// Code generated by cmd/cgo; DO NOT EDIT.

//line /builddir/build/BUILD/go-go-1.12.8-2-openssl-fips/src/crypto/internal/boring/rsa.go:1:1
// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// +build linux
// +build !android
// +build !no_openssl
// +build !cmd_go_bootstrap
// +build !msan

package boring

// #include "goboringcrypto.h"
import _ "unsafe"
import (
	"crypto"
	"errors"
	"hash"
	"math/big"
	"runtime"
	"strconv"
	"unsafe"
)

func GenerateKeyRSA(bits int) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) {
	bad := func(e error) (N, E, D, P, Q, Dp, Dq, Qinv *big.Int, err error) {
		return nil, nil, nil, nil, nil, nil, nil, nil, e
	}

	key := ( /*line :30:9*/_Cfunc__goboringcrypto_RSA_new /*line :30:33*/)()
	if key == nil {
		return bad(fail("RSA_new"))
	}
	defer func() func() { _cgo0 := /*line :34:35*/key; return func() { _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_RSA_free(_cgo0); }}()()

	if func() _Ctype_int{ _cgo0 := /*line :36:45*/key; var _cgo1 _Ctype_int = _Ctype_int(bits); var _cgo2 *_Ctype_struct_bn_gencb_st = /*line :36:63*/nil; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_RSA_generate_key_fips(_cgo0, _cgo1, _cgo2); }() == 0 {
		return bad(fail("RSA_generate_key_fips"))
	}

	var n, e, d, p, q, dp, dq, qinv * /*line :40:35*/_Ctype_struct_bignum_st /*line :40:46*/
	func() { _cgo0 := /*line :41:33*/key; _cgoBase1 := /*line :41:38*/&n; _cgo1 := _cgoBase1; _cgoBase2 := /*line :41:42*/&e; _cgo2 := _cgoBase2; _cgoBase3 := /*line :41:46*/&d; _cgo3 := _cgoBase3; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _cgoCheckPointer(_cgoBase3, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_key(_cgo0, _cgo1, _cgo2, _cgo3); }()
	func() { _cgo0 := /*line :42:37*/key; _cgoBase1 := /*line :42:42*/&p; _cgo1 := _cgoBase1; _cgoBase2 := /*line :42:46*/&q; _cgo2 := _cgoBase2; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_factors(_cgo0, _cgo1, _cgo2); }()
	func() { _cgo0 := /*line :43:40*/key; _cgoBase1 := /*line :43:45*/&dp; _cgo1 := _cgoBase1; _cgoBase2 := /*line :43:50*/&dq; _cgo2 := _cgoBase2; _cgoBase3 := /*line :43:55*/&qinv; _cgo3 := _cgoBase3; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _cgoCheckPointer(_cgoBase3, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_crt_params(_cgo0, _cgo1, _cgo2, _cgo3); }()
	return bnToBig(n), bnToBig(e), bnToBig(d), bnToBig(p), bnToBig(q), bnToBig(dp), bnToBig(dq), bnToBig(qinv), nil
}

type PublicKeyRSA struct {
	key * /*line :48:7*/_Ctype_struct_rsa_st /*line :48:15*/
}

