diff options
author | Simo Sorce <simo@redhat.com> | 2018-10-03 13:12:38 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2018-11-30 13:51:24 -0500 |
commit | 4804febddc2ed958e5ae774de2a8f85edeeff538 (patch) | |
tree | a7a693c3e8fb686581425217d0545b85612616c5 /doc | |
parent | ed3bdddab73c792364deec423b2c2c498a939a64 (diff) | |
download | gnutls-4804febddc2ed958e5ae774de2a8f85edeeff538.tar.gz |
Constant time/cache PKCS#1 RSA decryptiontmp-fix-CVE-2018-16868
This patch tries to make the code have the same time and memory access
aptterns across all branches of the decryption function so that timining
or cache side channels are minimized or neutralized.
To do so it uses a new nettle rsa decryption function that is
side-channel silent.
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/Makefile.am | 2 | ||||
-rw-r--r-- | doc/manpages/Makefile.am | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/doc/Makefile.am b/doc/Makefile.am index e6d5e14c6e..8a9a712091 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1579,6 +1579,8 @@ FUNCS += functions/gnutls_priority_string_list FUNCS += functions/gnutls_priority_string_list.short FUNCS += functions/gnutls_privkey_decrypt_data FUNCS += functions/gnutls_privkey_decrypt_data.short +FUNCS += functions/gnutls_privkey_decrypt_data2 +FUNCS += functions/gnutls_privkey_decrypt_data2.short FUNCS += functions/gnutls_privkey_deinit FUNCS += functions/gnutls_privkey_deinit.short FUNCS += functions/gnutls_privkey_export_dsa_raw diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am index 3bac791f3e..7db892d880 100644 --- a/doc/manpages/Makefile.am +++ b/doc/manpages/Makefile.am @@ -591,6 +591,7 @@ APIMANS += gnutls_priority_set_direct.3 APIMANS += gnutls_priority_sign_list.3 APIMANS += gnutls_priority_string_list.3 APIMANS += gnutls_privkey_decrypt_data.3 +APIMANS += gnutls_privkey_decrypt_data2.3 APIMANS += gnutls_privkey_deinit.3 APIMANS += gnutls_privkey_export_dsa_raw.3 APIMANS += gnutls_privkey_export_dsa_raw2.3 |