Verified Commit 9aa88e76 authored by Michal Hrusecky's avatar Michal Hrusecky 🐉
Browse files

openssl: Fix CVE-2016-7056

parent 9321936f
......@@ -11,7 +11,7 @@ PKG_NAME:=openssl
PKG_BASE:=1.0.2
PKG_BUGFIX:=j
PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_USE_MIPS16:=0
PKG_BUILD_PARALLEL:=1
......
--- a/crypto/ecdsa/ecs_ossl.c
+++ b/crypto/ecdsa/ecs_ossl.c
@@ -147,6 +147,8 @@ static int ecdsa_sign_setup(EC_KEY *ecke
if (!BN_add(k, k, order))
goto err;
+ BN_set_flags(k, BN_FLG_CONSTTIME);
+
/* compute r the x-coordinate of generator * k */
if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment