Timing vulnerability in ECDSA signature generation (CVE-2018-0735) (b1d6d55e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit b1d6d55e authored Oct 26, 2018 by

Pauli

Timing vulnerability in ECDSA signature generation (CVE-2018-0735)



Preallocate an extra limb for some of the big numbers to avoid a reallocation
that can potentially provide a side channel.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/7486)

(cherry picked from commit 99540ec7)

parent 8abfe72e

Hide whitespace changes

Inline Side-by-side

Please register or to comment