Module Name: src Committed By: christos Date: Tue Apr 17 14:48:49 UTC 2018
Modified Files: src/crypto/external/bsd/openssl/dist/crypto/rsa: rsa_gen.c Log Message: CVE-2018-0737: Set constant time for rsa computation: https://www.openssl.org/news/vulnerabilities.html This needs to be pulled up to -8 using: https://github.com/openssl/openssl/commit/349a41da1ad88ad87825414752a8ff5fdd6a6c3f To generate a diff of this commit: cvs rdiff -u -r1.1.1.8 -r1.2 \ src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c diff -u src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c:1.1.1.8 src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c:1.2 --- src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c:1.1.1.8 Fri Apr 6 18:49:16 2018 +++ src/crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c Tue Apr 17 10:48:48 2018 @@ -89,6 +89,8 @@ static int rsa_builtin_keygen(RSA *rsa, if (BN_copy(rsa->e, e_value) == NULL) goto err; + BN_set_flags(rsa->p, BN_FLG_CONSTTIME); + BN_set_flags(rsa->q, BN_FLG_CONSTTIME); BN_set_flags(r2, BN_FLG_CONSTTIME); /* generate p and q */ for (;;) {