-/* crypto/dh/dh_key.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
*/
#include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
#include <openssl/rand.h>
#include <openssl/dh.h>
#include "internal/bn_int.h"
goto err;
if (dh->priv_key == NULL) {
- priv_key = BN_new();
+ priv_key = BN_secure_new();
if (priv_key == NULL)
goto err;
generate_new_key = 1;
if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
local_prk = prk = BN_new();
+ if (local_prk == NULL)
+ goto err;
BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
- } else
+ } else {
prk = priv_key;
+ }
if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) {
BN_free(local_prk);
goto err;
}
+ /* We MUST free local_prk before any further use of priv_key */
BN_free(local_prk);
}