auth/rsa: side-step potential side-channel

Remove branching that depends on secret data.

Signed-off-by: Alexander Sosedkin <asosedkin@redhat.com>
Signed-off-by: Hubert Kario <hkario@redhat.com>
Tested-by: Hubert Kario <hkario@redhat.com>

1 files changed, 0 insertions, 10 deletions

diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c
index 62c86e470a..562518d93e 100644
--- a/lib/auth/rsa.c
+++ b/lib/auth/rsa.c
@@ -154,7 +154,6 @@ _gnutls_get_public_rsa_params(gnutls_session_t session,
 static int
 proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
 {
-	const char attack_error[] = "auth_rsa: Possible PKCS #1 attack\n";
 	gnutls_datum_t ciphertext;
 	int ret, dsize;
 	ssize_t data_size = _data_size;
@@ -234,15 +233,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size)
 	ok &= CONSTCHECK_NOT_EQUAL(check_ver_min, 0) &
 	    CONSTCHECK_EQUAL(session->key.key.data[1], ver_min);
 
-	if (ok) {
-		/* call logging function unconditionally so all branches are
-		 * indistinguishable for timing and cache access when debug
-		 * logging is disabled */
-		_gnutls_no_log("%s", attack_error);
-	} else {
-		_gnutls_debug_log("%s", attack_error);
-	}
-
 	/* This is here to avoid the version check attack
 	 * discussed above.
 	 */