MFC: Avoid a side-channel cache-timing attack that can leak the ECDSA - openbsd - A mirror of https://github.com/libressl/openbsd.git

diff options

author	jsing <>	2017-01-05 13:27:17 +0000
committer	jsing <>	2017-01-05 13:27:17 +0000
commit	516027e237e5827a6db95bb5d27e5b32019b7bcf (patch)
tree	62ac81fdfaf7a43991efc926d2044e95a1718635 /src/lib/libcrypto/pqueue/pqueue.c
parent	2c50d67497c0ecf1ed12671aeeb4c18c419f95c2 (diff)
download	openbsd-516027e237e5827a6db95bb5d27e5b32019b7bcf.tar.gz openbsd-516027e237e5827a6db95bb5d27e5b32019b7bcf.tar.bz2 openbsd-516027e237e5827a6db95bb5d27e5b32019b7bcf.zip

MFC: Avoid a side-channel cache-timing attack that can leak the ECDSA

private keys when signing. This is due to BN_mod_inverse() being used without the constant time flag being set. This issue was reported by Cesar Pereida Garcia and Billy Brumley (Tampere University of Technology). The fix was developed by Cesar Pereida Garcia.

Diffstat (limited to 'src/lib/libcrypto/pqueue/pqueue.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: