diff options
-rw-r--r-- | ssh-rsa.c | 18 |
1 files changed, 10 insertions, 8 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-rsa.c,v 1.65 2018/02/07 05:17:56 jsing Exp $ */ | 1 | /* $OpenBSD: ssh-rsa.c,v 1.66 2018/02/14 16:27:24 jsing Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> | 3 | * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> |
4 | * | 4 | * |
@@ -79,13 +79,12 @@ rsa_hash_alg_nid(int type) | |||
79 | } | 79 | } |
80 | } | 80 | } |
81 | 81 | ||
82 | /* calculate p-1 and q-1 */ | ||
83 | int | 82 | int |
84 | ssh_rsa_generate_additional_parameters(struct sshkey *key) | 83 | ssh_rsa_generate_additional_parameters(struct sshkey *key) |
85 | { | 84 | { |
86 | RSA *rsa; | ||
87 | BIGNUM *aux = NULL; | 85 | BIGNUM *aux = NULL; |
88 | BN_CTX *ctx = NULL; | 86 | BN_CTX *ctx = NULL; |
87 | BIGNUM d; | ||
89 | int r; | 88 | int r; |
90 | 89 | ||
91 | if (key == NULL || key->rsa == NULL || | 90 | if (key == NULL || key->rsa == NULL || |
@@ -98,12 +97,15 @@ ssh_rsa_generate_additional_parameters(struct sshkey *key) | |||
98 | r = SSH_ERR_ALLOC_FAIL; | 97 | r = SSH_ERR_ALLOC_FAIL; |
99 | goto out; | 98 | goto out; |
100 | } | 99 | } |
101 | rsa = key->rsa; | 100 | BN_set_flags(aux, BN_FLG_CONSTTIME); |
102 | 101 | ||
103 | if ((BN_sub(aux, rsa->q, BN_value_one()) == 0) || | 102 | BN_init(&d); |
104 | (BN_mod(rsa->dmq1, rsa->d, aux, ctx) == 0) || | 103 | BN_with_flags(&d, key->rsa->d, BN_FLG_CONSTTIME); |
105 | (BN_sub(aux, rsa->p, BN_value_one()) == 0) || | 104 | |
106 | (BN_mod(rsa->dmp1, rsa->d, aux, ctx) == 0)) { | 105 | if ((BN_sub(aux, key->rsa->q, BN_value_one()) == 0) || |
106 | (BN_mod(key->rsa->dmq1, &d, aux, ctx) == 0) || | ||
107 | (BN_sub(aux, key->rsa->p, BN_value_one()) == 0) || | ||
108 | (BN_mod(key->rsa->dmp1, &d, aux, ctx) == 0)) { | ||
107 | r = SSH_ERR_LIBCRYPTO_ERROR; | 109 | r = SSH_ERR_LIBCRYPTO_ERROR; |
108 | goto out; | 110 | goto out; |
109 | } | 111 | } |