diff options
Diffstat (limited to 'openssl/crypto/bn')
-rw-r--r-- | openssl/crypto/bn/bn_exp.c | 2 | ||||
-rw-r--r-- | openssl/crypto/bn/bn_lib.c | 9 | ||||
-rw-r--r-- | openssl/crypto/bn/bn_sqr.c | 1 |
3 files changed, 11 insertions, 1 deletions
diff --git a/openssl/crypto/bn/bn_exp.c b/openssl/crypto/bn/bn_exp.c index 2abf6fd67..5e7eb3373 100644 --- a/openssl/crypto/bn/bn_exp.c +++ b/openssl/crypto/bn/bn_exp.c @@ -680,7 +680,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p, /* Dedicated window==4 case improves 512-bit RSA sign by ~15%, but as * 512-bit RSA is hardly relevant, we omit it to spare size... */ - if (window==5) + if (window==5 && top>1) { void bn_mul_mont_gather5(BN_ULONG *rp,const BN_ULONG *ap, const void *table,const BN_ULONG *np, diff --git a/openssl/crypto/bn/bn_lib.c b/openssl/crypto/bn/bn_lib.c index 5461e6ee7..d5a211e28 100644 --- a/openssl/crypto/bn/bn_lib.c +++ b/openssl/crypto/bn/bn_lib.c @@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words) BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); return(NULL); } +#ifdef PURIFY + /* Valgrind complains in BN_consttime_swap because we process the whole + * array even if it's not initialised yet. This doesn't matter in that + * function - what's important is constant time operation (we're not + * actually going to use the data) + */ + memset(a, 0, sizeof(BN_ULONG)*words); +#endif + #if 1 B=b->d; /* Check if the previous number needs to be copied */ diff --git a/openssl/crypto/bn/bn_sqr.c b/openssl/crypto/bn/bn_sqr.c index 270d0cd34..65bbf165d 100644 --- a/openssl/crypto/bn/bn_sqr.c +++ b/openssl/crypto/bn/bn_sqr.c @@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, BN_CTX *ctx) if (al <= 0) { r->top=0; + r->neg = 0; return 1; } |