summaryrefslogtreecommitdiffstats
path: root/doc/man7
diff options
context:
space:
mode:
authorHubert Kario <hkario@redhat.com>2022-10-27 19:16:58 +0200
committerTomas Mraz <tomas@openssl.org>2022-12-12 11:30:52 +0100
commit5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a (patch)
tree8891701c8e4c4429fb9030cca393c132f938dd34 /doc/man7
parentrsa: add test vectors for the implicit rejection in RSA PKCS#1 v1.5 (diff)
downloadopenssl-5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a.tar.xz
openssl-5ab3ec1bb1eaa795d775f5896818cfaa84d33a1a.zip
rsa: Add option to disable implicit rejection
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13817)
Diffstat (limited to 'doc/man7')
-rw-r--r--doc/man7/provider-asym_cipher.pod9
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/man7/provider-asym_cipher.pod b/doc/man7/provider-asym_cipher.pod
index ac3f627196..cb770c9e85 100644
--- a/doc/man7/provider-asym_cipher.pod
+++ b/doc/man7/provider-asym_cipher.pod
@@ -235,6 +235,15 @@ The TLS protocol version first requested by the client.
The negotiated TLS protocol version.
+=item "implicit-rejection" (B<OSSL_PKEY_PARAM_IMPLICIT_REJECTION>) <unsigned integer>
+
+Gets of sets the use of the implicit rejection mechanism for RSA PKCS#1 v1.5
+decryption. When set (non zero value), the decryption API will return
+a deterministically random value if the PKCS#1 v1.5 padding check fails.
+This makes explotation of the Bleichenbacher significantly harder, even
+if the code using the RSA decryption API is not implemented in side-channel
+free manner. Set by default.
+
=back
OSSL_FUNC_asym_cipher_gettable_ctx_params() and OSSL_FUNC_asym_cipher_settable_ctx_params()