Move rsa/ to fipsmodule/rsa/
Change-Id: Id20d371ae7a88a91aaba7a9e23574eccb9caeb3c
Reviewed-on: https://boringssl-review.googlesource.com/15849
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/crypto/CMakeLists.txt b/crypto/CMakeLists.txt
index 8f2e430..596e793 100644
--- a/crypto/CMakeLists.txt
+++ b/crypto/CMakeLists.txt
@@ -99,7 +99,7 @@
add_subdirectory(engine)
add_subdirectory(dh)
add_subdirectory(dsa)
-add_subdirectory(rsa)
+add_subdirectory(rsa_extra)
add_subdirectory(ec_extra)
add_subdirectory(ecdh)
add_subdirectory(ecdsa_extra)
@@ -181,7 +181,7 @@
$<TARGET_OBJECTS:engine>
$<TARGET_OBJECTS:dh>
$<TARGET_OBJECTS:dsa>
- $<TARGET_OBJECTS:rsa>
+ $<TARGET_OBJECTS:rsa_extra>
$<TARGET_OBJECTS:ec_extra>
$<TARGET_OBJECTS:ecdh>
$<TARGET_OBJECTS:ecdsa_extra>
@@ -247,7 +247,7 @@
evp/evp_extra_test.cc
fipsmodule/ec/ec_test.cc
fipsmodule/rand/ctrdrbg_test.cc
- rsa/rsa_test.cc
+ rsa_extra/rsa_test.cc
$<TARGET_OBJECTS:gtest_main>
$<TARGET_OBJECTS:test_support>
diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c
index 99c3a7c..36aa524 100644
--- a/crypto/evp/p_rsa.c
+++ b/crypto/evp/p_rsa.c
@@ -68,7 +68,7 @@
#include <openssl/rsa.h>
#include "../internal.h"
-#include "../rsa/internal.h"
+#include "../fipsmodule/rsa/internal.h"
#include "internal.h"
diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c
index 2072595..306ff7d 100644
--- a/crypto/evp/p_rsa_asn1.c
+++ b/crypto/evp/p_rsa_asn1.c
@@ -62,7 +62,7 @@
#include <openssl/mem.h>
#include <openssl/rsa.h>
-#include "../rsa/internal.h"
+#include "../fipsmodule/rsa/internal.h"
#include "internal.h"
diff --git a/crypto/evp/print.c b/crypto/evp/print.c
index 214ada2..a774087 100644
--- a/crypto/evp/print.c
+++ b/crypto/evp/print.c
@@ -61,7 +61,7 @@
#include <openssl/rsa.h>
#include "../internal.h"
-#include "../rsa/internal.h"
+#include "../fipsmodule/rsa/internal.h"
static int bn_print(BIO *bp, const char *number, const BIGNUM *num,
diff --git a/crypto/fipsmodule/bcm.c b/crypto/fipsmodule/bcm.c
index 3c50df2..692b57c 100644
--- a/crypto/fipsmodule/bcm.c
+++ b/crypto/fipsmodule/bcm.c
@@ -80,6 +80,10 @@
#include "rand/ctrdrbg.c"
#include "rand/rand.c"
#include "rand/urandom.c"
+#include "rsa/blinding.c"
+#include "rsa/padding.c"
+#include "rsa/rsa.c"
+#include "rsa/rsa_impl.c"
#include "sha/sha1-altivec.c"
#include "sha/sha1.c"
#include "sha/sha256.c"
diff --git a/crypto/rsa/blinding.c b/crypto/fipsmodule/rsa/blinding.c
similarity index 99%
rename from crypto/rsa/blinding.c
rename to crypto/fipsmodule/rsa/blinding.c
index 693dced..71feb3b 100644
--- a/crypto/rsa/blinding.c
+++ b/crypto/fipsmodule/rsa/blinding.c
@@ -115,7 +115,7 @@
#include <openssl/err.h>
#include "internal.h"
-#include "../internal.h"
+#include "../../internal.h"
#define BN_BLINDING_COUNTER 32
diff --git a/crypto/rsa/internal.h b/crypto/fipsmodule/rsa/internal.h
similarity index 98%
rename from crypto/rsa/internal.h
rename to crypto/fipsmodule/rsa/internal.h
index 56b633b..fb5ffff 100644
--- a/crypto/rsa/internal.h
+++ b/crypto/fipsmodule/rsa/internal.h
@@ -69,7 +69,7 @@
/* Default implementations of RSA operations. */
-extern const RSA_METHOD RSA_default_method;
+const RSA_METHOD *RSA_default_method(void);
size_t rsa_default_size(const RSA *rsa);
