Make BN_num_bits_word() constant time. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	tb <>	2019-06-17 17:11:48 +0000
committer	tb <>	2019-06-17 17:11:48 +0000
commit	a58a6d90c7fa6ece9183c620ed89abddbd00699d (patch)
tree	a4ed0e1c301397364b5fd748784feb51f7b6e36c /src/lib/libc/stdlib/atof.c
parent	c7305ad941e6223f20a1f38219e82ac0fb4f5f77 (diff)
download	openbsd-a58a6d90c7fa6ece9183c620ed89abddbd00699d.tar.gz openbsd-a58a6d90c7fa6ece9183c620ed89abddbd00699d.tar.bz2 openbsd-a58a6d90c7fa6ece9183c620ed89abddbd00699d.zip

Make BN_num_bits_word() constant time.

Previously, this function would leak the most significant word of its argument due to branching and memory access pattern. This patch is enough to fix the use of BN_num_bits() on RSA prime factors in the library. The diff is a simplified and more readable (but perhaps less efficient) version of https://github.com/openssl/openssl/commit/972c87df by Andy Polyakov and David Benjamin (pre license change). Consult that commit message for details. Subsequent fixes to follow in the near future. Issue pointed out by David Schrammel and Samuel Weiser as part of a larger report. tests & ok inoguchi, ok jsing

Diffstat (limited to 'src/lib/libc/stdlib/atof.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: