[openssl-commits] [openssl] master update

Matt Caswell Mon, 16 Apr 2018 08:24:47 -0700

The branch master has been updated
       via  54f007af94b8924a46786b34665223c127c19081 (commit)
      from  b0a97931fbfd5c84e1ac031cb8a8d213d437fec5 (commit)



- Log -----------------------------------------------------------------
commit 54f007af94b8924a46786b34665223c127c19081
Author: Matt Caswell <[email protected]>
Date:   Thu Apr 12 12:07:53 2018 +0100

    RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get 
called with BN_FLG_CONSTTIME flag set.
    
    Based on an original patch by Billy Brumley
    
    CVE-2018-0737
    
    Reviewed-by: Rich Salz <[email protected]>

-----------------------------------------------------------------------

Summary of changes:
 crypto/rsa/rsa_gen.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index d8ef3c7..7f0a256 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -157,6 +157,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, int 
primes, BIGNUM *e_value,
             pinfo = sk_RSA_PRIME_INFO_value(prime_infos, i - 2);
             prime = pinfo->r;
         }
+        BN_set_flags(prime, BN_FLG_CONSTTIME);
 
         for (;;) {
  redo:
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits

[openssl-commits] [openssl] master update

Reply via email to