diff options
| author |   beck <beck@openbsd.org> | 2017-01-21 11:00:46 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2017-01-21 11:00:46 +0000 |
| commit | b0f5cbc3c22568232a5f0f45fea89dd1cbb6063b (patch) | |
| tree | 8f91fe3f7e40e41306d3e708618d467422c540af /lib/libcrypto/rsa | |
| parent | Move virtio config from files.pci to files.pci (diff) | |
| download | wireguard-openbsd-b0f5cbc3c22568232a5f0f45fea89dd1cbb6063b.tar.xz wireguard-openbsd-b0f5cbc3c22568232a5f0f45fea89dd1cbb6063b.zip | |
Add ct and nonct versions of BN_mod_inverse for internal use
ok jsing@
Diffstat (limited to 'lib/libcrypto/rsa')
| -rw-r--r-- | lib/libcrypto/rsa/rsa_chk.c | 4 | ||||
| -rw-r--r-- | lib/libcrypto/rsa/rsa_crpt.c | 6 | ||||
| -rw-r--r-- | lib/libcrypto/rsa/rsa_gen.c | 6 |
3 files changed, 9 insertions, 7 deletions
diff --git a/lib/libcrypto/rsa/rsa_chk.c b/lib/libcrypto/rsa/rsa_chk.c index efe9431f2dd..91616d17cbe 100644 --- a/lib/libcrypto/rsa/rsa_chk.c +++ b/lib/libcrypto/rsa/rsa_chk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_chk.c,v 1.10 2017/01/21 10:38:29 beck Exp $ */ +/* $OpenBSD: rsa_chk.c,v 1.11 2017/01/21 11:00:47 beck Exp $ */ /* ==================================================================== * Copyright (c) 1999 The OpenSSL Project. All rights reserved. * @@ -191,7 +191,7 @@ RSA_check_key(const RSA *key) } /* iqmp = q^-1 mod p? */ - if (!BN_mod_inverse(i, key->q, key->p, ctx)) { + if (!BN_mod_inverse_ct(i, key->q, key->p, ctx)) { ret = -1; goto err; } diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c index ccb677c12b0..8063a832632 100644 --- a/lib/libcrypto/rsa/rsa_crpt.c +++ b/lib/libcrypto/rsa/rsa_crpt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_crpt.c,v 1.16 2016/07/07 11:53:12 bcook Exp $ */ +/* $OpenBSD: rsa_crpt.c,v 1.17 2017/01/21 11:00:47 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -66,6 +66,8 @@ #include <openssl/lhash.h> #include <openssl/rsa.h> +#include "bn_lcl.h" + #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif @@ -160,7 +162,7 @@ rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q, if (!BN_mul(r0, r1, r2, ctx)) goto err; - ret = BN_mod_inverse(NULL, d, r0, ctx); + ret = BN_mod_inverse_ct(NULL, d, r0, ctx); err: BN_CTX_end(ctx); return ret; diff --git a/lib/libcrypto/rsa/rsa_gen.c b/lib/libcrypto/rsa/rsa_gen.c index 817f177e963..300b292b7be 100644 --- a/lib/libcrypto/rsa/rsa_gen.c +++ b/lib/libcrypto/rsa/rsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rsa_gen.c,v 1.19 2017/01/21 10:38:29 beck Exp $ */ +/* $OpenBSD: rsa_gen.c,v 1.20 2017/01/21 11:00:47 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -197,7 +197,7 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) BN_with_flags(&pr0, r0, BN_FLG_CONSTTIME); - if (!BN_mod_inverse(rsa->d, rsa->e, &pr0, ctx)) /* d */ + if (!BN_mod_inverse_ct(rsa->d, rsa->e, &pr0, ctx)) /* d */ goto err; /* set up d for correct BN_FLG_CONSTTIME flag */ @@ -213,7 +213,7 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb) /* calculate inverse of q mod p */ BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME); - if (!BN_mod_inverse(rsa->iqmp, rsa->q, &p, ctx)) + if (!BN_mod_inverse_ct(rsa->iqmp, rsa->q, &p, ctx)) goto err; ok = 1; |