PR: 2001

[openssl.git] / crypto / rsa / rsa_lib.c

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 7f1f94ee500cb15a9e5e839784278d5c902ffbdb..e334e506fb7bc5aa50cc4a8c9403bb4870713d18 100644 (file)
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -67,7 +67,7 @@
 #include <openssl/engine.h>
 #endif
 
-const char *RSA_version="RSA" OPENSSL_VERSION_PTEXT;
+const char RSA_version[]="RSA" OPENSSL_VERSION_PTEXT;
 
 static const RSA_METHOD *default_RSA_meth=NULL;
 
@@ -361,7 +361,8 @@ err:
 
 BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
 {
-       BIGNUM *e;
+       BIGNUM local_n;
+       BIGNUM *e,*n;
        BN_CTX *ctx;
        BN_BLINDING *ret = NULL;
 
@@ -400,13 +401,29 @@ BN_BLINDING *RSA_setup_blinding(RSA *rsa, BN_CTX *in_ctx)
                RAND_add(rsa->d->d, rsa->d->dmax * sizeof rsa->d->d[0], 0.0);
                }
 
-       ret = BN_BLINDING_create_param(NULL, e, rsa->n, ctx,
+       if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
+               {
+               /* Set BN_FLG_CONSTTIME flag */
+               n = &local_n;
+               BN_with_flags(n, rsa->n, BN_FLG_CONSTTIME);
+               }
+       else
+               n = rsa->n;
+
+       ret = BN_BLINDING_create_param(NULL, e, n, ctx,
                        rsa->meth->bn_mod_exp, rsa->_method_mod_n);
-       BN_BLINDING_set_thread_id(ret, CRYPTO_thread_id());
+       if (ret == NULL)
+               {
+               RSAerr(RSA_F_RSA_SETUP_BLINDING, ERR_R_BN_LIB);
+               goto err;
+               }
+       CRYPTO_THREADID_current(BN_BLINDING_thread_id(ret));
 err:
        BN_CTX_end(ctx);
        if (in_ctx == NULL)
                BN_CTX_free(ctx);
+       if(rsa->e == NULL)
+               BN_free(e);
 
        return ret;
 }