openwrtv3/package
Hauke Mehrtens b19622044d mbedtls: Activate deterministic ECDSA
With deterministic ECDSA the value k needed for the ECDSA signature is
not randomly generated any more, but generated from a hash over the
private key and the message to sign. If the value k used in a ECDSA
signature or the relationship between the two values k used in two
different ECDSA signatures over the same content is know to an attacker
he can derive the private key pretty easily. Using deterministic ECDSA
as defined in the RFC6979 removes this problem by deriving the value k
deterministically from the private key and the content which gets
signed.

The resulting signature is still compatible to signatures generated not
deterministic.

This increases the size of the ipk on mips 24Kc by about 2 KByte.
old:
166.240 libmbedtls_2.11.0-1_mips_24kc.ipk
new:
167.811 libmbedtls_2.11.0-1_mips_24kc.ipk

This does not change the ECDSA performance in a measurable way.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-07-07 18:33:53 +02:00
..
base-files base-files: add menuconfig option for HOME_URL 2018-06-27 08:40:34 +02:00
boot uboot-kirkwood: fix malformed boot configuration 2018-06-27 08:42:54 +02:00
devel perf: remove linux 4.4 workarounds 2018-07-07 14:53:26 +02:00
firmware firmware: amd64-microcode: update to 20180524 2018-07-07 12:23:00 +02:00
kernel linux: update license tag to use correct SPDX tag 2018-07-07 16:12:03 +02:00
libs mbedtls: Activate deterministic ECDSA 2018-07-07 18:33:53 +02:00
network mbedtls: Update to 2.11.0 2018-07-07 18:29:14 +02:00
system ca-certificates: ca-bundle: add symlink for openssl default setting 2018-07-07 18:19:39 +02:00
utils mbedtls: Update to 2.11.0 2018-07-07 18:29:14 +02:00
Makefile imagebuilder: reuse rootfs preparation from rootfs.mk 2018-03-07 09:59:08 +01:00