1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimBN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, 6e71b7053SJung-uk KimBN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, 7e71b7053SJung-uk KimBN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread, 8e71b7053SJung-uk KimBN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags, 9e71b7053SJung-uk KimBN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions 10e71b7053SJung-uk Kim 11e71b7053SJung-uk Kim=head1 SYNOPSIS 12e71b7053SJung-uk Kim 13e71b7053SJung-uk Kim #include <openssl/bn.h> 14e71b7053SJung-uk Kim 15e71b7053SJung-uk Kim BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, 16e71b7053SJung-uk Kim BIGNUM *mod); 17e71b7053SJung-uk Kim void BN_BLINDING_free(BN_BLINDING *b); 18e71b7053SJung-uk Kim int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx); 19e71b7053SJung-uk Kim int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); 20e71b7053SJung-uk Kim int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx); 21e71b7053SJung-uk Kim int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, 22e71b7053SJung-uk Kim BN_CTX *ctx); 23e71b7053SJung-uk Kim int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, 24e71b7053SJung-uk Kim BN_CTX *ctx); 25e71b7053SJung-uk Kim int BN_BLINDING_is_current_thread(BN_BLINDING *b); 26e71b7053SJung-uk Kim void BN_BLINDING_set_current_thread(BN_BLINDING *b); 27e71b7053SJung-uk Kim int BN_BLINDING_lock(BN_BLINDING *b); 28e71b7053SJung-uk Kim int BN_BLINDING_unlock(BN_BLINDING *b); 29*b077aed3SPierre Pronchery unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b); 30*b077aed3SPierre Pronchery void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags); 31e71b7053SJung-uk Kim BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b, 32e71b7053SJung-uk Kim const BIGNUM *e, BIGNUM *m, BN_CTX *ctx, 33e71b7053SJung-uk Kim int (*bn_mod_exp)(BIGNUM *r, 34e71b7053SJung-uk Kim const BIGNUM *a, 35e71b7053SJung-uk Kim const BIGNUM *p, 36e71b7053SJung-uk Kim const BIGNUM *m, 37e71b7053SJung-uk Kim BN_CTX *ctx, 38e71b7053SJung-uk Kim BN_MONT_CTX *m_ctx), 39e71b7053SJung-uk Kim BN_MONT_CTX *m_ctx); 40e71b7053SJung-uk Kim 41e71b7053SJung-uk Kim=head1 DESCRIPTION 42e71b7053SJung-uk Kim 43e71b7053SJung-uk KimBN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies 44e71b7053SJung-uk Kimthe B<A> and B<Ai> values into the newly created B<BN_BLINDING> object. 45e71b7053SJung-uk Kim 46e71b7053SJung-uk KimBN_BLINDING_free() frees the B<BN_BLINDING> structure. 47e71b7053SJung-uk KimIf B<b> is NULL, nothing is done. 48e71b7053SJung-uk Kim 49e71b7053SJung-uk KimBN_BLINDING_update() updates the B<BN_BLINDING> parameters by squaring 50e71b7053SJung-uk Kimthe B<A> and B<Ai> or, after specific number of uses and if the 51e71b7053SJung-uk Kimnecessary parameters are set, by re-creating the blinding parameters. 52e71b7053SJung-uk Kim 53e71b7053SJung-uk KimBN_BLINDING_convert_ex() multiplies B<n> with the blinding factor B<A>. 54e71b7053SJung-uk KimIf B<r> is not NULL a copy the inverse blinding factor B<Ai> will be 55e71b7053SJung-uk Kimreturned in B<r> (this is useful if a B<RSA> object is shared among 56e71b7053SJung-uk Kimseveral threads). BN_BLINDING_invert_ex() multiplies B<n> with the 57e71b7053SJung-uk Kiminverse blinding factor B<Ai>. If B<r> is not NULL it will be used as 58e71b7053SJung-uk Kimthe inverse blinding. 