2 files changed, 14 insertions, 8 deletions

diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index af2b849ff..508244112 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -74,21 +74,26 @@ bool RW_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
    }
 
 RW_Signature_Operation::RW_Signature_Operation(const RW_PrivateKey& rw) :
+   n(rw.get_n()),
+   e(rw.get_e()),
    q(rw.get_q()),
    c(rw.get_c()),
-   n(rw.get_n()),
    powermod_d1_p(rw.get_d1(), rw.get_p()),
    powermod_d2_q(rw.get_d2(), rw.get_q()),
    mod_p(rw.get_p())
    {
-   BigInt k = Blinder::choose_nonce(rw.get_d(), n);
-   blinder = Blinder(power_mod(k, rw.get_e(), n), inverse_mod(k, n), n);
    }
 
 SecureVector<byte>
 RW_Signature_Operation::sign(const byte msg[], u32bit msg_len,
-                             RandomNumberGenerator&) const
+                             RandomNumberGenerator& rng)
    {
+   if(!blinder.initialized())
+      {
+      BigInt k(rng, n.bits() / 2);
+      blinder = Blinder(power_mod(k, e, n), inverse_mod(k, n), n);
+      }
+
    BigInt i(msg, msg_len);
 
    if(i >= n || i % 16 != 12)
@@ -111,7 +116,7 @@ RW_Signature_Operation::sign(const byte msg[], u32bit msg_len,
    }
 
 SecureVector<byte>
-RW_Verification_Operation::verify_mr(const byte msg[], u32bit msg_len) const
+RW_Verification_Operation::verify_mr(const byte msg[], u32bit msg_len)
    {
    BigInt m(msg, msg_len);
 
diff --git a/src/pubkey/rw/rw.h b/src/pubkey/rw/rw.h
index 25e7be634..3ca9bb722 100644
--- a/src/pubkey/rw/rw.h
+++ b/src/pubkey/rw/rw.h
@@ -66,11 +66,12 @@ class BOTAN_DLL RW_Signature_Operation : public PK_Ops::Signature
       u32bit max_input_bits() const { return (n.bits() - 1); }
 
       SecureVector<byte> sign(const byte msg[], u32bit msg_len,
-                              RandomNumberGenerator& rng) const;
+                              RandomNumberGenerator& rng);
    private:
+      const BigInt& n;
+      const BigInt& e;
       const BigInt& q;
       const BigInt& c;
-      const BigInt& n;
 
       Fixed_Exponent_Power_Mod powermod_d1_p, powermod_d2_q;
       Modular_Reducer mod_p;
@@ -87,7 +88,7 @@ class BOTAN_DLL RW_Verification_Operation : public PK_Ops::Verification
       u32bit max_input_bits() const { return (n.bits() - 1); }
       bool with_recovery() const { return true; }
 
-      SecureVector<byte> verify_mr(const byte msg[], u32bit msg_len) const;
+      SecureVector<byte> verify_mr(const byte msg[], u32bit msg_len);
 
    private:
       const BigInt& n;