diff options
author | Bodo Möller <bodo@openssl.org> | 2003-03-19 22:19:58 +0300 |
---|---|---|
committer | Bodo Möller <bodo@openssl.org> | 2003-03-19 22:19:58 +0300 |
commit | 409a5de586858776a5dfc12be3184983d6a7c3e7 (patch) | |
tree | 2aede7b6b712f8611b368817dc0adbeb3dded20c /CHANGES | |
parent | 84b1e84af13ac935c554eb9466c0b299f675ab8a (diff) |
countermeasure against new Klima-Pokorny-Rosa atack
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -4,6 +4,12 @@ Changes between 0.9.7a and 0.9.7b [xx XXX 2003] + *) Countermeasure against the Klima-Pokorny-Rosa extension of + Bleichbacher's attack on PKCS #1 v1.5 padding: treat + a protocol version number mismatch like a decryption error + in ssl3_get_client_key_exchange (ssl/s3_srvr.c). + [Bodo Moeller] + *) Turn on RSA blinding by default in the default implementation to avoid a timing attack. Applications that don't want it can call RSA_blinding_off() or use the new flag RSA_FLAG_NO_BLINDING. |