auth/rsa: side-step potential side-channel

author Alexander Sosedkin <asosedkin@redhat.com>

Tue, 9 Aug 2022 14:05:53 +0000 (16:05 +0200)

committer Zoltan Fridrich <zfridric@redhat.com>

Thu, 9 Feb 2023 09:58:51 +0000 (10:58 +0100)
author Alexander Sosedkin <asosedkin@redhat.com>
Tue, 9 Aug 2022 14:05:53 +0000 (16:05 +0200)
committer Zoltan Fridrich <zfridric@redhat.com>
Thu, 9 Feb 2023 09:58:51 +0000 (10:58 +0100)
diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c

index 8108ee841d05bcef9f9e77828306ce6ca3d45533..6b158bacb246722f29a6910f081c38fad2e18bde 100644 (file)
--- a/lib/auth/rsa.c
+++ b/lib/auth/rsa.c
@@ -155,7 +155,6 @@ static int
  proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
                    size_t _data_size)
  {
-       const char attack_error[] = "auth_rsa: Possible PKCS #1 attack\n";
         gnutls_datum_t ciphertext;
         int ret, dsize;
         ssize_t data_size = _data_size;
@@ -235,15 +234,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
         ok &= CONSTCHECK_NOT_EQUAL(check_ver_min, 0) &
                 CONSTCHECK_EQUAL(session->key.key.data[1], ver_min);
  
-       if (ok) {
-               /* call logging function unconditionally so all branches are
-                * indistinguishable for timing and cache access when debug
-                * logging is disabled */
-               _gnutls_no_log("%s", attack_error);
-       } else {
-               _gnutls_debug_log("%s", attack_error);
-       }
-
         /* This is here to avoid the version check attack
          * discussed above.
          */
author	Alexander Sosedkin <asosedkin@redhat.com>
	Tue, 9 Aug 2022 14:05:53 +0000 (16:05 +0200)
committer	Zoltan Fridrich <zfridric@redhat.com>
	Thu, 9 Feb 2023 09:58:51 +0000 (10:58 +0100)