Hello, Our server does not consume any certificate from the client. Client authentication or client certificate verification is disabled. Server always has a valid ECC certificate.
BN_mod_sqrt() is not used anywhere in the server except by openssl. If we consider ECDHE_ECDSA cipher based TLS handshake, then it is possible that the client can send invalid public session key to the server causing the vulnerability. Is this assumption correct ? If yes, then I think disabling ECC cipher suites should prevent the vulnerability if we don't want to upgrade openssl considering there is no other cryptographic operation except w.r.t. TLS. Regards, Vipul
