equal
deleted
inserted
replaced
|
1 # The patch is based on the following commit from the upstream: |
|
2 # https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2 |
|
3 # The fix is patched until the new version becomes available |
|
4 # from the upstream. |
|
5 --- a/crypto/dsa/dsa_ossl.c 2016-06-20 08:06:46.793733045 -0700 |
|
6 +++ b/crypto/dsa/dsa_ossl.c 2016-06-20 08:07:42.133601060 -0700 |
|
7 @@ -248,9 +248,6 @@ |
|
8 if (!BN_rand_range(&k, dsa->q)) |
|
9 goto err; |
|
10 while (BN_is_zero(&k)) ; |
|
11 - if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { |
|
12 - BN_set_flags(&k, BN_FLG_CONSTTIME); |
|
13 - } |
|
14 |
|
15 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { |
|
16 if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, |
|
17 @@ -282,6 +279,11 @@ |
|
18 } else { |
|
19 K = &k; |
|
20 } |
|
21 + |
|
22 + if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) { |
|
23 + BN_set_flags(K, BN_FLG_CONSTTIME); |
|
24 + } |
|
25 + |
|
26 DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx, |
|
27 dsa->method_mont_p); |
|
28 if (!BN_mod(r, r, dsa->q, ctx)) |