From 46ef873f0b3c04b6415cddac5d4a7b27b53cc482 Mon Sep 17 00:00:00 2001 From: Geoff Thorpe Date: Thu, 25 Mar 2004 02:52:04 +0000 Subject: [PATCH] By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key operations no longer require two distinct BN_CTX structures. This may put more "strain" on the current BN_CTX implementation (which has a fixed limit to the number of variables it will hold), but so far this limit is not triggered by any of the tests pass and I will be changing BN_CTX in the near future to avoid this problem anyway. This also changes the default RSA implementation code to use the BN_CTX in favour of initialising some of its variables locally in each function. --- CHANGES | 4 + crypto/rsa/rsa.h | 2 +- crypto/rsa/rsa_eay.c | 181 ++++++++++++++++++++++--------------------- engines/e_aep.c | 12 +-- engines/e_atalla.c | 9 +-- engines/e_cswift.c | 9 +-- engines/e_ncipher.c | 4 +- engines/e_nuron.c | 4 +- engines/e_ubsec.c | 12 +-- 9 files changed, 112 insertions(+), 125 deletions(-) diff --git a/CHANGES b/CHANGES index aebf096f9f..6eceebac1b 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,10 @@ Changes between 0.9.7c and 0.9.8 [xx XXX xxxx] + *) Add a missing BN_CTX parameter to the 'rsa_mod_exp' callback in RSA_METHOD + to allow all RSA operations to function using a single BN_CTX. + [Geoff Thorpe] + *) Preliminary support for certificate policy evaluation and checking. This is initially intended to pass the tests outlined in "Conformance Testing of Relying Party Client Certificate Path Processing Logic" v1.07. diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index 12689fc22d..b3ed1edd3f 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -93,7 +93,7 @@ typedef struct rsa_meth_st int (*rsa_priv_dec)(int flen,const unsigned char *from, unsigned char *to, RSA *rsa,int padding); - int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa); /* Can be null */ + int (*rsa_mod_exp)(BIGNUM *r0,const BIGNUM *I,RSA *rsa,BN_CTX *ctx); /* Can be null */ int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */ diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 5beb9c9fdf..b66b4bc140 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -72,7 +72,7 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa,int padding); -static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa); +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx); static int RSA_eay_init(RSA *rsa); static int RSA_eay_finish(RSA *rsa); static RSA_METHOD rsa_pkcs1_eay_meth={ @@ -137,16 +137,18 @@ static int rsa_eay_mont_helper(BN_MONT_CTX **ptr, const BIGNUM *modulus, BN_CTX static int RSA_eay_public_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f,*ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; - BN_init(&f); - BN_init(&ret); if ((ctx=BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) + buf = OPENSSL_malloc(num); + if (!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -174,9 +176,9 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, } if (i <= 0) goto err; - if (BN_bin2bn(buf,num,&f) == NULL) goto err; + if (BN_bin2bn(buf,num,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); @@ -185,21 +187,23 @@ static int RSA_eay_public_encrypt(int flen, const unsigned char *from, MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); + j=BN_num_bytes(ret); + i=BN_bn2bin(ret,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; r=num; err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (buf != NULL) { OPENSSL_cleanse(buf,num); @@ -265,19 +269,20 @@ err: static int RSA_eay_private_encrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f,*ret; int i,j,k,num=0,r= -1; unsigned char *buf=NULL; BN_CTX *ctx=NULL; int local_blinding = 0; BN_BLINDING *blinding = NULL; - BN_init(&f); - BN_init(&ret); - if ((ctx=BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) + buf = OPENSSL_malloc(num); + if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -298,9 +303,9 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, } if (i <= 0) goto err; - if (BN_bin2bn(buf,num,&f) == NULL) goto err; + if (BN_bin2bn(buf,num,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { /* usually the padding functions would catch this */ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); @@ -339,7 +344,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, } if (blinding) - if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; + if (!BN_BLINDING_convert(f, blinding, ctx)) goto err; if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || ((rsa->p != NULL) && @@ -347,29 +352,31 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from, (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } + { if (!rsa->meth->rsa_mod_exp(ret,f,rsa,ctx)) goto err; } else { MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx, rsa->_method_mod_n)) goto err; } if (blinding) - if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; + if (!BN_BLINDING_invert(ret, blinding, ctx)) goto err; /* put in leading 0 bytes if the number is less than the * length of the modulus */ - j=BN_num_bytes(&ret); - i=BN_bn2bin(&ret,&(to[num-j])); + j=BN_num_bytes(ret); + i=BN_bn2bin(ret,&(to[num-j])); for (k=0; k<(num-i); k++) to[k]=0; r=num; err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&ret); - BN_clear_free(&f); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (local_blinding) BN_BLINDING_free(blinding); if (buf != NULL) @@ -383,7 +390,7 @@ err: static int RSA_eay_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f,*ret; int j,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; @@ -391,14 +398,13 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, int local_blinding = 0; BN_BLINDING *blinding = NULL; - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - + if((ctx = BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - - if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL) + buf = OPENSSL_malloc(num); + if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -413,9 +419,9 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, } /* make data into a big number */ - if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err; + if (BN_bin2bn(from,(int)flen,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; @@ -453,7 +459,7 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, } if (blinding) - if (!BN_BLINDING_convert(&f, blinding, ctx)) goto err; + if (!BN_BLINDING_convert(f, blinding, ctx)) goto err; /* do the decrypt */ if ( (rsa->flags & RSA_FLAG_EXT_PKEY) || @@ -462,20 +468,20 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, (rsa->dmp1 != NULL) && (rsa->dmq1 != NULL) && (rsa->iqmp != NULL)) ) - { if (!rsa->meth->rsa_mod_exp(&ret,&f,rsa)) goto err; } + { if (!rsa->meth->rsa_mod_exp(ret,f,rsa,ctx)) goto err; } else { MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx, rsa->_method_mod_n)) goto err; } if (blinding) - if (!BN_BLINDING_invert(&ret, blinding, ctx)) goto err; + if (!BN_BLINDING_invert(ret, blinding, ctx)) goto err; p=buf; - j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */ + j=BN_bn2bin(ret,p); /* j is only used with no-padding mode */ switch (padding) { @@ -501,9 +507,11 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED); err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (local_blinding) BN_BLINDING_free(blinding); if (buf != NULL) @@ -518,20 +526,19 @@ err: static int RSA_eay_public_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { - BIGNUM f,ret; + BIGNUM *f,*ret; int i,num=0,r= -1; unsigned char *p; unsigned char *buf=NULL; BN_CTX *ctx=NULL; - BN_init(&f); - BN_init(&ret); - ctx=BN_CTX_new(); - if (ctx == NULL) goto err; - + if((ctx = BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + f = BN_CTX_get(ctx); + ret = BN_CTX_get(ctx); num=BN_num_bytes(rsa->n); - buf=(unsigned char *)OPENSSL_malloc(num); - if (buf == NULL) + buf = OPENSSL_malloc(num); + if(!f || !ret || !buf) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE); goto err; @@ -545,9 +552,9 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, goto err; } - if (BN_bin2bn(from,flen,&f) == NULL) goto err; + if (BN_bin2bn(from,flen,f) == NULL) goto err; - if (BN_ucmp(&f, rsa->n) >= 0) + if (BN_ucmp(f, rsa->n) >= 0) { RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_TOO_LARGE_FOR_MODULUS); goto err; @@ -555,11 +562,11 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx, + if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx, rsa->_method_mod_n)) goto err; p=buf; - i=BN_bn2bin(&ret,p); + i=BN_bn2bin(ret,p); switch (padding) { @@ -577,9 +584,11 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED); err: - if (ctx != NULL) BN_CTX_free(ctx); - BN_clear_free(&f); - BN_clear_free(&ret); + if (ctx != NULL) + { + BN_CTX_end(ctx); + BN_CTX_free(ctx); + } if (buf != NULL) { OPENSSL_cleanse(buf,num); @@ -588,37 +597,36 @@ err: return(r); } -static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - BIGNUM r1,m1,vrfy; + BIGNUM *r1,*m1,*vrfy; int ret=0; - BN_CTX *ctx; - BN_init(&m1); - BN_init(&r1); - BN_init(&vrfy); - if ((ctx=BN_CTX_new()) == NULL) goto err; + BN_CTX_start(ctx); + r1 = BN_CTX_get(ctx); + m1 = BN_CTX_get(ctx); + vrfy = BN_CTX_get(ctx); MONT_HELPER(rsa, ctx, p, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); MONT_HELPER(rsa, ctx, q, rsa->flags & RSA_FLAG_CACHE_PRIVATE, goto err); MONT_HELPER(rsa, ctx, n, rsa->flags & RSA_FLAG_CACHE_PUBLIC, goto err); - if (!BN_mod(&r1,I,rsa->q,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx, + if (!BN_mod(r1,I,rsa->q,ctx)) goto err; + if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx, rsa->_method_mod_q)) goto err; - if (!BN_mod(&r1,I,rsa->p,ctx)) goto err; - if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx, + if (!BN_mod(r1,I,rsa->p,ctx)) goto err; + if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx, rsa->_method_mod_p)) goto err; - if (!BN_sub(r0,r0,&m1)) goto err; + if (!BN_sub(r0,r0,m1)) goto err; /* This will help stop the size of r0 increasing, which does * affect the multiply if it optimised for a power of 2 size */ if (BN_get_sign(r0)) if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err; - if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err; + if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err; + if (!BN_mod(r0,r1,rsa->p,ctx)) goto err; /* If p < q it is occasionally possible for the correction of * adding 'p' if r0 is negative above to leave the result still * negative. This can break the private key operations: the following @@ -628,21 +636,21 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) */ if (BN_get_sign(r0)) if (!BN_add(r0,r0,rsa->p)) goto err; - if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err; - if (!BN_add(r0,&r1,&m1)) goto err; + if (!BN_mul(r1,r0,rsa->q,ctx)) goto err; + if (!BN_add(r0,r1,m1)) goto err; if (rsa->e && rsa->n) { - if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err; + if (!rsa->meth->bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err; /* If 'I' was greater than (or equal to) rsa->n, the operation * will be equivalent to using 'I mod n'. However, the result of * the verify will *always* be less than 'n' so we don't check * for absolute equality, just congruency. */ - if (!BN_sub(&vrfy, &vrfy, I)) goto err; - if (!BN_mod(&vrfy, &vrfy, rsa->n, ctx)) goto err; - if (BN_get_sign(&vrfy)) - if (!BN_add(&vrfy, &vrfy, rsa->n)) goto err; - if (!BN_is_zero(&vrfy)) + if (!BN_sub(vrfy, vrfy, I)) goto err; + if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err; + if (BN_get_sign(vrfy)) + if (!BN_add(vrfy, vrfy, rsa->n)) goto err; + if (!BN_is_zero(vrfy)) /* 'I' and 'vrfy' aren't congruent mod n. Don't leak * miscalculated CRT output, just do a raw (slower) * mod_exp and return that instead. */ @@ -651,10 +659,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) } ret=1; err: - BN_clear_free(&m1); - BN_clear_free(&r1); - BN_clear_free(&vrfy); - BN_CTX_free(ctx); + BN_CTX_end(ctx); return(ret); } diff --git a/engines/e_aep.c b/engines/e_aep.c index 5083c80ef8..aa4fe75704 100644 --- a/engines/e_aep.c +++ b/engines/e_aep.c @@ -106,7 +106,7 @@ static AEP_RV aep_mod_exp_crt(BIGNUM *r,const BIGNUM *a, const BIGNUM *p, /* RSA stuff */ #ifndef OPENSSL_NO_RSA -static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); +static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ @@ -745,15 +745,11 @@ static int aep_rand_status(void) #endif #ifndef OPENSSL_NO_RSA -static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - BN_CTX *ctx = NULL; int to_return = 0; AEP_RV rv = AEP_R_OK; - if ((ctx = BN_CTX_new()) == NULL) - goto err; - if (!aep_dso) { AEPHKerr(AEPHK_F_AEP_RSA_MOD_EXP,AEPHK_R_NOT_LOADED); @@ -767,7 +763,7 @@ static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) if (rv == FAIL_TO_SW){ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - to_return = (*meth->rsa_mod_exp)(r0, I, rsa); + to_return = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); goto err; } else if (rv != AEP_R_OK) @@ -790,8 +786,6 @@ static int aep_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) to_return = 1; err: - if(ctx) - BN_CTX_free(ctx); return to_return; } #endif diff --git a/engines/e_atalla.c b/engines/e_atalla.c index 79abc70678..cc6c9695f0 100644 --- a/engines/e_atalla.c +++ b/engines/e_atalla.c @@ -86,7 +86,7 @@ static int atalla_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, #ifndef OPENSSL_NO_RSA /* RSA stuff */ -static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int atalla_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, @@ -502,9 +502,8 @@ err: } #ifndef OPENSSL_NO_RSA -static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - BN_CTX *ctx = NULL; int to_return = 0; if(!atalla_dso) @@ -512,8 +511,6 @@ static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_NOT_LOADED); goto err; } - if((ctx = BN_CTX_new()) == NULL) - goto err; if(!rsa->d || !rsa->n) { ATALLAerr(ATALLA_F_ATALLA_RSA_MOD_EXP,ATALLA_R_MISSING_KEY_COMPONENTS); @@ -521,8 +518,6 @@ static int atalla_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) } to_return = atalla_mod_exp(r0, I, rsa->d, rsa->n, ctx); err: - if(ctx) - BN_CTX_free(ctx); return to_return; } #endif diff --git a/engines/e_cswift.c b/engines/e_cswift.c index 793aaccb11..cc39cd4947 100644 --- a/engines/e_cswift.c +++ b/engines/e_cswift.c @@ -103,7 +103,7 @@ static int cswift_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, #ifndef OPENSSL_NO_RSA /* RSA stuff */ -static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int cswift_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, @@ -668,13 +668,10 @@ err: } #ifndef OPENSSL_NO_RSA -static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - BN_CTX *ctx; int to_return = 0; - if((ctx = BN_CTX_new()) == NULL) - goto err; if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { CSWIFTerr(CSWIFT_F_CSWIFT_RSA_MOD_EXP,CSWIFT_R_MISSING_KEY_COMPONENTS); @@ -683,8 +680,6 @@ static int cswift_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) to_return = cswift_mod_exp_crt(r0, I, rsa->p, rsa->q, rsa->dmp1, rsa->dmq1, rsa->iqmp, ctx); err: - if(ctx) - BN_CTX_free(ctx); return to_return; } #endif diff --git a/engines/e_ncipher.c b/engines/e_ncipher.c index e416cffedb..e075d1b459 100644 --- a/engines/e_ncipher.c +++ b/engines/e_ncipher.c @@ -102,7 +102,7 @@ static int hwcrhk_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, #ifndef OPENSSL_NO_RSA /* RSA stuff */ -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa); +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif /* This function is aliased to mod_exp (with the mont stuff dropped). */ static int hwcrhk_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, @@ -946,7 +946,7 @@ err: } #ifndef OPENSSL_NO_RSA -static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa) +static int hwcrhk_rsa_mod_exp(BIGNUM *r, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { char tempbuf[1024]; HWCryptoHook_ErrMsgBuf rmsg; diff --git a/engines/e_nuron.c b/engines/e_nuron.c index e3a9406c49..4df6f0495a 100644 --- a/engines/e_nuron.c +++ b/engines/e_nuron.c @@ -192,9 +192,9 @@ static int nuron_mod_exp(BIGNUM *r,const BIGNUM *a,const BIGNUM *p, } #ifndef OPENSSL_NO_RSA -static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int nuron_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - return nuron_mod_exp(r0,I,rsa->d,rsa->n,NULL); + return nuron_mod_exp(r0,I,rsa->d,rsa->n,ctx); } #endif diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index 094458887c..5aa29f1c53 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -89,7 +89,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dp, const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); #ifndef OPENSSL_NO_RSA -static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa); +static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); #endif static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); @@ -590,14 +590,10 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, } #ifndef OPENSSL_NO_RSA -static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) +static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) { - BN_CTX *ctx; int to_return = 0; - if((ctx = BN_CTX_new()) == NULL) - goto err; - if(!rsa->p || !rsa->q || !rsa->dmp1 || !rsa->dmq1 || !rsa->iqmp) { UBSECerr(UBSEC_F_UBSEC_RSA_MOD_EXP, UBSEC_R_MISSING_KEY_COMPONENTS); @@ -612,11 +608,9 @@ static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa) * Do in software as hardware failed. */ const RSA_METHOD *meth = RSA_PKCS1_SSLeay(); - to_return = (*meth->rsa_mod_exp)(r0, I, rsa); + to_return = (*meth->rsa_mod_exp)(r0, I, rsa, ctx); } err: - if(ctx) - BN_CTX_free(ctx); return to_return; } #endif -- 2.25.1