rsa/rsa_ssl.c: make RSA_padding_check_SSLv23 constant-time. (110ef88b) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 110ef88b authored Sep 14, 2018 by

Andy Polyakov Committed by Matt Caswell Dec 06, 2018

rsa/rsa_ssl.c: make RSA_padding_check_SSLv23 constant-time.



Copy of RSA_padding_check_PKCS1_type_2 with a twist that rejects padding
if nul delimiter is preceded by 8 consecutive 0x03 bytes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 60322140)

Resolved conflicts:
	crypto/rsa/rsa_ssl.c

(Merged from https://github.com/openssl/openssl/pull/7737)

parent b29b91bc

Hide whitespace changes

Inline Side-by-side

Please register or to comment