Changes

294 bytes added ,  03:22, 14 April 2020
nice
Line 56: Line 56:  
* DecryptOrImportRsaPrivateKey now imports the modulus in addition to the exponent for the ES use cases.
 
* DecryptOrImportRsaPrivateKey now imports the modulus in addition to the exponent for the ES use cases.
 
** This fixes a problem where you could specify a "smooth" modulus instead of the correct one when talking to TrustZone and then use Pohlig-Hellman to calculate the discrete logarithm and recover the private key.
 
** This fixes a problem where you could specify a "smooth" modulus instead of the correct one when talking to TrustZone and then use Pohlig-Hellman to calculate the discrete logarithm and recover the private key.
 +
* Passing a use case to StorageExpMod for which DecryptOrImportRsaPrivateKey does not import modulus now validates that the provided modulus is correct for the previously imported exponent.
 +
** Future invocations of StorageExpMod will ignore the user-provided modulus, and use the imported one.
 
<check back for more diffs later>
 
<check back for more diffs later>