[fixup] Add CHANGES entry

author Nicola Tuveri <nic.tuv@gmail.com>

Tue, 19 Jun 2018 13:55:29 +0000 (16:55 +0300)

committer Matt Caswell <matt@openssl.org>

Thu, 21 Jun 2018 17:08:56 +0000 (18:08 +0100)
author Nicola Tuveri <nic.tuv@gmail.com>
Tue, 19 Jun 2018 13:55:29 +0000 (16:55 +0300)
committer Matt Caswell <matt@openssl.org>
Thu, 21 Jun 2018 17:08:56 +0000 (18:08 +0100)
diff --git a/CHANGES b/CHANGES

index 4dc065923c4abdaf1101e17e03349a78c8f12a27..8b4a8bbe104e799fdecdd14d74b0811d0d22302a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,13 @@
   release branch.
  
   Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
   release branch.
  
   Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
+  *) Make ec_group_do_inverse_ord() more robust and available to other
+     EC cryptosystems, so that irrespective of BN_FLG_CONSTTIME, SCA
+     mitigations are applied to the fallback BN_mod_inverse().
+     When using this function rather than BN_mod_inverse() directly, new
+     EC cryptosystem implementations are then safer-by-default.
+     [Billy Bob Brumley]
+
    *) Add coordinate blinding for EC_POINT and implement projective
       coordinate blinding for generic prime curves as a countermeasure to
       chosen point SCA attacks.
    *) Add coordinate blinding for EC_POINT and implement projective
       coordinate blinding for generic prime curves as a countermeasure to
       chosen point SCA attacks.
author	Nicola Tuveri <nic.tuv@gmail.com>
	Tue, 19 Jun 2018 13:55:29 +0000 (16:55 +0300)
committer	Matt Caswell <matt@openssl.org>
	Thu, 21 Jun 2018 17:08:56 +0000 (18:08 +0100)