artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c48d9ac) | patch
don't leak timing info about padding errors by generating a fake key
authortedu <tedu@openbsd.org>
Mon, 29 Dec 2014 16:12:59 +0000 (16:12 +0000)
committertedu <tedu@openbsd.org>
Mon, 29 Dec 2014 16:12:59 +0000 (16:12 +0000)
commit8fdc82176f8a322c6063fc701dff9f5b0a2b6771
tree7371df4918be50da016b26da8f47e5fa8a2a1706tree | snapshot
parentc48d9ac2cb375f9bd8136135c7e410e053f74151commit | diff
don't leak timing info about padding errors by generating a fake key
afterwards. openssl has a more complicated fix, but it's less intrusive
for now to simply hoist the expensive part (fake key generation) up without
sweating a branch or two.
ok bcook jsing
lib/libssl/s3_srvr.c diff | blob | history
lib/libssl/src/ssl/s3_srvr.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim