crypto: use constant time compare when decoding private keys
In practice, this is impossible to exploit without being able to corrupt the private key which would allow a much simpler guess-and-check attack. However, it's still a bad practice to compare private key material like this.
Showing
Please register or sign in to comment