func NewPublicKeyRSA(N, E *big.Int) (*PublicKeyRSA, error) {
	key := ( /*line :52:9*/_Cfunc__goboringcrypto_RSA_new /*line :52:33*/)()
	if key == nil {
		return nil, fail("RSA_new")
	}
	var n, e * /*line :56:12*/_Ctype_struct_bignum_st /*line :56:23*/
	func() { _cgo0 := /*line :57:33*/key; _cgoBase1 := /*line :57:38*/&n; _cgo1 := _cgoBase1; _cgoBase2 := /*line :57:42*/&e; _cgo2 := _cgoBase2; var _cgo3 **_Ctype_struct_bignum_st = /*line :57:46*/nil; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_key(_cgo0, _cgo1, _cgo2, _cgo3); }()
	if !bigToBn(&n, N) ||
		!bigToBn(&e, E) {
		return nil, fail("BN_bin2bn")
	}
	func() _Ctype_int{ _cgo0 := /*line :62:33*/key; _cgo1 := /*line :62:38*/n; _cgo2 := /*line :62:41*/e; var _cgo3 *_Ctype_struct_bignum_st = /*line :62:44*/nil; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); _cgoCheckPointer(_cgo2); return _Cfunc__goboringcrypto_RSA_set0_key(_cgo0, _cgo1, _cgo2, _cgo3); }()
	k := &PublicKeyRSA{key: key}
	// Note: Because of the finalizer, any time k.key is passed to cgo,
	// that call must be followed by a call to runtime.KeepAlive(k),
	// to make sure k is not collected (and finalized) before the cgo
	// call returns.
	runtime.SetFinalizer(k, (*PublicKeyRSA).finalize)
	return k, nil
}

func (k *PublicKeyRSA) finalize() {
	func() { _cgo0 := /*line :73:29*/k.key; _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_RSA_free(_cgo0); }()
}

type PrivateKeyRSA struct {
	key * /*line :77:7*/_Ctype_struct_rsa_st /*line :77:15*/
}

func NewPrivateKeyRSA(N, E, D, P, Q, Dp, Dq, Qinv *big.Int) (*PrivateKeyRSA, error) {
	key := ( /*line :81:9*/_Cfunc__goboringcrypto_RSA_new /*line :81:33*/)()
	if key == nil {
		return nil, fail("RSA_new")
	}
	var n, e, d, p, q, dp, dq, qinv * /*line :85:35*/_Ctype_struct_bignum_st /*line :85:46*/
	func() { _cgo0 := /*line :86:33*/key; _cgoBase1 := /*line :86:38*/&n; _cgo1 := _cgoBase1; _cgoBase2 := /*line :86:42*/&e; _cgo2 := _cgoBase2; _cgoBase3 := /*line :86:46*/&d; _cgo3 := _cgoBase3; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _cgoCheckPointer(_cgoBase3, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_key(_cgo0, _cgo1, _cgo2, _cgo3); }()
	func() { _cgo0 := /*line :87:37*/key; _cgoBase1 := /*line :87:42*/&p; _cgo1 := _cgoBase1; _cgoBase2 := /*line :87:46*/&q; _cgo2 := _cgoBase2; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_factors(_cgo0, _cgo1, _cgo2); }()
	func() { _cgo0 := /*line :88:40*/key; _cgoBase1 := /*line :88:45*/&dp; _cgo1 := _cgoBase1; _cgoBase2 := /*line :88:50*/&dq; _cgo2 := _cgoBase2; _cgoBase3 := /*line :88:55*/&qinv; _cgo3 := _cgoBase3; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgoBase1, 0 == 0); _cgoCheckPointer(_cgoBase2, 0 == 0); _cgoCheckPointer(_cgoBase3, 0 == 0); _Cfunc__goboringcrypto_RSA_get0_crt_params(_cgo0, _cgo1, _cgo2, _cgo3); }()
	if !bigToBn(&n, N) ||
		!bigToBn(&e, E) ||
		!bigToBn(&d, D) ||
		!bigToBn(&p, P) ||
		!bigToBn(&q, Q) ||
		!bigToBn(&dp, Dp) ||
		!bigToBn(&dq, Dq) ||
		!bigToBn(&qinv, Qinv) {
		return nil, fail("BN_bin2bn")
	}
	func() _Ctype_int{ _cgo0 := /*line :99:33*/key; _cgo1 := /*line :99:38*/n; _cgo2 := /*line :99:41*/e; _cgo3 := /*line :99:44*/d; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); _cgoCheckPointer(_cgo2); _cgoCheckPointer(_cgo3); return _Cfunc__goboringcrypto_RSA_set0_key(_cgo0, _cgo1, _cgo2, _cgo3); }()
	func() _Ctype_int{ _cgo0 := /*line :100:37*/key; _cgo1 := /*line :100:42*/p; _cgo2 := /*line :100:45*/q; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); _cgoCheckPointer(_cgo2); return _Cfunc__goboringcrypto_RSA_set0_factors(_cgo0, _cgo1, _cgo2); }()
	func() _Ctype_int{ _cgo0 := /*line :101:40*/key; _cgo1 := /*line :101:45*/dp; _cgo2 := /*line :101:49*/dq; _cgo3 := /*line :101:53*/qinv; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); _cgoCheckPointer(_cgo2); _cgoCheckPointer(_cgo3); return _Cfunc__goboringcrypto_RSA_set0_crt_params(_cgo0, _cgo1, _cgo2, _cgo3); }()
	k := &PrivateKeyRSA{key: key}
	// Note: Because of the finalizer, any time k.key is passed to cgo,
	// that call must be followed by a call to runtime.KeepAlive(k),
	// to make sure k is not collected (and finalized) before the cgo
	// call returns.
	runtime.SetFinalizer(k, (*PrivateKeyRSA).finalize)
	return k, nil
}

