Skip to content
Commit 7ae8106a authored by Bernd Edlinger's avatar Bernd Edlinger Committed by Rich Salz
Browse files

Remove unnecessary loop in pkey_rsa_decrypt.



It is not necessary to remove leading zeros here because
RSA_padding_check_PKCS1_OAEP_mgf1 appends them again. As this was not done
in constant time, this might have leaked timing information.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3313)
(cherry picked from commit 237bc6c9)
parent 56e5d549
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment