diff options
author | Rob Austein <sra@hactrn.net> | 2018-05-20 15:40:08 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2018-05-20 15:40:08 -0400 |
commit | 8d72d9d3b3e0aeb9af68df85f555944c0558eb4f (patch) | |
tree | 7c9e5fd1188b63e408e1048383bbc9b8a7445982 /locks.c | |
parent | 3ec74465ddd47a74bdaa7359831e25f868f09680 (diff) |
Add small cache for RSA blinding factors.
Generating new RSA blinding factors turns out to be relatively
expensive, but we can amortize that cost by maintaining a small cache
and simply mutating old values after each use with a cheaper
operation. Squaring works, pretty much by definition.
Blinding factors are only sort-of-sensitive: we don't want them to
leak out of the HSM, but they're only based on the public modulus, not
the private key components, and we're only using them to foil side
channel attacks, so the risk involved in caching them seems small.
For the moment, the cache is very small, since we only care about this
for bulk signature operations. Tune this later if it becomes an issue.
Diffstat (limited to 'locks.c')
-rw-r--r-- | locks.c | 31 |
1 files changed, 14 insertions, 17 deletions
@@ -77,29 +77,26 @@ * Critical sections -- disable preemption BRIEFLY. */ -WEAK_FUNCTION void hal_critical_section_start(void) -{ - return; -} - -WEAK_FUNCTION void hal_critical_section_end(void) -{ - return; -} +WEAK_FUNCTION void hal_critical_section_start(void) { return; } +WEAK_FUNCTION void hal_critical_section_end(void) { return; } /* * Keystore lock -- lock call blocks indefinitely. */ -WEAK_FUNCTION void hal_ks_lock(void) -{ - return; -} +WEAK_FUNCTION void hal_ks_lock(void) { return; } +WEAK_FUNCTION void hal_ks_unlock(void) { return; } -WEAK_FUNCTION void hal_ks_unlock(void) -{ - return; -} +/* + * RSA blinding cache lock -- lock call blocks indefinitely. + */ + +WEAK_FUNCTION void hal_rsa_bf_lock(void) { return; } +WEAK_FUNCTION void hal_rsa_bf_unlock(void) { return; } + +/* + * Non-preemptive task yield. + */ WEAK_FUNCTION void hal_task_yield(void) { |