From 82abcc07227fb8f25394281c19c61053c7dd3f54 Mon Sep 17 00:00:00 2001 From: Andre Noll Date: Tue, 2 May 2023 19:51:52 +0200 Subject: [PATCH] openssl: Kill rsa coefficient computations. There's no need to pre-compute the two exponents for the Chinese Remainder Theorem calculations as openssl will do that for us. --- openssl.c | 48 +++++------------------------------------------- 1 file changed, 5 insertions(+), 43 deletions(-) diff --git a/openssl.c b/openssl.c index f696cd9e..09d11e1e 100644 --- a/openssl.c +++ b/openssl.c @@ -154,31 +154,15 @@ static int read_openssh_private_key(const unsigned char *blob, { int ret; RSA *rsa; - BN_CTX *ctx; BIGNUM *n, *e, *d, *iqmp, *p, *q; /* stored in the key file */ - BIGNUM *dmp1, *dmq1; /* these will be computed */ - BIGNUM *tmp; const unsigned char *cp = blob; rsa = RSA_new(); if (!rsa) return -E_BIGNUM; - ret = -E_BIGNUM; - tmp = BN_new(); - if (!tmp) - goto free_rsa; - ctx = BN_CTX_new(); - if (!ctx) - goto free_tmp; - dmp1 = BN_new(); - if (!dmp1) - goto free_ctx; - dmq1 = BN_new(); - if (!dmq1) - goto free_dmp1; ret = read_bignum(cp, end - cp, &n); if (ret < 0) - goto free_dmq1; + goto free_rsa; cp += ret; ret = read_bignum(cp, end - cp, &e); if (ret < 0) @@ -199,19 +183,11 @@ static int read_openssh_private_key(const unsigned char *blob, ret = read_bignum(cp, end - cp, &q); if (ret < 0) goto free_p; - ret = -E_BIGNUM; - if (!BN_sub(tmp, q, BN_value_one())) - goto free_q; - if (!BN_mod(dmp1, d, tmp, ctx)) - goto free_q; - if (!BN_sub(tmp, q, BN_value_one())) - goto free_q; - if (!BN_mod(dmq1, d, tmp, ctx)) - goto free_q; #ifdef HAVE_RSA_SET0_KEY RSA_set0_key(rsa, n, e, d); RSA_set0_factors(rsa, p, q); - RSA_set0_crt_params(rsa, dmp1, dmq1, iqmp); + RSA_set0_crt_params(rsa, NULL, NULL, iqmp); + #else rsa->n = n; rsa->e = e; @@ -219,14 +195,9 @@ static int read_openssh_private_key(const unsigned char *blob, rsa->iqmp = iqmp; rsa->p = p; rsa->q = q; - rsa->dmp1 = dmp1; - rsa->dmq1 = dmq1; #endif *result = rsa; - ret = 1; - goto free_ctx; -free_q: - BN_clear_free(q); + return 1; free_p: BN_clear_free(p); free_iqmp: @@ -237,17 +208,8 @@ free_e: BN_free(e); free_n: BN_free(n); -free_dmq1: - BN_clear_free(dmq1); -free_dmp1: - BN_clear_free(dmp1); -free_ctx: - BN_CTX_free(ctx); -free_tmp: - BN_clear_free(tmp); free_rsa: - if (ret < 0) - RSA_free(rsa); + RSA_free(rsa); return ret; } -- 2.39.5