Move rsa/ to fipsmodule/rsa/

Change-Id: Id20d371ae7a88a91aaba7a9e23574eccb9caeb3c
Reviewed-on: https://boringssl-review.googlesource.com/15849
Reviewed-by: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

crypto/CMakeLists.txt

@@ -99,7 +99,7 @@ add_subdirectory(asn1)
 add_subdirectory(engine)
 add_subdirectory(dh)
 add_subdirectory(dsa)
-add_subdirectory(rsa)
+add_subdirectory(rsa_extra)
 add_subdirectory(ec_extra)
 add_subdirectory(ecdh)
 add_subdirectory(ecdsa_extra)
@@ -181,7 +181,7 @@ add_library(
   $<TARGET_OBJECTS:engine>
   $<TARGET_OBJECTS:dh>
   $<TARGET_OBJECTS:dsa>
-  $<TARGET_OBJECTS:rsa>
+  $<TARGET_OBJECTS:rsa_extra>
   $<TARGET_OBJECTS:ec_extra>
   $<TARGET_OBJECTS:ecdh>
   $<TARGET_OBJECTS:ecdsa_extra>
@@ -247,7 +247,7 @@ add_executable(
   evp/evp_extra_test.cc
   fipsmodule/ec/ec_test.cc
   fipsmodule/rand/ctrdrbg_test.cc
-  rsa/rsa_test.cc
+  rsa_extra/rsa_test.cc
 
   $<TARGET_OBJECTS:gtest_main>
   $<TARGET_OBJECTS:test_support>

crypto/evp/p_rsa.c

@@ -68,7 +68,7 @@
 #include <openssl/rsa.h>
 
 #include "../internal.h"
-#include "../rsa/internal.h"
+#include "../fipsmodule/rsa/internal.h"
 #include "internal.h"
 
 

crypto/evp/p_rsa_asn1.c

@@ -62,7 +62,7 @@
 #include <openssl/mem.h>
 #include <openssl/rsa.h>
 
-#include "../rsa/internal.h"
+#include "../fipsmodule/rsa/internal.h"
 #include "internal.h"
 
 

crypto/evp/print.c

@@ -61,7 +61,7 @@
 #include <openssl/rsa.h>
 
 #include "../internal.h"
-#include "../rsa/internal.h"
+#include "../fipsmodule/rsa/internal.h"
 
 
 static int bn_print(BIO *bp, const char *number, const BIGNUM *num,

crypto/fipsmodule/bcm.c

@@ -80,6 +80,10 @@
 #include "rand/ctrdrbg.c"
 #include "rand/rand.c"
 #include "rand/urandom.c"
+#include "rsa/blinding.c"
+#include "rsa/padding.c"
+#include "rsa/rsa.c"
+#include "rsa/rsa_impl.c"
 #include "sha/sha1-altivec.c"
 #include "sha/sha1.c"
 #include "sha/sha256.c"

crypto/fipsmodule/rsa/blinding.c

@@ -115,7 +115,7 @@
 #include <openssl/err.h>
 
 #include "internal.h"
-#include "../internal.h"
+#include "../../internal.h"
 
 
 #define BN_BLINDING_COUNTER 32

crypto/fipsmodule/rsa/internal.h

@@ -69,7 +69,7 @@ extern "C" {
 
 /* Default implementations of RSA operations. */
 
-extern const RSA_METHOD RSA_default_method;
+const RSA_METHOD *RSA_default_method(void);
 
 size_t rsa_default_size(const RSA *rsa);
 int rsa_default_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out,

crypto/fipsmodule/rsa/padding.c

@@ -67,7 +67,7 @@
 #include <openssl/sha.h>
 
 #include "internal.h"
-#include "../internal.h"
+#include "../../internal.h"
 
 
 #define RSA_PKCS1_PADDING_SIZE 11

crypto/fipsmodule/rsa/rsa.c

@@ -70,12 +70,13 @@
 #include <openssl/sha.h>
 #include <openssl/thread.h>
 
+#include "../bn/internal.h"
+#include "../delocate.h"
+#include "../../internal.h"
 #include "internal.h"
-#include "../internal.h"
-#include "../fipsmodule/bn/internal.h"
 
 
-static CRYPTO_EX_DATA_CLASS g_ex_data_class = CRYPTO_EX_DATA_CLASS_INIT;
+DEFINE_STATIC_EX_DATA_CLASS(g_rsa_ex_data_class);
 
 RSA *RSA_new(void) { return RSA_new_method(NULL); }
 
@@ -93,7 +94,7 @@ RSA *RSA_new_method(const ENGINE *engine) {
   }
 
   if (rsa->meth == NULL) {
-    rsa->meth = (RSA_METHOD*) &RSA_default_method;
+    rsa->meth = (RSA_METHOD *) RSA_default_method();
   }
   METHOD_ref(rsa->meth);
 
@@ -103,7 +104,7 @@ RSA *RSA_new_method(const ENGINE *engine) {
   CRYPTO_new_ex_data(&rsa->ex_data);
 
   if (rsa->meth->init && !rsa->meth->init(rsa)) {
-    CRYPTO_free_ex_data(&g_ex_data_class, rsa, &rsa->ex_data);
+    CRYPTO_free_ex_data(g_rsa_ex_data_class_bss_get(), rsa, &rsa->ex_data);
     CRYPTO_MUTEX_cleanup(&rsa->lock);
     METHOD_unref(rsa->meth);
     OPENSSL_free(rsa);
@@ -129,7 +130,7 @@ void RSA_free(RSA *rsa) {
   }
   METHOD_unref(rsa->meth);
 
