From 9862e9aa98ee1e38fbcef8d1dd5db0e750eb5e8d Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Sat, 2 Apr 2016 15:12:58 +0200 Subject: [PATCH] Make the RSA structure opaque Move rsa_st away from public headers. Add accessor/writer functions for the public RSA data. Adapt all other source to use the accessors and writers. Reviewed-by: Matt Caswell --- apps/genrsa.c | 12 +++--- apps/req.c | 8 ++-- apps/rsa.c | 4 +- apps/x509.c | 8 ++-- crypto/pem/pvkfmt.c | 83 ++++++++++++++++++++++-------------- crypto/rsa/rsa_ameth.c | 2 +- crypto/rsa/rsa_asn1.c | 2 +- crypto/rsa/rsa_chk.c | 2 +- crypto/rsa/rsa_crpt.c | 2 +- crypto/rsa/rsa_gen.c | 2 +- crypto/rsa/rsa_lib.c | 95 +++++++++++++++++++++++++++++++++++++++++- crypto/rsa/rsa_locl.h | 48 +++++++++++++++++++++ crypto/rsa/rsa_oaep.c | 2 +- crypto/rsa/rsa_ossl.c | 2 +- crypto/rsa/rsa_x931g.c | 2 +- include/openssl/rsa.h | 49 ++++++---------------- test/rsa_test.c | 25 ++++++----- 17 files changed, 248 insertions(+), 100 deletions(-) diff --git a/apps/genrsa.c b/apps/genrsa.c index 0b0123fa1d..8b6dd03d08 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -104,9 +104,10 @@ int genrsa_main(int argc, char **argv) { BN_GENCB *cb = BN_GENCB_new(); PW_CB_DATA cb_data; - ENGINE *e = NULL; + ENGINE *eng = NULL; BIGNUM *bn = BN_new(); BIO *out = NULL; + BIGNUM *e; RSA *rsa = NULL; const EVP_CIPHER *enc = NULL; int ret = 1, num = DEFBITS, private = 0; @@ -141,7 +142,7 @@ int genrsa_main(int argc, char **argv) outfile = opt_arg(); break; case OPT_ENGINE: - e = setup_engine(opt_arg(), 0); + eng = setup_engine(opt_arg(), 0); break; case OPT_RAND: inrand = opt_arg(); @@ -182,7 +183,7 @@ int genrsa_main(int argc, char **argv) BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n", num); - rsa = e ? RSA_new_method(e) : RSA_new(); + rsa = eng ? RSA_new_method(eng) : RSA_new(); if (rsa == NULL) goto end; @@ -191,8 +192,9 @@ int genrsa_main(int argc, char **argv) app_RAND_write_file(NULL); - hexe = BN_bn2hex(rsa->e); - dece = BN_bn2dec(rsa->e); + RSA_get0_key(rsa, NULL, &e, NULL); + hexe = BN_bn2hex(e); + dece = BN_bn2dec(e); if (hexe && dece) { BIO_printf(bio_err, "e is %s (0x%s)\n", dece, hexe); } diff --git a/apps/req.c b/apps/req.c index b6a545fa38..e3869bab19 100644 --- a/apps/req.c +++ b/apps/req.c @@ -811,9 +811,11 @@ int req_main(int argc, char **argv) } fprintf(stdout, "Modulus="); #ifndef OPENSSL_NO_RSA - if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) - BN_print(out, EVP_PKEY_get0_RSA(tpubkey)->n); - else + if (EVP_PKEY_base_id(tpubkey) == EVP_PKEY_RSA) { + BIGNUM *n; + RSA_get0_key(EVP_PKEY_get0_RSA(tpubkey), &n, NULL, NULL); + BN_print(out, n); + } else #endif fprintf(stdout, "Wrong Algorithm type"); EVP_PKEY_free(tpubkey); diff --git a/apps/rsa.c b/apps/rsa.c index 38cedf7b77..980d9ef911 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -310,8 +310,10 @@ int rsa_main(int argc, char **argv) } if (modulus) { + BIGNUM *n; + RSA_get0_key(rsa, &n, NULL, NULL); BIO_printf(out, "Modulus="); - BN_print(out, rsa->n); + BN_print(out, n); BIO_printf(out, "\n"); } diff --git a/apps/x509.c b/apps/x509.c index bc5623365a..6ee26115ee 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -727,9 +727,11 @@ int x509_main(int argc, char **argv) } BIO_printf(out, "Modulus="); #ifndef OPENSSL_NO_RSA - if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) - BN_print(out, EVP_PKEY_get0_RSA(pkey)->n); - else + if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) { + BIGNUM *n; + RSA_get0_key(EVP_PKEY_get0_RSA(pkey), &n, NULL, NULL); + BN_print(out, n); + } else #endif #ifndef OPENSSL_NO_DSA if (EVP_PKEY_id(pkey) == EVP_PKEY_DSA) { diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index e378b57e25..634cc5924d 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -353,8 +353,9 @@ static EVP_PKEY *b2i_dss(const unsigned char **in, static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int bitlen, int ispub) { - const unsigned char *p = *in; + const unsigned char *pin = *in; EVP_PKEY *ret = NULL; + BIGNUM *e = NULL, *n = NULL, *d = NULL; RSA *rsa = NULL; unsigned int nbyte, hnbyte; nbyte = (bitlen + 7) >> 3; @@ -363,31 +364,35 @@ static EVP_PKEY *b2i_rsa(const unsigned char **in, ret = EVP_PKEY_new(); if (rsa == NULL || ret == NULL) goto memerr; - rsa->e = BN_new(); - if (rsa->e == NULL) + e = BN_new(); + if (e == NULL) goto memerr; - if (!BN_set_word(rsa->e, read_ledword(&p))) + if (!BN_set_word(e, read_ledword(&pin))) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->n)) + if (!read_lebn(&pin, nbyte, &n)) goto memerr; if (!ispub) { - if (!read_lebn(&p, hnbyte, &rsa->p)) + BIGNUM *p = NULL, *q = NULL, *dmp1 = NULL, *dmq1 = NULL, *iqmp = NULL; + if (!read_lebn(&pin, hnbyte, &p)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->q)) + if (!read_lebn(&pin, hnbyte, &q)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmp1)) + if (!read_lebn(&pin, hnbyte, &dmp1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->dmq1)) + if (!read_lebn(&pin, hnbyte, &dmq1)) goto memerr; - if (!read_lebn(&p, hnbyte, &rsa->iqmp)) + if (!read_lebn(&pin, hnbyte, &iqmp)) goto memerr; - if (!read_lebn(&p, nbyte, &rsa->d)) + if (!read_lebn(&pin, nbyte, &d)) goto memerr; + RSA_set0_factors(rsa, p, q); + RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp); } + RSA_set0_key(rsa, e, n, d); EVP_PKEY_set1_RSA(ret, rsa); RSA_free(rsa); - *in = p; + *in = pin; return ret; memerr: PEMerr(PEM_F_B2I_RSA, ERR_R_MALLOC_FAILURE); @@ -530,26 +535,35 @@ static int check_bitlen_dsa(DSA *dsa, int ispub, unsigned int *pmagic) static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) { int nbyte, hnbyte, bitlen; - if (BN_num_bits(rsa->e) > 32) + BIGNUM *e; + + RSA_get0_key(rsa, &e, NULL, NULL); + if (BN_num_bits(e) > 32) goto badkey; - bitlen = BN_num_bits(rsa->n); - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; + bitlen = RSA_bits(rsa); + nbyte = RSA_size(rsa); + hnbyte = (bitlen + 15) >> 4; if (ispub) { *pmagic = MS_RSA1MAGIC; return bitlen; } else { + BIGNUM *d, *p, *q, *iqmp, *dmp1, *dmq1; + *pmagic = MS_RSA2MAGIC; + /* * For private key each component must fit within nbyte or hnbyte. */ - if (BN_num_bytes(rsa->d) > nbyte) + RSA_get0_key(rsa, NULL, NULL, &d); + if (BN_num_bytes(d) > nbyte) goto badkey; - if ((BN_num_bytes(rsa->iqmp) > hnbyte) - || (BN_num_bytes(rsa->p) > hnbyte) - || (BN_num_bytes(rsa->q) > hnbyte) - || (BN_num_bytes(rsa->dmp1) > hnbyte) - || (BN_num_bytes(rsa->dmq1) > hnbyte)) + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + if ((BN_num_bytes(iqmp) > hnbyte) + || (BN_num_bytes(p) > hnbyte) + || (BN_num_bytes(q) > hnbyte) + || (BN_num_bytes(dmp1) > hnbyte) + || (BN_num_bytes(dmq1) > hnbyte)) goto badkey; } return bitlen; @@ -561,18 +575,23 @@ static int check_bitlen_rsa(RSA *rsa, int ispub, unsigned int *pmagic) static void write_rsa(unsigned char **out, RSA *rsa, int ispub) { int nbyte, hnbyte; - nbyte = BN_num_bytes(rsa->n); - hnbyte = (BN_num_bits(rsa->n) + 15) >> 4; - write_lebn(out, rsa->e, 4); - write_lebn(out, rsa->n, -1); + BIGNUM *n, *d, *e, *p, *q, *iqmp, *dmp1, *dmq1; + + nbyte = RSA_size(rsa); + hnbyte = (RSA_bits(rsa) + 15) >> 4; + RSA_get0_key(rsa, &e, &n, &d); + write_lebn(out, e, 4); + write_lebn(out, n, -1); if (ispub) return; - write_lebn(out, rsa->p, hnbyte); - write_lebn(out, rsa->q, hnbyte); - write_lebn(out, rsa->dmp1, hnbyte); - write_lebn(out, rsa->dmq1, hnbyte); - write_lebn(out, rsa->iqmp, hnbyte); - write_lebn(out, rsa->d, nbyte); + RSA_get0_factors(rsa, &p, &q); + RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp); + write_lebn(out, p, hnbyte); + write_lebn(out, q, hnbyte); + write_lebn(out, dmp1, hnbyte); + write_lebn(out, dmq1, hnbyte); + write_lebn(out, iqmp, hnbyte); + write_lebn(out, d, nbyte); } static void write_dsa(unsigned char **out, DSA *dsa, int ispub) diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index ad51a440e5..4ff2665d60 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -60,11 +60,11 @@ #include "internal/cryptlib.h" #include #include -#include #include #include #include "internal/asn1_int.h" #include "internal/evp_int.h" +#include "rsa_locl.h" #ifndef OPENSSL_NO_CMS static int rsa_cms_sign(CMS_SignerInfo *si); diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c index 86a71b7c6b..da8b2406dd 100644 --- a/crypto/rsa/rsa_asn1.c +++ b/crypto/rsa/rsa_asn1.c @@ -59,9 +59,9 @@ #include #include "internal/cryptlib.h" #include -#include #include #include +#include "rsa_locl.h" /* Override the default free and new methods */ static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 02d3c41340..f78050876c 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -49,7 +49,7 @@ #include #include -#include +#include "rsa_locl.h" int RSA_check_key(const RSA *key) { diff --git a/crypto/rsa/rsa_crpt.c b/crypto/rsa/rsa_crpt.c index cec4a7c2bd..6cc3c70ec3 100644 --- a/crypto/rsa/rsa_crpt.c +++ b/crypto/rsa/rsa_crpt.c @@ -60,8 +60,8 @@ #include "internal/cryptlib.h" #include #include "internal/bn_int.h" -#include #include +#include "rsa_locl.h" int RSA_bits(const RSA *r) { diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 6ec27495e7..c4562589e1 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -65,7 +65,7 @@ #include #include "internal/cryptlib.h" #include -#include +#include "rsa_locl.h" static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index bd881ed528..7ee575d663 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -60,9 +60,9 @@ #include "internal/cryptlib.h" #include #include "internal/bn_int.h" -#include #include #include +#include "rsa_locl.h" static const RSA_METHOD *default_RSA_meth = NULL; @@ -283,3 +283,96 @@ int RSA_security_bits(const RSA *rsa) { return BN_security_bits(BN_num_bits(rsa->n), -1); } + +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) +{ + /* d is the private component and may be NULL */ + if (n == NULL || e == NULL) + return 0; + + BN_free(r->n); + BN_free(r->e); + BN_free(r->d); + r->n = n; + r->e = e; + r->d = d; + + return 1; +} + +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q) +{ + if (p == NULL || q == NULL) + return 0; + + BN_free(r->p); + BN_free(r->q); + r->p = p; + r->q = q; + + return 1; +} + +int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp) +{ + if (dmp1 == NULL || dmq1 == NULL || iqmp == NULL) + return 0; + + BN_free(r->dmp1); + BN_free(r->dmq1); + BN_free(r->iqmp); + r->dmp1 = dmp1; + r->dmq1 = dmq1; + r->iqmp = iqmp; + + return 1; +} + +void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d) +{ + if (n != NULL) + *n = r->n; + if (e != NULL) + *e = r->e; + if (d != NULL) + *d = r->d; +} + +void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q) +{ + if (p != NULL) + *p = r->p; + if (q != NULL) + *q = r->q; +} + +void RSA_get0_crt_params(const RSA *r, + BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp) +{ + if (dmp1 != NULL) + *dmp1 = r->dmp1; + if (dmq1 != NULL) + *dmq1 = r->dmq1; + if (iqmp != NULL) + *iqmp = r->iqmp; +} + +void RSA_clear_flags(RSA *r, int flags) +{ + r->flags &= ~flags; +} + +int RSA_test_flags(const RSA *r, int flags) +{ + return r->flags & flags; +} + +void RSA_set_flags(RSA *r, int flags) +{ + r->flags |= flags; +} + +ENGINE *RSA_get0_engine(RSA *r) +{ + return r->engine; +} diff --git a/crypto/rsa/rsa_locl.h b/crypto/rsa/rsa_locl.h index 3e88187d9b..dd9e70b6a8 100644 --- a/crypto/rsa/rsa_locl.h +++ b/crypto/rsa/rsa_locl.h @@ -1,3 +1,51 @@ +/* + * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL licenses, (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * https://www.openssl.org/source/license.html + * or in the file LICENSE in the source distribution. + */ + +#include + +struct rsa_st { + /* + * The first parameter is used to pickup errors where this is passed + * instead of aEVP_PKEY, it is set to 0 + */ + int pad; + long version; + const RSA_METHOD *meth; + /* functional reference if 'meth' is ENGINE-provided */ + ENGINE *engine; + BIGNUM *n; + BIGNUM *e; + BIGNUM *d; + BIGNUM *p; + BIGNUM *q; + BIGNUM *dmp1; + BIGNUM *dmq1; + BIGNUM *iqmp; + /* be careful using this if the RSA structure is shared */ + CRYPTO_EX_DATA ex_data; + int references; + int flags; + /* Used to cache montgomery values */ + BN_MONT_CTX *_method_mod_n; + BN_MONT_CTX *_method_mod_p; + BN_MONT_CTX *_method_mod_q; + /* + * all BIGNUM values are actually in the following data, if it is not + * NULL + */ + char *bignum_data; + BN_BLINDING *blinding; + BN_BLINDING *mt_blinding; + CRYPTO_RWLOCK *lock; +}; + extern int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *rm, size_t *prm_len, const unsigned char *sigbuf, diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 355788423b..27a6e78823 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -21,10 +21,10 @@ #include #include "internal/cryptlib.h" #include -#include #include #include #include +#include "rsa_locl.h" int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index 8d3383bfb0..5c3c0bf95e 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -110,8 +110,8 @@ #include "internal/cryptlib.h" #include "internal/bn_int.h" -#include #include +#include "rsa_locl.h" #ifndef RSA_NULL diff --git a/crypto/rsa/rsa_x931g.c b/crypto/rsa/rsa_x931g.c index d4c520c429..1e164e86e1 100644 --- a/crypto/rsa/rsa_x931g.c +++ b/crypto/rsa/rsa_x931g.c @@ -60,7 +60,7 @@ #include #include #include -#include +#include "rsa_locl.h" /* X9.31 RSA key derivation and generation */ diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index e7ae827715..61f7ec39b2 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -72,6 +72,7 @@ extern "C" { # endif +/* The type RSA is defined in ossl_typ.h */ struct rsa_meth_st { const char *name; int (*rsa_pub_enc) (int