1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c
index e5231d2a95..5928dfc79d 100644
--- a/src/lib/libcrypto/bn/bn_sqrt.c
+++ b/src/lib/libcrypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bn_sqrt.c,v 1.7 2016/11/08 01:40:22 guenther Exp $ */
+/* $OpenBSD: bn_sqrt.c,v 1.8 2017/01/21 09:38:58 beck Exp $ */
 /* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
 * and Bodo Moeller for the OpenSSL project. */
 /* ====================================================================
@@ -149,7 +149,7 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
                q->neg = 0;
                if (!BN_add_word(q, 1))
                        goto end;
-                if (!BN_mod_exp(ret, A, q, p, ctx))
+                if (!BN_mod_exp_ct(ret, A, q, p, ctx))
                        goto end;
                err = 0;
                goto vrfy;
@@ -190,7 +190,7 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
                if (!BN_rshift(q, p, 3))
                        goto end;
                q->neg = 0;
-                if (!BN_mod_exp(b, t, q, p, ctx))
+                if (!BN_mod_exp_ct(b, t, q, p, ctx))
                        goto end;
                /* y := b^2 */
@@ -272,7 +272,7 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
        /* Now that we have some non-square, we can find an element
         * of order  2^e  by computing its q'th power. */
-        if (!BN_mod_exp(y, y, q, p, ctx))
+        if (!BN_mod_exp_ct(y, y, q, p, ctx))
                goto end;
        if (BN_is_one(y)) {
                BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
@@ -314,7 +314,7 @@ BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
                } else if (!BN_one(x))
                        goto end;
        } else {
-                if (!BN_mod_exp(x, A, t, p, ctx))
+                if (!BN_mod_exp_ct(x, A, t, p, ctx))
                        goto end;
                if (BN_is_zero(x)) {
                        /* special case: a == 0  (mod p) */

diff --git a/src/lib/libcrypto/bn/bn_sqrt.c b/src/lib/libcrypto/bn/bn_sqrt.c index e5231d2a95..5928dfc79d 100644 --- a/src/lib/libcrypto/bn/bn_sqrt.c +++ b/src/lib/libcrypto/bn/bn_sqrt.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: bn_sqrt.c,v 1.7 2016/11/08 01:40:22 guenther Exp $ */	1	/* $OpenBSD: bn_sqrt.c,v 1.8 2017/01/21 09:38:58 beck Exp $ */
2	/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>	2	/* Written by Lenka Fibikova <fibikova@exp-math.uni-essen.de>
3	* and Bodo Moeller for the OpenSSL project. */	3	* and Bodo Moeller for the OpenSSL project. */
4	/* ====================================================================	4	/* ====================================================================
@@ -149,7 +149,7 @@ BN_mod_sqrt(BIGNUM in, const BIGNUM a, const BIGNUM p, BN_CTX ctx)
149	q->neg = 0;	149	q->neg = 0;
150	if (!BN_add_word(q, 1))	150	if (!BN_add_word(q, 1))
151	goto end;	151	goto end;
152	if (!BN_mod_exp(ret, A, q, p, ctx))	152	if (!BN_mod_exp_ct(ret, A, q, p, ctx))
153	goto end;	153	goto end;
154	err = 0;	154	err = 0;
155	goto vrfy;	155	goto vrfy;
@@ -190,7 +190,7 @@ BN_mod_sqrt(BIGNUM in, const BIGNUM a, const BIGNUM p, BN_CTX ctx)
190	if (!BN_rshift(q, p, 3))	190	if (!BN_rshift(q, p, 3))
191	goto end;	191	goto end;
192	q->neg = 0;	192	q->neg = 0;
193	if (!BN_mod_exp(b, t, q, p, ctx))	193	if (!BN_mod_exp_ct(b, t, q, p, ctx))
194	goto end;	194	goto end;
195		195
196	/* y := b^2 */	196	/* y := b^2 */
@@ -272,7 +272,7 @@ BN_mod_sqrt(BIGNUM in, const BIGNUM a, const BIGNUM p, BN_CTX ctx)
272		272
273	/* Now that we have some non-square, we can find an element	273	/* Now that we have some non-square, we can find an element
274	* of order 2^e by computing its q'th power. */	274	* of order 2^e by computing its q'th power. */
275	if (!BN_mod_exp(y, y, q, p, ctx))	275	if (!BN_mod_exp_ct(y, y, q, p, ctx))
276	goto end;	276	goto end;
277	if (BN_is_one(y)) {	277	if (BN_is_one(y)) {
278	BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);	278	BNerr(BN_F_BN_MOD_SQRT, BN_R_P_IS_NOT_PRIME);
@@ -314,7 +314,7 @@ BN_mod_sqrt(BIGNUM in, const BIGNUM a, const BIGNUM p, BN_CTX ctx)
314	} else if (!BN_one(x))	314	} else if (!BN_one(x))
315	goto end;	315	goto end;
316	} else {	316	} else {
317	if (!BN_mod_exp(x, A, t, p, ctx))	317	if (!BN_mod_exp_ct(x, A, t, p, ctx))
318	goto end;	318	goto end;
319	if (BN_is_zero(x)) {	319	if (BN_is_zero(x)) {
320	/* special case: a == 0 (mod p) */	320	/* special case: a == 0 (mod p) */