[fixup] Add CHANGES entry

Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6116)
author: Nicola Tuveri <nic.tuv@gmail.com> 2018-06-19 16:55:29 +0300
committer: Matt Caswell <matt@openssl.org> 2018-06-21 18:08:56 +0100
commit: 379f846387348b1090054b56f1d31cdbcbd64196 (patch)
tree: f3e6cb996ea9980c73e1740a7d41c3ccedee09d0 /CHANGES
parent: 792546eb18c3088d7eca0c1ebeb86695bcae18d8 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 4dc065923c..8b4a8bbe10 100644
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,13 @@
  release branch.
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
+  *) Make ec_group_do_inverse_ord() more robust and available to other
+     EC cryptosystems, so that irrespective of BN_FLG_CONSTTIME, SCA
+     mitigations are applied to the fallback BN_mod_inverse().
+     When using this function rather than BN_mod_inverse() directly, new
+     EC cryptosystem implementations are then safer-by-default.
+     [Billy Bob Brumley]
+
   *) Add coordinate blinding for EC_POINT and implement projective
      coordinate blinding for generic prime curves as a countermeasure to
      chosen point SCA attacks.
author	Nicola Tuveri <nic.tuv@gmail.com>	2018-06-19 16:55:29 +0300
committer	Matt Caswell <matt@openssl.org>	2018-06-21 18:08:56 +0100
commit	379f846387348b1090054b56f1d31cdbcbd64196 (patch)
tree	f3e6cb996ea9980c73e1740a7d41c3ccedee09d0 /CHANGES
parent	792546eb18c3088d7eca0c1ebeb86695bcae18d8 (diff)