diff options
author | Hubert Kario <hkario@redhat.com> | 2022-10-27 19:16:58 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-12-12 11:30:52 +0100 |
commit | 5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a (patch) | |
tree | 8891701c8e4c4429fb9030cca393c132f938dd34 /doc/man7 | |
parent | rsa: add test vectors for the implicit rejection in RSA PKCS#1 v1.5 (diff) | |
download | openssl-5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a.tar.xz openssl-5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a.zip |
rsa: Add option to disable implicit rejection
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13817)
Diffstat (limited to 'doc/man7')
-rw-r--r-- | doc/man7/provider-asym_cipher.pod | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/man7/provider-asym_cipher.pod b/doc/man7/provider-asym_cipher.pod index ac3f627196..cb770c9e85 100644 --- a/doc/man7/provider-asym_cipher.pod +++ b/doc/man7/provider-asym_cipher.pod @@ -235,6 +235,15 @@ The TLS protocol version first requested by the client. The negotiated TLS protocol version. +=item "implicit-rejection" (B<OSSL_PKEY_PARAM_IMPLICIT_REJECTION>) <unsigned integer> + +Gets of sets the use of the implicit rejection mechanism for RSA PKCS#1 v1.5 +decryption. When set (non zero value), the decryption API will return +a deterministically random value if the PKCS#1 v1.5 padding check fails. +This makes explotation of the Bleichenbacher significantly harder, even +if the code using the RSA decryption API is not implemented in side-channel +free manner. Set by default. + =back OSSL_FUNC_asym_cipher_gettable_ctx_params() and OSSL_FUNC_asym_cipher_settable_ctx_params() |