Convert RSA blinding to new multi-threading API

#include <openssl/opensslconf.h>

#include "internal/cryptlib.h"

#include "internal/threads.h"

#include "bn_lcl.h"

#define BN_BLINDING_COUNTER     32

    BIGNUM *Ai;

    BIGNUM *e;

    BIGNUM *mod;                /* just a reference */

#if OPENSSL_API_COMPAT < 0x10000000L

    unsigned long thread_id;    /* added in OpenSSL 0.9.6j and 0.9.7b; used

                                 * only by crypto/rsa/rsa_eay.c, rsa_lib.c */

#endif

    CRYPTO_THREADID tid;

    CRYPTO_THREAD_ID tid;

    int counter;

    unsigned long flags;

    BN_MONT_CTX *m_ctx;

    int (*bn_mod_exp) (BIGNUM *r, const BIGNUM *a, const BIGNUM *p,

                       const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);

    CRYPTO_RWLOCK *lock;

};

BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)

    if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL) {

        BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);

        return (NULL);

        return NULL;

    }

    ret->lock = CRYPTO_THREAD_lock_new();

    if (ret->lock == NULL) {

        BNerr(BN_F_BN_BLINDING_NEW, ERR_R_MALLOC_FAILURE);

        OPENSSL_free(ret);

        return NULL;

    }

    BN_BLINDING_set_current_thread(ret);

    if (A != NULL) {

        if ((ret->A = BN_dup(A)) == NULL)

            goto err;

    }

    if (Ai != NULL) {

        if ((ret->Ai = BN_dup(Ai)) == NULL)

            goto err;

    /* save a copy of mod in the BN_BLINDING structure */

    if ((ret->mod = BN_dup(mod)) == NULL)

        goto err;

    if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)

        BN_set_flags(ret->mod, BN_FLG_CONSTTIME);

     * use.

     */

    ret->counter = -1;

    CRYPTO_THREADID_current(&ret->tid);

    return (ret);

    return ret;

 err:

    BN_BLINDING_free(ret);

    return (NULL);

    return NULL;

}

void BN_BLINDING_free(BN_BLINDING *r)

    BN_free(r->Ai);

    BN_free(r->e);

    BN_free(r->mod);

    CRYPTO_THREAD_lock_free(r->lock);

    OPENSSL_free(r);

}

    return (ret);

}

#if OPENSSL_API_COMPAT < 0x10000000L

unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *b)

int BN_BLINDING_is_current_thread(BN_BLINDING *b)

{

    return CRYPTO_THREAD_compare_id(CRYPTO_THREAD_get_current_id(), b->tid);

}

void BN_BLINDING_set_current_thread(BN_BLINDING *b)

{

    return b->thread_id;

    b->tid = CRYPTO_THREAD_get_current_id();

}

void BN_BLINDING_set_thread_id(BN_BLINDING *b, unsigned long n)

int BN_BLINDING_lock(BN_BLINDING *b)

{

    b->thread_id = n;

    return CRYPTO_THREAD_write_lock(b->lock);

}

#endif

CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *b)

int BN_BLINDING_unlock(BN_BLINDING *b)

{

    return &b->tid;

    return CRYPTO_THREAD_unlock(b->lock);

}

unsigned long BN_BLINDING_get_flags(const BN_BLINDING *b)

        RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);

        goto err;

    }

    CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));

    BN_BLINDING_set_current_thread(ret);

 err:

    BN_CTX_end(ctx);

    if (ctx != in_ctx)

static BN_BLINDING *rsa_get_blinding(RSA *rsa, int *local, BN_CTX *ctx)

{

    BN_BLINDING *ret;

    CRYPTO_THREADID cur;

    CRYPTO_THREAD_write_lock(rsa->lock);

    if (ret == NULL)

        goto err;

    CRYPTO_THREADID_current(&cur);

    if (!CRYPTO_THREADID_cmp(&cur, BN_BLINDING_thread_id(ret))) {

    if (BN_BLINDING_is_current_thread(ret)) {

        /* rsa->blinding is ours! */

        *local = 1;

         * Shared blinding: store the unblinding factor outside BN_BLINDING.

