RSA_blinding_on - protect the RSA operation from timing attacks
#include <openssl/rsa.h> int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa);
RSA_blinding_on(3openssl) OpenSSL RSA_blinding_on(3openssl) NAME RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks SYNOPSIS #include <openssl/rsa.h> int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); DESCRIPTION RSA is vulnerable to timing attacks. In a setup where attackers can measure the time of RSA decryption or signature operations, blinding must be used to protect the RSA operation from that attack. RSA_blinding_on() turns blinding on for key rsa and generates a random blinding factor. ctx is NULL or a pre-allocated and initialized BN_CTX. The random number generator must be seeded prior to calling RSA_blinding_on(). RSA_blinding_off() turns blinding off and frees the memory used for the blinding factor. RETURN VALUES RSA_blinding_on() returns 1 on success, and 0 if an error occurred. RSA_blinding_off() returns no value. ATTRIBUTES See attributes(7) for descriptions of the following attributes: +---------------+--------------------------+ |ATTRIBUTE TYPE | ATTRIBUTE VALUE | +---------------+--------------------------+ |Availability | library/security/openssl | +---------------+--------------------------+ |Stability | Pass-through uncommitted | +---------------+--------------------------+ SEE ALSO rsa(3), rand(3) HISTORY RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0. NOTES Source code for open source software components in Oracle Solaris can be found at https://www.oracle.com/downloads/opensource/solaris-source- code-downloads.html. This software was built from source available at https://github.com/oracle/solaris-userland. The original community source was downloaded from https://www.openssl.org/source/openssl-1.0.2ze.tar.gz. Further information about this software can be found on the open source community website at https://www.openssl.org/. 1.0.2ze 2022-05-03 RSA_blinding_on(3openssl)