[Buildroot] [PATCH 1/1] package/mbedtls: security bump to version 2.16.3

Peter Korsgaard peter at korsgaard.com
Thu Sep 26 09:50:38 UTC 2019


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > - Remove second patch (already in version)
 > - Fix a missing error detection in ECJPAKE. This could have caused a
 >   predictable shared secret if a hardware accelerator failed and the
 >   other side of the key exchange had a similar bug.
 > - When writing a private EC key, use a constant size for the private
 >   value, as specified in RFC 5915. Previously, the value was written as
 >   an ASN.1 INTEGER, which caused the size of the key to leak about 1 bit
 >   of information on average and could cause the value to be 1 byte too
 >   large for the output buffer.
 > - The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to
 >   implement blinding. Because of this for the same key and message the
 >   same blinding value was generated. This reduced the effectiveness of
 >   the countermeasure and leaked information about the private key
 >   through side channels. Reported by Jack Lloyd.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2019.08.x, thanks. For 2019.02.x and 2019.05.x I will
instead bump to 2.7.12.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list