yuzu-mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2026-04-09 08:25:20 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update padding const-time fix changelog

Browse source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-09-27 16:27:50 +01:00
parent 641250f42b
commit e614129895
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
ChangeLog.d/padding-ct-changelog.txt
View file

@ -1,6 +1,6 @@
Security
* Improve padding calculations in CBC decryption, NIST key unwrapping and
RSA OAEP decryption. With the previous implementation, some compilers
(notably recent versions of Clang) could produce non-constant time code,
which could allow a padding oracle attack if the attacker has access to
precise timing measurements.
(notably recent versions of Clang and IAR) could produce non-constant
time code, which could allow a padding oracle attack if the attacker
has access to precise timing measurements.