Use BN_with_flags() in a cleaner way.

4 files changed, 5 insertions, 0 deletions

diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
index 6d52735207..9f4668a51d 100644
--- a/crypto/bn/bn.h
+++ b/crypto/bn/bn.h
@@ -253,6 +253,8 @@ extern "C" {
 #define BN_set_flags(b,n)	((b)->flags|=(n))
 #define BN_get_flags(b,n)	((b)->flags&(n))
 
+/* get a clone of a BIGNUM with changed flags, for *temporary* use only
+ * (the two BIGNUMs cannot not be used in parallel!) */
 #define BN_with_flags(dest,b,n)  ((dest)->d=(b)->d, \
                                   (dest)->top=(b)->top, \
                                   (dest)->dmax=(b)->dmax, \
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
index e384286c73..39eefe387e 100644
--- a/crypto/dh/dh_key.c
+++ b/crypto/dh/dh_key.c
@@ -148,6 +148,7 @@ static int generate_key(DH *dh)
 
 		if ((dh->flags & DH_FLAG_NO_EXP_CONSTTIME) == 0)
 			{
+			BN_init(&local_prk);
 			prk = &local_prk;
 			BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
 			}
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 5ba885e1e2..0423f2e00c 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -105,6 +105,7 @@ static int dsa_builtin_keygen(DSA *dsa)
 
 		if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
 			{
+			BN_init(&local_prk);
 			prk = &local_prk;
 			BN_with_flags(prk, priv_key, BN_FLG_EXP_CONSTTIME);
 			}
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index 175ab8a789..6954f36d5d 100644
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -383,6 +383,7 @@ static int RSA_eay_private_encrypt(int flen, const unsigned char *from,
 		
 		if (!(rsa->flags & RSA_FLAG_NO_EXP_CONSTTIME))
 			{
+			BN_init(&local_d);
 			d = &local_d;
 			BN_with_flags(d, rsa->d, BN_FLG_EXP_CONSTTIME);
 			}