Implement internally opaque bn access from dsa

Reviewed-by: Tim Hudson <tjh@openssl.org>
author: Matt Caswell <matt@openssl.org> 2014-10-28 22:56:18 +0000
committer: Matt Caswell <matt@openssl.org> 2014-12-08 21:40:41 +0000
commit: c0d439019460def565bb115ecef749833eb4c299 (patch)
tree: 21f17f74c59d2da829b7a07f257ae6e7729cec1c /crypto/dsa/dsa_key.c
parent: 829ccf6ab6aab03a3f60f644027b43a5d2035bf8 (diff)
download: openssl-c0d439019460def565bb115ecef749833eb4c299.tar.gz
1 files changed, 9 insertions, 4 deletions
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index dbf745a7f3..a3adb2fdde 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -102,19 +102,24 @@ static int dsa_builtin_keygen(DSA *dsa)
 		pub_key=dsa->pub_key;
 	
 	{
-		BIGNUM local_prk;
+		BIGNUM *local_prk = NULL;
 		BIGNUM *prk;
 
 		if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0)
 			{
-			BN_init(&local_prk);
-			prk = &local_prk;
+			local_prk = prk = BN_new();
+			if(!local_prk) goto err;
 			BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
 			}
 		else
 			prk = priv_key;
 
-		if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx)) goto err;
+		if (!BN_mod_exp(pub_key,dsa->g,prk,dsa->p,ctx))
+			{
+			if (local_prk != NULL) BN_free(local_prk);
+			goto err;
+			}
+		if (local_prk != NULL) BN_free(local_prk);
 	}
 
 	dsa->priv_key=priv_key;
author	Matt Caswell <matt@openssl.org>	2014-10-28 22:56:18 +0000
committer	Matt Caswell <matt@openssl.org>	2014-12-08 21:40:41 +0000
commit	c0d439019460def565bb115ecef749833eb4c299 (patch)
tree	21f17f74c59d2da829b7a07f257ae6e7729cec1c /crypto/dsa/dsa_key.c
parent	829ccf6ab6aab03a3f60f644027b43a5d2035bf8 (diff)
download	openssl-c0d439019460def565bb115ecef749833eb4c299.tar.gz