openssl/crypto/ec
Pauli 4a089bbdf1 Address a timing side channel whereby it is possible to determine some
information about the length of the scalar used in ECDSA operations
from a large number (2^32) of signatures.

This doesn't rate as a CVE because:

* For the non-constant time code, there are easier ways to extract
  more information.

* For the constant time code, it requires a significant number of signatures
  to leak a small amount of information.

Thanks to Neals Fournaise, Eliane Jaulmes and Jean-Rene Reinhard for
reporting this issue.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4576)
2017-11-01 15:47:29 +00:00
..
asm Cleanup some copyright stuff 2017-06-30 21:56:44 -04:00
build.info Add ecp_nistz256-ppc64 module. 2016-08-29 23:12:32 +02:00
curve25519.c Clear secret stack values after use in the ED25519-functions 2017-08-25 16:36:21 +02:00
ec2_mult.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ec2_oct.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ec2_smpl.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ec_ameth.c Fix function name in ECerr call 2017-09-14 16:13:29 -04:00
ec_asn1.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ec_check.c Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
ec_curve.c Remove email addresses from source code. 2017-10-13 10:06:59 -04:00
ec_cvt.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ec_err.c Fix function name in ECerr call 2017-09-14 16:13:29 -04:00
ec_key.c Move the REF_PRINT support from e_os.h to internal/refcount.h. 2017-08-30 07:20:44 +10:00
ec_kmeth.c Fix const correctness of EC_KEY_METHOD_get_* 2017-07-23 11:34:11 +02:00
ec_lcl.h e_os.h removal from other headers and source files. 2017-08-30 07:20:43 +10:00
ec_lib.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ec_mult.c Move the REF_PRINT support from e_os.h to internal/refcount.h. 2017-08-30 07:20:44 +10:00
ec_oct.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ec_pmeth.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
ec_print.c Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
ecdh_kdf.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
ecdh_ossl.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ecdsa_ossl.c Address a timing side channel whereby it is possible to determine some 2017-11-01 15:47:29 +00:00
ecdsa_sign.c Useless includes 2016-06-18 16:30:24 -04:00
ecdsa_vrf.c Useless includes 2016-06-18 16:30:24 -04:00
eck_prn.c Remove parentheses of return. 2017-10-18 16:05:06 +01:00
ecp_mont.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ecp_nist.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ecp_nistp224.c Fix the return type of felem_is_zero_int which should be int. 2017-10-02 17:24:17 +02:00
ecp_nistp256.c Fix the return type of felem_is_zero_int which should be int. 2017-10-02 17:24:17 +02:00
ecp_nistp521.c nistp521: add a comment to the P+P exceptional case in point_add. 2017-10-02 11:30:30 -04:00
ecp_nistputil.c Copyright consolidation 06/10 2016-05-17 14:51:04 -04:00
ecp_nistz256.c Move the REF_PRINT support from e_os.h to internal/refcount.h. 2017-08-30 07:20:44 +10:00
ecp_nistz256_table.c Copyright consolidation 05/10 2016-05-17 15:38:09 -04:00
ecp_oct.c Modify Sun copyright to follow OpenSSL style 2017-06-20 11:13:45 -04:00
ecp_smpl.c Change to check last return value of BN_CTX_get 2017-06-26 15:40:16 +02:00
ecx_meth.c Use OPENSSL_secure_clear_free for secure mem BIOs and X25519 private keys 2017-07-29 19:26:06 +02:00