BN_copy now propagates BN_FLG_CONSTTIME
authorSamuel Weiser <samuel.weiser@iaik.tugraz.at>
Sat, 16 Sep 2017 14:52:44 +0000 (16:52 +0200)
committerMatt Caswell <matt@openssl.org>
Wed, 27 Sep 2017 09:12:19 +0000 (10:12 +0100)
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4377)

(cherry picked from commit 9f9442918aeaed5dc2442d81ab8d29fe3e1fb906)

crypto/bn/bn_lib.c
crypto/bn/bn_mont.c

index 10b78f5126076f614545d16e618aede4679553c1..f9c65f9f948a91193e9c5d1246ddea4e4958477e 100644 (file)
@@ -524,6 +524,9 @@ BIGNUM *BN_copy(BIGNUM *a, const BIGNUM *b)
     memcpy(a->d, b->d, sizeof(b->d[0]) * b->top);
 #endif
 
+    if (BN_get_flags(b, BN_FLG_CONSTTIME) != 0)
+        BN_set_flags(a, BN_FLG_CONSTTIME);
+
     a->top = b->top;
     a->neg = b->neg;
     bn_check_top(a);
index 94e7a8f841c842e09d8d7e37c1b0f86031f40dfe..3af9db870bcbe62e07a903aedb0731af85af7bbd 100644 (file)
@@ -382,8 +382,6 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, const BIGNUM *mod, BN_CTX *ctx)
     R = &(mont->RR);            /* grab RR as a temp */
     if (!BN_copy(&(mont->N), mod))
         goto err;               /* Set N */
-    if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
-        BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
     mont->N.neg = 0;
 
 #ifdef MONT_WORD