Construct a BN_gcd_nonct, based on BN_mod_inverse_no_branch, as suggested - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	beck <beck@openbsd.org>	2017-01-25 06:15:44 +0000
committer	beck <beck@openbsd.org>	2017-01-25 06:15:44 +0000
commit	572569cdeff0b4a01ff260c18e8a17b78f944df8 (patch)
tree	94c5c54c0b377f9e9b0fe7e19634051b23668074 /sys/kern/sys_process.c
parent	Provide ssl3_packet_read() and ssl3_packet_extend() functions that improve (diff)
download	wireguard-openbsd-572569cdeff0b4a01ff260c18e8a17b78f944df8.tar.xz wireguard-openbsd-572569cdeff0b4a01ff260c18e8a17b78f944df8.zip

Construct a BN_gcd_nonct, based on BN_mod_inverse_no_branch, as suggested

by Alejandro Cabrera <aldaya@gmail.com> to avoid the possibility of a sidechannel timing attack during RSA private key generation. Modify BN_gcd to become not visible under LIBRESSL_INTERNAL and force the use of the _ct or _nonct versions of the function only within the library. ok jsing@

Diffstat (limited to 'sys/kern/sys_process.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: