Add functions returning security bits.

[openssl.git] / crypto / rsa / rsa_lib.c

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 53c5092014befdd6f45b17051248b98618b14658..ba277cacd87bc1ae5896284afd1ce90c60ed7bf5 100644 (file)
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -67,7 +67,7 @@
 #include <openssl/engine.h>
 #endif
 
-const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
+const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;
 
 static const RSA_METHOD *default_RSA_meth=NULL;
 
@@ -89,12 +89,8 @@ const RSA_METHOD *RSA_get_default_method(void)
                {
 #ifdef RSA_NULL
                default_RSA_meth=RSA_null_method();
-#else
-#if 0 /* was: #ifdef RSAref */
-               default_RSA_meth=RSA_PKCS1_RSAref();
 #else
                default_RSA_meth=RSA_PKCS1_SSLeay();
-#endif
 #endif
                }
 
@@ -179,9 +175,19 @@ RSA *RSA_new_method(ENGINE *engine)
        ret->_method_mod_p=NULL;
        ret->_method_mod_q=NULL;
        ret->blinding=NULL;
+       ret->mt_blinding=NULL;
        ret->bignum_data=NULL;
-       ret->flags=ret->meth->flags;
-       CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
+       ret->flags=ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
+       if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data))
+               {
+#ifndef OPENSSL_NO_ENGINE
+       if (ret->engine)
+               ENGINE_finish(ret->engine);
+#endif
+               OPENSSL_free(ret);
+               return(NULL);
+               }
+
        if ((ret->meth->init != NULL) && !ret->meth->init(ret))
                {
 #ifndef OPENSSL_NO_ENGINE
@@ -232,6 +238,7 @@ void RSA_free(RSA *r)
        if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
        if (r->iqmp != NULL) BN_clear_free(r->iqmp);
        if (r->blinding != NULL) BN_BLINDING_free(r->blinding);
+       if (r->mt_blinding != NULL) BN_BLINDING_free(r->mt_blinding);
        if (r->bignum_data != NULL) OPENSSL_free_locked(r->bignum_data);
        OPENSSL_free(r);
        }
@@ -269,101 +276,6 @@ void *RSA_get_ex_data(const RSA *r, int idx)
        return(CRYPTO_get_ex_data(&r->ex_data,idx));
        }
 
-int RSA_size(const RSA *r)
-       {
-       return(BN_num_bytes(r->n));
-       }
-
-int RSA_public_encrypt(int flen, const unsigned char *from, unsigned char *to,
-            RSA *rsa, int padding)
-       {
-       return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
-       }
-
-int RSA_private_encrypt(int flen, const unsigned char *from, unsigned char *to,
-            RSA *rsa, int padding)
-       {
-       return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
-       }
-
-int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to,
-            RSA *rsa, int padding)
-       {
-       return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
-       }
-
-int RSA_public_decrypt(int flen, const unsigned char *from, unsigned char *to,
-            RSA *rsa, int padding)
-       {
-       return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
-       }
-
-int RSA_flags(const RSA *r)
-       {
-       return((r == NULL)?0:r->meth->flags);
-       }
-
-void RSA_blinding_off(RSA *rsa)
-       {
-       if (rsa->blinding != NULL)
-               {
-               BN_BLINDING_free(rsa->blinding);
-               rsa->blinding=NULL;
-               }
-       rsa->flags &= ~RSA_FLAG_BLINDING;
-       rsa->flags |= RSA_FLAG_NO_BLINDING;
-       }
-
-int RSA_blinding_on(RSA *rsa, BN_CTX *p_ctx)
-       {
-       BIGNUM *A,*Ai;
-       BN_CTX *ctx;
-       int ret=0;
-
-       if (p_ctx == NULL)
-               {
-               if ((ctx=BN_CTX_new()) == NULL) goto err;
-               }
-       else
-               ctx=p_ctx;
-
-       if (rsa->blinding != NULL)
-               BN_BLINDING_free(rsa->blinding);
-
-       /* NB: similar code appears in setup_blinding (rsa_eay.c);
-        * this should be placed in a new function of its own, but for reasons
-        * of binary compatibility can't */
-
-       BN_CTX_start(ctx);
-       A = BN_CTX_get(ctx);
-       if ((RAND_status() == 0) && rsa->d != NULL && rsa->d->d != NULL)
-               {
-               /* if PRNG is not properly seeded, resort to secret exponent as unpredictable seed */
-               RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0);
-               if (!BN_pseudo_rand_range(A,rsa->n)) goto err;
-               }
-       else
-               {
-               if (!BN_rand_range(A,rsa->n)) goto err;
-               }
-       if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
-
-       if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
-               goto err;
-       if ((rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n)) == NULL) goto err;
-       /* to make things thread-safe without excessive locking,
-        * rsa->blinding will be used just by the current thread: */
-       rsa->blinding->thread_id = CRYPTO_thread_id();
-       rsa->flags |= RSA_FLAG_BLINDING;
-       rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-       BN_free(Ai);
-       ret=1;
-err:
-       BN_CTX_end(ctx);
-       if (ctx != p_ctx) BN_CTX_free(ctx);
-       return(ret);
-       }
-
 int RSA_memory_lock(RSA *r)
        {
        int i,j,k,off;
@@ -385,7 +297,7 @@ int RSA_memory_lock(RSA *r)
                j+= (*t[i])->top;
        if ((p=OPENSSL_malloc_locked((off+j)*sizeof(BN_ULONG))) == NULL)
                {
-               RSAerr(RSA_F_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
+               RSAerr(RSA_F_RSA_MEMORY_LOCK,ERR_R_MALLOC_FAILURE);
                return(0);
                }
        bn=(BIGNUM *)p;
@@ -408,3 +320,8 @@ int RSA_memory_lock(RSA *r)
        r->bignum_data=p;
        return(1);
        }
+
+int RSA_security_bits(const RSA *rsa)
+       {
+       return BN_security_bits(BN_num_bits(rsa->n), -1);
+       }