From d2a7e728bf6db09c08f5857698800a34fbc296ae Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Wed, 26 Jul 2023 20:08:59 +0000
Subject: [PATCH] BN_BLINDING will be made internal-only. Remove its
 documentation

---
 lib/libcrypto/man/BN_BLINDING_new.3 | 317 ----------------------------
 lib/libcrypto/man/BN_new.3          |   5 +-
 lib/libcrypto/man/Makefile          |   3 +-
 lib/libcrypto/man/RSA_blinding_on.3 |   5 +-
 4 files changed, 5 insertions(+), 325 deletions(-)
 delete mode 100644 lib/libcrypto/man/BN_BLINDING_new.3

diff --git a/lib/libcrypto/man/BN_BLINDING_new.3 b/lib/libcrypto/man/BN_BLINDING_new.3
deleted file mode 100644
index 36521d977cc..00000000000
--- a/lib/libcrypto/man/BN_BLINDING_new.3
+++ /dev/null
@@ -1,317 +0,0 @@
-.\"	$OpenBSD: BN_BLINDING_new.3,v 1.12 2023/04/25 20:07:55 tb Exp $
-.\"	OpenSSL a528d4f0 Oct 27 13:40:11 2015 -0400
-.\"
-.\" This file was written by Nils Larsch <nils@openssl.org>.
-.\" Copyright (c) 2005, 2008, 2013, 2015 The OpenSSL Project.
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\"    notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\"    notice, this list of conditions and the following disclaimer in
-.\"    the documentation and/or other materials provided with the
-.\"    distribution.
-.\"
-.\" 3. All advertising materials mentioning features or use of this
-.\"    software must display the following acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
-.\"
-.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
-.\"    endorse or promote products derived from this software without
-.\"    prior written permission. For written permission, please contact
-.\"    openssl-core@openssl.org.
-.\"
-.\" 5. Products derived from this software may not be called "OpenSSL"
-.\"    nor may "OpenSSL" appear in their names without prior written
-.\"    permission of the OpenSSL Project.
-.\"
-.\" 6. Redistributions of any form whatsoever must retain the following
-.\"    acknowledgment:
-.\"    "This product includes software developed by the OpenSSL Project
-.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
-.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
-.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
-.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-.\" OF THE POSSIBILITY OF SUCH DAMAGE.
-.\"
-.Dd $Mdocdate: April 25 2023 $
-.Dt BN_BLINDING_NEW 3
-.Os
-.Sh NAME
-.Nm BN_BLINDING_new ,
-.Nm BN_BLINDING_free ,
-.Nm BN_BLINDING_update ,
-.Nm BN_BLINDING_convert ,
-.Nm BN_BLINDING_invert ,
-.Nm BN_BLINDING_convert_ex ,
-.Nm BN_BLINDING_invert_ex ,
-.Nm BN_BLINDING_thread_id ,
-.Nm BN_BLINDING_get_flags ,
-.Nm BN_BLINDING_set_flags ,
-.Nm BN_BLINDING_create_param
-.Nd blinding related BIGNUM functions
-.Sh SYNOPSIS
-.In openssl/bn.h
-.Ft BN_BLINDING *
-.Fo BN_BLINDING_new
-.Fa "const BIGNUM *A"
-.Fa "const BIGNUM *Ai"
-.Fa "BIGNUM *mod"
-.Fc
-.Ft void
-.Fo BN_BLINDING_free
-.Fa "BN_BLINDING *b"
-.Fc
-.Ft int
-.Fo BN_BLINDING_update
-.Fa "BN_BLINDING *b"
-.Fa "BN_CTX *ctx"
-.Fc
-.Ft int
-.Fo BN_BLINDING_convert
-.Fa "BIGNUM *n"
-.Fa "BN_BLINDING *b"
-.Fa "BN_CTX *ctx"
-.Fc
-.Ft int
-.Fo BN_BLINDING_invert
-.Fa "BIGNUM *n"
-.Fa "BN_BLINDING *b"
-.Fa "BN_CTX *ctx"
-.Fc
-.Ft int
-.Fo BN_BLINDING_convert_ex
-.Fa "BIGNUM *n"
-.Fa "BIGNUM *r"
-.Fa "BN_BLINDING *b"
-.Fa "BN_CTX *ctx"
-.Fc
-.Ft int
-.Fo BN_BLINDING_invert_ex
-.Fa "BIGNUM *n"
-.Fa "const BIGNUM *r"
-.Fa "BN_BLINDING *b"
-.Fa "BN_CTX *ctx"
-.Fc
-.Ft CRYPTO_THREADID *
-.Fo BN_BLINDING_thread_id
-.Fa "BN_BLINDING *"
-.Fc
-.Ft unsigned long
-.Fo BN_BLINDING_get_flags
-.Fa "const BN_BLINDING *"
-.Fc
-.Ft void
-.Fo BN_BLINDING_set_flags
-.Fa "BN_BLINDING *"
-.Fa "unsigned long"
-.Fc
-.Ft BN_BLINDING *
-.Fo BN_BLINDING_create_param
-.Fa "BN_BLINDING *b"
-.Fa "const BIGNUM *e"
-.Fa "BIGNUM *m"
-.Fa "BN_CTX *ctx"
-.Fa "int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\
- const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx)"
-.Fa "BN_MONT_CTX *m_ctx"
-.Fc
-.Sh DESCRIPTION
-.Fn BN_BLINDING_new
-allocates a new
-.Vt BN_BLINDING
-structure and copies the
-.Fa A
-and
-.Fa \&Ai
-values into the newly created
-.Vt BN_BLINDING
-object.
