[crypto/rsa] Set the constant-time flag in multi-prime RSA too

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9779)
author: Cesar Pereida Garcia <cesar.pereidagarcia@tut.fi> 2019-09-06 10:48:00 +0300
committer: Matt Caswell <matt@openssl.org> 2019-09-06 16:11:27 +0100
commit: d2baf88c43e5a40cfc3bcd4ca35cbae53161941c (patch)
tree: 1a7345ae48a32c77c47407c2cd76c935a5dabfb8 /crypto
parent: 311e903d8468e2a380d371609a10eda71de16c0e (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index e7fdbc2aab..c6e570089f 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -409,12 +409,15 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
         if (pinfo == NULL)
             goto err;
         if (primes[i] != NULL && exps[i] != NULL && coeffs[i] != NULL) {
-            BN_free(pinfo->r);
-            BN_free(pinfo->d);
-            BN_free(pinfo->t);
+            BN_clear_free(pinfo->r);
+            BN_clear_free(pinfo->d);
+            BN_clear_free(pinfo->t);
             pinfo->r = primes[i];
             pinfo->d = exps[i];
             pinfo->t = coeffs[i];
+            BN_set_flags(pinfo->r, BN_FLG_CONSTTIME);
+            BN_set_flags(pinfo->d, BN_FLG_CONSTTIME);
+            BN_set_flags(pinfo->t, BN_FLG_CONSTTIME);
         } else {
             rsa_multip_info_free(pinfo);
             goto err;
author	Cesar Pereida Garcia <cesar.pereidagarcia@tut.fi>	2019-09-06 10:48:00 +0300
committer	Matt Caswell <matt@openssl.org>	2019-09-06 16:11:27 +0100
commit	d2baf88c43e5a40cfc3bcd4ca35cbae53161941c (patch)
tree	1a7345ae48a32c77c47407c2cd76c935a5dabfb8 /crypto
parent	311e903d8468e2a380d371609a10eda71de16c0e (diff)