Avoid a timing side-channel leak when generating DSA and ECDSA signatures. - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2018-06-13 15:05:04 +0000
committer	jsing <>	2018-06-13 15:05:04 +0000
commit	70f6c28ec4997461a2ea714457e95ada1c2287ef (patch)
tree	da8994f3efae63494777101e1c2874396dfd7b32 /src/lib/libcrypto/dsa/dsa_sign.c
parent	60f21d03f2d8bf7428ce8a6df3877e2f33b2409b (diff)
download	openbsd-70f6c28ec4997461a2ea714457e95ada1c2287ef.tar.gz openbsd-70f6c28ec4997461a2ea714457e95ada1c2287ef.tar.bz2 openbsd-70f6c28ec4997461a2ea714457e95ada1c2287ef.zip

Avoid a timing side-channel leak when generating DSA and ECDSA signatures.

This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group. ok beck@ tb@

Diffstat (limited to 'src/lib/libcrypto/dsa/dsa_sign.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: