Constant time/cache PKCS#1 RSA decryptiontmp-fix-CVE-2018-16868

This patch tries to make the code have the same time and memory access aptterns across all branches of the decryption function so that timining or cache side channels are minimized or neutralized. To do so it uses a new nettle rsa decryption function that is side-channel silent. Signed-off-by: Simo Sorce <simo@redhat.com>
author: Simo Sorce <simo@redhat.com> 2018-10-03 13:12:38 -0400
committer: Simo Sorce <simo@redhat.com> 2018-11-30 13:51:24 -0500
commit: 4804febddc2ed958e5ae774de2a8f85edeeff538 (patch)
tree: a7a693c3e8fb686581425217d0545b85612616c5 /symbols.last
parent: ed3bdddab73c792364deec423b2c2c498a939a64 (diff)
download: gnutls-4804febddc2ed958e5ae774de2a8f85edeeff538.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/symbols.last b/symbols.last
index 820821219e..7b547b7117 100644
--- a/symbols.last
+++ b/symbols.last
@@ -567,6 +567,7 @@ gnutls_priority_set@GNUTLS_3_4
 gnutls_priority_set_direct@GNUTLS_3_4
 gnutls_priority_sign_list@GNUTLS_3_4
 gnutls_priority_string_list@GNUTLS_3_4
+gnutls_privkey_decrypt_data2@GNUTLS_3_6_5
 gnutls_privkey_decrypt_data@GNUTLS_3_4
 gnutls_privkey_deinit@GNUTLS_3_4
 gnutls_privkey_export_dsa_raw2@GNUTLS_3_6_0
author	Simo Sorce <simo@redhat.com>	2018-10-03 13:12:38 -0400
committer	Simo Sorce <simo@redhat.com>	2018-11-30 13:51:24 -0500
commit	4804febddc2ed958e5ae774de2a8f85edeeff538 (patch)
tree	a7a693c3e8fb686581425217d0545b85612616c5 /symbols.last
parent	ed3bdddab73c792364deec423b2c2c498a939a64 (diff)
download	gnutls-4804febddc2ed958e5ae774de2a8f85edeeff538.tar.gz