mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-24 16:35:38 +00:00
Disable MBEDTLS_RSA_FORCE_BLINDING by default
This commit disables the new MBEDTLS_RSA_FORCE_BLINDING option by default to preserve backwards compatibility. Further, it deprecates disabling to prepare for a future release in which blinding will be unconditionally enforced.
This commit is contained in:
parent
cc209ca56d
commit
936f72c641
|
@ -980,6 +980,11 @@
|
||||||
* Comment this macro to allow RSA private key operations
|
* Comment this macro to allow RSA private key operations
|
||||||
* without blinding.
|
* without blinding.
|
||||||
*
|
*
|
||||||
|
* \deprecated Disabling this option is deprecated and only
|
||||||
|
* disabled by default for backwards compatibility.
|
||||||
|
* Future versions of Mbed TLS will remove this
|
||||||
|
* option and enforce blinding unconditionally.
|
||||||
|
*
|
||||||
* \warning Disabling this can be a security risk!
|
* \warning Disabling this can be a security risk!
|
||||||
* Blinding RSA private key operations is a way
|
* Blinding RSA private key operations is a way
|
||||||
* to prevent statistical timing attacks as in
|
* to prevent statistical timing attacks as in
|
||||||
|
@ -998,7 +1003,7 @@
|
||||||
* private key operations, see the documentation
|
* private key operations, see the documentation
|
||||||
* of \c mbedtls_rsa_private.
|
* of \c mbedtls_rsa_private.
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_RSA_FORCE_BLINDING
|
//#define MBEDTLS_RSA_FORCE_BLINDING
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def MBEDTLS_RSA_NO_CRT
|
* \def MBEDTLS_RSA_NO_CRT
|
||||||
|
|
Loading…
Reference in a new issue