diff options
author | Matt Caswell <matt@openssl.org> | 2016-05-26 10:55:11 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-06-06 11:09:06 +0100 |
commit | 5584f65a1027b06fe0cfc4be28d1a232cf180e42 (patch) | |
tree | e1d62f81d9d5a23575e4f4063b47d28e680afcdf /crypto/dh | |
parent | f943e640efbb5ec30bf57b59468c094083c99eb2 (diff) |
Deprecate the flags that switch off constant time
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and
DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch
off the constant time implementation for RSA, DSA and DH have been made
no-ops and deprecated.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Diffstat (limited to 'crypto/dh')
-rw-r--r-- | crypto/dh/dh_key.c | 35 |
1 files changed, 9 insertions, 26 deletions
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 9b79f394fc..1644003bd9 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -113,24 +113,18 @@ static int generate_key(DH *dh) } { - BIGNUM *local_prk = NULL; - BIGNUM *prk; + BIGNUM *prk = BN_new(); - if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) { - local_prk = prk = BN_new(); - if (local_prk == NULL) - goto err; - BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); - } else { - prk = priv_key; - } + if (prk == NULL) + goto err; + BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME); if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) { - BN_free(local_prk); + BN_free(prk); goto err; } - /* We MUST free local_prk before any further use of priv_key */ - BN_free(local_prk); + /* We MUST free prk before any further use of priv_key */ + BN_free(prk); } dh->pub_key = pub_key; @@ -175,10 +169,7 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh) if (dh->flags & DH_FLAG_CACHE_MONT_P) { mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, dh->lock, dh->p, ctx); - if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0) { - /* XXX */ - BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); - } + BN_set_flags(dh->priv_key, BN_FLG_CONSTTIME); if (!mont) goto err; } @@ -207,15 +198,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx) { - /* - * If a is only one word long and constant time is false, use the faster - * exponentiation function. - */ - if (bn_get_top(a) == 1 && ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) != 0)) { - BN_ULONG A = bn_get_words(a)[0]; - return BN_mod_exp_mont_word(r, A, p, m, ctx, m_ctx); - } else - return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); + return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx); } static int dh_init(DH *dh) |