RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with...

author Billy Brumley <bbrumley@gmail.com>

Wed, 11 Apr 2018 07:10:58 +0000 (10:10 +0300)

committer Matt Caswell <matt@openssl.org>

Mon, 16 Apr 2018 15:21:05 +0000 (16:21 +0100)
author Billy Brumley <bbrumley@gmail.com>
Wed, 11 Apr 2018 07:10:58 +0000 (10:10 +0300)
committer Matt Caswell <matt@openssl.org>
Mon, 16 Apr 2018 15:21:05 +0000 (16:21 +0100)
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c

index 9ca5dfefb7073633828bf066dbbe07082a32564a..42b89a8dfaa03fec1beff843980a277c6cefb620 100644 (file)
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -156,6 +156,8 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value,
      if (BN_copy(rsa->e, e_value) == NULL)
          goto err;
  
+    BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
+    BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
      BN_set_flags(r2, BN_FLG_CONSTTIME);
      /* generate p and q */
      for (;;) {
author	Billy Brumley <bbrumley@gmail.com>
	Wed, 11 Apr 2018 07:10:58 +0000 (10:10 +0300)
committer	Matt Caswell <matt@openssl.org>
	Mon, 16 Apr 2018 15:21:05 +0000 (16:21 +0100)