projects / oweals / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 04882f7) | patch
[crypto/asn1] Fix multiple SCA vulnerabilities during RSA key validation.
authorCesar Pereida Garcia <cesar.pereidagarcia@tut.fi>
Thu, 5 Sep 2019 09:13:11 +0000 (12:13 +0300)
committerMatt Caswell <matt@openssl.org>
Fri, 6 Sep 2019 15:19:41 +0000 (16:19 +0100)
commit8bb913a3d7c29c189c7ac656c726f4a2bfcdd73b
tree8c6887e7e190a05d6e452ebabb25a84975de5cb9tree | snapshot
parent04882f77a8bb5df8bc9f3f9f82191f487d350be1commit | diff
[crypto/asn1] Fix multiple SCA vulnerabilities during RSA key validation.

This commit addresses multiple side-channel vulnerabilities present
during RSA key validation.
Private key parameters are re-computed using variable-time functions.

This issue was discovered and reported by the NISEC group at TAU Finland.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9779)

(cherry picked from commit 311e903d8468e2a380d371609a10eda71de16c0e)
crypto/asn1/x_bignum.c diff | blob | history
crypto/rsa/rsa_lib.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.