blob: 14d1fb0f89463af3e601a68d3edbc194175e4b02 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Version 1.10.4, 2013-01-07
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* Avoid a conditional operation in the power mod implementations on if
a nibble of the exponent was zero or not. This may help protect
against certain forms of side channel attacks.
* The SRP6 code was checking for invalid values as specified in RFC
5054, specifically values equal to zero mod p. However SRP would
accept negative A/B values, or ones larger than p, neither of which
should occur in a normal run of the protocol. These values are now
rejected. Credits to Timothy Prepscius for pointing out these values
are not normally used and probably signal something fishy.
* The return value of version_string is now a compile time constant
string, so version information can be more easily extracted from
binaries.
|
