2006-06-27 05:07:03 +0000
committer	djm <>	2006-06-27 05:07:03 +0000
commit	7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d (patch)
tree	224c33f66b0b932c84dda315d9ba4236bf125b1c /src/lib/libcrypto/dh
parent	3f764f48d2626a43b6eeef7652c28303269d1204 (diff)
download	openbsd-7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d.tar.gz openbsd-7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d.tar.bz2 openbsd-7fe7e1ed6bcd0e342aed7c0f890962dda616aa0d.zip

diff --git a/src/lib/libcrypto/dh/dh.h b/src/lib/libcrypto/dh/dh.h index 0aff7fe21f..8562d16fb7 100644 --- a/src/lib/libcrypto/dh/dh.h +++ b/src/lib/libcrypto/dh/dh.h
@@ -70,7 +70,14 @@
70	#include <openssl/crypto.h>	70	#include <openssl/crypto.h>
71	#include <openssl/ossl_typ.h>	71	#include <openssl/ossl_typ.h>
72		72
73	#define DH_FLAG_CACHE_MONT_P 0x01	73	#define DH_FLAG_CACHE_MONT_P 0x01
		74	#define DH_FLAG_NO_EXP_CONSTTIME 0x02 /* new with 0.9.7h; the built-in DH
		75	* implementation now uses constant time
		76	* modular exponentiation for secret exponents
		77	* by default. This flag causes the
		78	* faster variable sliding window method to
		79	* be used for all exponents.
		80	*/
74		81
75	#ifdef __cplusplus	82	#ifdef __cplusplus
76	extern "C" {	83	extern "C" {


diff --git a/src/lib/libcrypto/dh/dh_err.c b/src/lib/libcrypto/dh/dh_err.c index 914b8a9c53..9336bfce6b 100644 --- a/src/lib/libcrypto/dh/dh_err.c +++ b/src/lib/libcrypto/dh/dh_err.c
@@ -1,6 +1,6 @@
1	/* crypto/dh/dh_err.c */	1	/* crypto/dh/dh_err.c */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 1999-2003 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
4	*	4	*
5	* Redistribution and use in source and binary forms, with or without	5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions	6	* modification, are permitted provided that the following conditions
@@ -64,22 +64,26 @@
64		64
65	/* BEGIN ERROR CODES */	65	/* BEGIN ERROR CODES */
66	#ifndef OPENSSL_NO_ERR	66	#ifndef OPENSSL_NO_ERR
		67
		68	#define ERR_FUNC(func) ERR_PACK(ERR_LIB_DH,func,0)
		69	#define ERR_REASON(reason) ERR_PACK(ERR_LIB_DH,0,reason)
		70
67	static ERR_STRING_DATA DH_str_functs[]=	71	static ERR_STRING_DATA DH_str_functs[]=
68	{	72	{
69	{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},	73	{ERR_FUNC(DH_F_DHPARAMS_PRINT), "DHparams_print"},
70	{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},	74	{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
71	{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},	75	{ERR_FUNC(DH_F_DH_COMPUTE_KEY), "DH_compute_key"},
72	{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},	76	{ERR_FUNC(DH_F_DH_GENERATE_KEY), "DH_generate_key"},
73	{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},	77	{ERR_FUNC(DH_F_DH_GENERATE_PARAMETERS), "DH_generate_parameters"},
74	{ERR_PACK(0,DH_F_DH_NEW_METHOD,0), "DH_new_method"},	78	{ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"},
75	{0,NULL}	79	{0,NULL}
76	};	80	};
77		81
78	static ERR_STRING_DATA DH_str_reasons[]=	82	static ERR_STRING_DATA DH_str_reasons[]=
79	{	83	{
80	{DH_R_BAD_GENERATOR ,"bad generator"},	84	{ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"},
81	{DH_R_NO_PRIVATE_VALUE ,"no private value"},	85	{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"},
82	{DH_R_INVALID_PUBKEY ,"invalid public key"},	86	{ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"},
83	{0,NULL}	87	{0,NULL}
84	};	88	};
85		89
@@ -93,8 +97,8 @@ void ERR_load_DH_strings(void)
93	{	97	{
94	init=0;	98	init=0;
95	#ifndef OPENSSL_NO_ERR	99	#ifndef OPENSSL_NO_ERR
96	ERR_load_strings(ERR_LIB_DH,DH_str_functs);	100	ERR_load_strings(0,DH_str_functs);
97	ERR_load_strings(ERR_LIB_DH,DH_str_reasons);	101	ERR_load_strings(0,DH_str_reasons);
98	#endif	102	#endif
99		103
100	}	104	}