func (k *PrivateKeyRSA) finalize() {
	func() { _cgo0 := /*line :112:29*/k.key; _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_RSA_free(_cgo0); }()
}

func setupRSA(key * /*line :115:20*/_Ctype_struct_rsa_st /*line :115:28*/,
	padding  /*line :116:10*/_Ctype_int /*line :116:15*/, h hash.Hash, label []byte, saltLen int, ch crypto.Hash,
	init func(* /*line :117:13*/_Ctype_struct_evp_pkey_ctx_st /*line :117:30*/)  /*line :117:32*/_Ctype_int /*line :117:37*/) (pkey * /*line :117:46*/_Ctype_struct_evp_pkey_st /*line :117:59*/, ctx * /*line :117:66*/_Ctype_struct_evp_pkey_ctx_st /*line :117:83*/, err error) {
	defer func() {
		if err != nil {
			if pkey != nil {
				func() { _cgo0 := /*line :121:37*/pkey; _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_EVP_PKEY_free(_cgo0); }()
				pkey = nil
			}
			if ctx != nil {
				func() { _cgo0 := /*line :125:41*/ctx; _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_EVP_PKEY_CTX_free(_cgo0); }()
				ctx = nil
			}
		}
	}()

	pkey = ( /*line :131:9*/_Cfunc__goboringcrypto_EVP_PKEY_new /*line :131:38*/)()
	if pkey == nil {
		return nil, nil, fail("EVP_PKEY_new")
	}
	if func() _Ctype_int{ _cgo0 := /*line :135:41*/pkey; _cgo1 := /*line :135:47*/key; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); return _Cfunc__goboringcrypto_EVP_PKEY_set1_RSA(_cgo0, _cgo1); }() == 0 {
		return nil, nil, fail("EVP_PKEY_set1_RSA")
	}
	ctx = func() *_Ctype_struct_evp_pkey_ctx_st{ _cgo0 := /*line :138:43*/pkey; var _cgo1 *_Ctype_struct_engine_st = /*line :138:49*/nil; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_CTX_new(_cgo0, _cgo1); }()
	if ctx == nil {
		return nil, nil, fail("EVP_PKEY_CTX_new")
	}
	if init(ctx) == 0 {
		return nil, nil, fail("EVP_PKEY_operation_init")
	}
	if func() _Ctype_int{ _cgo0 := /*line :145:52*/ctx; var _cgo1 _Ctype_int = /*line :145:57*/padding; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_CTX_set_rsa_padding(_cgo0, _cgo1); }() == 0 {
		return nil, nil, fail("EVP_PKEY_CTX_set_rsa_padding")
	}
	if padding == ( /*line :148:16*/_Ciconst_GO_RSA_PKCS1_OAEP_PADDING /*line :148:42*/) {
		md := hashToMD(h)
		if md == nil {
			return nil, nil, errors.New("crypto/rsa: unsupported hash function")
		}
		if func() _Ctype_int{ _cgo0 := /*line :153:53*/ctx; _cgo1 := /*line :153:58*/md; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); return _Cfunc__goboringcrypto_EVP_PKEY_CTX_set_rsa_oaep_md(_cgo0, _cgo1); }() == 0 {
