summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bn_blind.c
diff options
context:
space:
mode:
authortb <>2023-07-28 10:05:16 +0000
committertb <>2023-07-28 10:05:16 +0000
commit6cc5955271563c498eb75bea6798690a380d43cf (patch)
tree9d9e5e88058fce53bb18a48739125946a2639657 /src/lib/libcrypto/bn/bn_blind.c
parent8d8ca2c8c440c1df72455fe4055627e4110c3973 (diff)
downloadopenbsd-6cc5955271563c498eb75bea6798690a380d43cf.tar.gz
openbsd-6cc5955271563c498eb75bea6798690a380d43cf.tar.bz2
openbsd-6cc5955271563c498eb75bea6798690a380d43cf.zip
Make BN_BLINDING internal
RSA is pretty bad. In my most optimistic moments I dream of a world that stopped using it. That won't happen during my lifetime, unfortunately. Blinding is one way of making it a little less leaky. Unfortunately this side-channel leak mitigation leaked out of the library for no good reason. Let's at least fix that aspect of it. ok jsing
Diffstat (limited to 'src/lib/libcrypto/bn/bn_blind.c')
-rw-r--r--src/lib/libcrypto/bn/bn_blind.c13
1 files changed, 1 insertions, 12 deletions
diff --git a/src/lib/libcrypto/bn/bn_blind.c b/src/lib/libcrypto/bn/bn_blind.c
index 07cd359e7e..7332df2b56 100644
--- a/src/lib/libcrypto/bn/bn_blind.c
+++ b/src/lib/libcrypto/bn/bn_blind.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn_blind.c,v 1.23 2023/07/08 12:21:58 beck Exp $ */ 1/* $OpenBSD: bn_blind.c,v 1.24 2023/07/28 10:05:16 tb Exp $ */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
4 * 4 *
@@ -169,7 +169,6 @@ err:
169 BN_BLINDING_free(ret); 169 BN_BLINDING_free(ret);
170 return (NULL); 170 return (NULL);
171} 171}
172LCRYPTO_ALIAS(BN_BLINDING_new);
173 172
174void 173void
175BN_BLINDING_free(BN_BLINDING *r) 174BN_BLINDING_free(BN_BLINDING *r)
@@ -183,7 +182,6 @@ BN_BLINDING_free(BN_BLINDING *r)
183 BN_free(r->mod); 182 BN_free(r->mod);
184 free(r); 183 free(r);
185} 184}
186LCRYPTO_ALIAS(BN_BLINDING_free);
187 185
188int 186int
189BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx) 187BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx)
@@ -217,14 +215,12 @@ err:
217 b->counter = 0; 215 b->counter = 0;
218 return (ret); 216 return (ret);
219} 217}
220LCRYPTO_ALIAS(BN_BLINDING_update);
221 218
222int 219int
223BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) 220BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
224{ 221{
225 return BN_BLINDING_convert_ex(n, NULL, b, ctx); 222 return BN_BLINDING_convert_ex(n, NULL, b, ctx);
226} 223}
227LCRYPTO_ALIAS(BN_BLINDING_convert);
228 224
229int 225int
230BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) 226BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
@@ -253,14 +249,12 @@ BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
253 249
254 return ret; 250 return ret;
255} 251}
256LCRYPTO_ALIAS(BN_BLINDING_convert_ex);
257 252
258int 253int
259BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) 254BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx)
260{ 255{
261 return BN_BLINDING_invert_ex(n, NULL, b, ctx); 256 return BN_BLINDING_invert_ex(n, NULL, b, ctx);
262} 257}
263LCRYPTO_ALIAS(BN_BLINDING_invert);
264 258
265int 259int
266BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) 260BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
@@ -280,28 +274,24 @@ BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx)
280 274
281 return (ret); 275 return (ret);
282} 276}
283LCRYPTO_ALIAS(BN_BLINDING_invert_ex);
284 277
285CRYPTO_THREADID * 278CRYPTO_THREADID *
286BN_BLINDING_thread_id(BN_BLINDING *b) 279BN_BLINDING_thread_id(BN_BLINDING *b)
287{ 280{
288 return &b->tid; 281 return &b->tid;
289} 282}
290LCRYPTO_ALIAS(BN_BLINDING_thread_id);
291 283
292unsigned long 284unsigned long
293BN_BLINDING_get_flags(const BN_BLINDING *b) 285BN_BLINDING_get_flags(const BN_BLINDING *b)
294{ 286{
295 return b->flags; 287 return b->flags;
296} 288}
297LCRYPTO_ALIAS(BN_BLINDING_get_flags);
298 289
299void 290void
300BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) 291BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags)
301{ 292{
302 b->flags = flags; 293 b->flags = flags;
303} 294}
304LCRYPTO_ALIAS(BN_BLINDING_set_flags);
305 295
306BN_BLINDING * 296BN_BLINDING *
307BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, 297BN_BLINDING_create_param(BN_BLINDING *b, const BIGNUM *e, BIGNUM *m,
@@ -373,4 +363,3 @@ err:
373 363
374 return ret; 364 return ret;
375} 365}
376LCRYPTO_ALIAS(BN_BLINDING_create_param);