[Bug 3005] Use high-level EVP PKEY API instead of low-level algorithm specific calls + separate digesting in the every backend

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed May 8 15:53:18 AEST 2019


Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
                 CC|                            |djm at mindrot.org

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
I'm not certain of the benefit of doing this, but deleting the custom
verification code removes a security mitigation that has saved us from
>10 bugs since Markus added it.

Many (most?) versions of OpenSSL invoke a full ASN.1 parser in the RSA
signature verification path. Our implementation avoids that massive
attack surface for something much smaller and easy to audit. We won't
delete this code until after we've dropped support for the last version
of OpenSSL that does RSA signature verification with the ASN.1 parser.

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list