[gnutls-devel] GnuTLS | pk: remove unnecessary constant-time protection for RSA decryption (!1454)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Tue Jul 27 11:24:42 CEST 2021

Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1454 was reviewed by Simo Sorce

Simo Sorce commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/1454#note_636272725

The patch remove a lot more than the protection in case HAVE_LIB_ERROR is returned.
It also introduces a conditional in checking the actual return of rsa_sec_decrypt() by adding a whole call to gnutls_assert_val on decryption error.
This then invalidates the constant time protections in proc_rsa_client_kx() when gnutls_privkey_decrypt_data2() is called.
I say this is a NACK.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1454
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210727/d07b4aeb/attachment.html>

More information about the Gnutls-devel mailing list