Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
openssl
openssl-CVE-2016-7056.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssl-CVE-2016-7056.patch of Package openssl
From 249bcf31405e1622d05ef60dc5e73c54efa64f3c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cesar=20Pereida=20Garc=C3=ADa?= <cesar.pereidagarcia@tut.fi> Date: Fri, 16 Dec 2016 12:02:19 +0200 Subject: [PATCH] ECDSA vulnerable to cache-timing attack. BN_mod_inverse fails to take constant-time path, thus leaking nonce's information. --- crypto/ecdsa/ecs_ossl.c | 2 ++ 1 file changed, 2 insertions(+) Index: openssl-1.0.1i/crypto/ecdsa/ecs_ossl.c =================================================================== --- openssl-1.0.1i.orig/crypto/ecdsa/ecs_ossl.c 2017-01-31 16:24:19.471506302 +0100 +++ openssl-1.0.1i/crypto/ecdsa/ecs_ossl.c 2017-01-31 16:25:18.936463763 +0100 @@ -155,6 +155,7 @@ static int ecdsa_sign_setup(EC_KEY *ecke if (BN_num_bits(k) <= BN_num_bits(order)) if (!BN_add(k, k, order)) goto err; + BN_set_flags(k, BN_FLG_CONSTTIME); /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor