mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 05:05:35 +00:00
Add Security ChangeLog entry for lack of blinding
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
71d56678d1
commit
c721178487
|
@ -3,3 +3,13 @@ Changes
|
|||
`MBEDTLS_CTR_DRBG_C` or `MBEDTLS_HMAC_DRBG_C` for some side-channel
|
||||
coutermeasures. If side channels are not a concern, this dependency can
|
||||
be avoided by enabling the new option `MBEDTLS_ECP_NO_INTERNAL_RNG`.
|
||||
|
||||
Security
|
||||
* Fix side channel in mbedtls_ecp_check_pub_priv() and
|
||||
mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a
|
||||
private key that didn't include the uncompressed public key), as well as
|
||||
mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
|
||||
f_rng argument. An attacker with access to precise enough timing and
|
||||
memory access information (typically an untrusted operating system
|
||||
attacking a secure enclave) could fully recover the ECC private key.
|
||||
Found and reported by Alejandro Cabrera Aldaya and Billy Brumley.
|
||||
|
|
Loading…
Reference in a new issue