openssl/crypto/pem
Cesar Pereida Garcia 51e236df41 Fix SCA vulnerability when using PVK and MSBLOB key formats
This commit addresses a side-channel vulnerability present when
PVK and MSBLOB key formats are loaded into OpenSSL.
The public key was not computed using a constant-time exponentiation
function.

This issue was discovered and reported by the NISEC group at TAU Finland.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9587)

(cherry picked from commit 724339ff44)
2019-08-27 09:13:34 +01:00
..
build.info unified build scheme: add build.info files 2016-02-01 12:46:58 +01:00
pem_all.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
pem_err.c Set error code on alloc failures 2018-04-03 11:31:16 -04:00
pem_info.c Update copyright year 2019-02-26 14:05:09 +00:00
pem_lib.c Fix the comment of PEM_read_bio_ex 2018-09-03 20:35:11 +08:00
pem_oth.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
pem_pk8.c Update copyright year 2018-05-29 13:16:04 +01:00
pem_pkey.c In cases where we ask PEM_def_callback for minimum 0 length, accept 0 length 2018-05-12 10:19:51 +02:00
pem_sign.c Update copyright year 2019-05-28 14:49:38 +02:00
pem_x509.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
pem_xaux.c Copyright consolidation 04/10 2016-05-17 14:24:46 -04:00
pvkfmt.c Fix SCA vulnerability when using PVK and MSBLOB key formats 2019-08-27 09:13:34 +01:00