int rsa_default_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out,
diff --git a/crypto/rsa/padding.c b/crypto/fipsmodule/rsa/padding.c
similarity index 99%
rename from crypto/rsa/padding.c
rename to crypto/fipsmodule/rsa/padding.c
index a3835b4..69bd9ad 100644
--- a/crypto/rsa/padding.c
+++ b/crypto/fipsmodule/rsa/padding.c
@@ -67,7 +67,7 @@
#include <openssl/sha.h>
#include "internal.h"
-#include "../internal.h"
+#include "../../internal.h"
#define RSA_PKCS1_PADDING_SIZE 11
diff --git a/crypto/rsa/rsa.c b/crypto/fipsmodule/rsa/rsa.c
similarity index 96%
rename from crypto/rsa/rsa.c
rename to crypto/fipsmodule/rsa/rsa.c
index 7ad78a1..92d4853 100644
--- a/crypto/rsa/rsa.c
+++ b/crypto/fipsmodule/rsa/rsa.c
@@ -70,12 +70,13 @@
#include <openssl/sha.h>
#include <openssl/thread.h>
+#include "../bn/internal.h"
+#include "../delocate.h"
+#include "../../internal.h"
#include "internal.h"
-#include "../internal.h"
-#include "../fipsmodule/bn/internal.h"
-static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT;
+DEFINE_STATIC_EX_DATA_CLASS(g_rsa_ex_data_class);
RSA *RSA_new(void) { return RSA_new_method(NULL); }
@@ -93,7 +94,7 @@
}
if (rsa->meth == NULL) {
- rsa->meth = (RSA_METHOD*) &RSA_default_method;
+ rsa->meth = (RSA_METHOD *) RSA_default_method();
}
METHOD_ref(rsa->meth);
@@ -103,7 +104,7 @@
CRYPTO_new_ex_data(&rsa->ex_data);
if (rsa->meth->init && !rsa->meth->init(rsa)) {
- CRYPTO_free_ex_data(&g_ex_data_class, rsa, &rsa->ex_data);
+ CRYPTO_free_ex_data(g_rsa_ex_data_class_bss_get(), rsa, &rsa->ex_data);
CRYPTO_MUTEX_cleanup(&rsa->lock);
METHOD_unref(rsa->meth);
OPENSSL_free(rsa);
@@ -129,7 +130,7 @@
}
METHOD_unref(rsa->meth);
- CRYPTO_free_ex_data(&g_ex_data_class, rsa, &rsa->ex_data);
+ CRYPTO_free_ex_data(g_rsa_ex_data_class_bss_get(), rsa, &rsa->ex_data);
BN_clear_free(rsa->n);
BN_clear_free(rsa->e);
@@ -285,8 +286,8 @@
int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) {
int index;
- if (!CRYPTO_get_ex_new_index(&g_ex_data_class, &index, argl, argp, dup_func,
- free_func)) {
+ if (!CRYPTO_get_ex_new_index(g_rsa_ex_data_class_bss_get(), &index, argl,
+ argp, dup_func, free_func)) {
return -1;
}
return index;
@@ -691,7 +692,14 @@
TOBN(0x36ed1a6c, 0x0e2486bf), TOBN(0x5f270460, 0xec0c5727),
0x000017b1
};
-static const BIGNUM kSmallFactors = STATIC_BIGNUM(kSmallFactorsLimbs);
+
+DEFINE_LOCAL_DATA(BIGNUM, g_small_factors) {
+ out->d = (BN_ULONG *) kSmallFactorsLimbs;
+ out->top = OPENSSL_ARRAY_SIZE(kSmallFactorsLimbs);
+ out->dmax = out->top;
+ out->neg = 0;
+ out->flags = BN_FLG_STATIC_DATA;
+}
int RSA_check_fips(RSA *key) {
if (RSA_is_opaque(key)) {
@@ -721,7 +729,7 @@
BN_num_bits(key->e) > 256 ||
!BN_is_odd(key->n) ||
!BN_is_odd(key->e) ||
- !BN_gcd(&small_gcd, key->n, &kSmallFactors, ctx) ||
+ !BN_gcd(&small_gcd, key->n, g_small_factors(), ctx) ||
!BN_is_one(&small_gcd) ||
!BN_enhanced_miller_rabin_primality_test(&primality_result, key->n,
BN_prime_checks, ctx, NULL) ||
diff --git a/crypto/rsa/rsa_impl.c b/crypto/fipsmodule/rsa/rsa_impl.c
similarity index 96%
rename from crypto/rsa/rsa_impl.c
rename to crypto/fipsmodule/rsa/rsa_impl.c
index 5f5eb5e..509f11f 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/fipsmodule/rsa/rsa_impl.c
@@ -67,8 +67,9 @@
#include <openssl/type_check.h>
#include "internal.h"
-#include "../fipsmodule/bn/internal.h"
-#include "../internal.h"
+#include "../bn/internal.h"
+#include "../../internal.h"
+#include "../delocate.h"
static int check_modulus_and_exponent_sizes(const RSA *rsa) {
@@ -1037,38 +1038,11 @@
return ret;
}
-/* All of the methods are NULL to make it easier for the compiler/linker to drop
- * unused functions. The wrapper functions will select the appropriate
- * |rsa_default_*| implementation. */
-const RSA_METHOD RSA_default_method = {
- {
- 0 /* references */,
- 1 /* is_static */,
- },
- NULL /* app_data */,
-
- NULL /* init */,
- NULL /* finish (defaults to rsa_default_finish) */,
-
- NULL /* size (defaults to rsa_default_size) */,
-
- NULL /* sign */,
- NULL /* verify */,
-
- NULL /* encrypt (ignored) */,
- NULL /* sign_raw (defaults to rsa_default_sign_raw) */,
- NULL /* decrypt (defaults to rsa_default_decrypt) */,
- NULL /* verify_raw (ignored) */,
-
- NULL /* private_transform (defaults to rsa_default_private_transform) */,
-
- NULL /* mod_exp (ignored) */,
- NULL /* bn_mod_exp (ignored) */,
-
- RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
-
- NULL /* keygen (ignored) */,
- NULL /* multi_prime_keygen (ignored) */,
-
- NULL /* supports_digest (ignored) */,
-};
+DEFINE_METHOD_FUNCTION(RSA_METHOD, RSA_default_method) {
+ /* All of the methods are NULL to make it easier for the compiler/linker to
+ * drop unused functions. The wrapper functions will select the appropriate
+ * |rsa_default_*| implementation. */
+ OPENSSL_memset(out, 0, sizeof(RSA_METHOD));
+ out->common.is_static = 1;
+ out->flags = RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
+}
diff --git a/crypto/rsa/CMakeLists.txt b/crypto/rsa/CMakeLists.txt
deleted file mode 100644
index 76937c1..0000000
--- a/crypto/rsa/CMakeLists.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-include_directories(../../include)
-
-add_library(
- rsa
-
- OBJECT
-
- rsa.c
- rsa_impl.c
- blinding.c
- padding.c
- rsa_asn1.c
-)
diff --git a/crypto/rsa_extra/CMakeLists.txt b/crypto/rsa_extra/CMakeLists.txt
new file mode 100644
index 0000000..563a4a4
--- /dev/null
+++ b/crypto/rsa_extra/CMakeLists.txt
@@ -0,0 +1,9 @@
+include_directories(../../include)
+
+add_library(
+ rsa_extra
+
+ OBJECT
+
+ rsa_asn1.c
+)
diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa_extra/rsa_asn1.c
similarity index 99%
rename from crypto/rsa/rsa_asn1.c
rename to crypto/rsa_extra/rsa_asn1.c
index 6d3598b..785044e 100644
--- a/crypto/rsa/rsa_asn1.c
+++ b/crypto/rsa_extra/rsa_asn1.c
@@ -64,7 +64,7 @@
#include <openssl/err.h>
#include <openssl/mem.h>
-#include "internal.h"
+#include "../fipsmodule/rsa/internal.h"
#include "../bytestring/internal.h"
#include "../internal.h"
diff --git a/crypto/rsa/rsa_test.cc b/crypto/rsa_extra/rsa_test.cc
similarity index 99%
rename from crypto/rsa/rsa_test.cc
rename to crypto/rsa_extra/rsa_test.cc
index be69abe..3fb834d 100644
--- a/crypto/rsa/rsa_test.cc
+++ b/crypto/rsa_extra/rsa_test.cc
@@ -68,9 +68,9 @@
#include <openssl/nid.h>
#include "../fipsmodule/bn/internal.h"
+#include "../fipsmodule/rsa/internal.h"
#include "../internal.h"
#include "../test/test_util.h"
-#include "internal.h"
// kPlaintext is a sample plaintext.
