/*
* Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
#include <openssl/crypto.h>
#include "internal/cryptlib.h"
#include "internal/refcount.h"
-#include "internal/bn_int.h"
+#include "crypto/bn.h"
#include <openssl/engine.h>
#include <openssl/evp.h>
-#include "internal/evp_int.h"
-#include "rsa_locl.h"
+#include "crypto/evp.h"
+#include "rsa_local.h"
RSA *RSA_new(void)
{
static const unsigned int c4_690 = 0x12c28f; /* scale * 4.690 */
/*
- * Multiply two scale integers together and rescale the result.
+ * Multiply two scaled integers together and rescale the result.
*/
static ossl_inline uint64_t mul2(uint64_t a, uint64_t b)
{
* \cdot(log_e(nBits \cdot log_e(2))^{2/3} - 4.69}{log_e(2)}
* The two cube roots are merged together here.
*/
-static uint16_t rsa_compute_security_bits(int n)
+uint16_t rsa_compute_security_bits(int n)
{
uint64_t x;
uint32_t lx;
if (d != NULL) {
BN_clear_free(r->d);
r->d = d;
+ BN_set_flags(r->d, BN_FLG_CONSTTIME);
}
return 1;
if (p != NULL) {
BN_clear_free(r->p);
r->p = p;
+ BN_set_flags(r->p, BN_FLG_CONSTTIME);
}
if (q != NULL) {
BN_clear_free(r->q);
r->q = q;
+ BN_set_flags(r->q, BN_FLG_CONSTTIME);
}
return 1;
if (dmp1 != NULL) {
BN_clear_free(r->dmp1);
r->dmp1 = dmp1;
+ BN_set_flags(r->dmp1, BN_FLG_CONSTTIME);
}
if (dmq1 != NULL) {
BN_clear_free(r->dmq1);
r->dmq1 = dmq1;
+ BN_set_flags(r->dmq1, BN_FLG_CONSTTIME);
}
if (iqmp != NULL) {
BN_clear_free(r->iqmp);
r->iqmp = iqmp;
+ BN_set_flags(r->iqmp, BN_FLG_CONSTTIME);
}
return 1;
if (pinfo == NULL)
goto err;
if (primes[i] != NULL && exps[i] != NULL && coeffs[i] != NULL) {
- BN_free(pinfo->r);
- BN_free(pinfo->d);
- BN_free(pinfo->t);
+ BN_clear_free(pinfo->r);
+ BN_clear_free(pinfo->d);
+ BN_clear_free(pinfo->t);
pinfo->r = primes[i];
pinfo->d = exps[i];
pinfo->t = coeffs[i];
+ BN_set_flags(pinfo->r, BN_FLG_CONSTTIME);
+ BN_set_flags(pinfo->d, BN_FLG_CONSTTIME);
+ BN_set_flags(pinfo->t, BN_FLG_CONSTTIME);
} else {
rsa_multip_info_free(pinfo);
goto err;