			return nil, nil, fail("EVP_PKEY_set_rsa_oaep_md")
		}
		// ctx takes ownership of label, so malloc a copy for BoringCrypto to free.
		clabel := (* /*line :157:15*/_Ctype_uint8_t /*line :157:24*/)(( /*line :157:26*/_Cfunc__CMalloc /*line :157:33*/)( /*line :157:35*/_Ctype_size_t /*line :157:43*/(len(label))))
		if clabel == nil {
			return nil, nil, fail("malloc")
		}
		copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label)
		if func() _Ctype_int{ _cgo0 := /*line :162:57*/ctx; var _cgo1 *_Ctype_uint8_t = /*line :162:62*/clabel; var _cgo2 _Ctype_size_t = _Ctype_size_t(len(label)); _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_CTX_set0_rsa_oaep_label(_cgo0, _cgo1, _cgo2); }() == 0 {
			return nil, nil, fail("EVP_PKEY_CTX_set0_rsa_oaep_label")
		}
	}
	if padding == ( /*line :166:16*/_Ciconst_GO_RSA_PKCS1_PSS_PADDING /*line :166:41*/) {
		if saltLen != 0 {
			if func() _Ctype_int{ _cgo0 := /*line :168:58*/ctx; var _cgo1 _Ctype_int = _Ctype_int(saltLen); _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_CTX_set_rsa_pss_saltlen(_cgo0, _cgo1); }() == 0 {
				return nil, nil, fail("EVP_PKEY_set_rsa_pss_saltlen")
			}
		}
		md := cryptoHashToMD(ch)
		if md == nil {
			return nil, nil, errors.New("crypto/rsa: unsupported hash function")
		}
		if func() _Ctype_int{ _cgo0 := /*line :176:53*/ctx; _cgo1 := /*line :176:58*/md; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo1); return _Cfunc__goboringcrypto_EVP_PKEY_CTX_set_rsa_mgf1_md(_cgo0, _cgo1); }() == 0 {
			return nil, nil, fail("EVP_PKEY_set_rsa_mgf1_md")
		}
	}

	return pkey, ctx, nil
}

func cryptRSA(gokey interface{}, key * /*line :184:39*/_Ctype_struct_rsa_st /*line :184:47*/,
	padding  /*line :185:10*/_Ctype_int /*line :185:15*/, h hash.Hash, label []byte, saltLen int, ch crypto.Hash,
	init func(* /*line :186:13*/_Ctype_struct_evp_pkey_ctx_st /*line :186:30*/)  /*line :186:32*/_Ctype_int /*line :186:37*/,
	crypt func(* /*line :187:14*/_Ctype_struct_evp_pkey_ctx_st /*line :187:31*/, * /*line :187:34*/_Ctype_uint8_t /*line :187:43*/, * /*line :187:46*/_Ctype_size_t /*line :187:54*/, * /*line :187:57*/_Ctype_uint8_t /*line :187:66*/,  /*line :187:68*/_Ctype_size_t /*line :187:76*/)  /*line :187:78*/_Ctype_int /*line :187:83*/,
	in []byte) ([]byte, error) {

	pkey, ctx, err := setupRSA(key, padding, h, label, saltLen, ch, init)
	if err != nil {
		return nil, err
	}
	defer func() func() { _cgo0 := /*line :194:40*/pkey; return func() { _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_EVP_PKEY_free(_cgo0); }}()()
	defer func() func() { _cgo0 := /*line :195:44*/ctx; return func() { _cgoCheckPointer(_cgo0); _Cfunc__goboringcrypto_EVP_PKEY_CTX_free(_cgo0); }}()()

	var outLen  /*line :197:13*/_Ctype_size_t /*line :197:21*/
	if crypt(ctx, nil, &outLen, base(in),  /*line :198:40*/_Ctype_size_t /*line :198:48*/(len(in))) == 0 {
		return nil, fail("EVP_PKEY_decrypt/encrypt")
	}
	out := make([]byte, outLen)
	if crypt(ctx, base(out), &outLen, base(in),  /*line :202:46*/_Ctype_size_t /*line :202:54*/(len(in))) <= 0 {
		return nil, fail("EVP_PKEY_decrypt/encrypt")
	}
	runtime.KeepAlive(gokey) // keep key from being freed before now
	return out[:outLen], nil
}

func DecryptRSAOAEP(h hash.Hash, priv *PrivateKeyRSA, ciphertext, label []byte) ([]byte, error) {
	return cryptRSA(priv, priv.key, ( /*line :210:34*/_Ciconst_GO_RSA_PKCS1_OAEP_PADDING /*line :210:60*/), h, label, 0, 0, decryptInit, decrypt, ciphertext)
}

func EncryptRSAOAEP(h hash.Hash, pub *PublicKeyRSA, msg, label []byte) ([]byte, error) {
	return cryptRSA(pub, pub.key, ( /*line :214:32*/_Ciconst_GO_RSA_PKCS1_OAEP_PADDING /*line :214:58*/), h, label, 0, 0, encryptInit, encrypt, msg)
}

func DecryptRSAPKCS1(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) {
	return cryptRSA(priv, priv.key, ( /*line :218:34*/_Ciconst_GO_RSA_PKCS1_PADDING /*line :218:55*/), nil, nil, 0, 0, decryptInit, decrypt, ciphertext)
}

func EncryptRSAPKCS1(pub *PublicKeyRSA, msg []byte) ([]byte, error) {
	return cryptRSA(pub, pub.key, ( /*line :222:32*/_Ciconst_GO_RSA_PKCS1_PADDING /*line :222:53*/), nil, nil, 0, 0, encryptInit, encrypt, msg)
}

func DecryptRSANoPadding(priv *PrivateKeyRSA, ciphertext []byte) ([]byte, error) {
	return cryptRSA(priv, priv.key, ( /*line :226:34*/_Ciconst_GO_RSA_NO_PADDING /*line :226:52*/), nil, nil, 0, 0, decryptInit, decrypt, ciphertext)
}

func EncryptRSANoPadding(pub *PublicKeyRSA, msg []byte) ([]byte, error) {
	return cryptRSA(pub, pub.key, ( /*line :230:32*/_Ciconst_GO_RSA_NO_PADDING /*line :230:50*/), nil, nil, 0, 0, encryptInit, encrypt, msg)
}

// These dumb wrappers work around the fact that cgo functions cannot be used as values directly.

func decryptInit(ctx * /*line :235:23*/_Ctype_struct_evp_pkey_ctx_st /*line :235:40*/)  /*line :235:42*/_Ctype_int /*line :235:47*/ {
	return func() _Ctype_int{ _cgo0 := /*line :236:49*/ctx; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_decrypt_init(_cgo0); }()
}

