Deprecate the flags that switch off constant time

[thirdparty/openssl.git] / crypto / dsa / dsa_key.c

diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 2bb84543d6a32fe906ffde69cce167cd3b9012d6..aa5d42ce174ff7d7dd1cc451aeb1a6ceee76a8a3 100644 (file)
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -50,24 +50,18 @@ static int dsa_builtin_keygen(DSA *dsa)
         pub_key = dsa->pub_key;
 
     {
-        BIGNUM *local_prk = NULL;
-        BIGNUM *prk;
+        BIGNUM *prk = BN_new();
 
-        if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
-            local_prk = prk = BN_new();
-            if (local_prk == NULL)
-                goto err;
-            BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
-        } else {
-            prk = priv_key;
-        }
+        if (prk == NULL)
+            goto err;
+        BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
 
         if (!BN_mod_exp(pub_key, dsa->g, prk, dsa->p, ctx)) {
-            BN_free(local_prk);
+            BN_free(prk);
             goto err;
         }
-        /* We MUST free local_prk before any further use of priv_key */
-        BN_free(local_prk);
+        /* We MUST free prk before any further use of priv_key */
+        BN_free(prk);
     }
 
     dsa->priv_key = priv_key;