mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 07:55:46 +01:00
Update dependencies documentation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
parent
601128eb58
commit
f1aca9fdba
@ -1,6 +1,7 @@
|
|||||||
Changes
|
Changes
|
||||||
* The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
|
* The ECP module, enabled by `MBEDTLS_ECP_C`, now depends on
|
||||||
`MBEDTLS_CTR_DRBG_C` or `MBEDTLS_HMAC_DRBG_C` for some side-channel
|
`MBEDTLS_CTR_DRBG_C`, `MBEDTLS_HMAC_DRBG_C`, `MBEDTLS_SHA512_C`,
|
||||||
|
`MBEDTLS_SHA256_C` or `MBEDTLS_SHA1_C` for some side-channel
|
||||||
coutermeasures. If side channels are not a concern, this dependency can
|
coutermeasures. If side channels are not a concern, this dependency can
|
||||||
be avoided by enabling the new option `MBEDTLS_ECP_NO_INTERNAL_RNG`.
|
be avoided by enabling the new option `MBEDTLS_ECP_NO_INTERNAL_RNG`.
|
||||||
|
|
||||||
|
@ -626,11 +626,12 @@
|
|||||||
* against some side-channel attacks.
|
* against some side-channel attacks.
|
||||||
*
|
*
|
||||||
* This protection introduces a dependency of the ECP module on one of the
|
* This protection introduces a dependency of the ECP module on one of the
|
||||||
* DRBG modules. For very constrained implementations that don't require this
|
* DRBG or SHA modules (HMAC-DRBG, CTR-DRBG, SHA-512, SHA-256 or SHA-1).
|
||||||
* protection (for example, because you're only doing signature verification,
|
* For very constrained applications that don't require this protection
|
||||||
* so not manipulating any secret, or because local/physical side-channel
|
* (for example, because you're only doing signature verification, so not
|
||||||
* attacks are outside your threat model), it might be desirable to get rid of
|
* manipulating any secret, or because local/physical side-channel attacks are
|
||||||
* that dependency.
|
* outside your threat model), it might be desirable to get rid of that
|
||||||
|
* dependency.
|
||||||
*
|
*
|
||||||
* \warning Enabling this option makes some uses of ECP vulnerable to some
|
* \warning Enabling this option makes some uses of ECP vulnerable to some
|
||||||
* side-channel attacks. Only enable it if you know that's not a problem for
|
* side-channel attacks. Only enable it if you know that's not a problem for
|
||||||
|
Loading…
Reference in New Issue
Block a user