func decrypt(ctx * /*line :239:19*/_Ctype_struct_evp_pkey_ctx_st /*line :239:36*/, out * /*line :239:43*/_Ctype_uint8_t /*line :239:52*/, outLen * /*line :239:62*/_Ctype_size_t /*line :239:70*/, in * /*line :239:76*/_Ctype_uint8_t /*line :239:85*/, inLen  /*line :239:93*/_Ctype_size_t /*line :239:101*/)  /*line :239:103*/_Ctype_int /*line :239:108*/ {
	return func() _Ctype_int{ _cgo0 := /*line :240:44*/ctx; var _cgo1 *_Ctype_uint8_t = /*line :240:49*/out; var _cgo2 *_Ctype_size_t = /*line :240:54*/outLen; var _cgo3 *_Ctype_uint8_t = /*line :240:62*/in; var _cgo4 _Ctype_size_t = /*line :240:66*/inLen; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_decrypt(_cgo0, _cgo1, _cgo2, _cgo3, _cgo4); }()
}

func encryptInit(ctx * /*line :243:23*/_Ctype_struct_evp_pkey_ctx_st /*line :243:40*/)  /*line :243:42*/_Ctype_int /*line :243:47*/ {
	return func() _Ctype_int{ _cgo0 := /*line :244:49*/ctx; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_encrypt_init(_cgo0); }()
}

func encrypt(ctx * /*line :247:19*/_Ctype_struct_evp_pkey_ctx_st /*line :247:36*/, out * /*line :247:43*/_Ctype_uint8_t /*line :247:52*/, outLen * /*line :247:62*/_Ctype_size_t /*line :247:70*/, in * /*line :247:76*/_Ctype_uint8_t /*line :247:85*/, inLen  /*line :247:93*/_Ctype_size_t /*line :247:101*/)  /*line :247:103*/_Ctype_int /*line :247:108*/ {
	return func() _Ctype_int{ _cgo0 := /*line :248:44*/ctx; var _cgo1 *_Ctype_uint8_t = /*line :248:49*/out; var _cgo2 *_Ctype_size_t = /*line :248:54*/outLen; var _cgo3 *_Ctype_uint8_t = /*line :248:62*/in; var _cgo4 _Ctype_size_t = /*line :248:66*/inLen; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_EVP_PKEY_encrypt(_cgo0, _cgo1, _cgo2, _cgo3, _cgo4); }()
}

func SignRSAPSS(priv *PrivateKeyRSA, h crypto.Hash, hashed []byte, saltLen int) ([]byte, error) {
	md := cryptoHashToMD(h)
	if md == nil {
		return nil, errors.New("crypto/rsa: unsupported hash function")
	}
	if saltLen == 0 {
		saltLen = -1
	}
	out := make([]byte, func() _Ctype_uint{ _cgo0 := /*line :259:49*/priv.key; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_RSA_size(_cgo0); }())
	var outLen  /*line :260:13*/_Ctype_size_t /*line :260:21*/
	if func() _Ctype_int{ _cgo0 := /*line :262:3*/priv.key; var _cgo1 *_Ctype_size_t = /*line :263:3*/&outLen; var _cgo2 *_Ctype_uint8_t = /*line :263:12*/base(out); var _cgo3 _Ctype_size_t = _Ctype_size_t(len(out)); var _cgo4 *_Ctype_uint8_t = /*line :264:3*/base(hashed); var _cgo5 _Ctype_size_t = _Ctype_size_t(len(hashed)); _cgo6 := /*line :265:3*/md; var _cgo7 *_Ctype_struct_env_md_st = /*line :265:7*/nil; var _cgo8 _Ctype_int = _Ctype_int(saltLen); _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo6); return _Cfunc__goboringcrypto_RSA_sign_pss_mgf1(_cgo0, _cgo1, _cgo2, _cgo3, _cgo4, _cgo5, _cgo6, _cgo7, _cgo8); }() == 0 {
		return nil, fail("RSA_sign_pss_mgf1")
	}
	runtime.KeepAlive(priv)

