[openssl.org #2570] Timing related bug in openssl pkcs
sorry, you can't use stdin twice. we have no control over system buffering, among other things. closing file. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project
[openssl.org #2570] Timing related bug in openssl pkcs
I have found a reliably reproducible timing-related bug in openssl pkcs when both the key to be processed and the passphrase to use in encryption are passed through stdin. The problem can be reliably reproduced thusly: [ron@mighty:~]$ cat foo password -BEGIN RSA PRIVATE KEY-