[gnutls-devel] GnuTLS | pk: remove unnecessary constant-time protection for RSA decryption (!1454)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Jul 27 11:24:42 CEST 2021
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1454 was reviewed by Simo Sorce
--
Simo Sorce commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1454#note_636272725
The patch remove a lot more than the protection in case HAVE_LIB_ERROR is returned.
It also introduces a conditional in checking the actual return of rsa_sec_decrypt() by adding a whole call to gnutls_assert_val on decryption error.
This then invalidates the constant time protections in proc_rsa_client_kx() when gnutls_privkey_decrypt_data2() is called.
I say this is a NACK.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1454
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210727/d07b4aeb/attachment.html>
More information about the Gnutls-devel
mailing list