Lines Matching defs:rsa
1 /* crypto/rsa/rsa_eay.c */
115 #include <openssl/rsa.h>
121 unsigned char *to, RSA *rsa, int padding);
123 unsigned char *to, RSA *rsa, int padding);
125 unsigned char *to, RSA *rsa, int padding);
127 unsigned char *to, RSA *rsa, int padding);
128 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa,
130 static int RSA_eay_init(RSA *rsa);
131 static int RSA_eay_finish(RSA *rsa);
156 unsigned char *to, RSA *rsa, int padding)
163 if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
168 if (BN_ucmp(rsa->n, rsa->e) <= 0) {
174 if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
175 if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
186 num = BN_num_bytes(rsa->n);
218 if (BN_ucmp(f, rsa->n) >= 0) {
225 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
227 (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
230 if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
231 rsa->_method_mod_n))
256 static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)
264 if (rsa->blinding == NULL) {
269 if (rsa->blinding == NULL)
270 rsa->blinding = RSA_setup_blinding(rsa, ctx);
273 ret = rsa->blinding;
279 /* rsa->blinding is ours! */
283 /* resort to rsa->mt_blinding instead */
292 if (rsa->mt_blinding == NULL) {
299 if (rsa->mt_blinding == NULL)
300 rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);
302 ret = rsa->mt_blinding;
349 unsigned char *to, RSA *rsa, int padding)
369 num = BN_num_bytes(rsa->n);
397 if (BN_ucmp(f, rsa->n) >= 0) {
404 if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
405 blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
421 if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
422 ((rsa->p != NULL) &&
423 (rsa->q != NULL) &&
424 (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))) {
425 if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
431 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
434 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
436 d = rsa->d;
438 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
440 (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
443 if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
444 rsa->_method_mod_n))
453 BN_sub(f, rsa->n, ret);
484 unsigned char *to, RSA *rsa, int padding)
505 num = BN_num_bytes(rsa->n);
526 if (BN_ucmp(f, rsa->n) >= 0) {
532 if (!(rsa->flags & RSA_FLAG_NO_BLINDING)) {
533 blinding = rsa_get_blinding(rsa, &local_blinding, ctx);
550 if ((rsa->flags & RSA_FLAG_EXT_PKEY) ||
551 ((rsa->p != NULL) &&
552 (rsa->q != NULL) &&
553 (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL))) {
554 if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx))
560 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
562 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
564 d = rsa->d;
566 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
568 (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
570 if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
571 rsa->_method_mod_n))
618 unsigned char *to, RSA *rsa, int padding)
626 if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS) {
631 if (BN_ucmp(rsa->n, rsa->e) <= 0) {
637 if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS) {
638 if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS) {
649 num = BN_num_bytes(rsa->n);
668 if (BN_ucmp(f, rsa->n) >= 0) {
674 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
676 (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
679 if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
680 rsa->_method_mod_n))
684 if (!BN_sub(ret, rsa->n, ret))
719 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)
739 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
742 BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
746 BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);
748 p = rsa->p;
749 q = rsa->q;
752 if (rsa->flags & RSA_FLAG_CACHE_PRIVATE) {
754 (&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))
757 (&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))
762 if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
764 (&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))
768 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
771 if (!BN_mod(r1, c, rsa->q, ctx))
774 if (!BN_mod(r1, I, rsa->q, ctx))
779 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
781 BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);
783 dmq1 = rsa->dmq1;
784 if (!rsa->meth->bn_mod_exp(m1, r1, dmq1, rsa->q, ctx, rsa->_method_mod_q))
788 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
791 if (!BN_mod(r1, c, rsa->p, ctx))
794 if (!BN_mod(r1, I, rsa->p, ctx))
799 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
801 BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);
803 dmp1 = rsa->dmp1;
804 if (!rsa->meth->bn_mod_exp(r0, r1, dmp1, rsa->p, ctx, rsa->_method_mod_p))
814 if (!BN_add(r0, r0, rsa->p))
817 if (!BN_mul(r1, r0, rsa->iqmp, ctx))
821 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
826 if (!BN_mod(r0, pr1, rsa->p, ctx))
837 if (!BN_add(r0, r0, rsa->p))
839 if (!BN_mul(r1, r0, rsa->q, ctx))
844 if (rsa->e && rsa->n) {
845 if (!rsa->meth->bn_mod_exp(vrfy, r0, rsa->e, rsa->n, ctx,
846 rsa->_method_mod_n))
849 * If 'I' was greater than (or equal to) rsa->n, the operation will
856 if (!BN_mod(vrfy, vrfy, rsa->n, ctx))
859 if (!BN_add(vrfy, vrfy, rsa->n))
871 if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
873 BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
875 d = rsa->d;
876 if (!rsa->meth->bn_mod_exp(r0, I, d, rsa->n, ctx,
877 rsa->_method_mod_n))
887 static int RSA_eay_init(RSA *rsa)
889 rsa->flags |= RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
893 static int RSA_eay_finish(RSA *rsa)
895 if (rsa->_method_mod_n != NULL)
896 BN_MONT_CTX_free(rsa->_method_mod_n);
897 if (rsa->_method_mod_p != NULL)
898 BN_MONT_CTX_free(rsa->_method_mod_p);
899 if (rsa->_method_mod_q != NULL)
900 BN_MONT_CTX_free(rsa->_method_mod_q);