projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a693ead) | patch
Timing fix mitigation for FIPS mode.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 29 Jan 2013 14:44:36 +0000 (14:44 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Wed, 6 Feb 2013 14:19:08 +0000 (14:19 +0000)
commitc4e6fb15244e27f1e93df3f59fe37b59a784f5dc
tree19fb2aa775ca60fd53f87309e64b1c5f295493c9tree | snapshot
parenta693ead6dc75455f7f5bbbd631b3a0e7ee457965commit | diff
Timing fix mitigation for FIPS mode.
We have to use EVP in FIPS mode so we can only partially mitigate
timing differences.

Make an extra call to EVP_DigestSignUpdate to hash additonal blocks
to cover any timing differences caused by removal of padding.
(cherry picked from commit b908e88ec15aa0a74805e3f2236fc4f83f2789c2)
ssl/s3_cbc.c diff | blob | history
ssl/ssl_locl.h diff | blob | history
ssl/t1_enc.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.