-  CRYPTO_free_ex_data(&g_ex_data_class, rsa, &rsa->ex_data);
+  CRYPTO_free_ex_data(g_rsa_ex_data_class_bss_get(), rsa, &rsa->ex_data);
 
   BN_clear_free(rsa->n);
   BN_clear_free(rsa->e);
@@ -285,8 +286,8 @@ int RSA_is_opaque(const RSA *rsa) {
 int RSA_get_ex_new_index(long argl, void *argp, CRYPTO_EX_unused *unused,
                          CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) {
   int index;
-  if (!CRYPTO_get_ex_new_index(&g_ex_data_class, &index, argl, argp, dup_func,
-                               free_func)) {
+  if (!CRYPTO_get_ex_new_index(g_rsa_ex_data_class_bss_get(), &index, argl,
+                               argp, dup_func, free_func)) {
     return -1;
   }
   return index;
@@ -691,7 +692,14 @@ static const BN_ULONG kSmallFactorsLimbs[] = {
     TOBN(0x36ed1a6c, 0x0e2486bf), TOBN(0x5f270460, 0xec0c5727),
     0x000017b1
 };
-static const BIGNUM kSmallFactors = STATIC_BIGNUM(kSmallFactorsLimbs);
+
+DEFINE_LOCAL_DATA(BIGNUM, g_small_factors) {
+  out->d = (BN_ULONG *) kSmallFactorsLimbs;
+  out->top = OPENSSL_ARRAY_SIZE(kSmallFactorsLimbs);
+  out->dmax = out->top;
+  out->neg = 0;
+  out->flags = BN_FLG_STATIC_DATA;
+}
 
 int RSA_check_fips(RSA *key) {
   if (RSA_is_opaque(key)) {
@@ -721,7 +729,7 @@ int RSA_check_fips(RSA *key) {
       BN_num_bits(key->e) > 256 ||
       !BN_is_odd(key->n) ||
       !BN_is_odd(key->e) ||
-      !BN_gcd(&small_gcd, key->n, &kSmallFactors, ctx) ||
+      !BN_gcd(&small_gcd, key->n, g_small_factors(), ctx) ||
       !BN_is_one(&small_gcd) ||
       !BN_enhanced_miller_rabin_primality_test(&primality_result, key->n,
                                                BN_prime_checks, ctx, NULL) ||

crypto/fipsmodule/rsa/rsa_impl.c

@@ -67,8 +67,9 @@
 #include <openssl/type_check.h>
 
 #include "internal.h"
-#include "../fipsmodule/bn/internal.h"
-#include "../internal.h"
+#include "../bn/internal.h"
+#include "../../internal.h"
+#include "../delocate.h"
 
 
 static int check_modulus_and_exponent_sizes(const RSA *rsa) {
@@ -1037,38 +1038,11 @@ err:
   return ret;
 }
 
-/* All of the methods are NULL to make it easier for the compiler/linker to drop
- * unused functions. The wrapper functions will select the appropriate
- * |rsa_default_*| implementation. */
-const RSA_METHOD RSA_default_method = {
-  {
-    0 /* references */,
-    1 /* is_static */,
-  },
-  NULL /* app_data */,
-
-  NULL /* init */,
-  NULL /* finish (defaults to rsa_default_finish) */,
-
-  NULL /* size (defaults to rsa_default_size) */,
-
-  NULL /* sign */,
-  NULL /* verify */,
-
-  NULL /* encrypt (ignored) */,
-  NULL /* sign_raw (defaults to rsa_default_sign_raw) */,
-  NULL /* decrypt (defaults to rsa_default_decrypt) */,
-  NULL /* verify_raw (ignored) */,
-
-  NULL /* private_transform (defaults to rsa_default_private_transform) */,
-
-  NULL /* mod_exp (ignored) */,
-  NULL /* bn_mod_exp (ignored) */,
-
-  RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE,
-
-  NULL /* keygen (ignored) */,
-  NULL /* multi_prime_keygen (ignored) */,
-
-  NULL /* supports_digest (ignored) */,
-};
+DEFINE_METHOD_FUNCTION(RSA_METHOD, RSA_default_method) {
+  /* All of the methods are NULL to make it easier for the compiler/linker to
+   * drop unused functions. The wrapper functions will select the appropriate
+   * |rsa_default_*| implementation. */
+  OPENSSL_memset(out, 0, sizeof(RSA_METHOD));
+  out->common.is_static = 1;
+  out->flags = RSA_FLAG_CACHE_PUBLIC | RSA_FLAG_CACHE_PRIVATE;
+}

crypto/rsa_extra/CMakeLists.txt

@@ -1,13 +1,9 @@
 include_directories(../../include)
 
 add_library(
-  rsa
+  rsa_extra
 
   OBJECT
 
-  rsa.c
-  rsa_impl.c
-  blinding.c
-  padding.c
   rsa_asn1.c
 )

crypto/rsa_extra/rsa_asn1.c

@@ -64,7 +64,7 @@
 #include <openssl/err.h>
 #include <openssl/mem.h>
 
-#include "internal.h"
+#include "../fipsmodule/rsa/internal.h"
 #include "../bytestring/internal.h"
 #include "../internal.h"
 

crypto/rsa_extra/rsa_test.cc

@@ -68,9 +68,9 @@
 #include <openssl/nid.h>
 
 #include "../fipsmodule/bn/internal.h"
+#include "../fipsmodule/rsa/internal.h"
 #include "../internal.h"
 #include "../test/test_util.h"
-#include "internal.h"
 
 
 // kPlaintext is a sample plaintext.