deps: float 26d7fce1 from openssl (CVE-2018-0734 follow-on)

rvagg · rvagg · commit 8d77cc18de29 · 2018-11-14T14:22:27.000+11:00
The fix for CVE-2018-0734, floated in 213c7d2, failed to include a constant-time calculation for one of the variables. This introduces a fix for that. Ref: openssl/openssl#7549 Ref: nodejs#24353 Upstream: openssl/openssl@26d7fce1 Original commit message: Add a constant time flag to one of the bignums to avoid a timing leak. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from openssl/openssl#7549) (cherry picked from commit 00496b6423605391864fbbd1693f23631a1c5239)
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_ossl.c b/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
@@ -295,9 +295,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
 
     if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
         BN_set_flags(&k, BN_FLG_CONSTTIME);
+        BN_set_flags(&l, BN_FLG_CONSTTIME);
     }
 
-
     if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
         if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
                                     CRYPTO_LOCK_DSA, dsa->p, ctx))

Original file line number	Diff line number	Diff line change
`@@ -295,9 +295,9 @@ static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM **kinvp,`
`295`	`295`
`296`	`296`	`if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {`
`297`	`297`	`BN_set_flags(&k, BN_FLG_CONSTTIME);`
	`298`	`+ BN_set_flags(&l, BN_FLG_CONSTTIME);`
`298`	`299`	`}`
`299`	`300`
`300`		`-`
`301`	`301`	`if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {`
`302`	`302`	`if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,`
`303`	`303`	`CRYPTO_LOCK_DSA, dsa->p, ctx))`