Removed further timing differences during SSL message decryption in ssl_decrypt_buf() New padding checking is unbiased on correct or incorrect padding and has no branch prediction timing differences. The additional MAC checks further straighten out the timing differences.

commit: e47b34bdc8507b63758402f69e7623d11dfb6984 [log] [tgz]
author: Paul Bakker <p.j.bakker@polarssl.org> Wed Feb 27 14:48:00 2013 +0100
committer: Paul Bakker <p.j.bakker@polarssl.org> Wed Feb 27 14:48:00 2013 +0100
tree: 9d9a4970f6214512ebaf65b811c42e02207ed054
parent: 2ca8ad10a121e7d579ae935ccd9e9508604680ec [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index a4c11f6..75989bb 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -4,6 +4,10 @@
 Bugfix
    * Fixed memory leak in ssl_free() and ssl_reset() for active session
 
+Security
+   * Removed further timing differences during SSL message decryption in
+     ssl_decrypt_buf()
+
 = Version 1.2.5 released 2013-02-02
 Changes
    * Allow enabling of dummy error_strerror() to support some use-cases
commit	e47b34bdc8507b63758402f69e7623d11dfb6984	[log] [tgz]
author	Paul Bakker <p.j.bakker@polarssl.org>	Wed Feb 27 14:48:00 2013 +0100
committer	Paul Bakker <p.j.bakker@polarssl.org>	Wed Feb 27 14:48:00 2013 +0100
tree	9d9a4970f6214512ebaf65b811c42e02207ed054
parent	2ca8ad10a121e7d579ae935ccd9e9508604680ec [diff] [blame]