[gnutls-devel] GnuTLS | nettle: port upstream hardening of EC point multiplication [3.6.x] (!1407)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sun Apr 4 18:32:12 CEST 2021
Andreas Metzler commented:
Hello Daiki,
nettle upstream applied this fix to quite a bit more broadly than this patch does. e.g. to eddsa-verify.c which is also present in GnuTLS. Is the respective code dead in gnutls?
Might less error prone to add a private helper function ("named like _nettle_backported_ecc_mod_mul_canonical") doing what upstream's ecc_mod_mul_canonical() does.
cu Andreas
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_544524763
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210404/a19b3c96/attachment.html>
More information about the Gnutls-devel
mailing list