File openssl-CVE-2018-0737.patch of Package openssl1

Squash of OpenSSL_1_0_2-stable commits:
0b199a883e9170cdfe8e61c150bbaf8d8951f3e7
64eb614ccc7ccf30cc412b736f509f1d82bbf897
0d6710289307d277ebc3354105c965b6e8ba8eb0
349a41da1ad88ad87825414752a8ff5fdd6a6c3f

Index: openssl-1.0.1g/crypto/rsa/rsa_gen.c
===================================================================
--- openssl-1.0.1g.orig/crypto/rsa/rsa_gen.c	2014-03-17 17:14:20.000000000 +0100
+++ openssl-1.0.1g/crypto/rsa/rsa_gen.c	2018-08-09 17:43:53.736356903 +0200
@@ -104,6 +104,7 @@ static int rsa_builtin_keygen(RSA *rsa,
 	BIGNUM *pr0,*d,*p;
 	int bitsp,bitsq,ok= -1,n=0;
 	BN_CTX *ctx=NULL;
+	unsigned long error = 0;
 
 	ctx=BN_CTX_new();
 	if (ctx == NULL) goto err;
@@ -129,14 +130,28 @@ static int rsa_builtin_keygen(RSA *rsa,
 
 	BN_copy(rsa->e, e_value);
 
+	BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
+	BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
+	BN_set_flags(r2, BN_FLG_CONSTTIME);
 	/* generate p and q */
 	for (;;)
 		{
 		if(!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb))
 			goto err;
 		if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
-		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
-		if (BN_is_one(r1)) break;
+        	ERR_set_mark();
+        	if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+            		/* GCD == 1 since inverse exists */
+             		break;
+        	}
+        	error = ERR_peek_last_error();
+        	if (ERR_GET_LIB(error) == ERR_LIB_BN
+            	&& ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+            	/* GCD != 1 */
+            	ERR_pop_to_mark();
+        	} else {
+            		goto err;
+        	}
 		if(!BN_GENCB_call(cb, 2, n++))
 			goto err;
 		}
@@ -160,9 +175,19 @@ static int rsa_builtin_keygen(RSA *rsa,
 			goto err;
 			}
 		if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
-		if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
-		if (BN_is_one(r1))
-			break;
+        	ERR_set_mark();
+        	if (BN_mod_inverse(r1, r2, rsa->e, ctx) != NULL) {
+            		/* GCD == 1 since inverse exists */
+            		break;
+        	}
+        	error = ERR_peek_last_error();
+        	if (ERR_GET_LIB(error) == ERR_LIB_BN
+            	&& ERR_GET_REASON(error) == BN_R_NO_INVERSE) {
+            		/* GCD != 1 */
+            		ERR_pop_to_mark();
+        	} else {
+            	goto err;
+        	}
 		if(!BN_GENCB_call(cb, 2, n++))
 			goto err;
 		}