Changes

219 bytes added ,  02:46, 14 April 2020
→‎TrustZone: m e m e s
Line 261: Line 261:     
This is mostly useless in practice, given the general availability of other exploits to obtain these decrypted exponents.
 
This is mostly useless in practice, given the general availability of other exploits to obtain these decrypted exponents.
 +
 +
This was fixed in 10.0.0 by importing the modulus in addition to the exponent for the ES device key and ES client cert key. For backwards compatibility reasons the SSL key and Lotus key still only import the exponent.
 
| With userland privileges sufficient to use an imported RSA key: obtaining that RSA key's private exponent.
 
| With userland privileges sufficient to use an imported RSA key: obtaining that RSA key's private exponent.
 
|  [[10.0.0]]
 
|  [[10.0.0]]