MFC: Avoid a timing side-channel leak when generating DSA and ECDSA - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2018-06-13 15:07:19 +0000
committer	jsing <>	2018-06-13 15:07:19 +0000
commit	b6faac1f1a48896c4bea8877382f91ff23c964f7 (patch)
tree	ece62a633ca8cf87cfaec3ac556b1af956a6c209 /src/lib/libcrypto/buffer
parent	ba88944626ec9297c3c8cfa668f42b664c45a9cc (diff)
download	openbsd-b6faac1f1a48896c4bea8877382f91ff23c964f7.tar.gz openbsd-b6faac1f1a48896c4bea8877382f91ff23c964f7.tar.bz2 openbsd-b6faac1f1a48896c4bea8877382f91ff23c964f7.zip

MFC: Avoid a timing side-channel leak when generating DSA and ECDSA

signatures. This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group. ok beck@ tb@

Diffstat (limited to 'src/lib/libcrypto/buffer')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: