security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2024-06-01 22:28:02 +02:00
Code Activity
7cdb86e0ad
gnupg/cipher
History
Werner Koch d0d72d98f3 Normalize the MPIs used as input to secret key functions. 
* cipher/rsa.c (secret): Normalize the INPUT.
(rsa_decrypt): Pass reduced data to secret.
* cipher/elgamal.c (decrypt): Normalize A and B.
* cipher/dsa.c (sign): Normalize HASH.
--

mpi_normalize is in general not required because extra leading zeroes
do not harm the computation.  However, adding extra all zero limbs or
padding with multiples of N may be useful in side-channel attacks. In
particular they are used by the acoustic crypt-analysis.  This is an
extra pre-caution which alone would not be sufficient to mitigate the
described attack.

CVE-id: CVE-2013-4576

Signed-off-by: Werner Koch <wk@gnupg.org>
2013-12-03 09:26:04 +01:00
..
algorithms.h Improved AES performance. 2008-03-22 17:01:37 +00:00
bithelp.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
blowfish.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
camellia-glue.c Add Camellia-192. 2008-04-17 17:40:30 +00:00
camellia.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
camellia.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
cast5.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
ChangeLog-2011 Rename all ChangeLog files to ChangeLog-2011. 2011-12-02 19:42:56 +01:00
cipher.c Add Camellia-192. 2008-04-17 17:40:30 +00:00
des.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
dsa.c Normalize the MPIs used as input to secret key functions. 2013-12-03 09:26:04 +01:00
dsa.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
dynload.c Removed some set but unused vars. 2011-08-09 10:54:22 +02:00
elgamal.c Normalize the MPIs used as input to secret key functions. 2013-12-03 09:26:04 +01:00
elgamal.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
gost.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
gost.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
idea.c Fix idea.c for big endian CPUs. 2013-01-11 15:10:38 +01:00
Makefile.am Support the not anymore patented IDEA cipher algorithm. 2012-11-08 13:25:02 +01:00
md.c Use gcc pragmas to suppress some warnings. 2012-01-10 11:31:00 +01:00
md5.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
primegen.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
pubkey.c Updated ZH po file. 2007-12-12 18:26:25 +00:00
rand-internal.h The rest of the VMS changes. 2010-09-28 15:55:24 +00:00
random.c Use blinding for the RSA secret operation. 2013-12-03 09:25:57 +01:00
random.h Use blinding for the RSA secret operation. 2013-12-03 09:25:57 +01:00
rijndael.c Fix aliasing problem. 2011-08-09 10:54:02 +02:00
rmd.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
rmd160.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
rmd160test.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
rndegd.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
rndlinux.c Typo fixes and comment re-formatting. 2012-01-12 11:47:35 +01:00
rndriscos.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
rndunix.c Revert that last stupid setuid detection fix. 2008-07-17 19:47:19 +00:00
rndw32.c Fix typos in comments. 2012-01-24 09:48:17 +01:00
rsa.c Normalize the MPIs used as input to secret key functions. 2013-12-03 09:26:04 +01:00
rsa.h Switched to GPLv3. 2007-10-23 10:48:09 +00:00
sha1.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
sha256.c * sha256.c (sha224_get_info): 4880 has an error in the SHA-224 OID and 2007-11-28 23:00:11 +00:00
sha512.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
smallprime.c Switched to GPLv3. 2007-10-23 10:48:09 +00:00
twofish.c * algorithms.h, cast5.c, cipher.c, idea-stub.c, twofish.c, blowfish.c, 2004-10-12 17:35:50 +00:00