Add countermeasure against cache-based lucky 13

2026-01-04 13:45:05 +01:00 · 2015-04-29 01:35:48 +02:00 · 2015-04-29 01:35:48 +02:00 · 7d1e95c991
commit 7d1e95c991
parent e16b62c3a9
2 changed files with 4 additions and 1 deletions
--- a/2
+++ b/2
@ -6,6 +6,8 @@ Security
   * With authmode set to SSL_VERIFY_OPTIONAL, verification of keyUsage and
     extendedKeyUsage on the leaf certificate was lost (results not accessible
     via ssl_get_verify_results()).
+   * Add countermeasure against "Lucky 13 strikes back" cache-based attack,
+     https://dl.acm.org/citation.cfm?id=2714625

 Features
   * Add x509_crt_verify_info() to display certificate verification results.