diff options
author | Bernd Edlinger <bernd.edlinger@hotmail.de> | 2023-02-13 18:05:18 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-04-04 12:13:27 +0200 |
commit | 4209ce68d8fe8b1506494efa03d378d05baf9ff8 (patch) | |
tree | e8e35e6880c49129948ea6223af5cf23fe2d5fd2 /crypto/bn/bn_blind.c | |
parent | 34e4a962bca998cc2d6eb4be721153fbde2f4c35 (diff) |
Revert "Fix Timing Oracle in RSA decryption"
This reverts commit b1892d21f8f0435deb0250f24a97915dc641c807.
Except for the moving derive_kdk to a separate function.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20281)
Diffstat (limited to 'crypto/bn/bn_blind.c')
-rw-r--r-- | crypto/bn/bn_blind.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index 82821a0442..6ea54f00a9 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -13,6 +13,20 @@ #define BN_BLINDING_COUNTER 32 +struct bn_blinding_st { + BIGNUM *A; + BIGNUM *Ai; + BIGNUM *e; + BIGNUM *mod; /* just a reference */ + CRYPTO_THREAD_ID tid; + int counter; + unsigned long flags; + BN_MONT_CTX *m_ctx; + int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p, + const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); + CRYPTO_RWLOCK *lock; +}; + BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { BN_BLINDING *ret = NULL; |