Revert "Fix Timing Oracle in RSA decryption"

This reverts commit b1892d21f8f0435deb0250f24a97915dc641c807. Except for the moving derive_kdk to a separate function. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20281)
author: Bernd Edlinger <bernd.edlinger@hotmail.de> 2023-02-13 18:05:18 +0100
committer: Tomas Mraz <tomas@openssl.org> 2023-04-04 12:13:27 +0200
commit: 4209ce68d8fe8b1506494efa03d378d05baf9ff8 (patch)
tree: e8e35e6880c49129948ea6223af5cf23fe2d5fd2 /crypto/bn/bn_blind.c
parent: 34e4a962bca998cc2d6eb4be721153fbde2f4c35 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index 82821a0442..6ea54f00a9 100644
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -13,6 +13,20 @@
 
 #define BN_BLINDING_COUNTER     32
 
+struct bn_blinding_st {
+    BIGNUM *A;
+    BIGNUM *Ai;
+    BIGNUM *e;
+    BIGNUM *mod;                /* just a reference */
+    CRYPTO_THREAD_ID tid;
+    int counter;
+    unsigned long flags;
+    BN_MONT_CTX *m_ctx;
+    int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
+    CRYPTO_RWLOCK *lock;
+};
+
 BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
 {
     BN_BLINDING *ret = NULL;
author	Bernd Edlinger <bernd.edlinger@hotmail.de>	2023-02-13 18:05:18 +0100
committer	Tomas Mraz <tomas@openssl.org>	2023-04-04 12:13:27 +0200
commit	4209ce68d8fe8b1506494efa03d378d05baf9ff8 (patch)
tree	e8e35e6880c49129948ea6223af5cf23fe2d5fd2 /crypto/bn/bn_blind.c
parent	34e4a962bca998cc2d6eb4be721153fbde2f4c35 (diff)