On Tue, Sep 15, 2015 at 9:13 PM, Niels Möller nisse@lysator.liu.se wrote:
nisse@lysator.liu.se (Niels Möller) writes:
I'm considering adding _tr versions on all of them (currently 8 functions). They're going to be just a few lines each, if they use a common helper function
I've pushed ongoing work to the branch rsa-crt-hardening.
To make it neater, the _rsa_blind and _rsa_unblind functions need an additional argument, but they are clearly marked as internal so I don't think that should cause any problems.
And those two functions are now static (file-local) on that branch.
I think the best approach is not to export such functions at all if they are not intended to be used. Now it is too late though for that. By the time functions are exported (via the map file), they are part of the ABI. Breaking the ABI it for a security fix is not that nice.
regards, Nikos