lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-03 13:22:02 +03:00
Code

Merge pull request #1085 from daverodgman/update-ct-changelog-2.28

Browse Source 
Backport 2.28: Update padding const-time fix changelog
This commit is contained in:
Dave Rodgman 2023-09-28 11:34:03 +01:00 committed by GitHub
commit ba1d63e36f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog.d/padding-ct-changelog.txt
View File

@ -1,6 +1,6 @@
Security
* Improve padding calculations in CBC decryption, NIST key unwrapping and
RSA OAEP decryption. With the previous implementation, some compilers
(notably recent versions of Clang) could produce non-constant time code,
which could allow a padding oracle attack if the attacker has access to
precise timing measurements.
(notably recent versions of Clang and IAR) could produce non-constant
time code, which could allow a padding oracle attack if the attacker
has access to precise timing measurements.