1 files changed, 11 insertions, 22 deletions

diff --git a/lib/libssl/src/crypto/rsa/rsa_gen.c b/lib/libssl/src/crypto/rsa/rsa_gen.c
index f6f051c4427..d46f4f2478f 100644
--- a/lib/libssl/src/crypto/rsa/rsa_gen.c
+++ b/lib/libssl/src/crypto/rsa/rsa_gen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_gen.c,v 1.17 2015/02/09 15:49:22 jsing Exp $ */
+/* $OpenBSD: rsa_gen.c,v 1.18 2016/06/30 02:02:06 bcook Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -90,8 +90,7 @@ static int
 rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 {
 	BIGNUM *r0 = NULL, *r1 = NULL, *r2 = NULL, *r3 = NULL, *tmp;
-	BIGNUM local_r0, local_d, local_p;
-	BIGNUM *pr0, *d, *p;
+	BIGNUM pr0, d, p;
 	int bitsp, bitsq, ok = -1, n = 0;
 	BN_CTX *ctx = NULL;
 
@@ -193,36 +192,26 @@ rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
 		goto err;
 	if (!BN_mul(r0, r1, r2, ctx))			/* (p-1)(q-1) */
 		goto err;
-	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-		pr0 = &local_r0;
-		BN_with_flags(pr0, r0, BN_FLG_CONSTTIME);
-	} else
-		pr0 = r0;
-	if (!BN_mod_inverse(rsa->d, rsa->e, pr0, ctx))	/* d */
+
+	BN_with_flags(&pr0, r0, BN_FLG_CONSTTIME);
+
+	if (!BN_mod_inverse(rsa->d, rsa->e, &pr0, ctx)) /* d */
 		goto err;
 
 	/* set up d for correct BN_FLG_CONSTTIME flag */
-	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-		d = &local_d;
-		BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
-	} else
-		d = rsa->d;
+	BN_with_flags(&d, rsa->d, BN_FLG_CONSTTIME);
 
 	/* calculate d mod (p-1) */
-	if (!BN_mod(rsa->dmp1, d, r1, ctx))
+	if (!BN_mod(rsa->dmp1, &d, r1, ctx))
 		goto err;
 
 	/* calculate d mod (q-1) */
-	if (!BN_mod(rsa->dmq1, d, r2, ctx))
+	if (!BN_mod(rsa->dmq1, &d, r2, ctx))
 		goto err;
 
 	/* calculate inverse of q mod p */
-	if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME)) {
-		p = &local_p;
-		BN_with_flags(p, rsa->p, BN_FLG_CONSTTIME);
-	} else
-		p = rsa->p;
-	if (!BN_mod_inverse(rsa->iqmp, rsa->q, p, ctx))
+	BN_with_flags(&p, rsa->p, BN_FLG_CONSTTIME);
+	if (!BN_mod_inverse(rsa->iqmp, rsa->q, &p, ctx))
 		goto err;
 
 	ok = 1;