Disable MBEDTLS_RSA_FORCE_BLINDING by default

This commit disables the new MBEDTLS_RSA_FORCE_BLINDING option by default to preserve backwards
compatibility. Further, it deprecates disabling to prepare for a future release in which blinding will be
unconditionally enforced.
This commit is contained in:
Hanno Becker 2017-09-07 10:56:10 +01:00
parent cc209ca56d
commit 936f72c641

View file

@ -980,6 +980,11 @@
* Comment this macro to allow RSA private key operations
* without blinding.
*
* \deprecated Disabling this option is deprecated and only
* disabled by default for backwards compatibility.
* Future versions of Mbed TLS will remove this
* option and enforce blinding unconditionally.
*
* \warning Disabling this can be a security risk!
* Blinding RSA private key operations is a way
* to prevent statistical timing attacks as in
@ -998,7 +1003,7 @@
* private key operations, see the documentation
* of \c mbedtls_rsa_private.
*/
#define MBEDTLS_RSA_FORCE_BLINDING
//#define MBEDTLS_RSA_FORCE_BLINDING
/**
* \def MBEDTLS_RSA_NO_CRT