Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix side channel leaks #43

Merged
merged 1 commit into from Feb 1, 2021
Merged

Fix side channel leaks #43

merged 1 commit into from Feb 1, 2021

Conversation

ddealmei
Copy link
Contributor

@ddealmei ddealmei commented Feb 1, 2021

Calling BN_mod_exp with a small base, and no constant time flag fallback on an
insecure implementation with OpenSSL. A simple fix is to set the appropriate
flag before the modular exponentiation.

Calling BN_mod_exp with a small base, and no constant time flag fallback on an
insecure implementation with OpenSSL. A simple fix is to set the appropriate
flag before the modular exponentiation.
@ddealmei
Copy link
Contributor Author

ddealmei commented Feb 1, 2021

In absence of a clean way to get OpenSSL BN_FLG_CONSTTIME value from Python (since it is defined as a macro), I hardcoded it into the python code.

@cocagne cocagne merged commit dba5264 into cocagne:master Feb 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants