[gnutls-devel] GnuTLS | nettle: port upstream hardening of EC point multiplication [3.6.x] (!1407)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon May 10 20:55:23 CEST 2021
Niels Möller started a new discussion on lib/nettle/ecc/override/ecc-internal.h.diff: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_571818856
> +@@ -49,6 +49,7 @@
> + #define ecc_mod_submul_1 _nettle_ecc_mod_submul_1
> + #define ecc_mod_mul _nettle_ecc_mod_mul
> + #define ecc_mod_sqr _nettle_ecc_mod_sqr
> ++#define ecc_mod_mul_canonical _nettle_ecc_mod_mul_canonical
> + #define ecc_mod_random _nettle_ecc_mod_random
> + #define ecc_mod _nettle_ecc_mod
> + #define ecc_mod_inv _nettle_ecc_mod_inv
> +@@ -256,6 +257,15 @@ void
> + ecc_mod_sqr (const struct ecc_modulo *m, mp_limb_t *rp,
> + const mp_limb_t *ap);
> +
> ++/* These mul function produce a canonical result, 0 <= R < M.
> ++ Requirements on input and output areas are similar to the above
> ++ functions, except that it is *not* allowed to pass rp = rp +
> ++ m->size.
This is a typo. Just fixed on master branch, where it now reads rp = tp + m->size. And probably not quite right for this version.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1407#note_571818856
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210510/7b25afbe/attachment.html>
More information about the Gnutls-devel
mailing list