The branch OpenSSL_1_1_0-stable has been updated via 6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 (commit) from e4fa7cc3fb9909c6aee411de15a06f918687b8e2 (commit)
- Log ----------------------------------------------------------------- commit 6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 Author: Billy Brumley <bbrum...@gmail.com> Date: Wed Apr 11 10:10:58 2018 +0300 RSA key generation: ensure BN_mod_inverse and BN_mod_exp_mont both get called with BN_FLG_CONSTTIME flag set. CVE-2018-0737 Reviewed-by: Rich Salz <rs...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_gen.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 9af43e0..79f77e3 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -89,6 +89,8 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, BIGNUM *e_value, if (BN_copy(rsa->e, e_value) == NULL) goto err; + BN_set_flags(rsa->p, BN_FLG_CONSTTIME); + BN_set_flags(rsa->q, BN_FLG_CONSTTIME); BN_set_flags(r2, BN_FLG_CONSTTIME); /* generate p and q */ for (;;) { _____ openssl-commits mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits