diff options
Diffstat (limited to 'crypto/openssl/crypto/dsa/dsa_key.c')
-rw-r--r-- | crypto/openssl/crypto/dsa/dsa_key.c | 29 |
1 files changed, 25 insertions, 4 deletions
diff --git a/crypto/openssl/crypto/dsa/dsa_key.c b/crypto/openssl/crypto/dsa/dsa_key.c index 30607ca579fe..0423f2e00cd2 100644 --- a/crypto/openssl/crypto/dsa/dsa_key.c +++ b/crypto/openssl/crypto/dsa/dsa_key.c @@ -56,17 +56,25 @@ * [including the GNU Public Licence.] */ -#ifndef OPENSSL_NO_SHA #include <stdio.h> #include <time.h> #include "cryptlib.h" +#ifndef OPENSSL_NO_SHA #include <openssl/bn.h> #include <openssl/dsa.h> #include <openssl/rand.h> -#ifndef OPENSSL_FIPS +static int dsa_builtin_keygen(DSA *dsa); + int DSA_generate_key(DSA *dsa) { + if(dsa->meth->dsa_keygen) + return dsa->meth->dsa_keygen(dsa); + return dsa_builtin_keygen(dsa); + } + +static int dsa_builtin_keygen(DSA *dsa) + { int ok=0; BN_CTX *ctx=NULL; BIGNUM *pub_key=NULL,*priv_key=NULL; @@ -90,8 +98,22 @@ int DSA_generate_key(DSA *dsa) } else pub_key=dsa->pub_key; + + { + BIGNUM local_prk; + BIGNUM *prk; - if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err; + if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) + { + BN_init(&local_prk); + prk = &local_prk; + BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME); + } + else + prk = priv_key; + + if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err; + } dsa->priv_key=priv_key; dsa->pub_key=pub_key; @@ -104,4 +126,3 @@ err: return(ok); } #endif -#endif |