         */

        int ret;

        CRYPTO_w_lock(CRYPTO_LOCK_RSA_BLINDING);

        BN_BLINDING_lock(b);

        ret = BN_BLINDING_convert_ex(f, unblind, b, ctx);

        CRYPTO_w_unlock(CRYPTO_LOCK_RSA_BLINDING);

        BN_BLINDING_unlock(b);

        return ret;

    }

}

BN_BLINDING_new, BN_BLINDING_free, BN_BLINDING_update, BN_BLINDING_convert, 

BN_BLINDING_invert, BN_BLINDING_convert_ex, BN_BLINDING_invert_ex, 

BN_BLINDING_get_thread_id, BN_BLINDING_set_thread_id, BN_BLINDING_thread_id, BN_BLINDING_get_flags,

BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM

functions.

BN_BLINDING_is_current_thread, BN_BLINDING_set_current_thread,

BN_BLINDING_lock, BN_BLINDING_unlock, BN_BLINDING_get_flags,

BN_BLINDING_set_flags, BN_BLINDING_create_param - blinding related BIGNUM functions.

=head1 SYNOPSIS

	BN_CTX *ctx);

 int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,

	BN_CTX *ctx);

 CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);

 int BN_BLINDING_is_current_thread(BN_BLINDING *b);

 void BN_BLINDING_set_current_thread(BN_BLINDING *b);

 int BN_BLINDING_lock(BN_BLINDING *b);

 int BN_BLINDING_unlock(BN_BLINDING *b);

 unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);

 void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);

 BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,

			  const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx),

	BN_MONT_CTX *m_ctx);

Deprecated:

 #if OPENSSL_API_COMPAT < 0x10000000L

 unsigned long BN_BLINDING_get_thread_id(const BN_BLINDING *);

 void BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long);

 #endif

=head1 DESCRIPTION

BN_BLINDING_new() allocates a new B<BN_BLINDING> structure and copies

functions for BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex()

with B<r> set to NULL.

BN_BLINDING_thread_id() provides access to the B<CRYPTO_THREADID>

object within the B<BN_BLINDING> structure. This is to help users

provide proper locking if needed for multi-threaded use. The "thread

id" object of a newly allocated B<BN_BLINDING> structure is

initialised to the thread id in which BN_BLINDING_new() was called.

BN_BLINDING_is_current_thread() returns whether the B<BN_BLINDING>

structure is owned by the current thread. This is to help users

provide proper locking if needed for multi-threaded use.

BN_BLINDING_set_current_thread() sets the current thread as the

owner of the B<BN_BLINDING> structure.

BN_BLINDING_lock() locks the B<BN_BLINDING> structure.

BN_BLINDING_unlock() unlocks the B<BN_BLINDING> structure.

BN_BLINDING_get_flags() returns the BN_BLINDING flags. Currently

there are two supported flags: B<BN_BLINDING_NO_UPDATE> and

BN_BLINDING_convert_ex() and BN_BLINDING_invert_ex() return 1 on

success and 0 if an error occurred.

BN_BLINDING_thread_id() returns a pointer to the thread id object

within a B<BN_BLINDING> object.

BN_BLINDING_is_current_thread() returns 1 if the current thread owns

the B<BN_BLINDING> object, 0 otherwise.

BN_BLINDING_set_current_thread() doesn't return anything.

BN_BLINDING_lock(), BN_BLINDING_unlock() return 1 if the operation

succeded or 0 on error.

BN_BLINDING_get_flags() returns the currently set B<BN_BLINDING> flags

(a B<unsigned long> value).

int BN_BLINDING_convert_ex(BIGNUM *n, BIGNUM *r, BN_BLINDING *b, BN_CTX *);

int BN_BLINDING_invert_ex(BIGNUM *n, const BIGNUM *r, BN_BLINDING *b,

                          BN_CTX *);

DEPRECATEDIN_1_0_0(unsigned long

                   BN_BLINDING_get_thread_id(const BN_BLINDING *))

DEPRECATEDIN_1_0_0(void

                   BN_BLINDING_set_thread_id(BN_BLINDING *, unsigned long))

CRYPTO_THREADID *BN_BLINDING_thread_id(BN_BLINDING *);

int BN_BLINDING_is_current_thread(BN_BLINDING *b);

void BN_BLINDING_set_current_thread(BN_BLINDING *b);

int BN_BLINDING_lock(BN_BLINDING *b);

int BN_BLINDING_unlock(BN_BLINDING *b);

unsigned long BN_BLINDING_get_flags(const BN_BLINDING *);

void BN_BLINDING_set_flags(BN_BLINDING *, unsigned long);

BN_BLINDING *BN_BLINDING_create_param(BN_BLINDING *b,