In openssl 1.1.1,
I see that this bn_mod_exp function is called from "rsa_ossl_public_decrypt"
:

566     if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
567                                rsa->_method_mod_n)) {
568         goto err;
569     }

so we are doing "f^(rsa->e)mod(rsa->n)" , this result is being filled in
ret (a BIGNUM* type).
This 'ret' variable is not a part of the RSA structure . So I think we need
look for any bignum "BN" set functions(if available) to modify the BIGNUM
structure attributes like 'd' array,top & dmax values , ..as this ret
variable isn't the part of RSA structure (yet) when the bn_mod_exp is
called.

Checkout this function "rsa_ossl_public_decrypt" for more details.

Hope that clarifies the scenario .
Please let me know if you have any questions.

Thanks,
Prudvi.

On Tue, Dec 22, 2020 at 3:45 AM prudvi raj <rajprudv...@gmail.com> wrote:
> >
> > Hello all,
> >
> > We use a hardware accelerator to calculate BIGNUM rr = a^p mod m .(
> bn_mod_exp).  I am trying to rewrite that logic for openssl 1.1.1. Code
> snippet of custom bn_mod_exp function:
> > --
> >     if(rr->d)
> >     {
> >         OPENSSL_free(rr->d);
> >     }
> >     rr->d = ( BN_ULONG * )( malloc( m->top * sizeof(BN_ULONG) ) );
> >     rr->top = m->top;
> >     rr->dmax = m->top;
> >     rr->neg = 0;
> >
> >     publicKeyData.operandALength = a->top * sizeof(BN_ULONG);
> >     publicKeyData.operandA = ( System::BYTE * )( a->d );
> >     publicKeyData.operandBLength = p->top * sizeof(BN_ULONG);
> >     publicKeyData.operandB = ( System::BYTE * )( p->d );
> >     publicKeyData.modulusLength = m->top * sizeof(BN_ULONG);
> >     publicKeyData.modulus = ( System::BYTE * )( m->d );
> >
> >     publicKeyData.resultLength = m->top * sizeof(BN_ULONG);
> >     publicKeyData.result = ( System::BYTE * )( rr->d );
> >
> >     calculate ( publicKeyData );    <<calculate fills out the Result
> Bytes in "rr->d" buffer.
> > --
> >  I found  a few 'get' functions (no set functions though) like --
> bn_get_top , bn_get_dmax. These are in "bn_intern.c" , not in "bn_lib.c"
> (or BN API).
> >    OPENSSL_free(rr->d)
> >    rr->d = ( BN_ULONG * )( malloc( m->top * sizeof(BN_ULONG) ) );
> >     rr->top = m->top;
> >     rr->dmax = m->top;
> >     rr->neg = 0
> >
> > As forward declarations are no longer allowed in openssl 1.1.1 , how to
> replicate above operations in openssl 1.1.1 ?
> > Are there any Set functions for set, dmax , d values (allocate memory
> for rr->d) . ?!
> > Please help me on this!!
> >
> > Thanks,
> > Prudvi.
> >
>
> IIUC, this is just a side effect of not being able to access the RSA
> structure directly like in openssl 1.0.2 days.
> The function RSA_set0_key() will allow you to set D, and there are
> routines for other portions of the struct as well.
> When the structure went opaque, getter and setters we're added for
> your use, see:
>   - https://www.openssl.org/docs/man1.1.1/man3/RSA_set0_key.html
>
> If you need to keep backwards compat with 1.0.2, you can define those
> getter/setter functions when building with 1.0.2 in your source
> code. However, it's strongly recommended to not be using 1.0.2.
>
> Bill
>

Reply via email to