Hello community, here is the log from the commit of package openssl for openSUSE:11.3 checked in at Mon Jun 6 19:05:19 CEST 2011.
-------- --- old-versions/11.3/UPDATES/all/openssl/openssl.changes 2011-02-10 08:31:19.000000000 +0100 +++ 11.3/openssl/openssl.changes 2011-05-31 09:52:17.000000000 +0200 @@ -1,0 +2,9 @@ +Tue May 31 07:50:20 UTC 2011 - [email protected] + +- fix bug[bnc#693027]. + Add protection against ECDSA timing attacks as mentioned in the paper + by Billy Bob Brumley and Nicola Tuveri, see: + http://eprint.iacr.org/2011/232.pdf + [Billy Bob Brumley and Nicola Tuveri] + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 New: ---- ECDSA_signatures_timing_attack.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl.spec ++++++ --- /var/tmp/diff_new_pack.y04zGt/_old 2011-06-06 19:03:09.000000000 +0200 +++ /var/tmp/diff_new_pack.y04zGt/_new 2011-06-06 19:03:09.000000000 +0200 @@ -32,7 +32,7 @@ %endif # Version: 1.0.0 -Release: 6.<RELEASE7> +Release: 6.<RELEASE9> Summary: Secure Sockets and Transport Layer Security Url: http://www.openssl.org/ Source: http://www.%{name}.org/source/%{name}-%{version}.tar.bz2 @@ -48,6 +48,7 @@ Patch5: CVE-2010-3864.patch Patch6: CVE-2010-4180.patch Patch7: CVE-2011-0014.patch +Patch8: ECDSA_signatures_timing_attack.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -182,6 +183,7 @@ %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 cp -p %{S:10} . echo "adding/overwriting some entries in the 'table' hash in Configure" # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags ++++++ ECDSA_signatures_timing_attack.patch ++++++ Index: openssl-1.0.0/crypto/ecdsa/ecs_ossl.c =================================================================== --- openssl-1.0.0.orig/crypto/ecdsa/ecs_ossl.c +++ openssl-1.0.0/crypto/ecdsa/ecs_ossl.c @@ -144,6 +144,16 @@ static int ecdsa_sign_setup(EC_KEY *ecke } while (BN_is_zero(k)); +#ifdef ECDSA_POINT_MUL_NO_CONSTTIME + /* We do not want timing information to leak the length of k, + * so we compute G*k using an equivalent scalar of fixed + * bit-length. */ + + if (!BN_add(k, k, order)) goto err; + if (BN_num_bits(k) <= BN_num_bits(order)) + if (!BN_add(k, k, order)) goto err; +#endif /* def(ECDSA_POINT_MUL_NO_CONSTTIME) */ + /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) { Index: openssl-1.0.0/crypto/ocsp/ocsp_lib.c =================================================================== --- openssl-1.0.0.orig/crypto/ocsp/ocsp_lib.c +++ openssl-1.0.0/crypto/ocsp/ocsp_lib.c @@ -170,13 +170,14 @@ int OCSP_parse_url(char *url, char **pho char *host, *port; + *phost = NULL; + *pport = NULL; + *ppath = NULL; + /* dup the buffer since we are going to mess with it */ buf = BUF_strdup(url); if (!buf) goto mem_err; - *phost = NULL; - *pport = NULL; - *ppath = NULL; /* Check for initial colon */ p = strchr(buf, ':'); ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
