wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/pem
History
Cesar Pereida Garcia 51e236df41 Fix SCA vulnerability when using PVK and MSBLOB key formats 
This commit addresses a side-channel vulnerability present when
PVK and MSBLOB key formats are loaded into OpenSSL.
The public key was not computed using a constant-time exponentiation
function.

This issue was discovered and reported by the NISEC group at TAU Finland.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9587)

(cherry picked from commit 724339ff44)
2019-08-27 09:13:34 +01:00
..
build.info
pem_all.c
pem_err.c
pem_info.c Update copyright year 2019-02-26 14:05:09 +00:00
pem_lib.c Fix the comment of PEM_read_bio_ex 2018-09-03 20:35:11 +08:00
pem_oth.c
pem_pk8.c Update copyright year 2018-05-29 13:16:04 +01:00
pem_pkey.c
pem_sign.c Update copyright year 2019-05-28 14:49:38 +02:00
pem_x509.c
pem_xaux.c
pvkfmt.c Fix SCA vulnerability when using PVK and MSBLOB key formats 2019-08-27 09:13:34 +01:00