Move RSA blinding API from rsa_crpt.c to rsa_blinding.c

author: tb <> 2023-08-09 09:26:43 +0000
committer: tb <> 2023-08-09 09:26:43 +0000
commit: c7d7d3762cea9b7435220c2724efbd13b197f084 (patch)
tree: c83f12254ba95625343fa944e5fa999a85229a0a /src/lib/libcrypto/rsa/rsa_crpt.c
parent: 740758f21136fde8a6854e0cf1924236fcabd70b (diff)
download: openbsd-c7d7d3762cea9b7435220c2724efbd13b197f084.tar.gz
openbsd-c7d7d3762cea9b7435220c2724efbd13b197f084.tar.bz2
openbsd-c7d7d3762cea9b7435220c2724efbd13b197f084.zip
1 files changed, 1 insertions, 101 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c
index fcf29f121e..2a23c1bb88 100644
--- a/src/lib/libcrypto/rsa/rsa_crpt.c
+++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_crpt.c,v 1.27 2023/08/09 09:25:13 tb Exp $ */
+/* $OpenBSD: rsa_crpt.c,v 1.28 2023/08/09 09:26:43 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -125,103 +125,3 @@ RSA_flags(const RSA *r)
        return r == NULL ? 0 : r->meth->flags;
 }
 LCRYPTO_ALIAS(RSA_flags);
-static BIGNUM *
-rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
-    BN_CTX *ctx)
-{
-        BIGNUM *ret = NULL, *r0, *r1, *r2;
-        if (d == NULL || p == NULL || q == NULL)
-                return NULL;
-        BN_CTX_start(ctx);
-        if ((r0 = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((r1 = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if ((r2 = BN_CTX_get(ctx)) == NULL)
-                goto err;
-        if (!BN_sub(r1, p, BN_value_one()))
-                goto err;
-        if (!BN_sub(r2, q, BN_value_one()))
-                goto err;
-        if (!BN_mul(r0, r1, r2, ctx))
-                goto err;
-        ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
-err:
-        BN_CTX_end(ctx);
-        return ret;
-}
-BN_BLINDING *
-RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
-{
-        BIGNUM *e = NULL;
-        BIGNUM n;
-        BN_CTX *ctx = NULL;
-        BN_BLINDING *ret = NULL;
-        if ((ctx = in_ctx) == NULL)
-                ctx = BN_CTX_new();
-        if (ctx == NULL)
-                goto err;
-        BN_CTX_start(ctx);
-        if ((e = rsa->e) == NULL)
-                e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
-        if (e == NULL) {
-                RSAerror(RSA_R_NO_PUBLIC_EXPONENT);
-                goto err;
-        }
-        BN_init(&n);
-        BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
-        if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp,
-            rsa->_method_mod_n)) == NULL) {
-                RSAerror(ERR_R_BN_LIB);
-                goto err;
-        }
-        CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
- err:
-        BN_CTX_end(ctx);
-        if (ctx != in_ctx)
-                BN_CTX_free(ctx);
-        if (e != rsa->e)
-                BN_free(e);
-        return ret;
-}
-void
-RSA_blinding_off(RSA *rsa)
-{
-        BN_BLINDING_free(rsa->blinding);
-        rsa->blinding = NULL;
-        rsa->flags |= RSA_FLAG_NO_BLINDING;
-}
-LCRYPTO_ALIAS(RSA_blinding_off);
-int
-RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
-{
-        int ret = 0;
-        if (rsa->blinding != NULL)
-                RSA_blinding_off(rsa);
-        rsa->blinding = RSA_setup_blinding(rsa, ctx);
-        if (rsa->blinding == NULL)
-                goto err;
-        rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-        ret = 1;
-err:
-        return (ret);
-}
-LCRYPTO_ALIAS(RSA_blinding_on);
author	tb <>	2023-08-09 09:26:43 +0000
committer	tb <>	2023-08-09 09:26:43 +0000
commit	c7d7d3762cea9b7435220c2724efbd13b197f084 (patch)
tree	c83f12254ba95625343fa944e5fa999a85229a0a /src/lib/libcrypto/rsa/rsa_crpt.c
parent	740758f21136fde8a6854e0cf1924236fcabd70b (diff)
download	openbsd-c7d7d3762cea9b7435220c2724efbd13b197f084.tar.gz openbsd-c7d7d3762cea9b7435220c2724efbd13b197f084.tar.bz2 openbsd-c7d7d3762cea9b7435220c2724efbd13b197f084.zip

diff --git a/src/lib/libcrypto/rsa/rsa_crpt.c b/src/lib/libcrypto/rsa/rsa_crpt.c index fcf29f121e..2a23c1bb88 100644 --- a/src/lib/libcrypto/rsa/rsa_crpt.c +++ b/src/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_crpt.c,v 1.27 2023/08/09 09:25:13 tb Exp $ */	1	/* $OpenBSD: rsa_crpt.c,v 1.28 2023/08/09 09:26:43 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -125,103 +125,3 @@ RSA_flags(const RSA *r)
125	return r == NULL ? 0 : r->meth->flags;	125	return r == NULL ? 0 : r->meth->flags;
126	}	126	}
127	LCRYPTO_ALIAS(RSA_flags);	127	LCRYPTO_ALIAS(RSA_flags);
128
129	static BIGNUM *
130	rsa_get_public_exp(const BIGNUM d, const BIGNUM p, const BIGNUM *q,
131	BN_CTX *ctx)
132	{
133	BIGNUM ret = NULL, r0, r1, r2;
134
135	if (d == NULL \|\| p == NULL \|\| q == NULL)
136	return NULL;
137
138	BN_CTX_start(ctx);
139	if ((r0 = BN_CTX_get(ctx)) == NULL)
140	goto err;
141	if ((r1 = BN_CTX_get(ctx)) == NULL)
142	goto err;
143	if ((r2 = BN_CTX_get(ctx)) == NULL)
144	goto err;
145
146	if (!BN_sub(r1, p, BN_value_one()))
147	goto err;
148	if (!BN_sub(r2, q, BN_value_one()))
149	goto err;
150	if (!BN_mul(r0, r1, r2, ctx))
151	goto err;
152
153	ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
154	err:
155	BN_CTX_end(ctx);
156	return ret;
157	}
158
159	BN_BLINDING *
160	RSA_setup_blinding(RSA rsa, BN_CTX in_ctx)
161	{
162	BIGNUM *e = NULL;
163	BIGNUM n;
164	BN_CTX *ctx = NULL;
165	BN_BLINDING *ret = NULL;
166
167	if ((ctx = in_ctx) == NULL)
168	ctx = BN_CTX_new();
169	if (ctx == NULL)
170	goto err;
171
172	BN_CTX_start(ctx);
173
174	if ((e = rsa->e) == NULL)
175	e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
176	if (e == NULL) {
177	RSAerror(RSA_R_NO_PUBLIC_EXPONENT);
178	goto err;
179	}
180
181	BN_init(&n);
182	BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
183
184	if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp,
185	rsa->_method_mod_n)) == NULL) {
186	RSAerror(ERR_R_BN_LIB);
187	goto err;
188	}
189	CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
190
191	err:
192	BN_CTX_end(ctx);
193	if (ctx != in_ctx)
194	BN_CTX_free(ctx);
195	if (e != rsa->e)
196	BN_free(e);
197
198	return ret;
199	}
200
201	void
202	RSA_blinding_off(RSA *rsa)
203	{
204	BN_BLINDING_free(rsa->blinding);
205	rsa->blinding = NULL;
206	rsa->flags \|= RSA_FLAG_NO_BLINDING;
207	}
208	LCRYPTO_ALIAS(RSA_blinding_off);
209
210	int
211	RSA_blinding_on(RSA rsa, BN_CTX ctx)
212	{
213	int ret = 0;
214
215	if (rsa->blinding != NULL)
216	RSA_blinding_off(rsa);
217
218	rsa->blinding = RSA_setup_blinding(rsa, ctx);
219	if (rsa->blinding == NULL)
220	goto err;
221
222	rsa->flags &= ~RSA_FLAG_NO_BLINDING;
223	ret = 1;
224	err:
225	return (ret);
226	}
227	LCRYPTO_ALIAS(RSA_blinding_on);