mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-18 19:20:50 +00:00
Fix indentation
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
parent
16d802ed25
commit
5b13f60aa3
18
ChangeLog
18
ChangeLog
@ -302,15 +302,15 @@ Features
|
||||
PSA Cryptograpy API 1.0.0 specification.
|
||||
|
||||
Security
|
||||
* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
|
||||
private keys and of blinding values for DHM and elliptic curves (ECP)
|
||||
computations. Reported by FlorianF89 in #4245.
|
||||
* Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
|
||||
An adversary who is capable of very precise timing measurements could
|
||||
learn partial information about the leading bits of the nonce used for the
|
||||
signature, allowing the recovery of the private key after observing a
|
||||
large number of signature operations. This completes a partial fix in
|
||||
Mbed TLS 2.20.0.
|
||||
* Fix a bias in the generation of finite-field Diffie-Hellman-Merkle (DHM)
|
||||
private keys and of blinding values for DHM and elliptic curves (ECP)
|
||||
computations. Reported by FlorianF89 in #4245.
|
||||
* Fix a potential side channel vulnerability in ECDSA ephemeral key generation.
|
||||
An adversary who is capable of very precise timing measurements could
|
||||
learn partial information about the leading bits of the nonce used for the
|
||||
signature, allowing the recovery of the private key after observing a
|
||||
large number of signature operations. This completes a partial fix in
|
||||
Mbed TLS 2.20.0.
|
||||
* An adversary with access to precise enough information about memory
|
||||
accesses (typically, an untrusted operating system attacking a secure
|
||||
enclave) could recover an RSA private key after observing the victim
|
||||
|
Loading…
x
Reference in New Issue
Block a user