mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
21a3c0f482
This change disables the non-constant-time implementations of P-384 and P-521. As a consequence a client using just these curves cannot connect to the server. This should be no real issues because (all) clients at least support P-256. Further this change also rejects ECDSA private keys of P-384 and P-521. While non-constant-time implementations for the ECDHE exchange don't expose an obvious vulnerability, using P-384 or P-521 keys for the ECDSA signature may allow pratical timing attacks. Fixes #5844 |
||
---|---|---|
.. | ||
bufconn_test.go | ||
bufconn.go | ||
conn_bug_21133.go | ||
listener_test.go | ||
listener.go | ||
server_test.go | ||
server.go |