diff --git a/src/lib/libcrypto/dh/dh_key.c b/src/lib/libcrypto/dh/dh_key.c index 648766a6ec..e3641ec468 100644 --- a/src/lib/libcrypto/dh/dh_key.c +++ b/src/lib/libcrypto/dh/dh_key.c
@@ -105,7 +105,7 @@ static int generate_key(DH *dh)
105	int generate_new_key=0;	105	int generate_new_key=0;
106	unsigned l;	106	unsigned l;
107	BN_CTX *ctx;	107	BN_CTX *ctx;
108	BN_MONT_CTX *mont;	108	BN_MONT_CTX *mont=NULL;
109	BIGNUM pub_key=NULL,priv_key=NULL;	109	BIGNUM pub_key=NULL,priv_key=NULL;
110		110
111	ctx = BN_CTX_new();	111	ctx = BN_CTX_new();
@@ -128,21 +128,37 @@ static int generate_key(DH *dh)
128	else	128	else
129	pub_key=dh->pub_key;	129	pub_key=dh->pub_key;
130		130
131	if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))	131
		132	if (dh->flags & DH_FLAG_CACHE_MONT_P)
132	{	133	{
133	if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)	134	mont = BN_MONT_CTX_set_locked(
134	if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,	135	(BN_MONT_CTX **)&dh->method_mont_p,
135	dh->p,ctx)) goto err;	136	CRYPTO_LOCK_DH, dh->p, ctx);
		137	if (!mont)
		138	goto err;
136	}	139	}
137	mont=(BN_MONT_CTX *)dh->method_mont_p;
138		140
139	if (generate_new_key)	141	if (generate_new_key)
140	{	142	{
141	l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */	143	l = dh->length ? dh->length : BN_num_bits(dh->p)-1; /* secret exponent length */
142	if (!BN_rand(priv_key, l, 0, 0)) goto err;	144	if (!BN_rand(priv_key, l, 0, 0)) goto err;
143	}	145	}
144	if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, priv_key,dh->p,ctx,mont))	146
145	goto err;	147	{
		148	BIGNUM local_prk;
		149	BIGNUM *prk;
		150
		151	if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
		152	{
		153	BN_init(&local_prk);
		154	prk = &local_prk;
		155	BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
		156	}
		157	else
		158	prk = priv_key;
		159
		160	if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) goto err;
		161	}
146		162
147	dh->pub_key=pub_key;	163	dh->pub_key=pub_key;
148	dh->priv_key=priv_key;	164	dh->priv_key=priv_key;
@@ -160,7 +176,7 @@ err:
160	static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)	176	static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
161	{	177	{
162	BN_CTX *ctx;	178	BN_CTX *ctx;
163	BN_MONT_CTX *mont;	179	BN_MONT_CTX *mont=NULL;
164	BIGNUM *tmp;	180	BIGNUM *tmp;
165	int ret= -1;	181	int ret= -1;
166	int check_result;	182	int check_result;
@@ -175,15 +191,20 @@ static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
175	DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);	191	DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
176	goto err;	192	goto err;
177	}	193	}
178	if ((dh->method_mont_p == NULL) && (dh->flags & DH_FLAG_CACHE_MONT_P))	194
		195	if (dh->flags & DH_FLAG_CACHE_MONT_P)
179	{	196	{
180	if ((dh->method_mont_p=(char *)BN_MONT_CTX_new()) != NULL)	197	mont = BN_MONT_CTX_set_locked(
181	if (!BN_MONT_CTX_set((BN_MONT_CTX *)dh->method_mont_p,	198	(BN_MONT_CTX **)&dh->method_mont_p,
182	dh->p,ctx)) goto err;	199	CRYPTO_LOCK_DH, dh->p, ctx);
		200	if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
		201	{
		202	/* XXX */
		203	BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
		204	}
		205	if (!mont)
		206	goto err;
183	}	207	}
184
185	mont=(BN_MONT_CTX *)dh->method_mont_p;
186
187	if (!DH_check_pub_key(dh, pub_key, &check_result) \|\| check_result)	208	if (!DH_check_pub_key(dh, pub_key, &check_result) \|\| check_result)
188	{	209	{
189	DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);	210	DHerr(DH_F_DH_COMPUTE_KEY,DH_R_INVALID_PUBKEY);
@@ -197,8 +218,11 @@ static int compute_key(unsigned char key, const BIGNUM pub_key, DH *dh)
197		218
198	ret=BN_bn2bin(tmp,key);	219	ret=BN_bn2bin(tmp,key);
199	err:	220	err:
200	BN_CTX_end(ctx);	221	if (ctx != NULL)
201	BN_CTX_free(ctx);	222	{
		223	BN_CTX_end(ctx);
		224	BN_CTX_free(ctx);
		225	}
202	return(ret);	226	return(ret);
203	}	227	}
204		228
@@ -207,7 +231,10 @@ static int dh_bn_mod_exp(const DH dh, BIGNUM r,
207	const BIGNUM m, BN_CTX ctx,	231	const BIGNUM m, BN_CTX ctx,
208	BN_MONT_CTX *m_ctx)	232	BN_MONT_CTX *m_ctx)
209	{	233	{
210	if (a->top == 1)	234	/* If a is only one word long and constant time is false, use the faster
		235	* exponenentiation function.
		236	*/
		237	if (a->top == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0))
211	{	238	{
212	BN_ULONG A = a->d[0];	239	BN_ULONG A = a->d[0];
213	return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);	240	return BN_mod_exp_mont_word(r,A,p,m,ctx,m_ctx);


diff --git a/src/lib/libcrypto/dh/dhtest.c b/src/lib/libcrypto/dh/dhtest.c index d75077f9fa..b76dede771 100644 --- a/src/lib/libcrypto/dh/dhtest.c +++ b/src/lib/libcrypto/dh/dhtest.c
@@ -136,6 +136,10 @@ int main(int argc, char *argv[])
136	b->g=BN_dup(a->g);	136	b->g=BN_dup(a->g);
137	if ((b->p == NULL) \|\| (b->g == NULL)) goto err;	137	if ((b->p == NULL) \|\| (b->g == NULL)) goto err;
138		138
		139	/* Set a to run with normal modexp and b to use constant time */
		140	a->flags &= ~DH_FLAG_NO_EXP_CONSTTIME;
		141	b->flags \|= DH_FLAG_NO_EXP_CONSTTIME;
		142
139	if (!DH_generate_key(a)) goto err;	143	if (!DH_generate_key(a)) goto err;
140	BIO_puts(out,"pri 1=");	144	BIO_puts(out,"pri 1=");
141	BN_print(out,a->priv_key);	145	BN_print(out,a->priv_key);