X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fdsa%2Fdsa_key.c;h=5e3912423014caf37ed9912f1c55886920bd8ca5;hb=be88529753897c29c677d1becb321f0072c0659c;hp=ef87c3e6372e6cf1eb631498c428bedc86e25243;hpb=323f289c480b0a8eb15ed3be2befbcc0f86e8904;p=oweals%2Fopenssl.git

diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index ef87c3e637..5e39124230 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -56,15 +56,26 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef OPENSSL_NO_SHA
 #include <stdio.h>
 #include <time.h>
 #include "cryptlib.h"
+#ifndef OPENSSL_NO_SHA
 #include <openssl/bn.h>
 #include <openssl/dsa.h>
 #include <openssl/rand.h>
 
+#ifndef OPENSSL_FIPS
+
+static int dsa_builtin_keygen(DSA *dsa);
+
 int DSA_generate_key(DSA *dsa)
+	{
+	if(dsa->meth->dsa_keygen)
+		return dsa->meth->dsa_keygen(dsa);
+	return dsa_builtin_keygen(dsa);
+	}
+
+static int dsa_builtin_keygen(DSA *dsa)
 	{
 	int ok=0;
 	BN_CTX *ctx=NULL;
@@ -89,8 +100,22 @@ int DSA_generate_key(DSA *dsa)
 		}
 	else
 		pub_key=dsa->pub_key;
+	
+	{
+		BIGNUM local_prk;
+		BIGNUM *prk;
+
+		if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
+			{
+			BN_init(&local_prk);
+			prk = &local_prk;
+			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
+			}
+		else
+			prk = priv_key;
 
-	if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
+		if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err;
+	}
 
 	dsa->priv_key=priv_key;
 	dsa->pub_key=pub_key;
@@ -103,3 +128,5 @@ err:
 	return(ok);
 	}
 #endif
+
+#endif