RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with...

author Billy Brumley <bbrumley@gmail.com>

Wed, 11 Apr 2018 07:10:58 +0000 (10:10 +0300)

committer Matt Caswell <matt@openssl.org>

Mon, 16 Apr 2018 15:19:04 +0000 (16:19 +0100)
author Billy Brumley <bbrumley@gmail.com>
Wed, 11 Apr 2018 07:10:58 +0000 (10:10 +0300)
committer Matt Caswell <matt@openssl.org>
Mon, 16 Apr 2018 15:19:04 +0000 (16:19 +0100)
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c

index 9af43e058631a7c709af3ea4ec0762eef2021ed4..79f77e3eafdf561d810e7d44341ae53cbbf3cd43 100644 (file)
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -89,6 +89,8 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
      if (BN_copy(rsa->e, e_value) == NULL)
          goto err;
  
      if (BN_copy(rsa->e, e_value) == NULL)
          goto err;
  
+    BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
+    BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
      BN_set_flags(r2, BN_FLG_CONSTTIME);
      /* generate p and q */
      for (;;) {
      BN_set_flags(r2, BN_FLG_CONSTTIME);
      /* generate p and q */
      for (;;) {
author	Billy Brumley <bbrumley@gmail.com>
	Wed, 11 Apr 2018 07:10:58 +0000 (10:10 +0300)
committer	Matt Caswell <matt@openssl.org>
	Mon, 16 Apr 2018 15:19:04 +0000 (16:19 +0100)