Change to mitigate branch prediction attacks

Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
author: Bodo Möller <bodo@openssl.org> 2007-03-28 00:15:28 +0000
committer: Bodo Möller <bodo@openssl.org> 2007-03-28 00:15:28 +0000
commit: bd31fb21454609b125ade1ad569ebcc2a2b9b73c (patch)
tree: 812dbe6bff6096ca490e26dd48a6bc3fee51b320 /crypto/dh
parent: b506821d43f0b0114d91b74398f0ead4b51cc32b (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index 37a2c1bca2..e7db440342 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -150,7 +150,7 @@ static int generate_key(DH *dh)
 			{
 			BN_init(&local_prk);
 			prk = &local_prk;
-			BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
+			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
 			}
 		else
 			prk = priv_key;
@@ -203,7 +203,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
 		if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
 			{
 			/* XXX */
-			BN_set_flags(dh->priv_key, BN_FLG_EXP_CONSTTIME);
+			BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME);
 			}
 		if (!mont)
 			goto err;
author	Bodo Möller <bodo@openssl.org>	2007-03-28 00:15:28 +0000
committer	Bodo Möller <bodo@openssl.org>	2007-03-28 00:15:28 +0000
commit	bd31fb21454609b125ade1ad569ebcc2a2b9b73c (patch)
tree	812dbe6bff6096ca490e26dd48a6bc3fee51b320 /crypto/dh
parent	b506821d43f0b0114d91b74398f0ead4b51cc32b (diff)