diff options
author | Nicola Tuveri <nic.tuv@gmail.com> | 2020-06-13 17:29:09 +0300 |
---|---|---|
committer | Nicola Tuveri <nic.tuv@gmail.com> | 2020-06-16 21:41:33 +0300 |
commit | 5d8b3a3ef2941b8822523742a0408ca6896aa65d (patch) | |
tree | 74e1f4901938f8ef5f6b6d03a2e84151266910ed /include | |
parent | e98c7350bfaf0ae1f2b72d68d4c5721de24a478f (diff) |
Refactor BN_R_NO_INVERSE logic in internal functions
Closes #12129
As described in https://github.com/openssl/openssl/issues/12129 the
readability of the internal functions providing the two alternative
implementations for `BN_mod_inverse()` is a bit lacking.
Both these functions are now completely internal, so we have the
flexibility needed to slightly improve readability and remove
unnecessary NULL checks.
The main changes here are:
- rename `BN_mod_inverse_no_branch()` as `bn_mod_inverse_no_branch()`:
this function is `static` so it is not even visible within the rest of
libcrypto. By convention upcase prefixes are reserved for public
functions.
- remove `if (pnoinv == NULL)` checks in `int_bn_mod_inverse()`: this
function is internal to the BN module and we can guarantee that all
callers pass non-NULL arguments.
- `bn_mod_inverse_no_branch()` takes an extra `int *pnoinv` argument, so
that it can signal if no inverse exists for the given inputs: in this
way the caller is in charge of raising `BN_R_NO_INVERSE` as it is the
case for the non-consttime implementation of `int_bn_mod_inverse()`.
- `BN_mod_inverse()` is a public function and must guarantee that the
internal functions providing the actual implementation receive valid
arguments. If the caller passes a NULL `BN_CTX` we create a temporary
one for internal use.
- reorder function definitions in `crypto/bn/bn_gcd.c` to avoid forward
declaration of `static` functions (in preparation for inlining).
- inline `bn_mod_inverse_no_branch()`.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12142)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/bn.h | 2 | ||||
-rw-r--r-- | include/openssl/bnerr.h | 1 |
2 files changed, 1 insertions, 2 deletions
diff --git a/include/openssl/bn.h b/include/openssl/bn.h index 94d8710289..cafb66e905 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -62,7 +62,7 @@ extern "C" { * avoid leaking exponent information through timing, * BN_mod_exp_mont() will call BN_mod_exp_mont_consttime, * BN_div() will call BN_div_no_branch, - * BN_mod_inverse() will call BN_mod_inverse_no_branch. + * BN_mod_inverse() will call bn_mod_inverse_no_branch. */ # define BN_FLG_CONSTTIME 0x04 # define BN_FLG_SECURE 0x08 diff --git a/include/openssl/bnerr.h b/include/openssl/bnerr.h index 8304cef4ba..d5c442a400 100644 --- a/include/openssl/bnerr.h +++ b/include/openssl/bnerr.h @@ -61,7 +61,6 @@ int ERR_load_BN_strings(void); # define BN_F_BN_MOD_EXP_RECP 0 # define BN_F_BN_MOD_EXP_SIMPLE 0 # define BN_F_BN_MOD_INVERSE 0 -# define BN_F_BN_MOD_INVERSE_NO_BRANCH 0 # define BN_F_BN_MOD_LSHIFT_QUICK 0 # define BN_F_BN_MOD_SQRT 0 # define BN_F_BN_MONT_CTX_NEW 0 |