Add prototypes. Make Montgomery stuff explicitly for that purpose.

CHANGES

@@ -5,6 +5,10 @@
 
  Changes between 0.9.1c and 0.9.1d
 
+  *) Fix the RSA header declarations that hid a bug I fixed in 0.9.0b but
+     was already fixed by Eric for 0.9.1 it seems.
+     [Ben Laurie - pointed out by Ulf Möller <ulf@fitug.de>]
+
   *) Autodetect FreeBSD3.
      [Ben Laurie]
 
@@ -79,7 +83,7 @@
 
   *) The Genesis of the OpenSSL rpject:
      We start with the latest (unreleased) SSLeay version 0.9.1b which Eric A.
-     Joung and Tim J. Hudson created while they were working for C2Net until
+     Young and Tim J. Hudson created while they were working for C2Net until
      summer 1998.
      [The OpenSSL Project]
  

crypto/rsa/rsa.h

@@ -66,9 +66,26 @@ extern "C" {
 #include "bn.h"
 #include "crypto.h"
 
+typedef struct rsa_st RSA;
+
 typedef struct rsa_meth_st
 	{
 	char *name;
+#ifndef NOPROTO
+	int (*rsa_pub_enc)(int flen,unsigned char *from,unsigned char *to,
+			   RSA *rsa,int padding);
+	int (*rsa_pub_dec)(int flen,unsigned char *from,unsigned char *to,
+			   RSA *rsa,int padding);
+	int (*rsa_priv_enc)(int flen,unsigned char *from,unsigned char *to,
+			    RSA *rsa,int padding);
+	int (*rsa_priv_dec)(int flen,unsigned char *from,unsigned char *to,
+			    RSA *rsa,int padding);
+	int (*rsa_mod_exp)(BIGNUM *r0,BIGNUM *I,RSA *rsa); /* Can be null */
+	int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,
+			  BN_CTX *ctx,BN_MONT_CTX *m_ctx); /* Can be null */
+	int (*init)(RSA *rsa);		/* called at new */
+	int (*finish)(RSA *rsa);	/* called at free */
+#else
 	int (*rsa_pub_enc)();
 	int (*rsa_pub_dec)();
 	int (*rsa_priv_enc)();
@@ -77,12 +94,12 @@ typedef struct rsa_meth_st
 	int (*bn_mod_exp)();		/* Can be null */
 	int (*init)(/* RSA * */);	/* called at new */
 	int (*finish)(/* RSA * */);	/* called at free */
-
+#endif
 	int flags;			/* RSA_METHOD_FLAG_* things */
 	char *app_data;			/* may be needed! */
 	} RSA_METHOD;
 
-typedef struct rsa_st
+struct rsa_st
 	{
 	/* The first parameter is used to pickup errors where
 	 * this is passed instead of aEVP_PKEY, it is set to 0 */
@@ -102,16 +119,16 @@ typedef struct rsa_st
 	int references;
 	int flags;
 
-	/* Normally used to cache montgomery values */
-	char *method_mod_n;
-	char *method_mod_p;
-	char *method_mod_q;
+	/* Used to cache montgomery values */
+	BN_MONT_CTX *_method_mod_n;
+	BN_MONT_CTX *_method_mod_p;
+	BN_MONT_CTX *_method_mod_q;
 
 	/* all BIGNUM values are actually in the following data, if it is not
 	 * NULL */
 	char *bignum_data;
 	BN_BLINDING *blinding;
-	} RSA;
+	};
 
 #define RSA_3	0x3L
 #define RSA_F4	0x10001L

crypto/rsa/rsa_eay.c

@@ -144,15 +144,15 @@ int padding;
 
 	if (BN_bin2bn(buf,num,&f) == NULL) goto err;
 	
-	if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
+	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
 		{
-		if ((rsa->method_mod_n=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)rsa->method_mod_n,
-				rsa->n,ctx)) goto err;
+		if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
+			if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
+			    goto err;
 		}
 
 	if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
-		rsa->method_mod_n)) goto err;
+		rsa->_method_mod_n)) goto err;
 
 	/* put in leading 0 bytes if the number is less than the
 	 * length of the modulus */
@@ -380,15 +380,15 @@ int padding;
 
 	if (BN_bin2bn(from,flen,&f) == NULL) goto err;
 	/* do the decrypt */
-	if ((rsa->method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
+	if ((rsa->_method_mod_n == NULL) && (rsa->flags & RSA_FLAG_CACHE_PUBLIC))
 		{
-		if ((rsa->method_mod_n=(char *)BN_MONT_CTX_new()) != NULL)
-			if (!BN_MONT_CTX_set((BN_MONT_CTX *)rsa->method_mod_n,
-				rsa->n,ctx)) goto err;
+		if ((rsa->_method_mod_n=BN_MONT_CTX_new()) != NULL)
+			if (!BN_MONT_CTX_set(rsa->_method_mod_n,rsa->n,ctx))
+			    goto err;
 		}
 
 	if (!rsa->meth->bn_mod_exp(&ret,&f,rsa->e,rsa->n,ctx,
-		rsa->method_mod_n)) goto err;
+		rsa->_method_mod_n)) goto err;
 
 	p=buf;
 	i=BN_bn2bin(&ret,p);
@@ -435,31 +435,29 @@ RSA *rsa;
 
 	if (rsa->flags & RSA_FLAG_CACHE_PRIVATE)
 		{
-		if (rsa->method_mod_p == NULL)
+		if (rsa->_method_mod_p == NULL)
 			{
-			if ((rsa->method_mod_p=(char *)
-				BN_MONT_CTX_new()) != NULL)
-				if (!BN_MONT_CTX_set((BN_MONT_CTX *)
-					rsa->method_mod_p,rsa->p,ctx))
+			if ((rsa->_method_mod_p=BN_MONT_CTX_new()) != NULL)
+				if (!BN_MONT_CTX_set(rsa->_method_mod_p,rsa->p,
+						     ctx))
 					goto err;
 			}
-		if (rsa->method_mod_q == NULL)
+		if (rsa->_method_mod_q == NULL)
 			{
-			if ((rsa->method_mod_q=(char *)
-				BN_MONT_CTX_new()) != NULL)
-				if (!BN_MONT_CTX_set((BN_MONT_CTX *)
-					rsa->method_mod_q,rsa->q,ctx))
+			if ((rsa->_method_mod_q=BN_MONT_CTX_new()) != NULL)
+				if (!BN_MONT_CTX_set(rsa->_method_mod_q,rsa->q,
+						     ctx))
 					goto err;
 			}
 		}
 
 	if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
 	if (!rsa->meth->bn_mod_exp(&m1,&r1,rsa->dmq1,rsa->q,ctx,
-		rsa->method_mod_q)) goto err;
+		rsa->_method_mod_q)) goto err;
 
 	if (!BN_mod(&r1,I,rsa->p,ctx)) goto err;
 	if (!rsa->meth->bn_mod_exp(r0,&r1,rsa->dmp1,rsa->p,ctx,
-		rsa->method_mod_p)) goto err;
+		rsa->_method_mod_p)) goto err;
 
 	if (!BN_sub(r0,r0,&m1)) goto err;
 	/* This will help stop the size of r0 increasing, which does
@@ -490,12 +488,12 @@ RSA *rsa;
 static int RSA_eay_finish(rsa)
 RSA *rsa;
 	{
-	if (rsa->method_mod_n != NULL)
-		BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_n);
-	if (rsa->method_mod_p != NULL)
-		BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_p);
-	if (rsa->method_mod_q != NULL)
-		BN_MONT_CTX_free((BN_MONT_CTX *)rsa->method_mod_q);
+	if (rsa->_method_mod_n != NULL)
+		BN_MONT_CTX_free(rsa->_method_mod_n);
+	if (rsa->_method_mod_p != NULL)
+		BN_MONT_CTX_free(rsa->_method_mod_p);
+	if (rsa->_method_mod_q != NULL)
+		BN_MONT_CTX_free(rsa->_method_mod_q);
 	return(1);
 	}
 

crypto/rsa/rsa_lib.c

@@ -116,9 +116,9 @@ RSA_METHOD *meth;
 	ret->dmq1=NULL;
 	ret->iqmp=NULL;
 	ret->references=1;
-	ret->method_mod_n=NULL;
-	ret->method_mod_p=NULL;
-	ret->method_mod_q=NULL;
+	ret->_method_mod_n=NULL;
+	ret->_method_mod_p=NULL;
+	ret->_method_mod_q=NULL;
 	ret->blinding=NULL;
 	ret->bignum_data=NULL;
 	ret->flags=ret->meth->flags;
@@ -283,8 +283,8 @@ BN_CTX *p_ctx;
 	if (!BN_rand(A,BN_num_bits(rsa->n)-1,1,0)) goto err;
 	if ((Ai=BN_mod_inverse(NULL,A,rsa->n,ctx)) == NULL) goto err;
 
-	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,
-		(char *)rsa->method_mod_n)) goto err;
+	if (!rsa->meth->bn_mod_exp(A,A,rsa->e,rsa->n,ctx,rsa->_method_mod_n))
+	    goto err;
 	rsa->blinding=BN_BLINDING_new(A,Ai,rsa->n);
 	ctx->tos--;
 	rsa->flags|=RSA_FLAG_BLINDING;