[gnutls-devel] GnuTLS | Support for ECH (encrypted client hello) (!1748)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Wed Jun 7 09:39:26 CEST 2023
Daiki Ueno commented on a discussion on lib/nettle/hpke-hkdf.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1748#note_1421353259
> + const struct hpke_dhkem *dhkem,
> + struct ecc_scalar *sk, struct ecc_point *pk)
> +{
> + int r = 1, counter = 0;
> + uint8_t *dkp_prk = NULL, *bytes = NULL;
> + mpz_t z, t;
> +
> + mpz_init(z);
> +
> + dkp_prk = _nettle_labeled_extract_kem(NULL, "dkp_prk", ikm, ikm_len,
> + dhkem);
> + if (!dkp_prk) {
> + r = 0;
> + goto out;
> + }
> + while (ecc_scalar_set((struct hpke_dhkem *)dhkem, z)) {
The issue is that `struct dhkem *` and `ecc_scalar *` are completely different types and you can't safely typecast. Perhaps you could try adding this modification to the HPKE branch of nettle and run the tests, and I guess you will most likely see a segmentation fault.
If you don't want to touch `sk` in this loop, one option would be to create a temporary scalar variable:
```c
ecc_scalar tmp_sk;
ecc_scalar_init (&tmp_sk, dhkem->ecc);
while (!ecc_scalar_set (&tmp_sk, z))
{
...
}
ecc_scalar_clear (&tmp_sk);
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1748#note_1421353259
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20230607/e8561d82/attachment-0001.html>
More information about the Gnutls-devel
mailing list