projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Change to mitigate branch prediction attacks
[openssl.git] / crypto / bn / bn_blind.c
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c
index ccecc63cda1780b90fe0e7b9acff9adec962cd37..e9b6173e24c4aeb2a7503584290fe89dcfe0303e 100644 (file)
--- a/crypto/bn/bn_blind.c
+++ b/crypto/bn/bn_blind.c
@@ -153,7 +153,12 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod)
                {
                if ((ret->Ai = BN_dup(Ai)) == NULL) goto err;
                }
-       ret->mod = mod;
+
+       /* save a copy of mod in the BN_BLINDING structure */
+       if ((ret->mod = BN_dup(mod)) == NULL) goto err;
+       if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+               BN_set_flags(ret->mod, BN_FLG_CONSTTIME);
+
        ret->counter = BN_BLINDING_COUNTER;
        return(ret);
 err:
@@ -169,6 +174,7 @@ void BN_BLINDING_free(BN_BLINDING *r)
        if (r->A  != NULL) BN_free(r->A );
        if (r->Ai != NULL) BN_free(r->Ai);
        if (r->e  != NULL) BN_free(r->e );
+       if (r->mod != NULL) BN_free(r->mod); 
        OPENSSL_free(r);
        }
 
Unnamed repository; edit this file 'description' to name the repository.