[git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.21-15-g6b4abf1
by NIIBE Yutaka
cvs at cvs.gnupg.org
Fri Jul 7 14:56:56 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-1-4 has been updated
via 6b4abf1d491d30a6bdaeb2c425c780cacd65bab4 (commit)
via 1b1f44846b5f21a80ed101f2284ce5f6e8849ee7 (commit)
via 994d5b707559a800a650dc7f273372f509d74780 (commit)
via 8fd9f72e1b2e578e45c98c978cab4f6d47683d2c (commit)
from 554ded4854758bf6ca268432fa087f946932a409 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6b4abf1d491d30a6bdaeb2c425c780cacd65bab4
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Jul 7 21:53:12 2017 +0900
gpg: Fix memory leak.
* g10/textfilter.c (copy_clearsig_text): Free the buffer.
--
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
(backport from master commit:
6b9a89e4c7d6f19de62e0a908a8d80c98bf99819)
diff --git a/g10/textfilter.c b/g10/textfilter.c
index 79f2f67..a92a53d 100644
--- a/g10/textfilter.c
+++ b/g10/textfilter.c
@@ -245,5 +245,6 @@ copy_clearsig_text( IOBUF out, IOBUF inp, MD_HANDLE md,
if( truncated )
log_info(_("input line longer than %d characters\n"), MAX_LINELEN );
+ xfree (buffer);
return 0; /* okay */
}
commit 1b1f44846b5f21a80ed101f2284ce5f6e8849ee7
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Jul 7 21:51:42 2017 +0900
rsa: Reduce secmem pressure.
* cipher/rsa.c (secret): Don't keep secmem.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 84a1af0..51b7640 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -341,22 +341,29 @@ secret(MPI output, MPI input, RSA_secret_key *skey )
mpi_set_highbit (rr, rr_nbits - 1);
mpi_sub_ui( h, skey->p, 1 );
mpi_mul ( D_blind, h, rr );
+ mpi_free ( rr );
mpi_fdiv_r( h, skey->d, h );
mpi_add ( D_blind, D_blind, h );
+ mpi_free ( h );
mpi_powm ( m1, input, D_blind, skey->p );
+ h = mpi_alloc_secure (nlimbs);
+ rr = mpi_alloc_secure ( (rr_nbits + BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+
/* d_blind = (d mod (q-1)) + (q-1) * r */
/* m2 = c ^ d_blind mod q */
randomize_mpi (rr, rr_nbits, 0);
mpi_set_highbit (rr, rr_nbits - 1);
mpi_sub_ui( h, skey->q, 1 );
mpi_mul ( D_blind, h, rr );
+ mpi_free ( rr );
mpi_fdiv_r( h, skey->d, h );
mpi_add ( D_blind, D_blind, h );
+ mpi_free ( h );
mpi_powm ( m2, input, D_blind, skey->q );
- mpi_free ( rr );
mpi_free ( D_blind );
+ h = mpi_alloc_secure (nlimbs);
/* h = u * ( m2 - m1 ) mod q */
mpi_sub( h, m2, m1 );
commit 994d5b707559a800a650dc7f273372f509d74780
Author: NIIBE Yutaka <gniibe at fsij.org>
Date: Fri Jul 7 21:20:56 2017 +0900
rsa: Allow different build directory.
* cipher/Makefile.am (AM_CPPFLAGS): Add mpi dirs.
* cipher/rsa.c: Change include file.
Signed-off-by: NIIBE Yutaka <gniibe at fsij.org>
diff --git a/cipher/Makefile.am b/cipher/Makefile.am
index 6b923b2..bd79fbc 100644
--- a/cipher/Makefile.am
+++ b/cipher/Makefile.am
@@ -17,7 +17,7 @@
# along with this program; if not, see <http://www.gnu.org/licenses/>.
## Process this file with automake to produce Makefile.in
-AM_CPPFLAGS = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl
+AM_CPPFLAGS = -I.. -I$(top_srcdir)/include -I$(top_srcdir)/intl -I$(top_srcdir)/mpi -I../mpi
if ! HAVE_DOSISH_SYSTEM
AM_CPPFLAGS += -DGNUPG_LIBDIR="\"$(libdir)/@PACKAGE@\""
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 5d7b4f7..84a1af0 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -29,7 +29,7 @@
#include <string.h>
#include "util.h"
#include "mpi.h"
-#include "../mpi/mpi-internal.h"
+#include "mpi-internal.h"
#include "cipher.h"
#include "rsa.h"
commit 8fd9f72e1b2e578e45c98c978cab4f6d47683d2c
Author: Marcus Brinkmann <mb at g10code.com>
Date: Fri Jul 7 21:03:10 2017 +0900
rsa: Add exponent blinding.
* cipher/rsa.c (secret_core_crt): Blind secret D with randomized
nonce R for mpi_powm computation.
--
Backport of libgcrypt 8725c99ffa41778f382ca97233183bcd687bb0ce.
Signed-off-by: Marcus Brinkmann <mb at g10code.com>
diff --git a/cipher/rsa.c b/cipher/rsa.c
index 5efab1d..5d7b4f7 100644
--- a/cipher/rsa.c
+++ b/cipher/rsa.c
@@ -29,6 +29,7 @@
#include <string.h>
#include "util.h"
#include "mpi.h"
+#include "../mpi/mpi-internal.h"
#include "cipher.h"
#include "rsa.h"
@@ -325,14 +326,38 @@ secret(MPI output, MPI input, RSA_secret_key *skey )
# endif /* USE_BLINDING */
/* RSA secret operation: */
- /* m1 = c ^ (d mod (p-1)) mod p */
+ MPI D_blind = mpi_alloc_secure (nlimbs);
+ MPI rr;
+ unsigned int rr_nbits;
+
+ rr_nbits = mpi_get_nbits (skey->p) / 4;
+ if (rr_nbits < 96)
+ rr_nbits = 96;
+ rr = mpi_alloc_secure ( (rr_nbits + BITS_PER_MPI_LIMB-1)/BITS_PER_MPI_LIMB );
+
+ /* d_blind = (d mod (p-1)) + (p-1) * r */
+ /* m1 = c ^ d_blind mod p */
+ randomize_mpi (rr, rr_nbits, 0);
+ mpi_set_highbit (rr, rr_nbits - 1);
mpi_sub_ui( h, skey->p, 1 );
+ mpi_mul ( D_blind, h, rr );
mpi_fdiv_r( h, skey->d, h );
- mpi_powm( m1, input, h, skey->p );
- /* m2 = c ^ (d mod (q-1)) mod q */
+ mpi_add ( D_blind, D_blind, h );
+ mpi_powm ( m1, input, D_blind, skey->p );
+
+ /* d_blind = (d mod (q-1)) + (q-1) * r */
+ /* m2 = c ^ d_blind mod q */
+ randomize_mpi (rr, rr_nbits, 0);
+ mpi_set_highbit (rr, rr_nbits - 1);
mpi_sub_ui( h, skey->q, 1 );
+ mpi_mul ( D_blind, h, rr );
mpi_fdiv_r( h, skey->d, h );
- mpi_powm( m2, input, h, skey->q );
+ mpi_add ( D_blind, D_blind, h );
+ mpi_powm ( m2, input, D_blind, skey->q );
+
+ mpi_free ( rr );
+ mpi_free ( D_blind );
+
/* h = u * ( m2 - m1 ) mod q */
mpi_sub( h, m2, m1 );
if ( mpi_is_neg( h ) )
-----------------------------------------------------------------------
Summary of changes:
cipher/Makefile.am | 2 +-
cipher/rsa.c | 40 ++++++++++++++++++++++++++++++++++++----
g10/textfilter.c | 1 +
3 files changed, 38 insertions(+), 5 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list