diff options
author | Bodo Möller <bodo@openssl.org> | 2007-03-28 00:15:28 +0000 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2007-03-28 00:15:28 +0000 |
commit | bd31fb21454609b125ade1ad569ebcc2a2b9b73c (patch) | |
tree | 812dbe6bff6096ca490e26dd48a6bc3fee51b320 /crypto/bn/bn_blind.c | |
parent | b506821d43f0b0114d91b74398f0ead4b51cc32b (diff) |
Change to mitigate branch prediction attacks
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
Diffstat (limited to 'crypto/bn/bn_blind.c')
-rw-r--r-- | crypto/bn/bn_blind.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/crypto/bn/bn_blind.c b/crypto/bn/bn_blind.c index ccecc63cda..e9b6173e24 100644 --- a/crypto/bn/bn_blind.c +++ b/crypto/bn/bn_blind.c @@ -153,7 +153,12 @@ BN_BLINDING *BN_BLINDING_new(const BIGNUM *A, const BIGNUM *Ai, BIGNUM *mod) { if ((ret->Ai = BN_dup(Ai)) == NULL) goto err; } - ret->mod = mod; + + /* save a copy of mod in the BN_BLINDING structure */ + if ((ret->mod = BN_dup(mod)) == NULL) goto err; + if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0) + BN_set_flags(ret->mod, BN_FLG_CONSTTIME); + ret->counter = BN_BLINDING_COUNTER; return(ret); err: @@ -169,6 +174,7 @@ void BN_BLINDING_free(BN_BLINDING *r) if (r->A != NULL) BN_free(r->A ); if (r->Ai != NULL) BN_free(r->Ai); if (r->e != NULL) BN_free(r->e ); + if (r->mod != NULL) BN_free(r->mod); OPENSSL_free(r); } |