CVSROOT: /cvs
Module name: src
Changes by: t...@cvs.openbsd.org 2018/04/28 08:17:56
Modified files:
lib/libcrypto/ecdsa: ecs_ossl.c
Log message:
Fix a small timing side channel in ecdsa_sign_setup(). Up to whitespace
this is OpennSSL commit 4a089bbdf11f9e231cc68f42bba934c954d81a49.
ok beck, jsing
Original commit message:
commit 4a089bbdf11f9e231cc68f42bba934c954d81a49
Author: Pauli <paul.d...@oracle.com>
Date: Wed Nov 1 06:58:39 2017 +1000
Address a timing side channel whereby it is possible to determine some
information about the length of the scalar used in ECDSA operations
from a large number (2^32) of signatures.
This doesn't rate as a CVE because:
* For the non-constant time code, there are easier ways to extract
more information.
* For the constant time code, it requires a significant number of signatures
to leak a small amount of information.
Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for
reporting this issue.
Reviewed-by: Andy Polyakov <ap...@openssl.org>
Reviewed-by: Matt Caswell <m...@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4576)]
