openssl

generic-library/openssl

Fork 0

Commit Graph

Author	SHA1	Message	Date
Emilia Kasper	904fcce0c6	RT3066: rewrite RSA padding checks to be slightly more constant time. Also tweak s3_cbc.c to use new constant-time methods. Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1 This patch is based on the original RT submission by Adam Langley <agl@chromium.org>, as well as code from BoringSSL and OpenSSL. Reviewed-by: Kurt Roeckx <kurt@openssl.org> Conflicts: crypto/rsa/rsa_oaep.c	2014-09-24 14:35:03 +02:00
Emilia Kasper	73729e4cf3	Constant-time utilities Pull constant-time methods out to a separate header, add tests. Reviewed-by: Bodo Moeller <bodo@openssl.org> (cherry picked from commit e7169a5835390d20057de8a19785982bd6a9b8c8) Conflicts: ssl/Makefile test/Makefile	2014-08-28 17:18:01 +02:00

Author

SHA1

Message

Date

Emilia Kasper

904fcce0c6

RT3066: rewrite RSA padding checks to be slightly more constant time.

Also tweak s3_cbc.c to use new constant-time methods.
Also fix memory leaks from internal errors in RSA_padding_check_PKCS1_OAEP_mgf1

This patch is based on the original RT submission by Adam Langley <agl@chromium.org>,
as well as code from BoringSSL and OpenSSL.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Conflicts:
	crypto/rsa/rsa_oaep.c

2014-09-24 14:35:03 +02:00

Emilia Kasper

73729e4cf3

Constant-time utilities

Pull constant-time methods out to a separate header, add tests.

Reviewed-by: Bodo Moeller <bodo@openssl.org>
(cherry picked from commit e7169a5835390d20057de8a19785982bd6a9b8c8)

Conflicts:
	ssl/Makefile
	test/Makefile

2014-08-28 17:18:01 +02:00

2 Commits