projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 75e571b) | patch
Fix potential SCA vulnerability in some EC_METHODs
authorNicola Tuveri <nic.tuv@gmail.com>
Sat, 8 Jun 2019 09:48:47 +0000 (12:48 +0300)
committerNicola Tuveri <nic.tuv@gmail.com>
Sun, 5 Jan 2020 08:20:58 +0000 (10:20 +0200)
commit0164bf812f8d4781be383b829d29b698cc8eb8d7
tree5284bd1247bb43cf8d931e07efa16afb79636133tree | snapshot
parent75e571b59298c868763508d60027e4e666dee1c1commit | diff
Fix potential SCA vulnerability in some EC_METHODs

This commit addresses a potential side-channel vulnerability in the
internals of some elliptic curve low level operations.
The side-channel leakage appears to be tiny, so the severity of this
issue is rather low.

The issue was reported by David Schrammel and Samuel Weiser.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9239)
crypto/ec/ecp_nistp224.c diff | blob | history
crypto/ec/ecp_nistp256.c diff | blob | history
crypto/ec/ecp_nistp521.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.