1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c
index ed4bc666bf..f650e94b09 100644
--- a/src/lib/libcrypto/bn/bn_exp.c
+++ b/src/lib/libcrypto/bn/bn_exp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_exp.c,v 1.28 2017/01/21 09:38:58 beck Exp $ */
+/* $OpenBSD: bn_exp.c,v 1.29 2017/01/21 10:38:29 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -735,7 +735,7 @@ BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
        /* prepare a^1 in Montgomery domain */
        if (a->neg || BN_ucmp(a, m) >= 0) {
-                if (!BN_mod(&am, a,m, ctx))
+                if (!BN_mod_ct(&am, a,m, ctx))
                        goto err;
                if (!BN_to_montgomery(&am, &am, mont, ctx))
                        goto err;
@@ -924,7 +924,7 @@ BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p, const BIGNUM *m,
 #define BN_MOD_MUL_WORD(r, w, m) \
                (BN_mul_word(r, (w)) && \
                (/* BN_ucmp(r, (m)) < 0 ? 1 :*/  \
-                        (BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
+                        (BN_mod_ct(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
                /* BN_MOD_MUL_WORD is only used with 'w' large,
                 * so the BN_ucmp test is probably more overhead
                 * than always using BN_mod (which uses BN_copy if

diff --git a/src/lib/libcrypto/bn/bn_exp.c b/src/lib/libcrypto/bn/bn_exp.c index ed4bc666bf..f650e94b09 100644 --- a/src/lib/libcrypto/bn/bn_exp.c +++ b/src/lib/libcrypto/bn/bn_exp.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_exp.c,v 1.28 2017/01/21 09:38:58 beck Exp $ */	1	/* $OpenBSD: bn_exp.c,v 1.29 2017/01/21 10:38:29 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -735,7 +735,7 @@ BN_mod_exp_mont_consttime(BIGNUM rr, const BIGNUM a, const BIGNUM *p,
735		735
736	/* prepare a^1 in Montgomery domain */	736	/* prepare a^1 in Montgomery domain */
737	if (a->neg \|\| BN_ucmp(a, m) >= 0) {	737	if (a->neg \|\| BN_ucmp(a, m) >= 0) {
738	if (!BN_mod(&am, a,m, ctx))	738	if (!BN_mod_ct(&am, a,m, ctx))
739	goto err;	739	goto err;
740	if (!BN_to_montgomery(&am, &am, mont, ctx))	740	if (!BN_to_montgomery(&am, &am, mont, ctx))
741	goto err;	741	goto err;
@@ -924,7 +924,7 @@ BN_mod_exp_mont_word(BIGNUM rr, BN_ULONG a, const BIGNUM p, const BIGNUM *m,
924	#define BN_MOD_MUL_WORD(r, w, m) \	924	#define BN_MOD_MUL_WORD(r, w, m) \
925	(BN_mul_word(r, (w)) && \	925	(BN_mul_word(r, (w)) && \
926	(/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \	926	(/* BN_ucmp(r, (m)) < 0 ? 1 :*/ \
927	(BN_mod(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))	927	(BN_mod_ct(t, r, m, ctx) && (swap_tmp = r, r = t, t = swap_tmp, 1))))
928	/* BN_MOD_MUL_WORD is only used with 'w' large,	928	/* BN_MOD_MUL_WORD is only used with 'w' large,
929	* so the BN_ucmp test is probably more overhead	929	* so the BN_ucmp test is probably more overhead
930	* than always using BN_mod (which uses BN_copy if	930	* than always using BN_mod (which uses BN_copy if