deps: float 26d7fce1 from openssl · nodejs/node@323a365 (original) (raw)
Navigation Menu
- Explore
- Pricing
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Commit 323a365
authored and
committed
deps: float 26d7fce1 from openssl
The fix for CVE-2018-0734, floated in 213c7d2, failed to include a constant-time calculation for one of the variables. This introduces a fix for that. Upstream: openssl/openssl@26d7fce1Original commit message: Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson tjh@openssl.org (Merged from openssl/openssl#7549) (cherry picked from commit 00496b6423605391864fbbd1693f23631a1c5239) PR-URL: #24353Refs: openssl/openssl#7549Reviewed-By: Sam Roberts vieuxtech@gmail.com Reviewed-By: Daniel Bevenius daniel.bevenius@gmail.com
File tree
1 file changed
lines changed
- deps/openssl/openssl/crypto/dsa
1 file changed
lines changed
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -225,6 +225,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, | ||
| 225 | 225 | } while (BN_is_zero(k)); |
| 226 | 226 | |
| 227 | 227 | BN_set_flags(k, BN_FLG_CONSTTIME); |
| 228 | +BN_set_flags(l, BN_FLG_CONSTTIME); | |
| 228 | 229 | |
| 229 | 230 | if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { |
| 230 | 231 | if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, |