]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6a7bad0) | patch
[crypto/rsa] Fix multiple SCA vulnerabilities during RSA key validation.
authorCesar Pereida Garcia <cesar.pereidagarcia@tut.fi>
Thu, 5 Sep 2019 14:47:40 +0000 (17:47 +0300)
committerMatt Caswell <matt@openssl.org>
Mon, 9 Sep 2019 07:16:47 +0000 (08:16 +0100)
commitadaebd81a01e2926a3106feec0476db7c8d7b362
tree51b5bafbcb1beabc08c2e25b87a5cb6342017387tree | snapshot
parent6a7bad0fd7a2125d075e459b33145d4ce5ee0de9commit | diff
[crypto/rsa] Fix multiple SCA vulnerabilities during RSA key validation.

This commit addresses multiple side-channel vulnerabilities present during RSA key validation.
Private key parameters are re-computed using variable-time functions.

This issue was discovered and reported by the NISEC group at TAU Finland.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9785)
crypto/rsa/rsa_chk.c diff | blob | blame | history
A mirror of the official openssl repository