Search
j0ke.net Open Build Service
>
Projects
>
home:netmax
:
monitoring
>
openssl1
> openssl-CVE-2016-7056.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File openssl-CVE-2016-7056.patch of Package openssl1
From 249bcf31405e1622d05ef60dc5e73c54efa64f3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cesar=20Pereida=20Garc=C3=ADa?= <cesar.pereidagarcia@tut.fi> Date: Fri, 16 Dec 2016 12:02:19 +0200 Subject: [PATCH] ECDSA vulnerable to cache-timing attack. BN_mod_inverse fails to take constant-time path, thus leaking nonce's information. --- crypto/ecdsa/ecs_ossl.c | 2 ++ 1 file changed, 2 insertions(+) Index: openssl-1.0.1i/crypto/ecdsa/ecs_ossl.c =================================================================== --- openssl-1.0.1i.orig/crypto/ecdsa/ecs_ossl.c 2017-01-31 16:24:19.471506302 +0100 +++ openssl-1.0.1i/crypto/ecdsa/ecs_ossl.c 2017-01-31 16:25:18.936463763 +0100 @@ -155,6 +155,7 @@ static int ecdsa_sign_setup(EC_KEY *ecke if (BN_num_bits(k) <= BN_num_bits(order)) if (!BN_add(k, k, order)) goto err; + BN_set_flags(k, BN_FLG_CONSTTIME); /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {