CVSROOT:        /cvs
Module name:    src
Changes by:     b...@cvs.openbsd.org    2017/01/24 23:15:44

Modified files:
        lib/libcrypto/bn: bn.h bn_gcd.c bn_lcl.h bn_x931p.c 
        lib/libcrypto/rsa: rsa_chk.c rsa_gen.c 

Log message:
Construct a BN_gcd_nonct, based on BN_mod_inverse_no_branch, as suggested
by Alejandro Cabrera <ald...@gmail.com> to avoid the possibility of a
sidechannel timing attack during RSA private key generation.

Modify BN_gcd to become not visible under LIBRESSL_INTERNAL and force
the use of the _ct or _nonct versions of the function only within
the library.

ok jsing@

Reply via email to