e6e51aab55
Merge part of the RSA entries into this one, as I think it's easier for users to have all similar changes in one place regardless of whether they were introduce in the same PR or not. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
1.6 KiB
The RNG parameter is now mandatory for all functions that accept one
This change affects all users who called a function accepting a f_rng
parameter with NULL as the value of this argument; this is no longer
supported.
The changed functions are: the X.509 CRT and CSR writing functions; the PK sign and decrypt function; the RSA encrypt, decrypt, sign and private functions; the functions in DHM and ECDH that compute the share secret; the scalar multiplication functions in ECP.
You now need to pass a properly seeded, cryptographically secure RNG to all
functions that accept a f_rng parameter. It is of course still possible to
pass NULL as the context pointer p_rng if your RNG function doesn't need a
context.
Some functions gained an RNG parameter
This affects users of the following functions: mbedtls_ecp_check_pub_priv(),
mbedtls_pk_check_pair(), mbedtls_pk_parse_key(), and
mbedtls_pk_parse_keyfile().
You now need to pass a properly seeded, cryptographically secure RNG when calling these functions. It is used for blinding, a counter-measure against side-channel attacks.
The configuration option MBEDTLS_ECP_NO_INTERNAL_RNG was removed
This doesn't affect users of the default configuration; it only affects people who were explicitly setting this option.
This was a trade-off between code size and counter-measures; it is no longer relevant as the counter-measure is now always on at no cost in code size.