Make BN_mod_exp_mont_consttime take a const context.
BN_mod_exp_mont_consttime does not modify its |BN_MONT_CTX| so that
value should be const.
Change-Id: Ie74e48eec8061899fd056fbd99dcca2a86b02cad
Reviewed-on: https://boringssl-review.googlesource.com/6403
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/bn/exponentiation.c b/crypto/bn/exponentiation.c
index 9cefa62..a24bb2e 100644
--- a/crypto/bn/exponentiation.c
+++ b/crypto/bn/exponentiation.c
@@ -862,10 +862,10 @@
*/
int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *in_mont) {
+ const BN_MONT_CTX *mont) {
int i, bits, ret = 0, window, wvalue;
int top;
- BN_MONT_CTX *mont = NULL;
+ BN_MONT_CTX *new_mont = NULL;
int numPowers;
unsigned char *powerbufFree = NULL;
@@ -888,15 +888,13 @@
BN_CTX_start(ctx);
- /* Allocate a montgomery context if it was not supplied by the caller.
- * If this is not done, things will break in the montgomery part. */
- if (in_mont != NULL) {
- mont = in_mont;
- } else {
- mont = BN_MONT_CTX_new();
- if (mont == NULL || !BN_MONT_CTX_set(mont, m, ctx)) {
+ /* Allocate a montgomery context if it was not supplied by the caller. */
+ if (mont == NULL) {
+ new_mont = BN_MONT_CTX_new();
+ if (new_mont == NULL || !BN_MONT_CTX_set(new_mont, m, ctx)) {
goto err;
}
+ mont = new_mont;
}
#ifdef RSAZ_ENABLED
@@ -1005,7 +1003,7 @@
/* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as
* 512-bit RSA is hardly relevant, we omit it to spare size... */
if (window == 5 && top > 1) {
- BN_ULONG *np = mont->N.d, *n0 = mont->n0, *np2;
+ const BN_ULONG *np = mont->N.d, *n0 = mont->n0, *np2;
/* BN_to_montgomery can contaminate words above .top
* [in BN_DEBUG[_DEBUG] build]... */
@@ -1019,9 +1017,11 @@
if (top & 7) {
np2 = np;
} else {
- for (np2 = am.d + top, i = 0; i < top; i++) {
- np2[2 * i] = np[i];
+ BN_ULONG *np_double = am.d + top;
+ for (i = 0; i < top; i++) {
+ np_double[2 * i] = np[i];
}
+ np2 = np_double;
}
bn_scatter5(tmp.d, top, powerbuf, 0);
@@ -1186,10 +1186,9 @@
goto err;
}
ret = 1;
+
err:
- if (in_mont == NULL) {
- BN_MONT_CTX_free(mont);
- }
+ BN_MONT_CTX_free(new_mont);
if (powerbuf != NULL) {
OPENSSL_cleanse(powerbuf, powerbufLen);
OPENSSL_free(powerbufFree);
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 46673dc..c9bdb1e 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -791,7 +791,8 @@
OPENSSL_EXPORT int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a,
const BIGNUM *p, const BIGNUM *m,
- BN_CTX *ctx, BN_MONT_CTX *in_mont);
+ BN_CTX *ctx,
+ const BN_MONT_CTX *mont);
OPENSSL_EXPORT int BN_mod_exp_mont_word(BIGNUM *r, BN_ULONG a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
