rsa_eay.c 14.9 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
/* crypto/rsa/rsa_eay.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include "cryptlib.h"
61 62 63
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
64
#include <openssl/engine.h>
65

66 67
#ifndef RSA_NULL

R
Richard Levitte 已提交
68
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
69
		unsigned char *to, RSA *rsa,int padding);
R
Richard Levitte 已提交
70
static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
71
		unsigned char *to, RSA *rsa,int padding);
R
Richard Levitte 已提交
72
static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
73
		unsigned char *to, RSA *rsa,int padding);
R
Richard Levitte 已提交
74
static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
75
		unsigned char *to, RSA *rsa,int padding);
R
Richard Levitte 已提交
76
static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *i, RSA *rsa);
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
static int RSA_eay_init(RSA *rsa);
static int RSA_eay_finish(RSA *rsa);
static RSA_METHOD rsa_pkcs1_eay_meth={
	"Eric Young's PKCS#1 RSA",
	RSA_eay_public_encrypt,
	RSA_eay_public_decrypt,
	RSA_eay_private_encrypt,
	RSA_eay_private_decrypt,
	RSA_eay_mod_exp,
	BN_mod_exp_mont,
	RSA_eay_init,
	RSA_eay_finish,
	0,
	NULL,
	};

93
const RSA_METHOD *RSA_PKCS1_SSLeay(void)
94 95 96 97
	{
	return(&rsa_pkcs1_eay_meth);
	}

R
Richard Levitte 已提交
98
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
U
Ulf Möller 已提交
99
	     unsigned char *to, RSA *rsa, int padding)
100
	{
101
	const RSA_METHOD *meth;
102
	BIGNUM f,ret;
103 104 105 106
	int i,j,k,num=0,r= -1;
	unsigned char *buf=NULL;
	BN_CTX *ctx=NULL;

107
	meth = ENGINE_get_RSA(rsa->engine);
108 109
	BN_init(&f);
	BN_init(&ret);
110 111
	if ((ctx=BN_CTX_new()) == NULL) goto err;
	num=BN_num_bytes(rsa->n);
112
	if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
113 114 115 116 117 118 119 120 121 122
		{
		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
		goto err;
		}

	switch (padding)
		{
	case RSA_PKCS1_PADDING:
		i=RSA_padding_add_PKCS1_type_2(buf,num,from,flen);
		break;
123
#ifndef NO_SHA
B
Ben Laurie 已提交
124 125 126
	case RSA_PKCS1_OAEP_PADDING:
	        i=RSA_padding_add_PKCS1_OAEP(buf,num,from,flen,NULL,0);
		break;
127
#endif
128 129 130 131 132 133 134 135 136 137 138 139
	case RSA_SSLV23_PADDING:
		i=RSA_padding_add_SSLv23(buf,num,from,flen);
		break;
	case RSA_NO_PADDING:
		i=RSA_padding_add_none(buf,num,from,flen);
		break;
	default:
		RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
		goto err;
		}
	if (i <= 0) goto err;

140
	if (BN_bin2bn(buf,num,&f) == NULL) goto err;
141
	
142
	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
143
		{
144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161
		CRYPTO_w_lock(CRYPTO_LOCK_RSA);
		if (rsa->_method_mod_n == NULL)
			{
			BN_MONT_CTX* bn_mont_ctx;
			if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
				{
				CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
				goto err;
				}
			if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
				{
				BN_MONT_CTX_free(bn_mont_ctx);
				CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
				goto err;
				}
			rsa->_method_mod_n = bn_mont_ctx;
			}
		CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
162 163
		}

164
	if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
165
		rsa->_method_mod_n)) goto err;
166 167 168

	/* put in leading 0 bytes if the number is less than the
	 * length of the modulus */
169 170
	j=BN_num_bytes(&ret);
	i=BN_bn2bin(&ret,&(to[num-j]));
171 172 173 174 175 176
	for (k=0; k<(num-i); k++)
		to[k]=0;

	r=num;
err:
	if (ctx != NULL) BN_CTX_free(ctx);
177 178
	BN_clear_free(&f);
	BN_clear_free(&ret);
179 180 181
	if (buf != NULL) 
		{
		memset(buf,0,num);
182
		OPENSSL_free(buf);
183 184 185 186
		}
	return(r);
	}

R
Richard Levitte 已提交
187
static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
U
Ulf Möller 已提交
188
	     unsigned char *to, RSA *rsa, int padding)
189
	{
190
	const RSA_METHOD *meth;
191
	BIGNUM f,ret;
192 193 194 195
	int i,j,k,num=0,r= -1;
	unsigned char *buf=NULL;
	BN_CTX *ctx=NULL;

196
	meth = ENGINE_get_RSA(rsa->engine);
197 198 199
	BN_init(&f);
	BN_init(&ret);

200 201
	if ((ctx=BN_CTX_new()) == NULL) goto err;
	num=BN_num_bytes(rsa->n);
202
	if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222
		{
		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
		goto err;
		}

	switch (padding)
		{
	case RSA_PKCS1_PADDING:
		i=RSA_padding_add_PKCS1_type_1(buf,num,from,flen);
		break;
	case RSA_NO_PADDING:
		i=RSA_padding_add_none(buf,num,from,flen);
		break;
	case RSA_SSLV23_PADDING:
	default:
		RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
		goto err;
		}
	if (i <= 0) goto err;

223
	if (BN_bin2bn(buf,num,&f) == NULL) goto err;
224 225 226 227

	if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
		RSA_blinding_on(rsa,ctx);
	if (rsa->flags & RSA_FLAG_BLINDING)
228
		if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
229

230 231
	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
		((rsa->p != NULL) &&
232 233 234
		(rsa->q != NULL) &&
		(rsa->dmp1 != NULL) &&
		(rsa->dmq1 != NULL) &&
235
		(rsa->iqmp != NULL)) )
236
		{ if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
237 238
	else
		{
239
		if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL)) goto err;
240 241 242
		}

	if (rsa->flags & RSA_FLAG_BLINDING)
243
		if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
244 245 246

	/* put in leading 0 bytes if the number is less than the
	 * length of the modulus */
247 248
	j=BN_num_bytes(&ret);
	i=BN_bn2bin(&ret,&(to[num-j]));
249 250 251 252 253 254
	for (k=0; k<(num-i); k++)
		to[k]=0;

	r=num;
err:
	if (ctx != NULL) BN_CTX_free(ctx);
255 256
	BN_clear_free(&ret);
	BN_clear_free(&f);
257 258 259
	if (buf != NULL)
		{
		memset(buf,0,num);
260
		OPENSSL_free(buf);
261 262 263 264
		}
	return(r);
	}

R
Richard Levitte 已提交
265
static int RSA_eay_private_decrypt(int flen, const unsigned char *from,
U
Ulf Möller 已提交
266
	     unsigned char *to, RSA *rsa, int padding)
267
	{
268
	const RSA_METHOD *meth;
269
	BIGNUM f,ret;
270 271 272 273 274
	int j,num=0,r= -1;
	unsigned char *p;
	unsigned char *buf=NULL;
	BN_CTX *ctx=NULL;

275
	meth = ENGINE_get_RSA(rsa->engine);
276 277
	BN_init(&f);
	BN_init(&ret);
278 279 280 281 282
	ctx=BN_CTX_new();
	if (ctx == NULL) goto err;

	num=BN_num_bytes(rsa->n);

283
	if ((buf=(unsigned char *)OPENSSL_malloc(num)) == NULL)
284 285 286 287 288
		{
		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
		goto err;
		}

U
Ulf Möller 已提交
289
	/* This check was for equality but PGP does evil things
290 291 292 293 294 295 296 297
	 * and chops off the top '0' bytes */
	if (flen > num)
		{
		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
		goto err;
		}

	/* make data into a big number */
298
	if (BN_bin2bn(from,(int)flen,&f) == NULL) goto err;
299 300 301 302

	if ((rsa->flags & RSA_FLAG_BLINDING) && (rsa->blinding == NULL))
		RSA_blinding_on(rsa,ctx);
	if (rsa->flags & RSA_FLAG_BLINDING)
303
		if (!BN_BLINDING_convert(&f,rsa->blinding,ctx)) goto err;
304 305

	/* do the decrypt */
306 307
	if ( (rsa->flags & RSA_FLAG_EXT_PKEY) ||
		((rsa->p != NULL) &&
308 309 310
		(rsa->q != NULL) &&
		(rsa->dmp1 != NULL) &&
		(rsa->dmq1 != NULL) &&
311
		(rsa->iqmp != NULL)) )
312
		{ if (!meth->rsa_mod_exp(&ret,&f,rsa)) goto err; }
313 314
	else
		{
315
		if (!meth->bn_mod_exp(&ret,&f,rsa->d,rsa->n,ctx,NULL))
316 317 318 319
			goto err;
		}

	if (rsa->flags & RSA_FLAG_BLINDING)
320
		if (!BN_BLINDING_invert(&ret,rsa->blinding,ctx)) goto err;
321 322

	p=buf;
323
	j=BN_bn2bin(&ret,p); /* j is only used with no-padding mode */
324 325 326 327

	switch (padding)
		{
	case RSA_PKCS1_PADDING:
328
		r=RSA_padding_check_PKCS1_type_2(to,num,buf,j,num);
329
		break;
330
#ifndef NO_SHA
B
Ben Laurie 已提交
331 332 333
        case RSA_PKCS1_OAEP_PADDING:
	        r=RSA_padding_check_PKCS1_OAEP(to,num,buf,j,num,NULL,0);
                break;
334
#endif
B
Ben Laurie 已提交
335
 	case RSA_SSLV23_PADDING:
336
		r=RSA_padding_check_SSLv23(to,num,buf,j,num);
337 338
		break;
	case RSA_NO_PADDING:
339
		r=RSA_padding_check_none(to,num,buf,j,num);
340 341 342 343 344 345 346 347 348 349
		break;
	default:
		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
		goto err;
		}
	if (r < 0)
		RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_PADDING_CHECK_FAILED);

err:
	if (ctx != NULL) BN_CTX_free(ctx);
350 351
	BN_clear_free(&f);
	BN_clear_free(&ret);
352 353 354
	if (buf != NULL)
		{
		memset(buf,0,num);
355
		OPENSSL_free(buf);
356 357 358 359
		}
	return(r);
	}

R
Richard Levitte 已提交
360
static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
U
Ulf Möller 已提交
361
	     unsigned char *to, RSA *rsa, int padding)
362
	{
363
	const RSA_METHOD *meth;
364
	BIGNUM f,ret;
365 366 367 368 369
	int i,num=0,r= -1;
	unsigned char *p;
	unsigned char *buf=NULL;
	BN_CTX *ctx=NULL;

370
	meth = ENGINE_get_RSA(rsa->engine);
371 372
	BN_init(&f);
	BN_init(&ret);
373 374 375 376
	ctx=BN_CTX_new();
	if (ctx == NULL) goto err;

	num=BN_num_bytes(rsa->n);
377
	buf=(unsigned char *)OPENSSL_malloc(num);
378 379 380 381 382 383
	if (buf == NULL)
		{
		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
		goto err;
		}

U
Ulf Möller 已提交
384
	/* This check was for equality but PGP does evil things
385 386 387 388 389 390 391
	 * and chops off the top '0' bytes */
	if (flen > num)
		{
		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
		goto err;
		}

392
	if (BN_bin2bn(from,flen,&f) == NULL) goto err;
393
	/* do the decrypt */
394
	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
395
		{
396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413
		CRYPTO_w_lock(CRYPTO_LOCK_RSA);
		if (rsa->_method_mod_n == NULL)
			{
			BN_MONT_CTX* bn_mont_ctx;
			if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
				{
				CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
				goto err;
				}
			if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
				{
				BN_MONT_CTX_free(bn_mont_ctx);
				CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
				goto err;
				}
			rsa->_method_mod_n = bn_mont_ctx;
			}
		CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
414 415
		}

416
	if (!meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
417
		rsa->_method_mod_n)) goto err;
418 419

	p=buf;
420
	i=BN_bn2bin(&ret,p);
421 422 423 424

	switch (padding)
		{
	case RSA_PKCS1_PADDING:
425
		r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
426 427
		break;
	case RSA_NO_PADDING:
428
		r=RSA_padding_check_none(to,num,buf,i,num);
429 430 431 432 433 434 435 436 437 438
		break;
	default:
		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
		goto err;
		}
	if (r < 0)
		RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_PADDING_CHECK_FAILED);

err:
	if (ctx != NULL) BN_CTX_free(ctx);
439 440
	BN_clear_free(&f);
	BN_clear_free(&ret);
441 442 443
	if (buf != NULL)
		{
		memset(buf,0,num);
444
		OPENSSL_free(buf);
445 446 447 448
		}
	return(r);
	}

