c921472ddf
- OpenSSL Security Advisory [30 October 2018]
* Timing vulnerability in ECDSA signature generation
(bsc#1113651, CVE-2018-0735)
* Timing vulnerability in DSA signature generation
(bsc#1113652, CVE-2018-0734)
* And more timing fixes
- Add patches:
* openssl-CVE-2018-0734.patch
* openssl-CVE-2018-0735.patch
* 0001-DSA-mod-inverse-fix.patch
* 0001-Add-a-constant-time-flag-to-one-of-the-bignums-to-av.patch
- Fix infinite loop in DSA generation with incorrect parameters
(bsc#1112209)
* 0001-DSA-Check-for-sanity-of-input-parameters.patch
OBS-URL: https://build.opensuse.org/request/show/646414
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=24
36 lines
1.1 KiB
Diff
36 lines
1.1 KiB
Diff
From 3afd38b277a806b901e039c6ad281c5e5c97ef67 Mon Sep 17 00:00:00 2001
|
|
From: Vitezslav Cizek <vcizek@suse.com>
|
|
Date: Thu, 25 Oct 2018 13:53:26 +0200
|
|
Subject: [PATCH] DSA: Check for sanity of input parameters
|
|
|
|
dsa_builtin_paramgen2 expects the L parameter to be greater than N,
|
|
otherwise the generation will get stuck in an infinite loop.
|
|
|
|
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
|
|
Reviewed-by: Paul Dale <paul.dale@oracle.com>
|
|
(Merged from https://github.com/openssl/openssl/pull/7493)
|
|
---
|
|
crypto/dsa/dsa_gen.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
|
|
index 46f4f01ee0..383d853b6d 100644
|
|
--- a/crypto/dsa/dsa_gen.c
|
|
+++ b/crypto/dsa/dsa_gen.c
|
|
@@ -327,6 +327,12 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N,
|
|
if (mctx == NULL)
|
|
goto err;
|
|
|
|
+ /* make sure L > N, otherwise we'll get trapped in an infinite loop */
|
|
+ if (L <= N) {
|
|
+ DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS);
|
|
+ goto err;
|
|
+ }
|
|
+
|
|
if (evpmd == NULL) {
|
|
if (N == 160)
|
|
evpmd = EVP_sha1();
|
|
--
|
|
2.19.1
|
|
|