Hi,
I wrote awhile back about a patch to 0.9.7 in rsa_eay.c, but never heard
back. Is this the wrong forum?
The patch is to rsa_eay.c (attached), which adds cacheing of the
montgomery context for n (in addition to p and q). This patch improves
efficiency...normally the verify at the end of CRT does not use a cached
context. In 0.9.7 right now, R^{-1} (Ri) for n must be recomputed on
every decryption, an expensive operation.
-david
--- rsa_eay.c.orig 2003-01-20 19:16:46.000000000 -0800
+++ rsa_eay.c 2003-01-20 19:17:54.000000000 -0800
@@ -533,6 +533,31 @@
if (bn_mont_ctx)
BN_MONT_CTX_free(bn_mont_ctx);
}
+
+ if (rsa->_method_mod_n == NULL)
+ {
+ BN_MONT_CTX* bn_mont_ctx;
+ if ((bn_mont_ctx=BN_MONT_CTX_new()) == NULL)
+ goto err;
+ if (!BN_MONT_CTX_set(bn_mont_ctx,rsa->n,ctx))
+ {
+ BN_MONT_CTX_free(bn_mont_ctx);
+ goto err;
+ }
+ if (rsa->_method_mod_n == NULL) /* other thread may have
+finished first */
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_RSA);
+ if (rsa->_method_mod_n == NULL)
+ {
+ rsa->_method_mod_n = bn_mont_ctx;
+ bn_mont_ctx = NULL;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_RSA);
+ }
+ if (bn_mont_ctx)
+ BN_MONT_CTX_free(bn_mont_ctx);
+ }
+
}
if (!BN_mod(&r1,I,rsa->q,ctx)) goto err;
@@ -565,7 +590,7 @@
if (rsa->e && rsa->n)
{
- if (!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,NULL)) goto err;
+ if
+(!rsa->meth->bn_mod_exp(&vrfy,r0,rsa->e,rsa->n,ctx,rsa->_method_mod_n)) goto err;
/* If 'I' was greater than (or equal to) rsa->n, the operation
* will be equivalent to using 'I mod n'. However, the result of
* the verify will *always* be less than 'n' so we don't check
