]> granicus.if.org Git - openssl/commit
Timing fix mitigation for FIPS mode.
authorDr. Stephen Henson <steve@openssl.org>
Tue, 29 Jan 2013 14:44:36 +0000 (14:44 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 31 Jan 2013 12:34:10 +0000 (12:34 +0000)
commitb908e88ec15aa0a74805e3f2236fc4f83f2789c2
tree424b1a8703f65502460f311a42d3da7521a4085b
parent014265eb02e26f35c8db58e2ccbf100b0b2f0072
Timing fix mitigation for FIPS mode.
We have to use EVP in FIPS mode so we can only partially mitigate
timing differences.

Make an extra call to EVP_DigestSignUpdate to hash additonal blocks
to cover any timing differences caused by removal of padding.
ssl/s3_cbc.c
ssl/ssl_locl.h
ssl/t1_enc.c