Set flag BN_FLG_CONSTTIME earlier

Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
author: Cesar Pereida <cesar.pereida@aalto.fi> 2016-06-07 16:02:01 +0300
committer: Matt Caswell <matt@openssl.org> 2016-06-07 15:26:57 +0100
commit: 47ae05ba6288c831a9aa4282f9cce40372e79ea9 (patch)
tree: 6da91717218ad9f12abb5071740a6f122dd9dcad /crypto/dsa
parent: 033dc8fad03a23f650e347204446c882bcadcfdf (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 81c5239869..9c97ef949c 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -167,6 +167,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
             goto err;
     } while (BN_is_zero(k));
 
+    BN_set_flags(k, BN_FLG_CONSTTIME);
+
     if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
         if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
                                     dsa->lock, dsa->p, ctx))
@@ -189,8 +191,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
             goto err;
     }
 
-    BN_set_flags(k, BN_FLG_CONSTTIME);
-
     if ((dsa)->meth->bn_mod_exp != NULL) {
             if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, k, dsa->p, ctx,
                                        dsa->method_mont_p))
@@ -200,7 +200,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
                 goto err;
     }
 
-
     if (!BN_mod(r, r, dsa->q, ctx))
         goto err;
author	Cesar Pereida <cesar.pereida@aalto.fi>	2016-06-07 16:02:01 +0300
committer	Matt Caswell <matt@openssl.org>	2016-06-07 15:26:57 +0100
commit	47ae05ba6288c831a9aa4282f9cce40372e79ea9 (patch)
tree	6da91717218ad9f12abb5071740a6f122dd9dcad /crypto/dsa
parent	033dc8fad03a23f650e347204446c882bcadcfdf (diff)