-
Use side-channel silent RSA root function as well as PKCS1 padding functions. This variant accepts only a fixed length message, and returns error if the pkcs1 padding returns a different length message. The buffer is always left unchanged on error so that a TLS implementation can pre-initialize it with a random key to use on decoding error. Signed-off-by: Simo Sorce <simo@redhat.com>
bfda54ee