CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2018/04/28 08:17:56
Modified files: lib/libcrypto/ecdsa: ecs_ossl.c Log message: Fix a small timing side channel in ecdsa_sign_setup(). Up to whitespace this is OpennSSL commit 4a089bbdf11f9e231cc68f42bba934c954d81a49. ok beck, jsing Original commit message: commit 4a089bbdf11f9e231cc68f42bba934c954d81a49 Author: Pauli <paul.d...@oracle.com> Date: Wed Nov 1 06:58:39 2017 +1000 Address a timing side channel whereby it is possible to determine some information about the length of the scalar used in ECDSA operations from a large number (2^32) of signatures. This doesn't rate as a CVE because: * For the non-constant time code, there are easier ways to extract more information. * For the constant time code, it requires a significant number of signatures to leak a small amount of information. Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for reporting this issue. Reviewed-by: Andy Polyakov <ap...@openssl.org> Reviewed-by: Matt Caswell <m...@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4576)]