RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with...

author Matt Caswell <matt@openssl.org>

Thu, 12 Apr 2018 11:07:53 +0000 (12:07 +0100)

committer Matt Caswell <matt@openssl.org>

Mon, 16 Apr 2018 15:14:57 +0000 (16:14 +0100)
author Matt Caswell <matt@openssl.org>
Thu, 12 Apr 2018 11:07:53 +0000 (12:07 +0100)
committer Matt Caswell <matt@openssl.org>
Mon, 16 Apr 2018 15:14:57 +0000 (16:14 +0100)
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c

index d8ef3c7e6a1cc945adc21500f3f572c0f3c521dc..7f0a25648140c4e89d0497bdc5c105fd7002b6c2 100644 (file)
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -157,6 +157,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value,
              pinfo = sk_RSA_PRIME_INFO_value(prime_infos, i - 2);
              prime = pinfo->r;
          }
+        BN_set_flags(prime, BN_FLG_CONSTTIME);
  
          for (;;) {
   redo:
author	Matt Caswell <matt@openssl.org>
	Thu, 12 Apr 2018 11:07:53 +0000 (12:07 +0100)
committer	Matt Caswell <matt@openssl.org>
	Mon, 16 Apr 2018 15:14:57 +0000 (16:14 +0100)