Constant time/cache PKCS#1 RSA decryptiontmp-fix-CVE-2018-16868

This patch tries to make the code have the same time and memory access aptterns across all branches of the decryption function so that timining or cache side channels are minimized or neutralized. To do so it uses a new nettle rsa decryption function that is side-channel silent. Signed-off-by: Simo Sorce <simo@redhat.com>
author: Simo Sorce <simo@redhat.com> 2018-10-03 13:12:38 -0400
committer: Simo Sorce <simo@redhat.com> 2018-11-30 13:51:24 -0500
commit: 4804febddc2ed958e5ae774de2a8f85edeeff538 (patch)
tree: a7a693c3e8fb686581425217d0545b85612616c5 /lib/errors.h
parent: ed3bdddab73c792364deec423b2c2c498a939a64 (diff)
download: gnutls-4804febddc2ed958e5ae774de2a8f85edeeff538.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/errors.h b/lib/errors.h
index e0f6b906c2..baadc0e67e 100644
--- a/lib/errors.h
+++ b/lib/errors.h
@@ -108,6 +108,7 @@ void _gnutls_mpi_log(const char *prefix, bigint_t a);
 #define _gnutls_write_log(...) LEVEL(11, __VA_ARGS__)
 #define _gnutls_io_log(...) LEVEL(12, __VA_ARGS__)
 #define _gnutls_buffers_log(...) LEVEL(13, __VA_ARGS__)
+#define _gnutls_no_log(...) LEVEL(INT_MAX, __VA_ARGS__)
 #else
 #define _gnutls_debug_log _gnutls_null_log
 #define _gnutls_assert_log _gnutls_null_log
@@ -119,6 +120,7 @@ void _gnutls_mpi_log(const char *prefix, bigint_t a);
 #define _gnutls_dtls_log _gnutls_null_log
 #define _gnutls_read_log _gnutls_null_log
 #define _gnutls_write_log _gnutls_null_log
+#define _gnutls_no_log _gnutle_null_log
 
 void _gnutls_null_log(void *, ...);
author	Simo Sorce <simo@redhat.com>	2018-10-03 13:12:38 -0400
committer	Simo Sorce <simo@redhat.com>	2018-11-30 13:51:24 -0500
commit	4804febddc2ed958e5ae774de2a8f85edeeff538 (patch)
tree	a7a693c3e8fb686581425217d0545b85612616c5 /lib/errors.h
parent	ed3bdddab73c792364deec423b2c2c498a939a64 (diff)
download	gnutls-4804febddc2ed958e5ae774de2a8f85edeeff538.tar.gz