projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6f34a16) | patch
[crypto/asn1] Fix multiple SCA vulnerabilities during RSA key validation.
authorCesar Pereida Garcia <cesar.pereidagarcia@tut.fi>
Thu, 5 Sep 2019 09:13:11 +0000 (12:13 +0300)
committerMatt Caswell <matt@openssl.org>
Fri, 6 Sep 2019 15:15:55 +0000 (16:15 +0100)
commit2f18596c32d145f194c3d1eac9b9e77b560aad71
tree73c4998506e5ed05c8536c4be17a1a5cc1e5e24ftree | snapshot
parent6f34a16ea9a4d37e11a26dd4c3694ea5b107e53fcommit | diff
[crypto/asn1] Fix multiple SCA vulnerabilities during RSA key validation.

This commit addresses multiple side-channel vulnerabilities present
during RSA key validation.
Private key parameters are re-computed using variable-time functions.

This issue was discovered and reported by the NISEC group at TAU Finland.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9779)
crypto/asn1/x_bignum.c diff | blob | history
crypto/rsa/rsa_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.