	return out[:outLen], nil
}

func VerifyRSAPSS(pub *PublicKeyRSA, h crypto.Hash, hashed, sig []byte, saltLen int) error {
	md := cryptoHashToMD(h)
	if md == nil {
		return errors.New("crypto/rsa: unsupported hash function")
	}
	if saltLen == 0 {
		saltLen = -2 // auto-recover
	}
	if func() _Ctype_int{ _cgo0 := /*line :281:43*/pub.key; var _cgo1 *_Ctype_uint8_t = /*line :282:3*/base(hashed); var _cgo2 _Ctype_size_t = _Ctype_size_t(len(hashed)); _cgo3 := /*line :284:3*/md; var _cgo4 *_Ctype_struct_env_md_st = /*line :284:7*/nil; var _cgo5 _Ctype_int = _Ctype_int(saltLen); var _cgo6 *_Ctype_uint8_t = /*line :284:28*/base(sig); var _cgo7 _Ctype_size_t = _Ctype_size_t(len(sig)); _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo3); return _Cfunc__goboringcrypto_RSA_verify_pss_mgf1(_cgo0, _cgo1, _cgo2, _cgo3, _cgo4, _cgo5, _cgo6, _cgo7); }() == 0 {
		return fail("RSA_verify_pss_mgf1")
	}
	runtime.KeepAlive(pub)
	return nil
}

func SignRSAPKCS1v15(priv *PrivateKeyRSA, h crypto.Hash, msg []byte) ([]byte, error) {
	out := make([]byte, func() _Ctype_uint{ _cgo0 := /*line :292:49*/priv.key; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_RSA_size(_cgo0); }())

	md := cryptoHashToMD(h)
	if md == nil {
		return nil, errors.New("crypto/rsa: unsupported hash function: " + strconv.Itoa(int(h)))
	}
	var outLen  /*line :298:13*/_Ctype_size_t /*line :298:21*/
	if func() _Ctype_int{ _cgo0 := /*line :299:36*/md; var _cgo1 *_Ctype_uint8_t = /*line :299:40*/base(msg); var _cgo2 _Ctype_size_t = _Ctype_size_t(len(msg)); var _cgo3 *_Ctype_uint8_t = /*line :299:71*/base(out); var _cgo4 *_Ctype_size_t = /*line :299:82*/&outLen; _cgo5 := /*line :299:91*/priv.key; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo5); return _Cfunc__goboringcrypto_EVP_RSA_sign(_cgo0, _cgo1, _cgo2, _cgo3, _cgo4, _cgo5); }() == 0 {
		return nil, fail("RSA_sign")
	}
	runtime.KeepAlive(priv)
	return out[:outLen], nil
}

func VerifyRSAPKCS1v15(pub *PublicKeyRSA, h crypto.Hash, msg, sig []byte) error {
	size := int(func() _Ctype_uint{ _cgo0 := /*line :307:41*/pub.key; _cgoCheckPointer(_cgo0); return _Cfunc__goboringcrypto_RSA_size(_cgo0); }())
	if len(sig) < size {
		// BoringCrypto requires sig to be same size as RSA key, so pad with leading zeros.
		zsig := make([]byte, size)
		copy(zsig[len(zsig)-len(sig):], sig)
		sig = zsig
	}

	md := cryptoHashToMD(h)
	if md == nil {
		return errors.New("crypto/rsa: unsupported hash function")
	}
	if func() _Ctype_int{ _cgo0 := /*line :319:38*/md; var _cgo1 *_Ctype_uint8_t = /*line :319:42*/base(msg); var _cgo2 _Ctype_size_t = _Ctype_size_t(len(msg)); var _cgo3 *_Ctype_uint8_t = /*line :319:73*/base(sig); var _cgo4 _Ctype_size_t = _Ctype_size_t(len(sig)); _cgo5 := /*line :319:104*/pub.key; _cgoCheckPointer(_cgo0); _cgoCheckPointer(_cgo5); return _Cfunc__goboringcrypto_EVP_RSA_verify(_cgo0, _cgo1, _cgo2, _cgo3, _cgo4, _cgo5); }() == 0 {
		return fail("RSA_verify")
	}
	runtime.KeepAlive(pub)
	return nil
}
