Commit f9cbf470180841966338db1f4c28d99ec4debec4 - openssl

Added const-time flag to DSA key decoding to avoid potential leak of privkey Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4440) (cherry picked from commit 6364475a990449ef33fc270ac00472f7210220f2) Samuel Weiser authored 6 years ago Rich Salz committed 6 years ago

1 changed file(s) with 1 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all

-0

crypto/dsa/dsa_ameth.c less more

257	257	goto dsaerr;
258	258	}
259	259
	260	BN_set_flags(dsa->priv_key, BN_FLG_CONSTTIME);
260	261	if (!BN_mod_exp(dsa->pub_key, dsa->g, dsa->priv_key, dsa->p, ctx)) {
261	262	DSAerr(DSA_F_DSA_PRIV_DECODE, DSA_R_BN_ERROR);
262	263	goto dsaerr;