mirror of
https://github.com/openssl/openssl.git
synced 2024-12-09 05:51:54 +08:00
724339ff44
This commit addresses a side-channel vulnerability present when PVK and MSBLOB key formats are loaded into OpenSSL. The public key was not computed using a constant-time exponentiation function. This issue was discovered and reported by the NISEC group at TAU Finland. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9587) |
||
---|---|---|
.. | ||
build.info | ||
pem_all.c | ||
pem_err.c | ||
pem_info.c | ||
pem_lib.c | ||
pem_oth.c | ||
pem_pk8.c | ||
pem_pkey.c | ||
pem_sign.c | ||
pem_x509.c | ||
pem_xaux.c | ||
pvkfmt.c |