Remove a redundant call to freeze_private_key
While I'm here, rename mod_exp to rsa_mod_exp_crt. It is specifically
the CRT implementation.
Bug: 42290186
Change-Id: Ie80831f3e1114ba446f73e448e158602abada8be
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/75149
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/fipsmodule/rsa/rsa_impl.cc.inc b/crypto/fipsmodule/rsa/rsa_impl.cc.inc
index 2773636..0b931e9 100644
--- a/crypto/fipsmodule/rsa/rsa_impl.cc.inc
+++ b/crypto/fipsmodule/rsa/rsa_impl.cc.inc
@@ -433,7 +433,7 @@
}
-static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
+static int rsa_mod_exp_crt(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx);
int rsa_verify_raw_no_self_test(RSA *rsa, size_t *out_len, uint8_t *out,
size_t max_out, const uint8_t *in,
@@ -618,7 +618,7 @@
// but it is true for keys generated by us and all common implementations.
bn_less_than_montgomery_R(rsa->q, rsa->mont_p) &&
bn_less_than_montgomery_R(rsa->p, rsa->mont_q)) {
- if (!mod_exp(result, f, rsa, ctx)) {
+ if (!rsa_mod_exp_crt(result, f, rsa, ctx)) {
goto err;
}
} else if (!BN_mod_exp_mont_consttime(result, f, rsa->d_fixed, rsa->n, ctx,
@@ -707,7 +707,7 @@
return 1;
}
-static int mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
+static int rsa_mod_exp_crt(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) {
assert(ctx != NULL);
assert(rsa->n != NULL);
@@ -730,10 +730,6 @@
goto err;
}
- if (!freeze_private_key(rsa, ctx)) {
- goto err;
- }
-
// Use the minimal-width versions of |n|, |p|, and |q|. Either works, but if
// someone gives us non-minimal values, these will be slightly more efficient
// on the non-Montgomery operations.
