[git] GCRYPT - branch, LIBGCRYPT-1-7-BRANCH, updated. libgcrypt-1.7.6-5-gf9494b3
by Jo Van Bulck
cvs at cvs.gnupg.org
Thu Jun 1 16:21:08 CEST 2017
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU crypto library".
The branch, LIBGCRYPT-1-7-BRANCH has been updated
via f9494b3f258e01b6af8bd3941ce436bcc00afc56 (commit)
from af0d7eeac09e1a240615d4c8ea2a245f211df650 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f9494b3f258e01b6af8bd3941ce436bcc00afc56
Author: Jo Van Bulck <jo.vanbulck at cs.kuleuven.be>
Date: Thu Jan 19 17:00:15 2017 +0100
ecc: Store EdDSA session key in secure memory.
* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate
session key.
--
An attacker who learns the EdDSA session key from side-channel
observation during the signing process, can easily revover the long-
term secret key. Storing the session key in secure memory ensures that
constant time point operations are used in the MPI library.
Signed-off-by: Jo Van Bulck <jo.vanbulck at cs.kuleuven.be>
diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
index f91f848..813e030 100644
--- a/cipher/ecc-eddsa.c
+++ b/cipher/ecc-eddsa.c
@@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
a = mpi_snew (0);
x = mpi_new (0);
y = mpi_new (0);
- r = mpi_new (0);
+ r = mpi_snew (0);
ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0,
skey->E.p, skey->E.a, skey->E.b);
b = (ctx->nbits+7)/8;
-----------------------------------------------------------------------
Summary of changes:
cipher/ecc-eddsa.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
hooks/post-receive
--
The GNU crypto library
http://git.gnupg.org
More information about the Gnupg-commits
mailing list