Remove unnecessary loop in pkey_rsa_decrypt. (237bc6c9) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Commit 237bc6c9 authored Apr 26, 2017 by

Bernd Edlinger Committed by Rich Salz Apr 26, 2017

Remove unnecessary loop in pkey_rsa_decrypt.



It is not necessary to remove leading zeros here because
RSA_padding_check_PKCS1_OAEP_mgf1 appends them again. As this was not done
in constant time, this might have leaked timing information.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3313)

parent cf10df81

Hide whitespace changes

Inline Side-by-side

Please register or to comment