mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-25 14:45:42 +01:00
9 lines
549 B
Plaintext
9 lines
549 B
Plaintext
|
Security
|
||
|
* A failure of the random generator was ignored in mbedtls_mpi_fill_random(),
|
||
|
which is how most uses of randomization in asymmetric cryptography
|
||
|
(including key generation, intermediate value randomization and blinding)
|
||
|
are implemented. This could cause failures or the silent use of non-random
|
||
|
values. A random generator can fail if it needs reseeding and cannot not
|
||
|
obtain entropy, or due to an internal failure (which, for Mbed TLS's own
|
||
|
CTR_DRBG or HMAC_DRBG, can only happen due to a misconfiguration).
|