We committed the patch for CVE-2015-2141 today. It was very narrow and only addressed CVE-2015-2141 (see below).
Both SourceForge (https://sourceforge.net/projects/cryptopp/) and Wei Dai's GitHub (https://github.com/weidai11) were updated. Thanks to Evgeny Sidorov for reporting; and thanks to JPM for suggesting squaring the random value to satisfy Jacobi requirements. Jeff $ git diff 9425e16437439e68c7d96abef922167d68fafaff^ diff --git a/rw.cpp b/rw.cpp index cdd9f2d..0b9318b 100644 --- a/rw.cpp +++ b/rw.cpp @@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumbe DoQuickSanityCheck(); ModularArithmetic modn(m_n); Integer r, rInv; - do { // do this in a loop for people using small numbers for testing + + // do this in a loop for people using small numbers for testing + do { r.Randomize(rng, Integer::One(), m_n - Integer::One()); + // Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. + // Squaring to satisfy Jacobi requirements suggested by JPM. + r = modn.Square(r); rInv = modn.MultiplicativeInverse(r); } while (rInv.IsZero()); + Integer re = modn.Square(r); re = modn.Multiply(re, x); // blind -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.