alonbl 15/07/02 19:13:48 Added: crypto++-5.6.2-cve-2015-2141.patch Log: Fix cve-2015-2141, bug#553808 (Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key BF20DC51)
Revision Changes Path 1.1 dev-libs/crypto++/files/crypto++-5.6.2-cve-2015-2141.patch file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/crypto++/files/crypto++-5.6.2-cve-2015-2141.patch?rev=1.1&view=markup plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-libs/crypto++/files/crypto++-5.6.2-cve-2015-2141.patch?rev=1.1&content-type=text/plain Index: crypto++-5.6.2-cve-2015-2141.patch =================================================================== >From 9425e16437439e68c7d96abef922167d68fafaff Mon Sep 17 00:00:00 2001 From: Jeffrey Walton <[email protected]> Date: Sat, 27 Jun 2015 17:56:01 -0400 Subject: [PATCH] Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. Squaring to satisfy Jacobi requirements suggested by JPM. --- rw.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/rw.cpp b/rw.cpp index cdd9f2d..0b9318b 100644 --- a/rw.cpp +++ b/rw.cpp @@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const DoQuickSanityCheck(); ModularArithmetic modn(m_n); Integer r, rInv; - do { // do this in a loop for people using small numbers for testing + + // do this in a loop for people using small numbers for testing + do { r.Randomize(rng, Integer::One(), m_n - Integer::One()); + // Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. + // Squaring to satisfy Jacobi requirements suggested by JPM. + r = modn.Square(r); rInv = modn.MultiplicativeInverse(r); } while (rInv.IsZero()); + Integer re = modn.Square(r); re = modn.Multiply(re, x); // blind
