121 		unsigned char *to, RSA *rsa,int padding);
123 		unsigned char *to, RSA *rsa,int padding);
125 		unsigned char *to, RSA *rsa,int padding);
127 		unsigned char *to, RSA *rsa,int padding);
128 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa, BN_CTX *ctx);
129 static int RSA_eay_init(RSA *rsa);
130 static int RSA_eay_finish(RSA *rsa);
154 	     unsigned char *to, RSA *rsa, int padding)  in RSA_eay_public_encrypt()  argument
161 	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)  in RSA_eay_public_encrypt()
167 	if (BN_ucmp(rsa->n, rsa->e) <= 0)  in RSA_eay_public_encrypt()
174 	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)  in RSA_eay_public_encrypt()
176 		if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)  in RSA_eay_public_encrypt()
187 	num=BN_num_bytes(rsa->n);  in RSA_eay_public_encrypt()
219 	if (BN_ucmp(f, rsa->n) >= 0)  in RSA_eay_public_encrypt()
226 	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)  in RSA_eay_public_encrypt()
227 		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))  in RSA_eay_public_encrypt()
230 	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,  in RSA_eay_public_encrypt()
231 		rsa->_method_mod_n)) goto err;  in RSA_eay_public_encrypt()
255 static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)  in rsa_get_blinding()  argument
263 	if (rsa->blinding == NULL)  in rsa_get_blinding()
269 		if (rsa->blinding == NULL)  in rsa_get_blinding()
270 			rsa->blinding = RSA_setup_blinding(rsa, ctx);  in rsa_get_blinding()
273 	ret = rsa->blinding;  in rsa_get_blinding()
294 		if (rsa->mt_blinding == NULL)  in rsa_get_blinding()
303 			if (rsa->mt_blinding == NULL)  in rsa_get_blinding()
304 				rsa->mt_blinding = RSA_setup_blinding(rsa, ctx);  in rsa_get_blinding()
306 		ret = rsa->mt_blinding;  in rsa_get_blinding()
351 	     unsigned char *to, RSA *rsa, int padding)  in RSA_eay_private_encrypt()  argument
368 	num = BN_num_bytes(rsa->n);  in RSA_eay_private_encrypt()
396 	if (BN_ucmp(f, rsa->n) >= 0)  in RSA_eay_private_encrypt()
403 	if (!(rsa->flags & RSA_FLAG_NO_BLINDING))  in RSA_eay_private_encrypt()
405 		blinding = rsa_get_blinding(rsa, &local_blinding, ctx);  in RSA_eay_private_encrypt()
424 	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||  in RSA_eay_private_encrypt()
425 		((rsa->p != NULL) &&  in RSA_eay_private_encrypt()
426 		(rsa->q != NULL) &&  in RSA_eay_private_encrypt()
427 		(rsa->dmp1 != NULL) &&  in RSA_eay_private_encrypt()
428 		(rsa->dmq1 != NULL) &&  in RSA_eay_private_encrypt()
429 		(rsa->iqmp != NULL)) )  in RSA_eay_private_encrypt()
431 		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err;  in RSA_eay_private_encrypt()
438 		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_private_encrypt()
442 			BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);  in RSA_eay_private_encrypt()
445 			d= rsa->d;  in RSA_eay_private_encrypt()
447 		if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)  in RSA_eay_private_encrypt()
448 			if(!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))  in RSA_eay_private_encrypt()
451 		if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,  in RSA_eay_private_encrypt()
452 				rsa->_method_mod_n)) goto err;  in RSA_eay_private_encrypt()
461 		BN_sub(f, rsa->n, ret);  in RSA_eay_private_encrypt()
493 	     unsigned char *to, RSA *rsa, int padding)  in RSA_eay_private_decrypt()  argument
511 	num = BN_num_bytes(rsa->n);  in RSA_eay_private_decrypt()
530 	if (BN_ucmp(f, rsa->n) >= 0)  in RSA_eay_private_decrypt()
536 	if (!(rsa->flags & RSA_FLAG_NO_BLINDING))  in RSA_eay_private_decrypt()
538 		blinding = rsa_get_blinding(rsa, &local_blinding, ctx);  in RSA_eay_private_decrypt()
558 	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||  in RSA_eay_private_decrypt()
559 		((rsa->p != NULL) &&  in RSA_eay_private_decrypt()
560 		(rsa->q != NULL) &&  in RSA_eay_private_decrypt()
561 		(rsa->dmp1 != NULL) &&  in RSA_eay_private_decrypt()
562 		(rsa->dmq1 != NULL) &&  in RSA_eay_private_decrypt()
563 		(rsa->iqmp != NULL)) )  in RSA_eay_private_decrypt()
565 		if (!rsa->meth->rsa_mod_exp(ret, f, rsa, ctx)) goto err;  in RSA_eay_private_decrypt()
572 		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_private_decrypt()
575 			BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);  in RSA_eay_private_decrypt()
578 			d = rsa->d;  in RSA_eay_private_decrypt()
580 		if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)  in RSA_eay_private_decrypt()
581 			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))  in RSA_eay_private_decrypt()
583 		if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,  in RSA_eay_private_decrypt()
584 				rsa->_method_mod_n))  in RSA_eay_private_decrypt()
634 	     unsigned char *to, RSA *rsa, int padding)  in RSA_eay_public_decrypt()  argument
642 	if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)  in RSA_eay_public_decrypt()
648 	if (BN_ucmp(rsa->n, rsa->e) <= 0)  in RSA_eay_public_decrypt()
655 	if (BN_num_bits(rsa->n) > OPENSSL_RSA_SMALL_MODULUS_BITS)  in RSA_eay_public_decrypt()
657 		if (BN_num_bits(rsa->e) > OPENSSL_RSA_MAX_PUBEXP_BITS)  in RSA_eay_public_decrypt()
668 	num=BN_num_bytes(rsa->n);  in RSA_eay_public_decrypt()
686 	if (BN_ucmp(f, rsa->n) >= 0)  in RSA_eay_public_decrypt()
692 	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)  in RSA_eay_public_decrypt()
693 		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))  in RSA_eay_public_decrypt()
696 	if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,  in RSA_eay_public_decrypt()
697 		rsa->_method_mod_n)) goto err;  in RSA_eay_public_decrypt()
700 		if (!BN_sub(ret, rsa->n, ret)) goto err;  in RSA_eay_public_decrypt()
737 static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx)  in RSA_eay_mod_exp()  argument
756 		if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
760 			BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);  in RSA_eay_mod_exp()
764 			BN_with_flags(q, rsa->q, BN_FLG_CONSTTIME);  in RSA_eay_mod_exp()
768 			p = rsa->p;  in RSA_eay_mod_exp()
769 			q = rsa->q;  in RSA_eay_mod_exp()
772 		if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)  in RSA_eay_mod_exp()
774 			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_p, CRYPTO_LOCK_RSA, p, ctx))  in RSA_eay_mod_exp()
776 			if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_q, CRYPTO_LOCK_RSA, q, ctx))  in RSA_eay_mod_exp()
781 	if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)  in RSA_eay_mod_exp()
782 		if (!BN_MONT_CTX_set_locked(&rsa->_method_mod_n, CRYPTO_LOCK_RSA, rsa->n, ctx))  in RSA_eay_mod_exp()
786 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
790 		if (!BN_mod(r1,c,rsa->q,ctx)) goto err;  in RSA_eay_mod_exp()
794 		if (!BN_mod(r1,I,rsa->q,ctx)) goto err;  in RSA_eay_mod_exp()
798 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
801 		BN_with_flags(dmq1, rsa->dmq1, BN_FLG_CONSTTIME);  in RSA_eay_mod_exp()
804 		dmq1 = rsa->dmq1;  in RSA_eay_mod_exp()
805 	if (!rsa->meth->bn_mod_exp(m1,r1,dmq1,rsa->q,ctx,  in RSA_eay_mod_exp()
806 		rsa->_method_mod_q)) goto err;  in RSA_eay_mod_exp()
809 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
813 		if (!BN_mod(r1,c,rsa->p,ctx)) goto err;  in RSA_eay_mod_exp()
817 		if (!BN_mod(r1,I,rsa->p,ctx)) goto err;  in RSA_eay_mod_exp()
821 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
824 		BN_with_flags(dmp1, rsa->dmp1, BN_FLG_CONSTTIME);  in RSA_eay_mod_exp()
827 		dmp1 = rsa->dmp1;  in RSA_eay_mod_exp()
828 	if (!rsa->meth->bn_mod_exp(r0,r1,dmp1,rsa->p,ctx,  in RSA_eay_mod_exp()
829 		rsa->_method_mod_p)) goto err;  in RSA_eay_mod_exp()
835 		if (!BN_add(r0,r0,rsa->p)) goto err;  in RSA_eay_mod_exp()
837 	if (!BN_mul(r1,r0,rsa->iqmp,ctx)) goto err;  in RSA_eay_mod_exp()
840 	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
847 	if (!BN_mod(r0,pr1,rsa->p,ctx)) goto err;  in RSA_eay_mod_exp()
857 		if (!BN_add(r0,r0,rsa->p)) goto err;  in RSA_eay_mod_exp()
858 	if (!BN_mul(r1,r0,rsa->q,ctx)) goto err;  in RSA_eay_mod_exp()
861 	if (rsa->e && rsa->n)  in RSA_eay_mod_exp()
863 		if (!rsa->meth->bn_mod_exp(vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err;  in RSA_eay_mod_exp()
869 		if (!BN_mod(vrfy, vrfy, rsa->n, ctx)) goto err;  in RSA_eay_mod_exp()
871 			if (!BN_add(vrfy, vrfy, rsa->n)) goto err;  in RSA_eay_mod_exp()
881 			if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))  in RSA_eay_mod_exp()
884 				BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);  in RSA_eay_mod_exp()
887 				d = rsa->d;  in RSA_eay_mod_exp()
888 			if (!rsa->meth->bn_mod_exp(r0,I,d,rsa->n,ctx,  in RSA_eay_mod_exp()
889 						   rsa->_method_mod_n)) goto err;  in RSA_eay_mod_exp()
898 static int RSA_eay_init(RSA *rsa)  in RSA_eay_init()  argument
900 	rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;  in RSA_eay_init()
904 static int RSA_eay_finish(RSA *rsa)  in RSA_eay_finish()  argument
906 	if (rsa->_method_mod_n != NULL)  in RSA_eay_finish()
907 		BN_MONT_CTX_free(rsa->_method_mod_n);  in RSA_eay_finish()
908 	if (rsa->_method_mod_p != NULL)  in RSA_eay_finish()
909 		BN_MONT_CTX_free(rsa->_method_mod_p);  in RSA_eay_finish()
910 	if (rsa->_method_mod_q != NULL)  in RSA_eay_finish()
911 		BN_MONT_CTX_free(rsa->_method_mod_q);  in RSA_eay_finish()