FYI,
https://rt.openssl.org/Ticket/Display.html?id=3558 may also be of interest.
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
And thanks once again!
This has now been backported from master commit
adb46dbc6dd7347750df2468c93e8c34bcb93a4b
to all other branches. Note that I rewrote the constant-time ops in the
follow-up commit
455b65dfab0de51c9f67b3c909311770f2b3f801
If you'd like to verify that I didn't mess up the
On Wed, Sep 24, 2014 at 7:52 AM, Emilia Käsper via RT r...@openssl.org wrote:
If you'd like to verify that I didn't mess up the rewrite, that'd be great!
LGTM. Thanks! I'll have to steal that for BoringSSL :)
Cheers
AGL
__
This change alters the processing of invalid, RSA pre-master secrets so
that bad encryptions are treated like random session keys in constant
time.
0011-premaster_constant_time.patch
Description: Binary data