Add counter-measure against RSA-CRT attack https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/ backport of 5f50104

commit: a1cdcd2364668c948afba4ecf0d7f62ebb3a1a92 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Sep 03 20:03:15 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 09 12:23:47 2015 +0200
tree: 7816c2d7ab7f00bdf80232a9b36b5d1f9ebaecfd
parent: bb564e0fb498c9c2feb5bdde0cd1d4d4ef65e72d [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 8c602fa..18486b3 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,6 +6,9 @@
    * Fix possible client-side NULL pointer dereference (read) when the client
      tries to continue the handshake after it failed (a misuse of the API).
      (Found by GDS Labs using afl-fuzz, patch provided by GDS Labs.)
+   * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
+     signatures. (Found by Florian Weimer, Red Hat.)
+     https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
 
 Bugfix
    * Setting SSL_MIN_DHM_BYTES in config.h had no effect (overriden in ssl.h)
commit	a1cdcd2364668c948afba4ecf0d7f62ebb3a1a92	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Thu Sep 03 20:03:15 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 09 12:23:47 2015 +0200
tree	7816c2d7ab7f00bdf80232a9b36b5d1f9ebaecfd
parent	bb564e0fb498c9c2feb5bdde0cd1d4d4ef65e72d [diff] [blame]