projects
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Added const-time flag to DSA key decoding to avoid potential leak of privkey
[openssl.git]
/
crypto
/
dsa
/
dsa_ameth.c
diff --git
a/crypto/dsa/dsa_ameth.c
b/crypto/dsa/dsa_ameth.c
index 7c0428d3f64085c9f49af0651f780ae5dce27165..fbb912146977a45325a4121b6777da5303090384 100644
(file)
--- a/
crypto/dsa/dsa_ameth.c
+++ b/
crypto/dsa/dsa_ameth.c
@@
-175,6
+175,7
@@
static int dsa_priv_decode(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8)
goto dsaerr;
}
+ BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
goto dsaerr;