Angel Yankov
ccaf0616a1
* potential leak of secret key of ElGamal encryption via fault injection * Added patch libcryptopp-CVE-2024-28285.patch * https://github.com/weidai11/cryptopp/issues/1262 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libcryptopp?expand=0&rev=83
27 lines
1.2 KiB
Diff
27 lines
1.2 KiB
Diff
commit 2472be710f8518caab1f62999c50970b475f162f
|
|
Author: Angel Yankov <angel.yankov@suse.com>
|
|
Date: Wed May 28 16:17:10 2025 +0300
|
|
|
|
Fix ElGamal side channel issue
|
|
|
|
Index: cryptopp-CRYPTOPP_8_9_0/pubkey.h
|
|
===================================================================
|
|
--- cryptopp-CRYPTOPP_8_9_0.orig/pubkey.h
|
|
+++ cryptopp-CRYPTOPP_8_9_0/pubkey.h
|
|
@@ -1855,7 +1855,14 @@ public:
|
|
SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
|
|
derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
|
|
|
|
- return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
|
|
+ DecodingResult res = encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
|
|
+ Element z2 = agreeAlg.AgreeWithStaticPrivateKey(params, q, true, key.GetPrivateExponent());
|
|
+ if (z == z2) {
|
|
+ } else {
|
|
+ return DecodingResult();
|
|
+ }
|
|
+ return res;
|
|
+
|
|
}
|
|
catch (DL_BadElement &)
|
|
{
|