Always use |BN_mod_exp_mont|/|BN_mod_exp_mont_consttime| in RSA. This removes a hard dependency on |BN_mod_exp|, which will allow the linker to drop it in programs that don't use other features that require it. Also, remove the |mont| member of |bn_blinding_st| in favor of having callers pass it when necssaary. The |mont| member was a weak reference, and weak references tend to be error-prone. Finally, reduce the scope of some parts of the blinding code to |static|. Change-Id: I16d8ccc2d6d950c1bb40377988daf1a377a21fe6 Reviewed-on: https://boringssl-review.googlesource.com/7111 Reviewed-by: David Benjamin <davidben@google.com>

commit: 617804adc5cd6760a3febcd9d4408fbfc6ebcd0c [log] [tgz]
author: Brian Smith <brian@briansmith.org> Mon Feb 08 20:36:51 2016 -1000
committer: David Benjamin <davidben@google.com> Tue Mar 08 22:30:19 2016 +0000
tree: e81adf3ca59baafb7a4de171a8f69c6c6b15632d
parent: 3ed5977cbb14d82bc2c2e9b3cd717ba1235cdefd [diff] [blame]
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 3798f48..df75af0 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h

@@ -525,6 +525,8 @@
 
   int (*mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
                  BN_CTX *ctx); /* Can be null */
+
+  /* bn_mod_exp is deprecated and ignored. Set it to NULL. */
   int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
                     const BIGNUM *m, BN_CTX *ctx,
                     const BN_MONT_CTX *mont);
commit	617804adc5cd6760a3febcd9d4408fbfc6ebcd0c	[log] [tgz]
author	Brian Smith <brian@briansmith.org>	Mon Feb 08 20:36:51 2016 -1000
committer	David Benjamin <davidben@google.com>	Tue Mar 08 22:30:19 2016 +0000
tree	e81adf3ca59baafb7a4de171a8f69c6c6b15632d
parent	3ed5977cbb14d82bc2c2e9b3cd717ba1235cdefd [diff] [blame]