Disable MBEDTLS_RSA_FORCE_BLINDING by default

This commit disables the new MBEDTLS_RSA_FORCE_BLINDING option by default to preserve backwards
compatibility. Further, it deprecates disabling to prepare for a future release in which blinding will be
unconditionally enforced.
This commit is contained in:
Hanno Becker 2017-09-07 10:56:10 +01:00
parent cc209ca56d
commit 936f72c641

View file

@ -980,6 +980,11 @@
* Comment this macro to allow RSA private key operations * Comment this macro to allow RSA private key operations
* without blinding. * without blinding.
* *
* \deprecated Disabling this option is deprecated and only
* disabled by default for backwards compatibility.
* Future versions of Mbed TLS will remove this
* option and enforce blinding unconditionally.
*
* \warning Disabling this can be a security risk! * \warning Disabling this can be a security risk!
* Blinding RSA private key operations is a way * Blinding RSA private key operations is a way
* to prevent statistical timing attacks as in * to prevent statistical timing attacks as in
@ -998,7 +1003,7 @@
* private key operations, see the documentation * private key operations, see the documentation
* of \c mbedtls_rsa_private. * of \c mbedtls_rsa_private.
*/ */
#define MBEDTLS_RSA_FORCE_BLINDING //#define MBEDTLS_RSA_FORCE_BLINDING
/** /**
* \def MBEDTLS_RSA_NO_CRT * \def MBEDTLS_RSA_NO_CRT