59e71b7053SJung-uk Kim 60e71b7053SJung-uk KimBN_BLINDING_convert() and BN_BLINDING_invert() are wrapper 61e71b7053SJung-uk Kimfunctions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() 62e71b7053SJung-uk Kimwith B<r> set to NULL. 63e71b7053SJung-uk Kim 64e71b7053SJung-uk KimBN_BLINDING_is_current_thread() returns whether the B<BN_BLINDING> 65e71b7053SJung-uk Kimstructure is owned by the current thread. This is to help users 66e71b7053SJung-uk Kimprovide proper locking if needed for multi-threaded use. 67e71b7053SJung-uk Kim 68e71b7053SJung-uk KimBN_BLINDING_set_current_thread() sets the current thread as the 69e71b7053SJung-uk Kimowner of the B<BN_BLINDING> structure. 70e71b7053SJung-uk Kim 71e71b7053SJung-uk KimBN_BLINDING_lock() locks the B<BN_BLINDING> structure. 72e71b7053SJung-uk Kim 73e71b7053SJung-uk KimBN_BLINDING_unlock() unlocks the B<BN_BLINDING> structure. 74e71b7053SJung-uk Kim 75e71b7053SJung-uk KimBN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently 76e71b7053SJung-uk Kimthere are two supported flags: B<BN_BLINDING_NO_UPDATE> and 77e71b7053SJung-uk KimB<BN_BLINDING_NO_RECREATE>. B<BN_BLINDING_NO_UPDATE> inhibits the 78e71b7053SJung-uk Kimautomatic update of the B<BN_BLINDING> parameters after each use 79e71b7053SJung-uk Kimand B<BN_BLINDING_NO_RECREATE> inhibits the automatic re-creation 80e71b7053SJung-uk Kimof the B<BN_BLINDING> parameters after a fixed number of uses (currently 81e71b7053SJung-uk Kim32). In newly allocated B<BN_BLINDING> objects no flags are set. 82e71b7053SJung-uk KimBN_BLINDING_set_flags() sets the B<BN_BLINDING> parameters flags. 83e71b7053SJung-uk Kim 84e71b7053SJung-uk KimBN_BLINDING_create_param() creates new B<BN_BLINDING> parameters 85e71b7053SJung-uk Kimusing the exponent B<e> and the modulus B<m>. B<bn_mod_exp> and 86e71b7053SJung-uk KimB<m_ctx> can be used to pass special functions for exponentiation 87e71b7053SJung-uk Kim(normally BN_mod_exp_mont() and B<BN_MONT_CTX>). 88e71b7053SJung-uk Kim 89e71b7053SJung-uk Kim=head1 RETURN VALUES 90e71b7053SJung-uk Kim 91e71b7053SJung-uk KimBN_BLINDING_new() returns the newly allocated B<BN_BLINDING> structure 92e71b7053SJung-uk Kimor NULL in case of an error. 93e71b7053SJung-uk Kim 94e71b7053SJung-uk KimBN_BLINDING_update(), BN_BLINDING_convert(), BN_BLINDING_invert(), 95e71b7053SJung-uk KimBN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on 96e71b7053SJung-uk Kimsuccess and 0 if an error occurred. 97e71b7053SJung-uk Kim 98e71b7053SJung-uk KimBN_BLINDING_is_current_thread() returns 1 if the current thread owns 99e71b7053SJung-uk Kimthe B<BN_BLINDING> object, 0 otherwise. 100e71b7053SJung-uk Kim 101e71b7053SJung-uk KimBN_BLINDING_set_current_thread() doesn't return anything. 102e71b7053SJung-uk Kim 103e71b7053SJung-uk KimBN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation 104e71b7053SJung-uk Kimsucceeded or 0 on error. 105e71b7053SJung-uk Kim 106e71b7053SJung-uk KimBN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags 107e71b7053SJung-uk Kim(a B<unsigned long> value). 108e71b7053SJung-uk Kim 109e71b7053SJung-uk KimBN_BLINDING_create_param() returns the newly created B<BN_BLINDING> 110e71b7053SJung-uk Kimparameters or NULL on error. 111e71b7053SJung-uk Kim 112e71b7053SJung-uk Kim=head1 HISTORY 113e71b7053SJung-uk Kim 114e71b7053SJung-uk KimBN_BLINDING_thread_id() was first introduced in OpenSSL 1.0.0, and it 115e71b7053SJung-uk Kimdeprecates BN_BLINDING_set_thread_id() and BN_BLINDING_get_thread_id(). 116e71b7053SJung-uk Kim 117e71b7053SJung-uk Kim=head1 COPYRIGHT 118e71b7053SJung-uk Kim 119*b077aed3SPierre ProncheryCopyright 2005-2021 The OpenSSL Project Authors. All Rights Reserved. 120e71b7053SJung-uk Kim 121*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 122e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 123e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 124e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 125e71b7053SJung-uk Kim 126e71b7053SJung-uk Kim=cut 127