Add counter-measure against RSA-CRT attack https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/ backport of a1cdcd2

commit: 2bc4505f5dc01437543b736d7a4cb9957b58b0dd [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Thu Sep 03 20:03:15 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg2@elzevir.fr> Wed Sep 09 12:36:49 2015 +0200
tree: 6f9cafaf4075dd65b3b18de77d7d2d69380b4591
parent: fa566e354549ab76bc3bd9bea0c06b259668ef59 [diff] [blame]
diff --git a/ChangeLog b/ChangeLog
index 2bdaba0..3454268 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -6,6 +6,9 @@
    * Fix possible client-side NULL pointer dereference (read) when the client
      tries to continue the handshake after it failed (a misuse of the API).
      (Found by GDS Labs using afl-fuzz.)
+   * Add countermeasure against Lenstra's RSA-CRT attack for PKCS#1 v1.5
+     signatures. (Found by Florian Weimer, Red Hat.)
+     https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/
 
 Bugfix
    * Fix unused function warning when using MBEDTLS_MDx_ALT or
commit	2bc4505f5dc01437543b736d7a4cb9957b58b0dd	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Thu Sep 03 20:03:15 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg2@elzevir.fr>	Wed Sep 09 12:36:49 2015 +0200
tree	6f9cafaf4075dd65b3b18de77d7d2d69380b4591
parent	fa566e354549ab76bc3bd9bea0c06b259668ef59 [diff] [blame]