Add ct and nonct versions of BN_mod_inverse for internal use

ok jsing@
author: beck <> 2017-01-21 11:00:47 +0000
committer: beck <> 2017-01-21 11:00:47 +0000
commit: 48df727a3547375dae8622c34fb55bdf5ef2c44c (patch)
tree: 7ad0f2808a2ac42a510bf2f280dba63a3dfc83e3 /src/lib/libcrypto/rsa
parent: 55a172a1ed5b0cd8f7de3628fcc2e56df6716d59 (diff)
download: openbsd-48df727a3547375dae8622c34fb55bdf5ef2c44c.tar.gz
openbsd-48df727a3547375dae8622c34fb55bdf5ef2c44c.tar.bz2
openbsd-48df727a3547375dae8622c34fb55bdf5ef2c44c.zip
3 files changed, 9 insertions, 7 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_chk.c b/src/lib/libcrypto/rsa/rsa_chk.c
index efe9431f2d..91616d17cb 100644
--- a/src/lib/libcrypto/rsa/rsa_chk.c
+++ b/src/lib/libcrypto/rsa/rsa_chk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_chk.c,v 1.10 2017/01/21 10:38:29 beck Exp $ */
+/* $OpenBSD: rsa_chk.c,v 1.11 2017/01/21 11:00:47 beck Exp $ */
 /* ====================================================================
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
 *
@@ -191,7 +191,7 @@ RSA_check_key(const RSA *key)
                }
                /* iqmp = q^-1 mod p? */
-                if (!BN_mod_inverse(i, key->q, key->p, ctx)) {
+                if (!BN_mod_inverse_ct(i, key->q, key->p, ctx)) {
                        ret = -1;
                        goto err;
                }
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c
index ccb677c12b..8063a83263 100644
--- a/src/lib/libcrypto/rsa/rsa_crpt.c
+++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_crpt.c,v 1.16 2016/07/07 11:53:12 bcook Exp $ */
+/* $OpenBSD: rsa_crpt.c,v 1.17 2017/01/21 11:00:47 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -66,6 +66,8 @@
 #include <openssl/lhash.h>
 #include <openssl/rsa.h>
+#include "bn_lcl.h"
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@@ -160,7 +162,7 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
        if (!BN_mul(r0, r1, r2, ctx))
                goto err;
-        ret = BN_mod_inverse(NULL, d, r0, ctx);
+        ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
 err:
        BN_CTX_end(ctx);
        return ret;
diff --git a/src/lib/libcrypto/rsa/rsa_gen.c b/src/lib/libcrypto/rsa/rsa_gen.c
index 817f177e96..300b292b7b 100644
--- a/src/lib/libcrypto/rsa/rsa_gen.c
+++ b/src/lib/libcrypto/rsa/rsa_gen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_gen.c,v 1.19 2017/01/21 10:38:29 beck Exp $ */
+/* $OpenBSD: rsa_gen.c,v 1.20 2017/01/21 11:00:47 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -197,7 +197,7 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
        BN_with_flags(&pr0, r0, BN_FLG_CONSTTIME);
-        if (!BN_mod_inverse(rsa->d, rsa->e, &pr0, ctx)) /* d */
+        if (!BN_mod_inverse_ct(rsa->d, rsa->e, &pr0, ctx)) /* d */
                goto err;
        /* set up d for correct BN_FLG_CONSTTIME flag */
@@ -213,7 +213,7 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
        /* calculate inverse of q mod p */
        BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
-        if (!BN_mod_inverse(rsa->iqmp, rsa->q, &p, ctx))
+        if (!BN_mod_inverse_ct(rsa->iqmp, rsa->q, &p, ctx))
                goto err;
        ok = 1;
author	beck <>	2017-01-21 11:00:47 +0000
committer	beck <>	2017-01-21 11:00:47 +0000
commit	48df727a3547375dae8622c34fb55bdf5ef2c44c (patch)
tree	7ad0f2808a2ac42a510bf2f280dba63a3dfc83e3 /src/lib/libcrypto/rsa
parent	55a172a1ed5b0cd8f7de3628fcc2e56df6716d59 (diff)
download	openbsd-48df727a3547375dae8622c34fb55bdf5ef2c44c.tar.gz openbsd-48df727a3547375dae8622c34fb55bdf5ef2c44c.tar.bz2 openbsd-48df727a3547375dae8622c34fb55bdf5ef2c44c.zip