[openssl] OpenSSL_1_1_1-stable update
bernd.edlinger at hotmail.de
bernd.edlinger at hotmail.de
Thu Mar 7 22:00:04 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 930e031052220776d41bcc20a72d0f276127fb74 (commit)
from 25e410ee3cbc93b5838f666423c428cdd1206820 (commit)
- Log -----------------------------------------------------------------
commit 930e031052220776d41bcc20a72d0f276127fb74
Author: Bernd Edlinger <bernd.edlinger at hotmail.de>
Date: Sun Mar 3 10:36:57 2019 +0100
Do the error handling in pkey_rsa_decrypt in constant time
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/8365)
(cherry picked from commit 049e64cbb08df1fbf256bb79e950e8d0959de091)
-----------------------------------------------------------------------
Summary of changes:
crypto/rsa/rsa_pmeth.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index c10669f..5c0efc8 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -7,6 +7,8 @@
* https://www.openssl.org/source/license.html
*/
+#include "internal/constant_time_locl.h"
+
#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1t.h>
@@ -340,10 +342,9 @@ static int pkey_rsa_decrypt(EVP_PKEY_CTX *ctx,
ret = RSA_private_decrypt(inlen, in, out, ctx->pkey->pkey.rsa,
rctx->pad_mode);
}
- if (ret < 0)
- return ret;
- *outlen = ret;
- return 1;
+ *outlen = constant_time_select_s(constant_time_msb_s(ret), *outlen, ret);
+ ret = constant_time_select_int(constant_time_msb(ret), ret, 1);
+ return ret;
}
static int check_padding_md(const EVP_MD *md, int padding)
More information about the openssl-commits
mailing list