More fix DSA, preserve BN_FLG_CONSTTIME (3681a455) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 3681a455 authored Jun 07, 2016 by

Matt Caswell

More fix DSA, preserve BN_FLG_CONSTTIME



The previous "fix" still left "k" exposed to constant time problems in
the later BN_mod_inverse() call. Ensure both k and kq have the
BN_FLG_CONSTTIME flag set at the earliest opportunity after creation.

CVE-2016-2178

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit b7d0f283)

parent d168705e

Hide whitespace changes

Inline Side-by-side

Please register or to comment