[gnutls-devel] GnuTLS | nettle: port upstream hardening of EC point multiplication [3.6.x] (!1407)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Sun Apr 4 18:32:12 CEST 2021

Andreas Metzler commented:

Hello Daiki,
nettle upstream applied this fix to quite a bit more broadly than this patch does. e.g. to eddsa-verify.c which is also present in GnuTLS. Is the respective code dead in gnutls?

Might less error prone to add a private helper function ("named like _nettle_backported_ecc_mod_mul_canonical") doing what upstream's ecc_mod_mul_canonical() does.

cu Andreas

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_544524763
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210404/a19b3c96/attachment.html>

More information about the Gnutls-devel mailing list