1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00
Werner Koch d0d72d98f3 Normalize the MPIs used as input to secret key functions.
* cipher/rsa.c (secret): Normalize the INPUT.
(rsa_decrypt): Pass reduced data to secret.
* cipher/elgamal.c (decrypt): Normalize A and B.
* cipher/dsa.c (sign): Normalize HASH.
--

mpi_normalize is in general not required because extra leading zeroes
do not harm the computation.  However, adding extra all zero limbs or
padding with multiples of N may be useful in side-channel attacks. In
particular they are used by the acoustic crypt-analysis.  This is an
extra pre-caution which alone would not be sufficient to mitigate the
described attack.

CVE-id: CVE-2013-4576

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-12-03 09:26:04 +01:00
..
2008-03-22 17:01:37 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2008-04-17 17:40:30 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2008-04-17 17:40:30 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2011-08-09 10:54:22 +02:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2013-01-11 15:10:38 +01:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-12-12 18:26:25 +00:00
2010-09-28 15:55:24 +00:00
2011-08-09 10:54:02 +02:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2012-01-24 09:48:17 +01:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00
2007-10-23 10:48:09 +00:00