CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2018/11/14 22:53:31
Modified files:
lib/libcrypto/ec: ecp_smpl.c
Log message:
Port OpenSSL commit 99540ec79491f59ed8b46b4edf130e17dc907f52 -- mitigation
for a timing vullnerability in ECDSA signature generation (CVE-2018-0735).
Note that the blinding that we introduced back in June for ECDSA and DSA
should mitigate this and related issues. This simply adds an additional
layer of protection.
discussed with jsing
