10.0.0: Difference between revisions
nice |
|||
| Line 56: | Line 56: | ||
* DecryptOrImportRsaPrivateKey now imports the modulus in addition to the exponent for the ES use cases. | * DecryptOrImportRsaPrivateKey now imports the modulus in addition to the exponent for the ES use cases. | ||
** This fixes a problem where you could specify a "smooth" modulus instead of the correct one when talking to TrustZone and then use Pohlig-Hellman to calculate the discrete logarithm and recover the private key. | ** This fixes a problem where you could specify a "smooth" modulus instead of the correct one when talking to TrustZone and then use Pohlig-Hellman to calculate the discrete logarithm and recover the private key. | ||
* Passing a use case to StorageExpMod for which DecryptOrImportRsaPrivateKey does not import modulus now validates that the provided modulus is correct for the previously imported exponent. | |||
** Future invocations of StorageExpMod will ignore the user-provided modulus, and use the imported one. | |||
<check back for more diffs later> | <check back for more diffs later> | ||