Remove unused bits of RSA blinding code. The |_ex| versions of these functions are unnecessary because when they are used, they are always passed |NULL| for |r|, which is what the non-|_ex| versions do. Just use the non-|_ex| versions instead and remove the |_ex| versions. Also, drop the unused flags mechanism. Change-Id: Ida4cb5a2d4c89d9cd318e06f71867aea98408d0d Reviewed-on: https://boringssl-review.googlesource.com/7110 Reviewed-by: David Benjamin <davidben@google.com>

commit: 642b0b825eea888b5484dd02e1bc598580b8632d [log] [tgz]
author: Brian Smith <brian@briansmith.org> Sun Jan 24 23:41:56 2016 -1000
committer: David Benjamin <davidben@google.com> Tue Feb 09 16:45:13 2016 +0000
tree: c5cdc503f5947e8a9b379df138947e85edb79855
parent: a051bdd6cdc8fb7209e4339d6331fdd322be67f4 [diff]
diff --git a/crypto/rsa/blinding.c b/crypto/rsa/blinding.c
index 5addddc..d5bfcd3 100644
--- a/crypto/rsa/blinding.c
+++ b/crypto/rsa/blinding.c

@@ -113,7 +113,6 @@
 #include <openssl/bn.h>
 #include <openssl/mem.h>
 #include <openssl/err.h>
-#include <openssl/thread.h>
 
 #include "internal.h"
 
@@ -126,7 +125,6 @@
   BIGNUM *e;
   BIGNUM *mod; /* just a reference */
   int counter;
-  unsigned long flags;
   /* mont is the Montgomery context used for this |BN_BLINDING|. It is not
    * owned and must outlive this structure. */
   const BN_MONT_CTX *mont;
@@ -200,13 +198,12 @@
     b->counter = 0;
   }
 
-  if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL &&
-      !(b->flags & BN_BLINDING_NO_RECREATE)) {
+  if (++b->counter == BN_BLINDING_COUNTER && b->e != NULL) {
     /* re-create blinding parameters */
     if (!BN_BLINDING_create_param(b, NULL, NULL, ctx, NULL, NULL)) {
       goto err;
     }
-  } else if (!(b->flags & BN_BLINDING_NO_UPDATE)) {
+  } else {
     if (!BN_mod_mul(b->A, b->A, b->A, b->mod, ctx)) {
       goto err;
     }
@@ -225,10 +222,6 @@
 }
 
 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) {
-  return BN_BLINDING_convert_ex(n, NULL, b, ctx);
-}
-
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *ctx) {
   int ret = 1;
 
   if (b->A == NULL || b->Ai == NULL) {
@@ -243,12 +236,6 @@
     return 0;
   }
 
-  if (r != NULL) {
-    if (!BN_copy(r, b->Ai)) {
-      ret = 0;
-    }
-  }
-
   if (!BN_mod_mul(n, n, b->A, b->mod, ctx)) {
     ret = 0;
   }
@@ -256,31 +243,12 @@
   return ret;
 }
 
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx) {
-  return BN_BLINDING_invert_ex(n, NULL, b, ctx);
-}
-
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,
-                          BN_CTX *ctx) {
-  int ret;
-
-  if (r != NULL) {
-    ret = BN_mod_mul(n, n, r, b->mod, ctx);
-  } else {
-    if (b->Ai == NULL) {
-      OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED);
-      return 0;
-    }
-    ret = BN_mod_mul(n, n, b->Ai, b->mod, ctx);
+int BN_BLINDING_invert(BIGNUM *n, const BN_BLINDING *b, BN_CTX *ctx) {
+  if (b->Ai == NULL) {
+    OPENSSL_PUT_ERROR(RSA, RSA_R_BN_NOT_INITIALIZED);
+    return 0;
   }
-
-  return ret;
-}
-
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b) { return b->flags; }
-
-void BN_BLINDING_set_flags(BN_BLINDING *b, unsigned long flags) {
-  b->flags = flags;
+  return BN_mod_mul(n, n, b->Ai, b->mod, ctx);
 }
 
 BN_BLINDING *BN_BLINDING_create_param(

diff --git a/crypto/rsa/internal.h b/crypto/rsa/internal.h
index 4e896e2..4d27344 100644
--- a/crypto/rsa/internal.h
+++ b/crypto/rsa/internal.h

@@ -90,19 +90,11 @@
 #define RSA_PKCS1_PADDING_SIZE 11
 
 
-/* BN_BLINDING flags */
-#define BN_BLINDING_NO_UPDATE 0x00000001
-#define BN_BLINDING_NO_RECREATE 0x00000002
-
 BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod);
 void BN_BLINDING_free(BN_BLINDING *b);
 int BN_BLINDING_update(BN_BLINDING *b, BN_CTX *ctx);
 int BN_BLINDING_convert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_invert(BIGNUM *n, BN_BLINDING *b, BN_CTX *ctx);
-int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b, BN_CTX *);
-unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);
-void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);
+int BN_BLINDING_invert(BIGNUM *n, const BN_BLINDING *b, BN_CTX *ctx);
 BN_BLINDING *BN_BLINDING_create_param(
     BN_BLINDING *b, const BIGNUM *e, BIGNUM *m, BN_CTX *ctx,
     int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

diff --git a/crypto/rsa/rsa_impl.c b/crypto/rsa/rsa_impl.c
index 41acf0d..ba31073 100644
--- a/crypto/rsa/rsa_impl.c
+++ b/crypto/rsa/rsa_impl.c

@@ -548,7 +548,7 @@
       OPENSSL_PUT_ERROR(RSA, ERR_R_INTERNAL_ERROR);
       goto err;
     }
-    if (!BN_BLINDING_convert_ex(f, NULL, blinding, ctx)) {
+    if (!BN_BLINDING_convert(f, blinding, ctx)) {
       goto err;
     }
   }
@@ -580,7 +580,7 @@
   }
 
   if (blinding) {
-    if (!BN_BLINDING_invert_ex(result, NULL, blinding, ctx)) {
+    if (!BN_BLINDING_invert(result, blinding, ctx)) {
       goto err;
     }
   }
commit	642b0b825eea888b5484dd02e1bc598580b8632d	[log] [tgz]
author	Brian Smith <brian@briansmith.org>	Sun Jan 24 23:41:56 2016 -1000
committer	David Benjamin <davidben@google.com>	Tue Feb 09 16:45:13 2016 +0000
tree	c5cdc503f5947e8a9b379df138947e85edb79855
parent	a051bdd6cdc8fb7209e4339d6331fdd322be67f4 [diff]