Make BN_BLINDING internal

RSA is pretty bad. In my most optimistic moments I dream of a world that
stopped using it. That won't happen during my lifetime, unfortunately.
Blinding is one way of making it a little less leaky. Unfortunately this
side-channel leak mitigation leaked out of the library for no good reason.
Let's at least fix that aspect of it.

ok jsing

1 files changed, 2 insertions, 1 deletions

diff --git a/lib/libcrypto/rsa/rsa_lib.c b/lib/libcrypto/rsa/rsa_lib.c
index 8831253b9fe..fbd2c2274c3 100644
--- a/lib/libcrypto/rsa/rsa_lib.c
+++ b/lib/libcrypto/rsa/rsa_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_lib.c,v 1.47 2023/07/08 12:26:45 beck Exp $ */
+/* $OpenBSD: rsa_lib.c,v 1.48 2023/07/28 10:05:16 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -67,6 +67,7 @@
 #include <openssl/lhash.h>
 #include <openssl/rsa.h>
 
+#include "bn_local.h"
 #include "evp_local.h"
 #include "rsa_local.h"