The private-key operations in ecc.c in wolfSSL prior to 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wolfssl wolfssl |