R
Richard Levitte 已提交
449
static int RSA_eay_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa)
450
	{
451
	const RSA_METHOD *meth;
452
	BIGNUM r1,m1;
453 454 455
	int ret=0;
	BN_CTX *ctx;

456
	meth = ENGINE_get_RSA(rsa->engine);
457
	if ((ctx=BN_CTX_new()) == NULL) goto err;
458 459
	BN_init(&m1);
	BN_init(&r1);
460 461 462

	if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
		{
463
		if (rsa->_method_mod_p == NULL)
464
			{
465 466 467 468 469 470 471 472 473 474 475 476 477
			CRYPTO_w_lock(CRYPTO_LOCK_RSA);
			if (rsa->_method_mod_p == NULL)
				{
				BN_MONT_CTX* bn_mont_ctx;
				if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
					{
					CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
					goto err;
					}
				if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->p,ctx))
					{
					BN_MONT_CTX_free(bn_mont_ctx);
					CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
478
					goto err;
479 480 481 482
					}
				rsa->_method_mod_p = bn_mont_ctx;
				}
				CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
483
			}
484
		if (rsa->_method_mod_q == NULL)
485
			{
486 487 488 489 490 491 492 493 494 495 496 497 498
			CRYPTO_w_lock(CRYPTO_LOCK_RSA);
			if (rsa->_method_mod_q == NULL)
				{
				BN_MONT_CTX* bn_mont_ctx;
				if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
					{
					CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
					goto err;
					}
				if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->q,ctx))
					{
					BN_MONT_CTX_free(bn_mont_ctx);
					CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
499
					goto err;
500 501 502 503
					}
				rsa->_method_mod_q = bn_mont_ctx;
				}
			CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
504 505 506
			}
		}

507
	if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
508
	if (!meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
509
		rsa->_method_mod_q)) goto err;
510

511
	if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
512
	if (!meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
513
		rsa->_method_mod_p)) goto err;
514

515 516 517 518 519
	if (!BN_sub(r0,r0,&m1)) goto err;
	/* This will help stop the size of r0 increasing, which does
	 * affect the multiply if it optimised for a power of 2 size */
	if (r0->neg)
		if (!BN_add(r0,r0,rsa->p)) goto err;
520

521 522
	if (!BN_mul(&r1,r0,rsa->iqmp,ctx)) goto err;
	if (!BN_mod(r0,&r1,rsa->p,ctx)) goto err;
523 524 525 526 527 528 529 530 531
	/* If p < q it is occasionally possible for the correction of
         * adding 'p' if r0 is negative above to leave the result still
	 * negative. This can break the private key operations: the following
	 * second correction should *always* correct this rare occurrence.
	 * This will *never* happen with OpenSSL generated keys because
         * they ensure p > q [steve]
         */
	if (r0->neg)
		if (!BN_add(r0,r0,rsa->p)) goto err;
532 533
	if (!BN_mul(&r1,r0,rsa->q,ctx)) goto err;
	if (!BN_add(r0,&r1,&m1)) goto err;
534 535 536

	ret=1;
err:
537 538
	BN_clear_free(&m1);
	BN_clear_free(&r1);
B
Ben Laurie 已提交
539
	BN_CTX_free(ctx);
540 541 542
	return(ret);
	}

U
Ulf Möller 已提交
543
static int RSA_eay_init(RSA *rsa)
544 545 546 547 548
	{
	rsa->flags|=RSA_FLAG_CACHE_PUBLIC|RSA_FLAG_CACHE_PRIVATE;
	return(1);
	}

U
Ulf Möller 已提交
549
static int RSA_eay_finish(RSA *rsa)
550
	{
551 552 553 554 555 556
	if (rsa->_method_mod_n != NULL)
		BN_MONT_CTX_free(rsa->_method_mod_n);
	if (rsa->_method_mod_p != NULL)
		BN_MONT_CTX_free(rsa->_method_mod_p);
	if (rsa->_method_mod_q != NULL)
		BN_MONT_CTX_free(rsa->_method_mod_q);
557 558 559
	return(1);
	}

560
#endif