The time for GnuTLS to respond to malformed RSA ciphertexts in ClientKeyExchange depends on kind of error in the RSA padding. Generally, it looks like the response time depends on size of encrypted data in the PKCS#1 v1.5 encrypted data. I've run tests with 1 million connections per probe, on a 2.4GHz skylake CPU with 1024 bit RSA key, the two probes with most dissimilar results were "too long (49-byte) pre master secret" and "invalid MAC in Finished on pos 0", it takes the server an extra 58.5ns to respond one over the other. This is with a 95% confidence interval of +-6.8ns. Exact results of Wilcoxon signed-rank tests are in this report.csv file, you can find explanation of the plaintexts sent by those probes in https://github.com/tomato42/tlsfuzzer/pull/679
Created gnutls tracking bugs for this issue: Affects: fedora-all [bug 2169608] Created mingw-gnutls tracking bugs for this issue: Affects: fedora-all [bug 2169609] Created mod_gnutls tracking bugs for this issue: Affects: epel-all [bug 2169607] Affects: fedora-all [bug 2169610]
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:1141 https://access.redhat.com/errata/RHSA-2023:1141
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:1200 https://access.redhat.com/errata/RHSA-2023:1200
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:1569 https://access.redhat.com/errata/RHSA-2023:1569
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-0361
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:3361 https://access.redhat.com/errata/RHSA-2023:3361