lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-06-05 00:22:11 +03:00
Code

Merge pull request #1085 from daverodgman/update-ct-changelog-2.28

Browse Source 
Backport 2.28: Update padding const-time fix changelog
This commit is contained in:
Dave Rodgman 2023-09-28 11:34:03 +01:00 committed by GitHub
commit ba1d63e36f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog.d/padding-ct-changelog.txt
View File

@ -1,6 +1,6 @@
Security Security
* Improve padding calculations in CBC decryption, NIST key unwrapping and * Improve padding calculations in CBC decryption, NIST key unwrapping and
RSA OAEP decryption. With the previous implementation, some compilers RSA OAEP decryption. With the previous implementation, some compilers
(notably recent versions of Clang) could produce non-constant time code, (notably recent versions of Clang and IAR) could produce non-constant
which could allow a padding oracle attack if the attacker has access to time code, which could allow a padding oracle attack if the attacker
precise timing measurements. has access to precise timing measurements.