flen, const unsigned char *from, @@ -117,42 +118,6 @@ struct rsa_meth_st { int (*rsa_keygen) (RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); }; -struct rsa_st { - /* - * The first parameter is used to pickup errors where this is passed - * instead of aEVP_PKEY, it is set to 0 - */ - int pad; - long version; - const RSA_METHOD *meth; - /* functional reference if 'meth' is ENGINE-provided */ - ENGINE *engine; - BIGNUM *n; - BIGNUM *e; - BIGNUM *d; - BIGNUM *p; - BIGNUM *q; - BIGNUM *dmp1; - BIGNUM *dmq1; - BIGNUM *iqmp; - /* be careful using this if the RSA structure is shared */ - CRYPTO_EX_DATA ex_data; - int references; - int flags; - /* Used to cache montgomery values */ - BN_MONT_CTX *_method_mod_n; - BN_MONT_CTX *_method_mod_p; - BN_MONT_CTX *_method_mod_q; - /* - * all BIGNUM values are actually in the following data, if it is not - * NULL - */ - char *bignum_data; - BN_BLINDING *blinding; - BN_BLINDING *mt_blinding; - CRYPTO_RWLOCK *lock; -}; - # ifndef OPENSSL_RSA_MAX_MODULUS_BITS # define OPENSSL_RSA_MAX_MODULUS_BITS 16384 # endif @@ -308,6 +273,18 @@ int RSA_bits(const RSA *rsa); int RSA_size(const RSA *rsa); int RSA_security_bits(const RSA *rsa); +int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); +int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); +int RSA_set0_crt_params(RSA *r,BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); +void RSA_get0_key(const RSA *r, BIGNUM **n, BIGNUM **e, BIGNUM **d); +void RSA_get0_factors(const RSA *r, BIGNUM **p, BIGNUM **q); +void RSA_get0_crt_params(const RSA *r, + BIGNUM **dmp1, BIGNUM **dmq1, BIGNUM **iqmp); +void RSA_clear_flags(RSA *r, int flags); +int RSA_test_flags(const RSA *r, int flags); +void RSA_set_flags(RSA *r, int flags); +ENGINE *RSA_get0_engine(RSA *r); + /* Deprecated version */ DEPRECATEDIN_0_9_8(RSA *RSA_generate_key(int bits, unsigned long e, void (*callback) (int, int, void *), diff --git a/test/rsa_test.c b/test/rsa_test.c index d5d73e02aa..2bc21b045a 100644 --- a/test/rsa_test.c +++ b/test/rsa_test.c @@ -19,16 +19,19 @@ int main(int argc, char *argv[]) # include # define SetKey \ - key->n = BN_bin2bn(n, sizeof(n)-1, key->n); \ - key->e = BN_bin2bn(e, sizeof(e)-1, key->e); \ - key->d = BN_bin2bn(d, sizeof(d)-1, key->d); \ - key->p = BN_bin2bn(p, sizeof(p)-1, key->p); \ - key->q = BN_bin2bn(q, sizeof(q)-1, key->q); \ - key->dmp1 = BN_bin2bn(dmp1, sizeof(dmp1)-1, key->dmp1); \ - key->dmq1 = BN_bin2bn(dmq1, sizeof(dmq1)-1, key->dmq1); \ - key->iqmp = BN_bin2bn(iqmp, sizeof(iqmp)-1, key->iqmp); \ - memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ - return (sizeof(ctext_ex) - 1); + RSA_set0_key(key, \ + BN_bin2bn(n, sizeof(n)-1, NULL), \ + BN_bin2bn(e, sizeof(e)-1, NULL), \ + BN_bin2bn(d, sizeof(d)-1, NULL)); \ + RSA_set0_factors(key, \ + BN_bin2bn(p, sizeof(p)-1, NULL), \ + BN_bin2bn(q, sizeof(q)-1, NULL)); \ + RSA_set0_crt_params(key, \ + BN_bin2bn(dmp1, sizeof(dmp1)-1, NULL), \ + BN_bin2bn(dmq1, sizeof(dmq1)-1, NULL), \ + BN_bin2bn(iqmp, sizeof(iqmp)-1, NULL)); \ + memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ + return (sizeof(ctext_ex) - 1); static int key1(RSA *key, unsigned char *c) { @@ -243,7 +246,7 @@ int main(int argc, char *argv[]) break; } if (v / 3 >= 1) - key->flags |= RSA_FLAG_NO_CONSTTIME; + RSA_set_flags(key, RSA_FLAG_NO_CONSTTIME); num = RSA_public_encrypt(plen, ptext_ex, ctext, key, RSA_PKCS1_PADDING); -- GitLab