summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/rsa/rsa_blinding.c102
-rw-r--r--src/lib/libcrypto/rsa/rsa_crpt.c102
2 files changed, 102 insertions, 102 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_blinding.c b/src/lib/libcrypto/rsa/rsa_blinding.c
index bc267b1c51..e6fd67242d 100644
--- a/src/lib/libcrypto/rsa/rsa_blinding.c
+++ b/src/lib/libcrypto/rsa/rsa_blinding.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_blinding.c,v 1.1 2023/08/09 09:23:03 tb Exp $ */ 1/* $OpenBSD: rsa_blinding.c,v 1.2 2023/08/09 09:26:43 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -259,3 +259,103 @@ BN_BLINDING_thread_id(BN_BLINDING *b)
259{ 259{
260 return &b->tid; 260 return &b->tid;
261} 261}
262
263static BIGNUM *
264rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
265 BN_CTX *ctx)
266{
267 BIGNUM *ret = NULL, *r0, *r1, *r2;
268
269 if (d == NULL || p == NULL || q == NULL)
270 return NULL;
271
272 BN_CTX_start(ctx);
273 if ((r0 = BN_CTX_get(ctx)) == NULL)
274 goto err;
275 if ((r1 = BN_CTX_get(ctx)) == NULL)
276 goto err;
277 if ((r2 = BN_CTX_get(ctx)) == NULL)
278 goto err;
279
280 if (!BN_sub(r1, p, BN_value_one()))
281 goto err;
282 if (!BN_sub(r2, q, BN_value_one()))
283 goto err;
284 if (!BN_mul(r0, r1, r2, ctx))
285 goto err;
286
287 ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
288err:
289 BN_CTX_end(ctx);
290 return ret;
291}
292
293BN_BLINDING *
294RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
295{
296 BIGNUM *e = NULL;
297 BIGNUM n;
298 BN_CTX *ctx = NULL;
299 BN_BLINDING *ret = NULL;
300
301 if ((ctx = in_ctx) == NULL)
302 ctx = BN_CTX_new();
303 if (ctx == NULL)
304 goto err;
305
306 BN_CTX_start(ctx);
307
308 if ((e = rsa->e) == NULL)
309 e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
310 if (e == NULL) {
311 RSAerror(RSA_R_NO_PUBLIC_EXPONENT);
312 goto err;
313 }
314
315 BN_init(&n);
316 BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
317
318 if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp,
319 rsa->_method_mod_n)) == NULL) {
320 RSAerror(ERR_R_BN_LIB);
321 goto err;
322 }
323 CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
324
325 err:
326 BN_CTX_end(ctx);
327 if (ctx != in_ctx)
328 BN_CTX_free(ctx);
329 if (e != rsa->e)
330 BN_free(e);
331
332 return ret;
333}
334
335void
336RSA_blinding_off(RSA *rsa)
337{
338 BN_BLINDING_free(rsa->blinding);
339 rsa->blinding = NULL;
340 rsa->flags |= RSA_FLAG_NO_BLINDING;
341}
342LCRYPTO_ALIAS(RSA_blinding_off);
343
344int
345RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
346{
347 int ret = 0;
348
349 if (rsa->blinding != NULL)
350 RSA_blinding_off(rsa);
351
352 rsa->blinding = RSA_setup_blinding(rsa, ctx);
353 if (rsa->blinding == NULL)
354 goto err;
355
356 rsa->flags &= ~RSA_FLAG_NO_BLINDING;
357 ret = 1;
358err:
359 return (ret);
360}
361LCRYPTO_ALIAS(RSA_blinding_on);
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c
index fcf29f121e..2a23c1bb88 100644
--- a/src/lib/libcrypto/rsa/rsa_crpt.c
+++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa_crpt.c,v 1.27 2023/08/09 09:25:13 tb Exp $ */ 1/* $OpenBSD: rsa_crpt.c,v 1.28 2023/08/09 09:26:43 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -125,103 +125,3 @@ RSA_flags(const RSA *r)
125 return r == NULL ? 0 : r->meth->flags; 125 return r == NULL ? 0 : r->meth->flags;
126} 126}
127LCRYPTO_ALIAS(RSA_flags); 127LCRYPTO_ALIAS(RSA_flags);
128
129static BIGNUM *
130rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
131 BN_CTX *ctx)
132{
133 BIGNUM *ret = NULL, *r0, *r1, *r2;
134
135 if (d == NULL || p == NULL || q == NULL)
136 return NULL;
137
138 BN_CTX_start(ctx);
139 if ((r0 = BN_CTX_get(ctx)) == NULL)
140 goto err;
141 if ((r1 = BN_CTX_get(ctx)) == NULL)
142 goto err;
143 if ((r2 = BN_CTX_get(ctx)) == NULL)
144 goto err;
145
146 if (!BN_sub(r1, p, BN_value_one()))
147 goto err;
148 if (!BN_sub(r2, q, BN_value_one()))
149 goto err;
150 if (!BN_mul(r0, r1, r2, ctx))
151 goto err;
152
153 ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
154err:
155 BN_CTX_end(ctx);
156 return ret;
157}
158
159BN_BLINDING *
160RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
161{
162 BIGNUM *e = NULL;
163 BIGNUM n;
164 BN_CTX *ctx = NULL;
165 BN_BLINDING *ret = NULL;
166
167 if ((ctx = in_ctx) == NULL)
168 ctx = BN_CTX_new();
169 if (ctx == NULL)
170 goto err;
171
172 BN_CTX_start(ctx);
173
174 if ((e = rsa->e) == NULL)
175 e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
176 if (e == NULL) {
177 RSAerror(RSA_R_NO_PUBLIC_EXPONENT);
178 goto err;
179 }
180
181 BN_init(&n);
182 BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
183
184 if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp,
185 rsa->_method_mod_n)) == NULL) {
186 RSAerror(ERR_R_BN_LIB);
187 goto err;
188 }
189 CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
190
191 err:
192 BN_CTX_end(ctx);
193 if (ctx != in_ctx)
194 BN_CTX_free(ctx);
195 if (e != rsa->e)
196 BN_free(e);
197
198 return ret;
199}
200
201void
202RSA_blinding_off(RSA *rsa)
203{
204 BN_BLINDING_free(rsa->blinding);
205 rsa->blinding = NULL;
206 rsa->flags |= RSA_FLAG_NO_BLINDING;
207}
208LCRYPTO_ALIAS(RSA_blinding_off);
209
210int
211RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
212{
213 int ret = 0;
214
215 if (rsa->blinding != NULL)
216 RSA_blinding_off(rsa);
217
218 rsa->blinding = RSA_setup_blinding(rsa, ctx);
219 if (rsa->blinding == NULL)
220 goto err;
221
222 rsa->flags &= ~RSA_FLAG_NO_BLINDING;
223 ret = 1;
224err:
225 return (ret);
226}
227LCRYPTO_ALIAS(RSA_blinding_on);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-21 21:55:43 +0000