src: CVE-2018-0737: Set constant time for rsa computation:

To: source-changes-hg%NetBSD.org@localhost
Subject: src: CVE-2018-0737: Set constant time for rsa computation:
From: christos <christos%NetBSD.org@localhost>
Date: Tue, 17 Apr 2018 17:57:18 +0000

details:   https://anonhg.NetBSD.org/src/rev/6f4e5a23fc02
branches:  trunk
changeset: 318290:6f4e5a23fc02
user:      christos <christos%NetBSD.org@localhost>
date:      Tue Apr 17 14:48:48 2018 +0000
description:
CVE-2018-0737: Set constant time for rsa computation:
https://www.openssl.org/news/vulnerabilities.html
This needs to be pulled up to -8 using:
    https://github.com/openssl/openssl/commit/349a41da1ad88ad87825414752a8ff5fdd6a6c3f

diffstat:

 crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c |  2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diffs (12 lines):

diff -r 9c9d87516449 -r 6f4e5a23fc02 crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c
--- a/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c     Tue Apr 17 12:34:04 2018 +0000
+++ b/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c     Tue Apr 17 14:48:48 2018 +0000
@@ -89,6 +89,8 @@
     if (BN_copy(rsa->e, e_value) == NULL)
         goto err;
 
+    BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
+    BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
     BN_set_flags(r2, BN_FLG_CONSTTIME);
     /* generate p and q */
     for (;;) {

Prev by Date: src: sprinkle #ifdef __dead \n __dead \n #endif for clang
Next by Date: src: nvmectl(8): fix wdc command usage.
Previous by Thread: src: sprinkle #ifdef __dead \n __dead \n #endif for clang
Next by Thread: src: nvmectl(8): fix wdc command usage.
Indexes:

Home | Main Index | Thread Index | Old Index