mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-11-05 08:10:38 +03:00
f60041688c
See the comments in the code for how an attack would go, and the ChangeLog entry for an impact assessment. (For ECDSA, leaking a few bits of the scalar over several signatures translates to full private key recovery using a lattice attack.) Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
94 KiB
94 KiB