projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 43e6a58) | patch
Merge to 1.0.2: DSA mod inverse fix.
authorPauli <paul.dale@oracle.com>
Sun, 28 Oct 2018 21:18:09 +0000 (07:18 +1000)
committerPauli <paul.dale@oracle.com>
Mon, 29 Oct 2018 21:30:12 +0000 (07:30 +1000)
commitebf65dbe1a67682d7e1f58db9c53ef737fb37f32
tree2ab91c8a306cc02a9250d59ade99b59ee9d45c34tree | snapshot
parent43e6a58d4991a451daf4891ff05a48735df871accommit | diff
Merge to 1.0.2: DSA mod inverse fix.

There is a side channel attack against the division used to calculate one of
the modulo inverses in the DSA algorithm. This change takes advantage of the
primality of the modulo and Fermat's little theorem to calculate the inverse
without leaking information.

Thanks to Samuel Weiser for finding and reporting this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7512)
crypto/dsa/dsa_ossl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.