The branch master has been updated via 54f007af94b8924a46786b34665223c127c19081 (commit) from b0a97931fbfd5c84e1ac031cb8a8d213d437fec5 (commit)
- Log ----------------------------------------------------------------- commit 54f007af94b8924a46786b34665223c127c19081 Author: Matt Caswell <m...@openssl.org> Date: Thu Apr 12 12:07:53 2018 +0100 RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set. Based on an original patch by Billy Brumley CVE-2018-0737 Reviewed-by: Rich Salz <rs...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_gen.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index d8ef3c7..7f0a256 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -157,6 +157,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value, pinfo = sk_RSA_PRIME_INFO_value(prime_infos, i - 2); prime = pinfo->r; } + BN_set_flags(prime, BN_FLG_CONSTTIME); for (;;) { redo: _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits