Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: src/crypto/dist/openssl/crypto/bn



Module Name:    src
Committed By:   adrianp
Date:           Thu Apr 10 14:19:59 UTC 2008

Modified Files:
        src/crypto/dist/openssl/crypto/bn: bn_mont.c

Log Message:
Fix for CVE-2007-3108

The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and
earlier does not properly perform Montgomery multiplication, which might
allow local users to conduct a side-channel attack and retrieve RSA
private keys.


To generate a diff of this commit:
cvs rdiff -r1.1.1.9 -r1.2 src/crypto/dist/openssl/crypto/bn/bn_mont.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



Home | Main Index | Thread Index | Old Index