| From 9425e16437439e68c7d96abef922167d68fafaff Mon Sep 17 00:00:00 2001 |
| From: Jeffrey Walton <noloader@gmail.com> |
| Date: Sat, 27 Jun 2015 17:56:01 -0400 |
| Subject: [PATCH] Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for |
| reporting. Squaring to satisfy Jacobi requirements suggested by JPM. |
| |
| --- |
| rw.cpp | 8 +++++++- |
| 1 file changed, 7 insertions(+), 1 deletion(-) |
| |
| diff --git a/rw.cpp b/rw.cpp |
| index cdd9f2d..0b9318b 100644 |
| --- a/rw.cpp |
| +++ b/rw.cpp |
| @@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const |
| DoQuickSanityCheck(); |
| ModularArithmetic modn(m_n); |
| Integer r, rInv; |
| - do { // do this in a loop for people using small numbers for testing |
| + |
| + // do this in a loop for people using small numbers for testing |
| + do { |
| r.Randomize(rng, Integer::One(), m_n - Integer::One()); |
| + // Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting. |
| + // Squaring to satisfy Jacobi requirements suggested by JPM. |
| + r = modn.Square(r); |
| rInv = modn.MultiplicativeInverse(r); |
| } while (rInv.IsZero()); |
| + |
| Integer re = modn.Square(r); |
| re = modn.Multiply(re, x); // blind |
| |