diff options
author | noloader <noloader@57ff6487-cd31-0410-9ec3-f628ee90f5f0> | 2015-06-27 21:52:57 +0000 |
---|---|---|
committer | noloader <noloader@57ff6487-cd31-0410-9ec3-f628ee90f5f0> | 2015-06-27 21:52:57 +0000 |
commit | 1474faab25ee0d59f75c450abe47542f0747e21d (patch) | |
tree | 25fa3b876c07a36ac859928c8577ca626a691515 /rw.cpp | |
parent | 2636b5cd3df492830d3546c4d8934a971d3150c7 (diff) | |
download | cryptopp-1474faab25ee0d59f75c450abe47542f0747e21d.tar.gz |
Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. Squaring to satisfy Jacobi requirements suggested by JPM.
git-svn-id: svn://svn.code.sf.net/p/cryptopp/code/trunk/c5@542 57ff6487-cd31-0410-9ec3-f628ee90f5f0
Diffstat (limited to 'rw.cpp')
-rw-r--r-- | rw.cpp | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const DoQuickSanityCheck(); ModularArithmetic modn(m_n); Integer r, rInv; - do { // do this in a loop for people using small numbers for testing + + // do this in a loop for people using small numbers for testing + do { r.Randomize(rng, Integer::One(), m_n - Integer::One()); + // Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. + // Squaring to satisfy Jacobi requirements suggested by JPM. + r = modn.Square(r); rInv = modn.MultiplicativeInverse(r); } while (rInv.IsZero()); + Integer re = modn.Square(r); re = modn.Multiply(re, x); // blind |