[gnutls-devel] GnuTLS | nettle: port upstream hardening of EC point multiplication [3.6.x] (!1407)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sun Apr 4 20:11:25 CEST 2021




Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_544537563

Thank you for the prompt response.

> I don't see see the fix to ecc_ecdsa_verify backported in this mr (https://git.lysator.liu.se/nettle/nettle/-/commit/2397757b3f95fcae1e2d3011bf99ca5b5438378f), that seems quite important?

We only import any missing functionalities in the minimum supported version of nettle, which in this case are only Ed448 and GOSTDSA:
https://gitlab.com/gnutls/gnutls/-/blob/gnutls_3_6_x/devel/import-ecc-from-nettle.sh

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_544537563
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210404/cf0fc1c8/attachment.html>


More information about the Gnutls-devel mailing list