[crypto/asn1] Fix multiple SCA vulnerabilities during RSA key validation. (2f18596c) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

Commit 2f18596c authored Sep 05, 2019 by

Cesar Pereida Garcia Committed by Matt Caswell Sep 06, 2019

[crypto/asn1] Fix multiple SCA vulnerabilities during RSA key validation.



This commit addresses multiple side-channel vulnerabilities present
during RSA key validation.
Private key parameters are re-computed using variable-time functions.

This issue was discovered and reported by the NISEC group at TAU Finland.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9779)

parent 6f34a16e

Hide whitespace changes

Inline Side-by-side

Please register or to comment