On Sun, Nov 16, 2014 at 09:11:42PM +0100, Matt Caswell via RT wrote: > Unfortunately I don't think it is as simple as that. If I understand the > previous change correctly, Emilia has deliberately removed the error message > as > part of work to protect against timing attacks. The very act of adding an > error > to the error queue could introduce a measurable timing difference which > (theorectically) could be exploited.
I think we need to clarify the documentation about what we expect people to do when things like a padding error are detected. They too need to respond in a way that doesn't leak any information like time or which error was detected, or even that an error was detected. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org