[gnutls-devel] GnuTLS | nettle: port upstream hardening of EC point multiplication [3.6.x] (!1407)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sun Apr 4 20:11:25 CEST 2021
Daiki Ueno commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_544537563
Thank you for the prompt response.
> I don't see see the fix to ecc_ecdsa_verify backported in this mr (https://git.lysator.liu.se/nettle/nettle/-/commit/2397757b3f95fcae1e2d3011bf99ca5b5438378f), that seems quite important?
We only import any missing functionalities in the minimum supported version of nettle, which in this case are only Ed448 and GOSTDSA:
https://gitlab.com/gnutls/gnutls/-/blob/gnutls_3_6_x/devel/import-ecc-from-nettle.sh
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_544537563
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210404/cf0fc1c8/attachment.html>
More information about the Gnutls-devel
mailing list