diff options
author | Andy Polyakov <appro@openssl.org> | 2018-11-30 21:07:18 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-12-06 11:18:35 +0000 |
commit | 3b776fd785efb1c0af4b28ad0b8036b23071904d (patch) | |
tree | 22685f0a258bfea63be3cc9323f6fbaec4b42232 | |
parent | 8db50d6dafc67fbaa0380420fc1f74f977d16606 (diff) |
rsa/rsa_eay.c: make RSAerr call in rsa_ossl_private_decrypt unconditional.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 89072e0c2a483f2ad678e723e112712567b0ceb1)
(Merged from https://github.com/openssl/openssl/pull/7737)
-rw-r--r-- | crypto/rsa/rsa_eay.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c index 1155583d88..7f20fd6738 100644 --- a/crypto/rsa/rsa_eay.c +++ b/crypto/rsa/rsa_eay.c @@ -115,6 +115,7 @@ #include <openssl/rsa.h> #include <openssl/rand.h> #include "bn_int.h" +#include "constant_time_locl.h" #ifndef RSA_NULL @@ -587,8 +588,8 @@ static int RSA_eay_private_decrypt(int flen, const unsigned char *from, RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_UNKNOWN_PADDING_TYPE); goto err; } - if (r < 0) - RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED); + RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT, RSA_R_PADDING_CHECK_FAILED); + err_clear_last_constant_time(r >= 0); err: if (ctx != NULL) { |