summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/hidden
diff options
context:
space:
mode:
authortb <>2023-07-28 10:05:16 +0000
committertb <>2023-07-28 10:05:16 +0000
commit6cc5955271563c498eb75bea6798690a380d43cf (patch)
tree9d9e5e88058fce53bb18a48739125946a2639657 /src/lib/libcrypto/hidden
parent8d8ca2c8c440c1df72455fe4055627e4110c3973 (diff)
downloadopenbsd-6cc5955271563c498eb75bea6798690a380d43cf.tar.gz
openbsd-6cc5955271563c498eb75bea6798690a380d43cf.tar.bz2
openbsd-6cc5955271563c498eb75bea6798690a380d43cf.zip
Make BN_BLINDING internal
RSA is pretty bad. In my most optimistic moments I dream of a world that stopped using it. That won't happen during my lifetime, unfortunately. Blinding is one way of making it a little less leaky. Unfortunately this side-channel leak mitigation leaked out of the library for no good reason. Let's at least fix that aspect of it. ok jsing
Diffstat (limited to 'src/lib/libcrypto/hidden')
-rw-r--r--src/lib/libcrypto/hidden/openssl/bn.h13
-rw-r--r--src/lib/libcrypto/hidden/openssl/rsa.h3
2 files changed, 2 insertions, 14 deletions
diff --git a/src/lib/libcrypto/hidden/openssl/bn.h b/src/lib/libcrypto/hidden/openssl/bn.h
index 6c23a5c6d8..d58bd10672 100644
--- a/src/lib/libcrypto/hidden/openssl/bn.h
+++ b/src/lib/libcrypto/hidden/openssl/bn.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: bn.h,v 1.1 2023/07/08 12:21:58 beck Exp $ */ 1/* $OpenBSD: bn.h,v 1.2 2023/07/28 10:05:16 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -131,17 +131,6 @@ LCRYPTO_USED(BN_MONT_CTX_free);
131LCRYPTO_USED(BN_MONT_CTX_set); 131LCRYPTO_USED(BN_MONT_CTX_set);
132LCRYPTO_USED(BN_MONT_CTX_copy); 132LCRYPTO_USED(BN_MONT_CTX_copy);
133LCRYPTO_USED(BN_MONT_CTX_set_locked); 133LCRYPTO_USED(BN_MONT_CTX_set_locked);
134LCRYPTO_USED(BN_BLINDING_new);
135LCRYPTO_USED(BN_BLINDING_free);
136LCRYPTO_USED(BN_BLINDING_update);
137LCRYPTO_USED(BN_BLINDING_convert);
138LCRYPTO_USED(BN_BLINDING_invert);
139LCRYPTO_USED(BN_BLINDING_convert_ex);
140LCRYPTO_USED(BN_BLINDING_invert_ex);
141LCRYPTO_USED(BN_BLINDING_thread_id);
142LCRYPTO_USED(BN_BLINDING_get_flags);
143LCRYPTO_USED(BN_BLINDING_set_flags);
144LCRYPTO_USED(BN_BLINDING_create_param);
145LCRYPTO_USED(get_rfc2409_prime_768); 134LCRYPTO_USED(get_rfc2409_prime_768);
146LCRYPTO_USED(get_rfc2409_prime_1024); 135LCRYPTO_USED(get_rfc2409_prime_1024);
147LCRYPTO_USED(BN_get_rfc2409_prime_768); 136LCRYPTO_USED(BN_get_rfc2409_prime_768);
diff --git a/src/lib/libcrypto/hidden/openssl/rsa.h b/src/lib/libcrypto/hidden/openssl/rsa.h
index f4342e21da..ff47101a07 100644
--- a/src/lib/libcrypto/hidden/openssl/rsa.h
+++ b/src/lib/libcrypto/hidden/openssl/rsa.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa.h,v 1.1 2023/07/08 12:26:45 beck Exp $ */ 1/* $OpenBSD: rsa.h,v 1.2 2023/07/28 10:05:16 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -66,7 +66,6 @@ LCRYPTO_USED(RSA_sign_ASN1_OCTET_STRING);
66LCRYPTO_USED(RSA_verify_ASN1_OCTET_STRING); 66LCRYPTO_USED(RSA_verify_ASN1_OCTET_STRING);
67LCRYPTO_USED(RSA_blinding_on); 67LCRYPTO_USED(RSA_blinding_on);
68LCRYPTO_USED(RSA_blinding_off); 68LCRYPTO_USED(RSA_blinding_off);
69LCRYPTO_USED(RSA_setup_blinding);
70LCRYPTO_USED(RSA_padding_add_PKCS1_type_1); 69LCRYPTO_USED(RSA_padding_add_PKCS1_type_1);
71LCRYPTO_USED(RSA_padding_check_PKCS1_type_1); 70LCRYPTO_USED(RSA_padding_check_PKCS1_type_1);
72LCRYPTO_USED(RSA_padding_add_PKCS1_type_2); 71LCRYPTO_USED(RSA_padding_add_PKCS1_type_2);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-12-29 15:56:18 +0000