[git] GCRYPT - branch, master, updated. libgcrypt-1.7.3-90-g5a22de9

by Jo Van Bulck cvs at cvs.gnupg.org
Thu Jun 1 15:56:56 CEST 2017

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".

The branch, master has been updated
       via  5a22de904a0a366ae79f03ff1e13a1232a89e26b (commit)
      from  45c39340c9926c2c5801dbab7609687c41e9ff1f (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5a22de904a0a366ae79f03ff1e13a1232a89e26b
Author: Jo Van Bulck <jo.vanbulck at cs.kuleuven.be>
Date:   Thu Jan 19 17:00:15 2017 +0100

    ecc: Store EdDSA session key in secure memory.
    * cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate
    session key.
    An attacker who learns the EdDSA session key from side-channel
    observation during the signing process, can easily revover the long-
    term secret key. Storing the session key in secure memory ensures that
    constant time point operations are used in the MPI library.
    Signed-off-by: Jo Van Bulck <jo.vanbulck at cs.kuleuven.be>

diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
index f91f848..813e030 100644
--- a/cipher/ecc-eddsa.c
+++ b/cipher/ecc-eddsa.c
@@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
   a = mpi_snew (0);
   x = mpi_new (0);
   y = mpi_new (0);
-  r = mpi_new (0);
+  r = mpi_snew (0);
   ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0,
                                      skey->E.p, skey->E.a, skey->E.b);
   b = (ctx->nbits+7)/8;


Summary of changes:
 cipher/ecc-eddsa.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

The GNU crypto library

Gnupg-commits mailing list
Gnupg-commits at gnupg.org

More information about the Gcrypt-devel mailing list