-.Pp
-.Fn BN_BLINDING_free
-frees the
-.Vt BN_BLINDING
-structure.
-If
-.Fa b
-is a
-.Dv NULL
-pointer, no action occurs.
-.Pp
-.Fn BN_BLINDING_update
-updates the
-.Vt BN_BLINDING
-parameters by squaring the
-.Fa A
-and
-.Fa \&Ai
-or, after a specific number of uses and if the necessary parameters are
-set, by re-creating the blinding parameters.
-.Pp
-.Fn BN_BLINDING_convert_ex
-multiplies
-.Fa n
-with the blinding factor
-.Fa A .
-If
-.Fa r
-is not
-.Dv NULL ,
-a copy of the inverse blinding factor
-.Fa \&Ai
-will be returned in
-.Fa r
-(this is useful if an
-.Vt RSA
-object is shared among several threads).
-.Fn BN_BLINDING_invert_ex
-multiplies
-.Fa n
-with the inverse blinding factor
-.Fa \&Ai .
-If
-.Fa r
-is not
-.Dv NULL ,
-it will be used as the inverse blinding.
-.Pp
-.Fn BN_BLINDING_convert
-and
-.Fn BN_BLINDING_invert
-are wrapper functions for
-.Fn BN_BLINDING_convert_ex
-and
-.Fn BN_BLINDING_invert_ex
-with
-.Fa r
-set to
-.Dv NULL .
-.Pp
-.Fn BN_BLINDING_thread_id
-provides access to the
-.Vt CRYPTO_THREADID
-object within the
-.Vt BN_BLINDING
-structure.
-This is to help users provide proper locking if needed for
-multi-threaded use.
-The thread ID object of a newly allocated
-.Vt BN_BLINDING
-structure is initialised to the thread ID in which
-.Fn BN_BLINDING_new
-was called.
-.Pp
-.Fn BN_BLINDING_get_flags
-returns the
-.Dv BN_BLINDING_*
-flags.
-Currently there are two supported flags:
-.Dv BN_BLINDING_NO_UPDATE
-and
-.Dv BN_BLINDING_NO_RECREATE .
-.Dv BN_BLINDING_NO_UPDATE
-inhibits the automatic update of the
-.Vt BN_BLINDING
-parameters after each use and
-.Dv BN_BLINDING_NO_RECREATE
-inhibits the automatic re-creation of the
-.Vt BN_BLINDING
-parameters after a fixed number of uses (currently 32).
-In newly allocated
-.Vt BN_BLINDING
-objects no flags are set.
-.Fn BN_BLINDING_set_flags
-sets the
-.Dv BN_BLINDING_*
-parameters flags.
-.Pp
-.Fn BN_BLINDING_create_param
-creates new
-.Vt BN_BLINDING
-parameters using the exponent
-.Fa e
-and the modulus
-.Fa m .
-.Fa bn_mod_exp
-and
-.Fa m_ctx
-can be used to pass special functions for exponentiation (normally
-.Xr BN_mod_exp 3
-and
-.Vt BN_MONT_CTX ) .
-.Sh RETURN VALUES
-.Fn BN_BLINDING_new
-returns the newly allocated
-.Vt BN_BLINDING
-structure or
-.Dv NULL
-in case of an error.
-.Pp
-.Fn BN_BLINDING_update ,
-.Fn BN_BLINDING_convert ,
-.Fn BN_BLINDING_invert ,
-.Fn BN_BLINDING_convert_ex
-and
-.Fn BN_BLINDING_invert_ex
-return 1 on success and 0 if an error occurred.
-.Pp
-.Fn BN_BLINDING_thread_id
-returns a pointer to the thread ID object within a
-.Vt BN_BLINDING
-object.
-.Pp
-.Fn BN_BLINDING_get_flags
-returns the currently set
-.Dv BN_BLINDING_*
-flags (an
-.Vt unsigned long
-value).
-.Pp
-.Fn BN_BLINDING_create_param
-returns the newly created
-.Vt BN_BLINDING
-parameters or
-.Dv NULL
-on error.
-.Sh SEE ALSO
-.Xr BN_new 3 ,
-.Xr RSA_blinding_on 3
-.Sh HISTORY
-.Fn BN_BLINDING_new ,
-.Fn BN_BLINDING_free ,
-.Fn BN_BLINDING_update ,
-.Fn BN_BLINDING_convert ,
-and
-.Fn BN_BLINDING_invert
-first appeared in SSLeay 0.9.0 and have been available since
-.Ox 2.4 .
-.Pp
-.Fn BN_BLINDING_convert_ex ,
-.Fn BN_BLINDIND_invert_ex ,
-.Fn BN_BLINDING_get_flags ,
-.Fn BN_BLINDING_set_flags ,
-and
-.Fn BN_BLINDING_create_param
-first appeared in OpenSSL 0.9.8 and have been available since
-.Ox 4.5 .
-.Pp
-.Fn BN_BLINDING_thread_id
-first appeared in OpenSSL 1.0.0 and has been available since
-.Ox 4.9 .
-.Sh AUTHORS
-.An Nils Larsch Aq Mt nils@openssl.org
diff --git a/lib/libcrypto/man/BN_new.3 b/lib/libcrypto/man/BN_new.3
index 22bb77c1730..088048c6220 100644
--- a/lib/libcrypto/man/BN_new.3
+++ b/lib/libcrypto/man/BN_new.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: BN_new.3,v 1.30 2023/07/21 05:04:48 tb Exp $
+.\" $OpenBSD: BN_new.3,v 1.31 2023/07/26 20:08:59 tb Exp $
 .\" full merge up to: OpenSSL man3/BN_new 2457c19d Mar 6 08:43:36 2004 +0000
 .\" selective merge up to: man3/BN_new 681acb31 Sep 29 13:10:34 2017 +0200
 .\" full merge up to: OpenSSL man7/bn 05ea606a May 20 20:52:46 2016 -0400
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 21 2023 $
+.Dd $Mdocdate: July 26 2023 $
 .Dt BN_NEW 3
 .Os
 .Sh NAME
@@ -135,7 +135,6 @@ and sets an error code that can be obtained by
 .Sh SEE ALSO
 .Xr BN_add 3 ,
 .Xr BN_add_word 3 ,
-.Xr BN_BLINDING_new 3 ,
 .Xr BN_bn2bin 3 ,
 .Xr BN_cmp 3 ,
 .Xr BN_copy 3 ,
diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index 669b0c13953..1697357f626 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.257 2023/07/26 20:01:04 tb Exp $
+# $OpenBSD: Makefile,v 1.258 2023/07/26 20:08:59 tb Exp $
 
 .include <bsd.own.mk>
 
@@ -62,7 +62,6 @@ MAN=	\
 	BIO_s_socket.3 \
 	BIO_set_callback.3 \
 	BIO_should_retry.3 \
-	BN_BLINDING_new.3 \
 	BN_CTX_new.3 \
 	BN_CTX_start.3 \
 	BN_add.3 \
diff --git a/lib/libcrypto/man/RSA_blinding_on.3 b/lib/libcrypto/man/RSA_blinding_on.3
index 5d4b4ab25d8..bd2a3013772 100644
--- a/lib/libcrypto/man/RSA_blinding_on.3
+++ b/lib/libcrypto/man/RSA_blinding_on.3
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: RSA_blinding_on.3,v 1.6 2019/06/06 01:06:59 schwarze Exp $
+.\"	$OpenBSD: RSA_blinding_on.3,v 1.7 2023/07/26 20:08:59 tb Exp $
 .\"	OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org>.
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 6 2019 $
+.Dd $Mdocdate: July 26 2023 $
 .Dt RSA_BLINDING_ON 3
 .Os
 .Sh NAME
@@ -88,7 +88,6 @@ turns blinding off and frees the memory used for the blinding factor.
 .Fn RSA_blinding_on
 returns 1 on success, and 0 if an error occurred.
 .Sh SEE ALSO
-.Xr BN_BLINDING_new 3 ,
 .Xr RSA_new 3
 .Sh HISTORY
 .Fn RSA_blinding_on
-- 
2.20.1