Move RSA blinding API from rsa_crpt.c to rsa_blinding.c

diff --git a/lib/libcrypto/rsa/rsa_blinding.c b/lib/libcrypto/rsa/rsa_blinding.c
index bc267b1..e6fd672 100644 (file)
--- a/lib/libcrypto/rsa/rsa_blinding.c
+++ b/lib/libcrypto/rsa/rsa_blinding.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_blinding.c,v 1.1 2023/08/09 09:23:03 tb Exp $ */
+/* $OpenBSD: rsa_blinding.c,v 1.2 2023/08/09 09:26:43 tb Exp $ */
 /* ====================================================================
  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
  *
@@ -259,3 +259,103 @@ BN_BLINDING_thread_id(BN_BLINDING *b)
 {
        return &b->tid;
 }
+
+static BIGNUM *
+rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
+    BN_CTX *ctx)
+{
+       BIGNUM *ret = NULL, *r0, *r1, *r2;
+
+       if (d == NULL || p == NULL || q == NULL)
+               return NULL;
+
+       BN_CTX_start(ctx);
+       if ((r0 = BN_CTX_get(ctx)) == NULL)
+               goto err;
+       if ((r1 = BN_CTX_get(ctx)) == NULL)
+               goto err;
+       if ((r2 = BN_CTX_get(ctx)) == NULL)
+               goto err;
+
+       if (!BN_sub(r1, p, BN_value_one()))
+               goto err;
+       if (!BN_sub(r2, q, BN_value_one()))
+               goto err;
+       if (!BN_mul(r0, r1, r2, ctx))
+               goto err;
+
+       ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
+err:
+       BN_CTX_end(ctx);
+       return ret;
+}
+
+BN_BLINDING *
+RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
+{
+       BIGNUM *e = NULL;
+       BIGNUM n;
+       BN_CTX *ctx = NULL;
+       BN_BLINDING *ret = NULL;
+
+       if ((ctx = in_ctx) == NULL)
+               ctx = BN_CTX_new();
+       if (ctx == NULL)
+               goto err;
+
+       BN_CTX_start(ctx);
+
+       if ((e = rsa->e) == NULL)
+               e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
+       if (e == NULL) {
+               RSAerror(RSA_R_NO_PUBLIC_EXPONENT);
+               goto err;
+       }
+
+       BN_init(&n);
+       BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
+
+       if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp,
+           rsa->_method_mod_n)) == NULL) {
+               RSAerror(ERR_R_BN_LIB);
+               goto err;
+       }
+       CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
+
+ err:
+       BN_CTX_end(ctx);
+       if (ctx != in_ctx)
+               BN_CTX_free(ctx);
+       if (e != rsa->e)
+               BN_free(e);
+
+       return ret;
+}
+
+void
+RSA_blinding_off(RSA *rsa)
+{
+       BN_BLINDING_free(rsa->blinding);
+       rsa->blinding = NULL;
+       rsa->flags |= RSA_FLAG_NO_BLINDING;
+}
+LCRYPTO_ALIAS(RSA_blinding_off);
+
+int
+RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
+{
+       int ret = 0;
+
+       if (rsa->blinding != NULL)
+               RSA_blinding_off(rsa);
+
+       rsa->blinding = RSA_setup_blinding(rsa, ctx);
+       if (rsa->blinding == NULL)
+               goto err;
+
+       rsa->flags &= ~RSA_FLAG_NO_BLINDING;
+       ret = 1;
+err:
+       return (ret);
+}
+LCRYPTO_ALIAS(RSA_blinding_on);

diff --git a/lib/libcrypto/rsa/rsa_crpt.c b/lib/libcrypto/rsa/rsa_crpt.c
index fcf29f1..2a23c1b 100644 (file)
--- a/lib/libcrypto/rsa/rsa_crpt.c
+++ b/lib/libcrypto/rsa/rsa_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_crpt.c,v 1.27 2023/08/09 09:25:13 tb Exp $ */
+/* $OpenBSD: rsa_crpt.c,v 1.28 2023/08/09 09:26:43 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -125,103 +125,3 @@ RSA_flags(const RSA *r)
        return r == NULL ? 0 : r->meth->flags;
 }
 LCRYPTO_ALIAS(RSA_flags);
-
-static BIGNUM *
-rsa_get_public_exp(const BIGNUM *d, const BIGNUM *p, const BIGNUM *q,
-    BN_CTX *ctx)
-{
-       BIGNUM *ret = NULL, *r0, *r1, *r2;
-
-       if (d == NULL || p == NULL || q == NULL)
-               return NULL;
-
-       BN_CTX_start(ctx);
-       if ((r0 = BN_CTX_get(ctx)) == NULL)
-               goto err;
-       if ((r1 = BN_CTX_get(ctx)) == NULL)
-               goto err;
-       if ((r2 = BN_CTX_get(ctx)) == NULL)
-               goto err;
-
-       if (!BN_sub(r1, p, BN_value_one()))
-               goto err;
-       if (!BN_sub(r2, q, BN_value_one()))
-               goto err;
-       if (!BN_mul(r0, r1, r2, ctx))
-               goto err;
-
-       ret = BN_mod_inverse_ct(NULL, d, r0, ctx);
-err:
-       BN_CTX_end(ctx);
-       return ret;
-}
-
-BN_BLINDING *
-RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
-{
-       BIGNUM *e = NULL;
-       BIGNUM n;
-       BN_CTX *ctx = NULL;
-       BN_BLINDING *ret = NULL;
-
-       if ((ctx = in_ctx) == NULL)
-               ctx = BN_CTX_new();
-       if (ctx == NULL)
-               goto err;
-
-       BN_CTX_start(ctx);
-
-       if ((e = rsa->e) == NULL)
-               e = rsa_get_public_exp(rsa->d, rsa->p, rsa->q, ctx);
-       if (e == NULL) {
-               RSAerror(RSA_R_NO_PUBLIC_EXPONENT);
-               goto err;
-       }
-
-       BN_init(&n);
-       BN_with_flags(&n, rsa->n, BN_FLG_CONSTTIME);
-
-       if ((ret = BN_BLINDING_new(e, &n, ctx, rsa->meth->bn_mod_exp,
-           rsa->_method_mod_n)) == NULL) {
-               RSAerror(ERR_R_BN_LIB);
-               goto err;
-       }
-       CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
-
- err:
-       BN_CTX_end(ctx);
-       if (ctx != in_ctx)
-               BN_CTX_free(ctx);
-       if (e != rsa->e)
-               BN_free(e);
-
-       return ret;
-}
-
-void
-RSA_blinding_off(RSA *rsa)
-{
-       BN_BLINDING_free(rsa->blinding);
-       rsa->blinding = NULL;
-       rsa->flags |= RSA_FLAG_NO_BLINDING;
-}
-LCRYPTO_ALIAS(RSA_blinding_off);
-
-int
-RSA_blinding_on(RSA *rsa, BN_CTX *ctx)
-{
-       int ret = 0;
-
-       if (rsa->blinding != NULL)
-               RSA_blinding_off(rsa);
-
-       rsa->blinding = RSA_setup_blinding(rsa, ctx);
-       if (rsa->blinding == NULL)
-               goto err;
-
-       rsa->flags &= ~RSA_FLAG_NO_BLINDING;
-       ret = 1;
-err:
-       return (ret);
-}
-LCRYPTO_ALIAS(RSA_blinding_on);