svn commit: r416823 - in head/security/openssl: . files
Pierre Guinoiseau
pierre at guinoiseau.eu
Mon Jun 13 00:28:04 UTC 2016
Hi,
can you please update the vuxml entry?
Cheers,
Pierre
On 12/06/2016 21:29:58, Dirk Meyer <dinoex at FreeBSD.org> wrote:
> Author: dinoex
> Date: Sun Jun 12 21:29:57 2016
> New Revision: 416823
> URL: https://svnweb.freebsd.org/changeset/ports/416823
>
> Log:
> - Fix DSA, preserve BN_FLG_CONSTTIME
> Security: CVE-2016-2178
>
> Added:
> head/security/openssl/files/patch-dsa_ossl.c (contents, props changed)
> Modified:
> head/security/openssl/Makefile
>
> Modified: head/security/openssl/Makefile
> ==============================================================================
> --- head/security/openssl/Makefile Sun Jun 12 20:49:19 2016 (r416822)
> +++ head/security/openssl/Makefile Sun Jun 12 21:29:57 2016 (r416823)
> @@ -4,7 +4,7 @@
> PORTNAME= openssl
> PORTVERSION= 1.0.2
> DISTVERSIONSUFFIX= h
> -PORTREVISION= 12
> +PORTREVISION= 13
> CATEGORIES= security devel
> MASTER_SITES= http://www.openssl.org/source/ \
> ftp://ftp.openssl.org/source/ \
>
> Added: head/security/openssl/files/patch-dsa_ossl.c
> ==============================================================================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/openssl/files/patch-dsa_ossl.c Sun Jun 12 21:29:57 2016 (r416823)
> @@ -0,0 +1,35 @@
> +
> +Fix DSA, preserve BN_FLG_CONSTTIME
> +
> +Operations in the DSA signing algorithm should run in constant time in
> +order to avoid side channel attacks. A flaw in the OpenSSL DSA
> +implementation means that a non-constant time codepath is followed for
> +certain operations. This has been demonstrated through a cache-timing
> +attack to be sufficient for an attacker to recover the private DSA key.
> +
> +CVE-2016-2178
> +
> +--- crypto/dsa/dsa_ossl.c.orig 2016-05-03 15:44:42.000000000 +0200
> ++++ crypto/dsa/dsa_ossl.c 2016-06-12 22:57:49.000000000 +0200
> +@@ -248,9 +248,6 @@
> + if (!BN_rand_range(&k, dsa->q))
> + goto err;
> + while (BN_is_zero(&k)) ;
> +- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
> +- BN_set_flags(&k, BN_FLG_CONSTTIME);
> +- }
> +
> + if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
> + if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
> +@@ -282,6 +279,11 @@
> + } else {
> + K = &k;
> + }
> ++
> ++ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
> ++ BN_set_flags(&k, BN_FLG_CONSTTIME);
> ++ }
> ++
> + DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
> + dsa->method_mont_p);
> + if (!BN_mod(r, r, dsa->q, ctx))
> _______________________________________________
> svn-ports-all at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/svn-ports-all
> To unsubscribe, send any mail to "svn-ports-all-unsubscribe at freebsd.org"
--
Pierre Guinoiseau <pierre at guinoiseau.eu>
https://segmentationfau.lt/ | +PierreGuinoiseau | @peikk00
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20160613/489fc998/attachment.sig>
More information about the svn-ports-all
mailing list