File openssl-add-missing-commits-for-bsc1117951.patch of Package openssl.14115

Index: openssl-1.0.1i/crypto/bn/bn_mont.c
===================================================================
--- openssl-1.0.1i.orig/crypto/bn/bn_mont.c
+++ openssl-1.0.1i/crypto/bn/bn_mont.c
@@ -212,6 +212,11 @@ static int bn_from_montgomery_word(BIGNU
 #ifdef BN_COUNT
 	fprintf(stderr,"word BN_from_montgomery_word %d * %d\n",nl,nl);
 #endif
+	/*
+	 * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
+	 * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
+	 * includes |carry| which is stored separately.
+	 */
 	for (carry=0, i=0; i<nl; i++, rp++)
 		{
 #ifdef __TANDEM
@@ -277,9 +282,6 @@ static int bn_from_montgomery_word(BIGNU
 	if (bn_sub_words (rp,ap,np,nl)-carry)
 		memcpy(rp,ap,nl*sizeof(BN_ULONG));
 #endif
-	bn_correct_top(r);
-	bn_correct_top(ret);
-	bn_check_top(ret);
 
 	return(1);
 	}
@@ -306,8 +308,6 @@ int bn_from_mont_fixed_top(BIGNUM *ret,
 	BN_CTX_start(ctx);
 	if ((t = BN_CTX_get(ctx)) && BN_copy(t, a)) {
 		retn = bn_from_montgomery_word(ret, t, mont);
-		bn_correct_top(ret);
-		bn_check_top(ret);
 	}
 	BN_CTX_end(ctx);
 #else /* !MONT_WORD */
@@ -389,6 +389,8 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, c
 	if((Ri = BN_CTX_get(ctx)) == NULL) goto err;
 	R= &(mont->RR);					/* grab RR as a temp */
 	if (!BN_copy(&(mont->N),mod)) goto err;		/* Set N */
+	if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+	  BN_set_flags(&(mont->N), BN_FLG_CONSTTIME);
 	mont->N.neg = 0;
 
 #ifdef MONT_WORD
@@ -401,6 +403,9 @@ int BN_MONT_CTX_set(BN_MONT_CTX *mont, c
 		tmod.dmax=2;
 		tmod.neg=0;
 
+		if (BN_get_flags(mod, BN_FLG_CONSTTIME) != 0)
+		  BN_set_flags(&tmod, BN_FLG_CONSTTIME);
+
 		mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
 
 #if defined(OPENSSL_BN_ASM_MONT) && (BN_BITS2<=32)
Index: openssl-1.0.1i/crypto/bn/bn_mul.c
===================================================================
--- openssl-1.0.1i.orig/crypto/bn/bn_mul.c
+++ openssl-1.0.1i/crypto/bn/bn_mul.c
@@ -1103,7 +1103,7 @@ int bn_mul_fixed_top(BIGNUM *r, const BI
 end:
 #endif
 	rr->flags |= BN_FLG_FIXED_TOP;
-	if (r != rr) BN_copy(r,rr);
+	if (r != rr && BN_copy(r, rr) == NULL) goto err;
 	ret=1;
 err:
 	bn_check_top(r);