Skip to content

Fix potential SCA vulnerability in sparcv9 ASM implementation of nistz256 #10734

@romen

Description

@romen

PR #9239 addressed a potential SCA vulnerability in some EC_METHODs, including several platform specific implementations of nistz256 (the fastest EC NIST P-256 implementation currently included in OpenSSL).

It was not possible to cover some platforms, and at the October 2019 Committer Face-to-face meeting it was decided that rather than halting the merge of the fix for all the addressed platforms, we should go ahead and merge #9239 and open issues for the remaining platforms inviting help from the community in addressing this issue.

This issue is specific to sparcv9 and would be resolved by applying the fixes described in #9239 to crypto/ec/asm/ecp_nistz256-sparcv9.pl.

Metadata

Metadata

Assignees

No one assigned

    Labels

    backlog fixThe issue was closed as part of the backlog reduction initiative.branch: masterApplies to master branchhelp wantedtriaged: featureThe issue/pr requests/adds a feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions