[git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-90-g5a22de9
by Jo Van Bulck
cvs at cvs.gnupg.org
Thu Jun 1 15:56:56 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, master has been updated
via 5a22de904a0a366ae79f03ff1e13a1232a89e26b (commit)
from 45c39340c9926c2c5801dbab7609687c41e9ff1f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5a22de904a0a366ae79f03ff1e13a1232a89e26b
Author: Jo Van Bulck <jo.vanbulck at cs.kuleuven.be>
Date: Thu Jan 19 17:00:15 2017 +0100
ecc: Store EdDSA session key in secure memory.
* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate
session key.
--
An attacker who learns the EdDSA session key from side-channel
observation during the signing process, can easily revover the long-
term secret key. Storing the session key in secure memory ensures that
constant time point operations are used in the MPI library.
Signed-off-by: Jo Van Bulck <jo.vanbulck at cs.kuleuven.be>
diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
index f91f848..813e030 100644
--- a/cipher/ecc-eddsa.c
+++ b/cipher/ecc-eddsa.c
@@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
a = mpi_snew (0);
x = mpi_new (0);
y = mpi_new (0);
- r = mpi_new (0);
+ r = mpi_snew (0);
ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0,
skey->E.p, skey->E.a, skey->E.b);
b = (ctx->nbits+7)/8;
-----------------------------------------------------------------------
Summary of changes:
cipher/ecc-eddsa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
_______________________________________________
Gnupg-commits mailing list
Gnupg-commits at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-commits
More information about the Gcrypt-devel
mailing list