Commit 43e6a58d authored by Pauli's avatar Pauli
Browse files

Merge DSA reallocation timing fix CVE-2018-0734. 



Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7513)
parent 896e8c57

crypto/dsa/dsa_ossl.c

+1 −1
Original line number Diff line number Diff line
@@ -279,7 +279,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, 
        goto err;



    /* Preallocate space */

    q_bits = BN_num_bits(dsa->q);

    q_bits = BN_num_bits(dsa->q) + sizeof(dsa->q->d[0]) * 16;

    if (!BN_set_bit(&k, q_bits)

        || !BN_set_bit(&l, q_bits)

        || !BN_set_bit(&m, q_bits))