Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
More fix DSA, preserve BN_FLG_CONSTTIME
The previous "fix" still left "k" exposed to constant time problems in the later BN_mod_inverse() call. Ensure both k and kq have the BN_FLG_CONSTTIME flag set at the earliest opportunity after creation. CVE-2016-2178 Reviewed-by: Rich Salz <rsalz@openssl.org>
- Loading branch information