generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Internal version of BN_mod_inverse allowing checking of no-inverse without

Browse Source 
need to inspect error queue.
This commit is contained in:
Dr. Stephen Henson 2011-01-26 16:59:47 +00:00
parent 6f1a3a310c
commit 879bd6e38c
3 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
crypto/bn/bn_blind.c
View File

@ -331,12 +331,12 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
ret->m_ctx = m_ctx; ret->m_ctx = m_ctx;
do { do {
int rv;
if (!BN_rand_range(ret->A, ret->mod)) goto err; if (!BN_rand_range(ret->A, ret->mod)) goto err;
if (BN_mod_inverse(ret->Ai, ret->A, ret->mod, ctx) == NULL) if (!int_bn_mod_inverse(ret->Ai, ret->A, ret->mod, ctx, &rv))
{ {
/* this should almost never happen for good RSA keys */ /* this should almost never happen for good RSA keys */
unsigned long error = ERR_peek_last_error(); if (rv)
if (ERR_GET_REASON(error) == BN_R_NO_INVERSE)
{ {
if (retry_counter-- == 0) if (retry_counter-- == 0)
{ {
@ -344,7 +344,6 @@ BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,
BN_R_TOO_MANY_ITERATIONS); BN_R_TOO_MANY_ITERATIONS);
goto err; goto err;
} }
ERR_clear_error();
} }
else else
goto err; goto err;

18
crypto/bn/bn_gcd.c
View File

@ -205,13 +205,28 @@ err:
/* solves ax == 1 (mod n) */ /* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{ {
BIGNUM *rv;
int noinv;
rv = int_bn_mod_inverse(in, a, n, ctx, &noinv);
if (noinv)
BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
return rv;
}
BIGNUM *int_bn_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx, int *pnoinv)
{
BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL; BIGNUM *A,*B,*X,*Y,*M,*D,*T,*R=NULL;
BIGNUM *ret=NULL; BIGNUM *ret=NULL;
int sign; int sign;
if (pnoinv)
*pnoinv = 0;
if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0)) if ((BN_get_flags(a, BN_FLG_CONSTTIME) != 0) || (BN_get_flags(n, BN_FLG_CONSTTIME) != 0))
{ {
return BN_mod_inverse_no_branch(in, a, n, ctx); return BN_mod_inverse_no_branch(in, a, n, ctx);
@ -488,7 +503,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *in,
} }
else else
{ {
BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE); if (pnoinv)
*pnoinv = 1;
goto err; goto err;
} }
ret=R; ret=R;

3
crypto/bn/bn_lcl.h
View File

@ -497,6 +497,9 @@ BN_ULONG bn_sub_part_words(BN_ULONG *r, const BN_ULONG *a, const BN_ULONG *b,
int cl, int dl); int cl, int dl);
int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num); int bn_mul_mont(BN_ULONG *rp, const BN_ULONG *ap, const BN_ULONG *bp, const BN_ULONG *np,const BN_ULONG *n0, int num);
BIGNUM *int_bn_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx, int *noinv);
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif