Module Name: src
Committed By: christos
Date: Tue Apr 17 14:48:49 UTC 2018
Modified Files:
src/crypto/external/bsd/openssl/dist/crypto/rsa: rsa_gen.c
Log Message:
CVE-2018-0737: Set constant time for rsa computation:
https://www.openssl.org/news/vulnerabilities.html
This needs to be pulled up to -8 using:
https://github.com/openssl/openssl/commit/349a41da1ad88ad87825414752a8ff5fdd6a6c3f
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.8 -r1.2 \
src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c
diff -u src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c:1.1.1.8 src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c:1.2
--- src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c:1.1.1.8 Fri Apr 6 18:49:16 2018
+++ src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c Tue Apr 17 10:48:48 2018
@@ -89,6 +89,8 @@ static int rsa_builtin_keygen(RSA *rsa,
if (BN_copy(rsa->e, e_value) == NULL)
goto err;
+ BN_set_flags(rsa->p, BN_FLG_CONSTTIME);
+ BN_set_flags(rsa->q, BN_FLG_CONSTTIME);
BN_set_flags(r2, BN_FLG_CONSTTIME);
/* generate p and q */
for (;;) {
