commit 0e01eb534c25ccd5ce59917cd5ef37c059a94ebb
author Brian Smith <brian@briansmith.org> Thu Apr 21 16:30:37 2016 -1000
committer David Benjamin <davidben@google.com> Wed May 11 22:34:19 2016 +0000
tree 49e45ac839b30e8e2a8467877f3f66317d498fd8
parent d229433d7537dae5723a168c64ed8c70719d3f24

Call |BN_mod_exp_mont_consttime| in crypto/dh.

|BN_mod_exp_mont| will forward to |BN_mod_exp_mont_consttime|, so this
is a no-op semantically. However, this allows the linker to drop the
implementation of |BN_mod_exp_mont| even when the DH code is in use.

Change-Id: I0cb8b260224ed661ede74923bd134acb164459c1
Reviewed-on: https://boringssl-review.googlesource.com/7730
Reviewed-by: David Benjamin <davidben@google.com>

crypto/dh/dh.c

diff --git a/crypto/dh/dh.c b/crypto/dh/dh.c
index a5cf94d..94eb364 100644
--- a/crypto/dh/dh.c
+++ b/crypto/dh/dh.c
@@ -291,8 +291,8 @@
   }
 
   BN_with_flags(&local_priv, priv_key, BN_FLG_CONSTTIME);
-  if (!BN_mod_exp_mont(pub_key, dh->g, &local_priv, dh->p, ctx,
-                       dh->method_mont_p)) {
+  if (!BN_mod_exp_mont_consttime(pub_key, dh->g, &local_priv, dh->p, ctx,
+                                 dh->method_mont_p)) {
     goto err;
   }
 
@@ -353,8 +353,8 @@
   }
 
   BN_with_flags(&local_priv, dh->priv_key, BN_FLG_CONSTTIME);
-  if (!BN_mod_exp_mont(shared_key, peers_key, &local_priv, dh->p, ctx,
-                       dh->method_mont_p)) {
+  if (!BN_mod_exp_mont_consttime(shared_key, peers_key, &local_priv, dh->p, ctx,
+                                 dh->method_mont_p)) {
     OPENSSL_PUT_ERROR(DH, ERR_R_BN_LIB);
     goto err;
   }