openwrtv4/package/libs
Hauke Mehrtens b19622044d mbedtls: Activate deterministic ECDSA
With deterministic ECDSA the value k needed for the ECDSA signature is
not randomly generated any more, but generated from a hash over the
private key and the message to sign. If the value k used in a ECDSA
signature or the relationship between the two values k used in two
different ECDSA signatures over the same content is know to an attacker
he can derive the private key pretty easily. Using deterministic ECDSA
as defined in the RFC6979 removes this problem by deriving the value k
deterministically from the private key and the content which gets
signed.

The resulting signature is still compatible to signatures generated not
deterministic.

This increases the size of the ipk on mips 24Kc by about 2 KByte.
old:
166.240 libmbedtls_2.11.0-1_mips_24kc.ipk
new:
167.811 libmbedtls_2.11.0-1_mips_24kc.ipk

This does not change the ECDSA performance in a measurable way.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-07-07 18:33:53 +02:00
..
argp-standalone argp-standalone: clean up patch fuzz 2018-01-05 11:59:59 +01:00
elfutils elfutils: bump to 0.173 2018-07-04 16:18:08 +02:00
gettext package: replace $(STAGING_DIR)/host with $(STAGING_DIR_HOSTPKG) 2017-01-10 22:15:37 +01:00
gettext-full add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
gmp gmp: Update to 6.1.2 2017-01-03 14:24:33 +01:00
libbsd treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libconfig libconfig: update to version 1.7.2 2018-07-07 18:19:39 +02:00
libevent2 add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
libiconv package: replace $(STAGING_DIR)/host with $(STAGING_DIR_HOSTPKG) 2017-01-10 22:15:37 +01:00
libiconv-full libiconv-full: fix compile-time linking error GCC7 2017-12-19 22:23:42 +01:00
libjson-c libjson-c: fix host-build 2018-06-14 22:53:58 +02:00
libmnl treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-conntrack libnetfilter_conntrack: switch to git 2017-10-09 16:12:00 +03:00
libnetfilter-cthelper treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-cttimeout treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-log treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
libnetfilter-queue libnetfilter_queue: bump to git HEAD 2017-10-09 16:06:06 +03:00
libnfnetlink package/libs/libnfnetlink: Remove dead mirror 2018-06-14 21:48:38 +02:00
libnftnl libnftnl: bump to version 1.1.1 2018-06-18 18:21:20 +02:00
libnl libnl: Disable debug support 2018-04-30 09:01:28 +02:00
libnl-tiny libnl-tiny: use fixed message size instead of using the page size 2017-11-16 12:54:15 +01:00
libpcap libs/libpcap: Rework URLs 2017-03-22 09:16:23 +01:00
libroxml treewide: clean up download hashes 2016-12-16 22:39:22 +01:00
librpc treewide: replace LEDE_GIT with PROJECT_GIT 2018-01-10 21:27:32 +01:00
libtool libtool: Update to 2.4.6 2018-03-31 16:27:24 +02:00
libubox libubox: update to the latest version 2018-07-07 14:53:26 +02:00
libunwind libunwind: fix build with musl on PPC 2018-02-25 16:58:10 +01:00
libusb libusb: Add SourceForge mirror. 2018-05-02 09:18:26 +02:00
libusb-compat libusb-compat: Upgrade to 0.1.15 2017-11-22 20:45:28 +01:00
lzo libs/lzo: Reenable unaligned access on ARM, PPC, ... 2017-10-24 13:24:04 +02:00
mbedtls mbedtls: Activate deterministic ECDSA 2018-07-07 18:33:53 +02:00
ncurses Revert "ncurses: Remove obsolete compile fixes" 2018-04-04 17:08:10 +02:00
nettle nettle: bump to 3.4 2018-06-01 08:39:59 +02:00
nghttp2 nghttp2: bump to 1.32.0 2018-05-09 11:26:45 +02:00
openssl openssl: update to 1.0.2o 2018-03-31 10:20:20 +02:00
popt popt: Add backup site 2018-06-13 12:15:38 +02:00
readline add PKG_CPE_ID ids to package and tools 2017-11-17 02:24:35 +01:00
sysfsutils package sysfsutils: add support for sysfs settings at boot 2018-05-22 20:47:20 +02:00
toolchain build: cleanup SSP_SUPPORT configure option 2018-01-27 19:02:48 +01:00
uclibc++ uclibc++: patch bugfix erase() on derived __base_associative 2017-02-09 12:26:55 +01:00
uclient treewide: replace LEDE_GIT with PROJECT_GIT 2018-01-10 21:27:32 +01:00
ustream-ssl mbedtls: Update to 2.11.0 2018-07-07 18:29:14 +02:00
wolfssl wolfssl: change defaults to cover wpa_supplicant needs 2018-05-31 00:38:16 +02:00
zlib tools/zlib: move zlib build to tools 2018-04-28 15:28:59 +02:00