Change to mitigate branch prediction attacks

Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
author: Bodo Möller <bodo@openssl.org> 2007-03-28 00:15:28 +0000
committer: Bodo Möller <bodo@openssl.org> 2007-03-28 00:15:28 +0000
commit: bd31fb21454609b125ade1ad569ebcc2a2b9b73c (patch)
tree: 812dbe6bff6096ca490e26dd48a6bc3fee51b320 /crypto/dsa
parent: b506821d43f0b0114d91b74398f0ead4b51cc32b (diff)
2 files changed, 2 insertions, 2 deletions
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 0423f2e00c..c4aa86bc6d 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -107,7 +107,7 @@ static int dsa_builtin_keygen(DSA *dsa)
 			{
 			BN_init(&local_prk);
 			prk = &local_prk;
-			BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
+			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
 			}
 		else
 			prk = priv_key;
diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
index 38004eced5..4fead07e80 100644
--- a/crypto/dsa/dsa_ossl.c
+++ b/crypto/dsa/dsa_ossl.c
@@ -238,7 +238,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
 	while (BN_is_zero(&k));
 	if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
 		{
-		BN_set_flags(&k, BN_FLG_EXP_CONSTTIME);
+		BN_set_flags(&k, BN_FLG_CONSTTIME);
 		}
 
 	if (dsa->flags & DSA_FLAG_CACHE_MONT_P)
author	Bodo Möller <bodo@openssl.org>	2007-03-28 00:15:28 +0000
committer	Bodo Möller <bodo@openssl.org>	2007-03-28 00:15:28 +0000
commit	bd31fb21454609b125ade1ad569ebcc2a2b9b73c (patch)
tree	812dbe6bff6096ca490e26dd48a6bc3fee51b320 /crypto/dsa
parent	b506821d43f0b0114d91b74398f0ead4b51cc32b (diff)