gnupg

mirror of git://git.gnupg.org/gnupg.git synced 2025-02-06 17:23:03 +01:00

History

Werner Koch d0d72d98f3 Normalize the MPIs used as input to secret key functions.

* cipher/rsa.c (secret): Normalize the INPUT.
(rsa_decrypt): Pass reduced data to secret.
* cipher/elgamal.c (decrypt): Normalize A and B.
* cipher/dsa.c (sign): Normalize HASH.
--

mpi_normalize is in general not required because extra leading zeroes
do not harm the computation.  However, adding extra all zero limbs or
padding with multiples of N may be useful in side-channel attacks. In
particular they are used by the acoustic crypt-analysis.  This is an
extra pre-caution which alone would not be sufficient to mitigate the
described attack.

CVE-id: CVE-2013-4576

Signed-off-by: Werner Koch <wk@gnupg.org>

2013-12-03 09:26:04 +01:00

algorithms.h

Improved AES performance.

2008-03-22 17:01:37 +00:00

bithelp.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

blowfish.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

camellia-glue.c

Add Camellia-192.

2008-04-17 17:40:30 +00:00

camellia.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

camellia.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

cast5.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

ChangeLog-2011

Rename all ChangeLog files to ChangeLog-2011.

2011-12-02 19:42:56 +01:00

cipher.c

Add Camellia-192.

2008-04-17 17:40:30 +00:00

des.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

dsa.c

Normalize the MPIs used as input to secret key functions.

2013-12-03 09:26:04 +01:00

dsa.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

dynload.c

Removed some set but unused vars.

2011-08-09 10:54:22 +02:00

elgamal.c

Normalize the MPIs used as input to secret key functions.

2013-12-03 09:26:04 +01:00

elgamal.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

gost.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

gost.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

idea.c

Fix idea.c for big endian CPUs.

2013-01-11 15:10:38 +01:00

Makefile.am

Support the not anymore patented IDEA cipher algorithm.

2012-11-08 13:25:02 +01:00

md5.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

md.c

Use gcc pragmas to suppress some warnings.

2012-01-10 11:31:00 +01:00

primegen.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

pubkey.c

Updated ZH po file.

2007-12-12 18:26:25 +00:00

rand-internal.h

The rest of the VMS changes.

2010-09-28 15:55:24 +00:00

random.c

Use blinding for the RSA secret operation.

2013-12-03 09:25:57 +01:00

random.h

Use blinding for the RSA secret operation.

2013-12-03 09:25:57 +01:00

rijndael.c

Fix aliasing problem.

2011-08-09 10:54:02 +02:00

rmd160.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

rmd160test.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

rmd.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

rndegd.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

rndlinux.c

Typo fixes and comment re-formatting.

2012-01-12 11:47:35 +01:00

rndriscos.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

rndunix.c

Revert that last stupid setuid detection fix.

2008-07-17 19:47:19 +00:00

rndw32.c

Fix typos in comments.

2012-01-24 09:48:17 +01:00

rsa.c

Normalize the MPIs used as input to secret key functions.

2013-12-03 09:26:04 +01:00

rsa.h

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

sha1.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

sha256.c

* sha256.c (sha224_get_info): 4880 has an error in the SHA-224 OID and

2007-11-28 23:00:11 +00:00

sha512.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

smallprime.c

Switched to GPLv3.

2007-10-23 10:48:09 +00:00

twofish.c

* algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, blowfish.c,

2004-10-12 17:35:50 +00:00