auth/rsa: side-step potential side-channel

author Alexander Sosedkin <asosedkin@redhat.com>

Tue, 9 Aug 2022 14:05:53 +0000 (16:05 +0200)

committer Hubert Kario <hkario@redhat.com>

Wed, 8 Feb 2023 11:44:36 +0000 (12:44 +0100)
author Alexander Sosedkin <asosedkin@redhat.com>
Tue, 9 Aug 2022 14:05:53 +0000 (16:05 +0200)
committer Hubert Kario <hkario@redhat.com>
Wed, 8 Feb 2023 11:44:36 +0000 (12:44 +0100)
diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c

index 62c86e470aaa77d11101d6d56209a24ada0e5382..562518d93ed265c244fb92fbc1d0fc96534f4daa 100644 (file)
--- a/lib/auth/rsa.c
+++ b/lib/auth/rsa.c
@@ -154,7 +154,6 @@ _gnutls_get_public_rsa_params(gnutls_session_t session,
  static int
  proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
  {
-       const char attack_error[] = "auth_rsa: Possible PKCS #1 attack\n";
         gnutls_datum_t ciphertext;
         int ret, dsize;
         ssize_t data_size = _data_size;
@@ -234,15 +233,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
         ok &= CONSTCHECK_NOT_EQUAL(check_ver_min, 0) &
             CONSTCHECK_EQUAL(session->key.key.data[1], ver_min);
  
-       if (ok) {
-               /* call logging function unconditionally so all branches are
-                * indistinguishable for timing and cache access when debug
-                * logging is disabled */
-               _gnutls_no_log("%s", attack_error);
-       } else {
-               _gnutls_debug_log("%s", attack_error);
-       }
-
         /* This is here to avoid the version check attack
          * discussed above.
          */
author	Alexander Sosedkin <asosedkin@redhat.com>
	Tue, 9 Aug 2022 14:05:53 +0000 (16:05 +0200)
committer	Hubert Kario <hkario@redhat.com>
	Wed, 8 Feb 2023 11:44:36 +0000 (12:44 +0100)