Remove /* foo.c */ comments

[oweals/openssl.git] / crypto / dh / dh_key.c

diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index e2f48b142d8927bc3fe0d0582907c1def2fe45a5..fcb851c0dde57c379831f2104ee23679b1c9d208 100644 (file)
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -1,4 +1,3 @@
-/* crypto/dh/dh_key.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -57,7 +56,7 @@
  */
 
 #include <stdio.h>
-#include "cryptlib.h"
+#include "internal/cryptlib.h"
 #include <openssl/rand.h>
 #include <openssl/dh.h>
 #include "internal/bn_int.h"
@@ -125,7 +124,7 @@ static int generate_key(DH *dh)
         goto err;
 
     if (dh->priv_key == NULL) {
-        priv_key = BN_new();
+        priv_key = BN_secure_new();
         if (priv_key == NULL)
             goto err;
         generate_new_key = 1;
@@ -167,14 +166,18 @@ static int generate_key(DH *dh)
 
         if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) {
             local_prk = prk = BN_new();
+            if (local_prk == NULL)
+                goto err;
             BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
-        } else
+        } else {
             prk = priv_key;
+        }
 
         if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) {
             BN_free(local_prk);
             goto err;
         }
+        /* We MUST free local_prk before any further use of priv_key */
         BN_free(local_prk);
     }