Skip to content

Use of EVP_PKEY_decrypt() should be more secure #17319

New issue
New issue
Closed
Closed
Use of EVP_PKEY_decrypt() should be more secure#17319
Labels
backlog fixThe issue was closed as part of the backlog reduction initiative.resolved: wont fixThe issue has been confirmed but won't be fixedtriaged: featureThe issue/pr requests/adds a featuretriaged: questionThe issue contains a question
@DDvO

Description

@DDvO
DDvO
opened on Dec 20, 2021

This came up in #15283 (comment).

Looks like ERR_clear_error() is not really constant-time due to
static ossl_inline void err_clear(...) in crypto/err/err_local.h
calling OPENSSL_free(es->err_file[i]) and OPENSSL_free(es->err_func[i]), where es->err_file[i] and es->err_func[i] should be NULL if and only if no error queue entry is present at index i.

Metadata

Metadata

Assignees

No one assigned

    Labels

    backlog fixThe issue was closed as part of the backlog reduction initiative.resolved: wont fixThe issue has been confirmed but won't be fixedtriaged: featureThe issue/pr requests/adds a featuretriaged: questionThe issue contains a question

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions