condition, BIGNUM *a, BIGNUM
*b, int nwords);
BN_consttime_swap() exchange the values of
a and b.
implements this by exchanging the pointers to the data buffers of
a and b and also exchanging the
values of the
BN_FLG_STATIC_DATA bits. Consequently,
the operation is fast and execution time does not depend on any properties
of the two numbers. However, execution time obviously differs between
swapping (by calling this function) and not swapping (by not calling this
only performs the exchange if the condition is
non-zero; otherwise, it has no effect. It implements the exchange by
exchanging the contents of the data buffers rather than the pointers to the
data buffers. This is slower, but implemented in such a way that the
execution time is not only independent of the properties of the two numbers,
but also independent of the condition argument, i.e.
the same for swapping or not swapping. Execution time does however grow in
an approximately linear manner with the nwords
calls abort(3) if at least one of a or
b has fewer than nwords data
words allocated or more than nwords data words are
currently in use in at least one of them.
BN_swap() first appeared in OpenSSL 0.9.7
and has been available since OpenBSD 3.2.
BN_consttime_swap() first appeared in
OpenSSL 1.0.1g and has been available since OpenBSD