From dff94dba75490d03926e77be9f2da3bcf4485820 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 11 Sep 2025 18:40:34 +0200 Subject: [PATCH] SM2: Use constant time modular inversion Fixes CVE-2025-9231 Issue and a proposed fix reported by Stanislav Fort (Aisle Research). Reviewed-by: Neil Horman Reviewed-by: Matt Caswell --- crypto/ec/ecp_sm2p256.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/ec/ecp_sm2p256.c b/crypto/ec/ecp_sm2p256.c index aabe74b6e42..d75230a6510 100644 --- a/crypto/ec/ecp_sm2p256.c +++ b/crypto/ec/ecp_sm2p256.c @@ -747,7 +747,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void) ossl_ec_GFp_simple_point_copy, ossl_ec_GFp_simple_point_set_to_infinity, ossl_ec_GFp_simple_point_set_affine_coordinates, - ecp_sm2p256_get_affine, + ossl_ec_GFp_simple_point_get_affine_coordinates, 0, 0, 0, ossl_ec_GFp_simple_add, ossl_ec_GFp_simple_dbl, @@ -763,7 +763,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void) ecp_sm2p256_field_mul, ecp_sm2p256_field_sqr, 0 /* field_div */, - 0 /* field_inv */, + ossl_ec_GFp_simple_field_inv, 0 /* field_encode */, 0 /* field_decode */, 0 /* field_set_to_one */, @@ -779,7 +779,7 @@ const EC_METHOD *EC_GFp_sm2p256_method(void) ossl_ecdsa_simple_sign_setup, ossl_ecdsa_simple_sign_sig, ossl_ecdsa_simple_verify_sig, - ecp_sm2p256_inv_mod_ord, + 0, /* use constant‑time fallback for inverse mod order */ 0, /* blind_coordinates */ 0, /* ladder_pre */ 0, /* ladder_step */ -- 2.47.3