From a0a595cda97de2b217b0582cfa601ee4c746bfce Mon Sep 17 00:00:00 2001 From: beck <> Date: Sat, 21 Jan 2017 09:38:59 +0000 Subject: Make explicit _ct and _nonct versions of bn_mod_exp funcitons that matter for constant time, and make the public interface only used external to the library. This moves us to a model where the important things are constant time versions unless you ask for them not to be, rather than the opposite. I'll continue with this method by method. Add regress tests for same. ok jsing@ --- src/lib/libcrypto/dsa/dsa_gen.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/lib/libcrypto/dsa/dsa_gen.c') diff --git a/src/lib/libcrypto/dsa/dsa_gen.c b/src/lib/libcrypto/dsa/dsa_gen.c index 7ddb7fec5e..d627e5ae9c 100644 --- a/src/lib/libcrypto/dsa/dsa_gen.c +++ b/src/lib/libcrypto/dsa/dsa_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dsa_gen.c,v 1.22 2015/07/15 18:34:37 miod Exp $ */ +/* $OpenBSD: dsa_gen.c,v 1.23 2017/01/21 09:38:59 beck Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -68,6 +68,7 @@ #include #include +#include "bn_lcl.h" #include "dsa_locl.h" int @@ -315,7 +316,7 @@ end: for (;;) { /* g=test^r0%p */ - if (!BN_mod_exp_mont(g, test, r0, p, ctx, mont)) + if (!BN_mod_exp_mont_ct(g, test, r0, p, ctx, mont)) goto err; if (!BN_is_one(g)) break; -- cgit v1.2.3-55-g6feb