On 25/10/16 09:01, Sanjaya Joshi wrote:
> Hello,
>
> 1)
> In openssl1.0.2i, the release note says, there is a fix for CVE-2016-2178:
>
> "
> *) Constant time flag not preserved in DSA signing
>
> Operations in the DSA signing algorithm should run in constant time in
> order to avoid side channel attacks. A flaw in the OpenSSL DSA
> implementation means that a non-constant time codepath is followed for
> certain operations. This has been demonstrated through a cache-timing
> attack to be sufficient for an attacker to recover the private DSA key.
>
> This issue was reported by César Pereida (Aalto University), Billy
> Brumley
> (Tampere University of Technology), and Yuval Yarom (The University of
> Adelaide and NICTA).
> (CVE-2016-2178)
> [César Pereida]
> "
>
> 2)
> And the related code diff in git
> is:
> https://git.openssl.org/?p=openssl.git;a=commitdiff;h=399944622df7bd81af62e67ea967c470534090e2
>
> 3)
> But when i download the source code (1.0.2i and 1.0.2j), i cannot see
> those fixes.
>
> Could you please clarify a bit about this. Is this intended or i just
> need to apply the patches myself ?
Well, firstly the link you give above is the master version of the fix,
not the 1.0.2 version. Secondly, in 1.0.2, there were two relevant commits:
https://github.com/openssl/openssl/commit/621eaf49a289bfac26d4cbcdb7396e796784c534
and
https://github.com/openssl/openssl/commit/b7d0f2834e139a20560d64c73e2565e93715ce2b
Matt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
