projects
/
oweals
/
openssl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Fix SCA vulnerability when using PVK and MSBLOB key formats
[oweals/openssl.git]
/
crypto
/
pem
/
pvkfmt.c
diff --git
a/crypto/pem/pvkfmt.c
b/crypto/pem/pvkfmt.c
index e39c2438140d05e0da9b6f29d248cb29fce5e0ff..609e3ad9ca417e7b7efa57777939a3d5ce1d9901 100644
(file)
--- a/
crypto/pem/pvkfmt.c
+++ b/
crypto/pem/pvkfmt.c
@@
-274,6
+274,9
@@
static EVP_PKEY *b2i_dss(const unsigned char **in,
if (!read_lebn(&p, 20, &priv_key))
goto memerr;
+ /* Set constant time flag before public key calculation */
+ BN_set_flags(priv_key, BN_FLG_CONSTTIME);
+
/* Calculate public key */
pub_key = BN_new();
if (pub_key == NULL)