File 0006-rsa-rsa_eay.c-make-RSAerr-call-in-rsa_ossl_private_d.patch of Package openssl-1_0_0.21013
From 3b776fd785efb1c0af4b28ad0b8036b23071904d Mon Sep 17 00:00:00 2001
From: Andy Polyakov <appro@openssl.org>
Date: Fri, 30 Nov 2018 21:07:18 +0100
Subject: [PATCH 2/5] rsa/rsa_eay.c: make RSAerr call in
rsa_ossl_private_decrypt unconditional.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 89072e0c2a483f2ad678e723e112712567b0ceb1)
(Merged from https://github.com/openssl/openssl/pull/7737)
---
crypto/rsa/rsa_eay.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Index: openssl-1.0.2p/crypto/rsa/rsa_eay.c
===================================================================
--- openssl-1.0.2p.orig/crypto/rsa/rsa_eay.c 2019-03-05 13:58:42.923220906 +0100
+++ openssl-1.0.2p/crypto/rsa/rsa_eay.c 2019-03-05 13:59:17.427428546 +0100
@@ -116,6 +116,7 @@
#include <openssl/rand.h>
#include "bn_int.h"
#include <openssl/err.h>
+#include "constant_time_locl.h"
#ifdef OPENSSL_FIPS
# include <openssl/fips.h>
#endif
@@ -639,8 +640,8 @@ static int RSA_eay_private_decrypt(int f
RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE);
goto err;
}
- if (r < 0)
- RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED);
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED);
+ err_clear_last_constant_time(r >= 0);
err:
if (ctx != NULL) {