From 867159d65fef4b69f0c1db95cd59203533512e04 Mon Sep 17 00:00:00 2001 From: tb <> Date: Tue, 6 Nov 2018 02:16:13 +0000 Subject: disable EC_POINT coordinate blinding due to failures in ECDHE and TLS --- src/lib/libcrypto/ec/ecp_smpl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/lib') diff --git a/src/lib/libcrypto/ec/ecp_smpl.c b/src/lib/libcrypto/ec/ecp_smpl.c index 24054a51c5..d3fcd99670 100644 --- a/src/lib/libcrypto/ec/ecp_smpl.c +++ b/src/lib/libcrypto/ec/ecp_smpl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ecp_smpl.c,v 1.25 2018/11/06 02:14:39 tb Exp $ */ +/* $OpenBSD: ecp_smpl.c,v 1.26 2018/11/06 02:16:13 tb Exp $ */ /* Includes code written by Lenka Fibikova * for the OpenSSL project. * Includes code written by Bodo Moeller for the OpenSSL project. @@ -1599,8 +1599,10 @@ ec_GFp_simple_mul_ct(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar, * Apply coordinate blinding for EC_POINT if the underlying EC_METHOD * implements it. */ +#if 0 if (!ec_point_blind_coordinates(group, s, ctx)) goto err; +#endif /* top bit is a 1, in a fixed pos */ if (!EC_POINT_copy(r, s)) -- cgit v1.2.3-55-g6feb