mirror of
https://github.com/cuberite/polarssl.git
synced 2025-10-17 12:10:43 -04:00
e65e0597a8
The current interface does not allow passing an RNG, which is needed for blinding. Using the scheme's internal HMAC-DRBG results the same blinding values for the same key and message, diminishing the effectiveness of the countermeasure. A new function `mbedtls_ecdsa_det_ext` is available to address this problem.