mbedtls/ChangeLog.d/zeroizations_of_sensitive_data_in_PKCS5_and_SHA.txt

Security
   * Zeroising of local buffers and variables which are used for calculations
     in mbedtls_pkcs5_pbkdf2_hmac(), mbedtls_internal_sha*_process(),
     mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process()
     functions to erase sensitive data from memory. Reported by
     Johan Malmgren and Johan Uppman Bruce from Sectra.
Zeroize internal buffers and variables in PKCS and SHA Zeroising of local buffers and variables which are used for calculations in mbedtls_pkcs5_pbkdf2_hmac() and mbedtls_internal_sha*_process() functions to erase sensitive data from memory. Checked all function for possible missing zeroisation in PKCS and SHA. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com> 2020-07-30 16:41:25 +02:00			`Security`
			`* Zeroising of local buffers and variables which are used for calculations`
Zeroize internal buffers and variables in MD hashes Zeroising of local buffers and variables which are used for calculations in mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process() functions to erase sensitive data from memory. Checked all function for possible missing zeroisation in MD. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com> 2020-08-19 14:03:06 +02:00			`in mbedtls_pkcs5_pbkdf2_hmac(), mbedtls_internal_sha*_process(),`
			`mbedtls_internal_md*_process() and mbedtls_internal_ripemd160_process()`
Zeroize internal buffers and variables in PKCS and SHA Zeroising of local buffers and variables which are used for calculations in mbedtls_pkcs5_pbkdf2_hmac() and mbedtls_internal_sha*_process() functions to erase sensitive data from memory. Checked all function for possible missing zeroisation in PKCS and SHA. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com> 2020-07-30 16:41:25 +02:00			`functions to erase sensitive data from memory. Reported by`
			`Johan Malmgren and Johan Uppman Bruce from Sectra.`