projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d168705) | patch
More fix DSA, preserve BN_FLG_CONSTTIME
authorMatt Caswell <matt@openssl.org>
Tue, 7 Jun 2016 08:12:51 +0000 (09:12 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 7 Jun 2016 14:23:41 +0000 (15:23 +0100)
commit3681a4558c13198944e6f7f149c4be188e076e14
treeb0b0382f3b3041848860fc3f5792618e5e131072tree | snapshot
parentd168705e11526a4b487640c7cac5b53ee3646cbccommit | diff
More fix DSA, preserve BN_FLG_CONSTTIME

The previous "fix" still left "k" exposed to constant time problems in
the later BN_mod_inverse() call. Ensure both k and kq have the
BN_FLG_CONSTTIME flag set at the earliest opportunity after creation.

CVE-2016-2178

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b7d0f2834e139a20560d64c73e2565e93715ce2b)
crypto/dsa/dsa_ossl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.