put; that one
is hard to negotiate (it's possible to reduce the number of multiply
instructions somewhat, by the Karatsuba trick, but due to the additional
overhead, likely to be useful only on processors with particularly low
multiply throughput).
Regards,
/Niels
--
Niels Möller. PGP
t to trim number of instructions per block.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
ni...@lysator.liu.se (Niels Möller) writes:
>> Radix 64: 2.75 GByte/s, i.e., faster than current x86_64 asm version.
>
> And I've now tried the same method for the x86_64 implementation. See
> attached file + needed patch to asm.m4. This gives 2.9 GByte/s.
>
> I'm not entire
ni...@lysator.liu.se (Niels Möller) writes:
>> This is the speed I get for C implementations of poly1305_update on my
>> x86_64 laptop:
>>
>> * Radix 26: 1.2 GByte/s (old code)
>>
>> * Radix 32: 1.3 GByte/s
>>
>> * Radix 64: 2.2 GByte/s
[...]
>&g
t; stxsdx VSR(F0), IDX, CTX
>
> li IDX, 40
> xxmrgld VSR(F0), VSR(ZERO), VSR(F0)
> vadduqm F1, F1, F0
> xxswapd VSR(F1), VSR(F1)
> stxvd2x VSR(F1), IDX, CTX
This is looks a bit verbose
ni...@lysator.liu.se (Niels Möller) writes:
> This is the speed I get for C implementations of poly1305_update on my
> x86_64 laptop:
>
> * Radix 26: 1.2 GByte/s (old code)
>
> * Radix 32: 1.3 GByte/s
>
> * Radix 64: 2.2 GByte/s
>
> It would be interesting wi
I can take care of). I'll do some local testing, then merge to
master-updates for a run of the ci system, including tests on ppc
big-endian.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
ld T0, 48(XP)
> + mulhdu T1, M, T0
> + mulld UN, M, T0
> + addeU2, UN, U2
> + addeU3, T1, U3
> + std U2, 16(RP)
> + std U3, 24(RP)
> +
> + blr
> +EPILOGUE(_nettle_ecc_curve25519_modp)
Looks good. I must admit that the
ddle.
Arm32 neon does have 32x32 --> 64, which looks like a good fit for the
radix-32 variant.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs
ni...@lysator.liu.se (Niels Möller) writes:
> The current C implementation uses radix 26, and 25 multiplies (32x32
> --> 64) per block. And quite a lot of shifts. A radix 32 variant
> analogous to the above would need 16 long multiplies and 4 short. I'd
> expect that to be faster o
he merge button for the s390x merge request.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysa
for
messages of just two blocks.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
rs of the key, similar to how it's done in the recent gcm code?
> It would be nice if the arm64 patch will be tested on big-endian mode since
> I don't have access to any big-endian variant for testing.
Merged this one too on a branch for ci testing.
Regards,
/Niels
--
Niels Möller. PGP key CB496
I've merged the arm64 code to a branch, for CI testing.
For the ARM code, which instructions are provided by the asimd
extension? Basic simd is always available, if I've understood correctly.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subj
is marginal. Here are the numbers
> from hogweed-benchmark on POWER9.
>
>
> name size sign/ms verify/ms
>ecdsa 256 11.10133.5713 (master)
>ecdsa 256 11.15273.6011 (this patch)
Thanks for testing. Committed to the master branch now.
Re
td H3, -24(SP)
> + std H4, -16(SP)
> + std H5, -8(SP)
I find it clearer to use register names rather than the m4 defines for
save and restore of callee-save registers.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet em
ni...@lysator.liu.se (Niels Möller) writes:
> ni...@lysator.liu.se (Niels Möller) writes:
>
>> I think it should be possible to reduce number of needed registers, and
>> completely avoid using callee-save registers (load the values now in
>> U4-U7 one at a time a bit c
Going through some old mail... From a discussion in September:
ni...@lysator.liu.se (Niels Möller) writes:
> ni...@lysator.liu.se (Niels Möller) writes:
>
>> I've tried a different approach on branch
>> https://git.lysator.liu.se/nettle/nettle/-/tree/ppc64-efv2-check. Patch
&
if there's something important that I've
missed.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
ni...@lysator.liu.se (Niels Möller) writes:
> Thanks! Merged to master-updates for ci testing.
And now merged to the master branch.
> I think it should be possible to reduce number of needed registers, and
> completely avoid using callee-save registers (load the values now in
&g
Tianjia Zhang writes:
> Signed-off-by: Tianjia Zhang
> ---
> nettle.texinfo | 74 --
> 1 file changed, 72 insertions(+), 2 deletions(-)
Thanks! Merged now.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8
of needed registers, and
completely avoid using callee-save registers (load the values now in
U4-U7 one at a time a bit closer to the place where they are needed in),
and replace F3 with $1 in the FOLD and FOLDC macros.
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1F
ni...@lysator.liu.se (Niels Möller) writes:
> I think the approach should apply to other 64-bit archs (should probably
> work also on x86_64, where it's sometimes tricky to avoid x86_64
> instructions clobbering the carry flag when it should be preserved, but
> probably not
n the case it is the same, it would help big time if the CVE was
> mentioned somewhere in the bug announcement thread.
I'll try to remember to mention relevant CVE ids in future release
announcements. Would help to also document in the NEWS file?
Regards,
/Niels
--
Niels Möller. PGP key CB4962D070D7
ni...@lysator.liu.se (Niels Möller) writes:
> I'm looking at a different approach (experimenting on ARM64, which is
> quite similar to powerpc, but I don't yet have working code). To
> understand what the redc code is doing we need to keep in mind that what
> one folding step does i
ni...@lysator.liu.se (Niels Möller) writes:
> If this works,
> FOLD would turn into something like
>
> sldiF0, $1, 32
> srdiF1, $1, 32
> subfc F2, $1, F0
> addme F3, F1
I'm looking at a different approach (experimenting on ARM64, w
minder, the above is the information I provided. Do
> I need to submit it to the document through PATCH?
If you can prepare a patch for nettle.texinfo, that would be ideal.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale
C 2^256 - p = <0xfffe, 0xff..ff, 0x, 1>
> + li F0, 0
> + addze F0, F0
> + neg F2, F0
> + sldiF1, F2, 32
> + srdiF3, F2, 32
> + li U7, -2
> + and F3, F3, U7
I think the three instructions to set F3
for the
manual? I think it should go under "Miscellaneous hash functions". Would
be nice with some brief background on this hash function (origin,
intended applications, when and where it's useful) plus reference docs
for the defined constants and functions.
Regards,
/Niels
--
Niels Möl
3. Does that make sense?
> + std T0, 0(RP)
> + std T1, 8(RP)
> + std T2, 16(RP)
> +
> + blr
> +EPILOGUE(_nettle_ecc_secp192r1_modp)
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
For testing these functions, I recommend running
while NETTLE_TEST_SEED=0 ./testsuite/ecc-mod-test ; do : ; done
and
while NETTLE_TEST_SEED=0 ./testsuite/ecc-redc-test ; do : ; done
for a few hours.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet emai
ing an alternate form of
your name?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http:/
some examples of protocols or applications that specify
the use of sm3?
* The implementation, it's written from scratch, or is it based on some
reference implementation?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesa
ni...@lysator.liu.se (Niels Möller) writes:
> Wim Lewis writes:
>
>> Now that 3.5.1 is out, is there a chance this could be looked at?
> Not sure in which order to do things. Maybe it will be best to first add
> the square root routines, with tests, and then add function
for this curve is done using redc, not mod.
Any additional testing, benchmarking, or code staring, is appreciated. I
will likely merge the new code to the master branch in a few days.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale
o improve documentation and comments?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.li
the
@urefbreakstyle command wasn't recognized at all. Anyone here more
familiar with texinfo that can explain?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance
and (iii) rotating the 64-bit pieces
of an xmm register by different shift counts.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
ne
ni...@lysator.liu.se (Niels Möller) writes:
> If someone wants to work on it, please post to the list. I might look
> into it myself, but as you have noticed, I have rather limited hacking
> time.
I've given it a try, see branch ocb-mode. Based on RFC 7253. Passes
tests, but not par
ni...@lysator.liu.se (Niels Möller) writes:
> I've also added a cbc-aes128-encrypt.asm.
> That gives more significant speedup, almost 60%. I think main reason for
> the speedup is that we avoid reloading subkeys between blocks.
I've continued this path, see branch aes-cbc. The aes12
ni...@lysator.liu.se (Niels Möller) writes:
> I've tried a different approach on branch
> https://git.lysator.liu.se/nettle/nettle/-/tree/ppc64-efv2-check. Patch
> below. (It makes sense to me to have the new check together with the ABI
> check, but on second thought, probab
blocks at a time,
which gave a nice speedup on the order of 15% in my tests. I may be
worthwhile to go to 3-way or 4-way, but I don't plan to try that soon.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance
don't have the expertise in our team to contribute a
> patch, and we currently aren't in a position to offer funding for the
> implementation.
If someone wants to work on it, please post to the list. I might look
into it myself, but as you have noticed, I have rather limited hacking
time.
Regards,
/Ni
Maamoun TK writes:
> On Mon, Aug 23, 2021 at 8:59 PM Niels Möller wrote:
>
>> I would like to keep testing on big-endian. s390x is big-endian, right?
>> And so is powerpc64 (non -el). So it would be nice to configure cross
>> tests on one of those platforms configured
ni...@lysator.liu.se (Niels Möller) writes:
> Unfortunaly, the CI cross builds aren't working at the moment (the
> buildenv images are based on Debian Buster ("stable" at the time images
> were built), and nettle's ci scripts do apt-get update and apt-get
> install, whi
AN,no,
+ifelse(ABI,64v2,
`ifdef(`FUNC_ALIGN',`.align FUNC_ALIGN')
C_NAME($1):
addis 2,12,(.TOC.-C_NAME($1))@ha
@@ -17,7 +17,7 @@ ifdef(`FUNC_ALIGN',`.align FUNC_ALIGN')
undefine(`FUNC_ALIGN')')
define(`EPILOGUE',
-`ifelse(WORDS_BIGENDIAN,no,
+`ifelse(ABI,64v2,
`.size C_NAME($1), . - C_NA
ted that there is no
> __MUSL__ in the preprocessor macros https://wiki.musl-libc.org/faq.html
The interesting thing I see is
#define _CALL_ELF 2
I hope this can be used to distinguish from other big-endian systems,
that use ELFv1 abi?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferr
o commit message for 1e757582ac7f8465b213d9761e17c33bd21ca686.
So you can just ignore this file. And you may want to look at the more
readable version of x86/sha1_compress.asm, just before that commit.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to whol
erpc64 assembly is configured in nettle.
Nettle assembly files currently use ELFv2 on little endian, but always
uses ELFv1 on big endian.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government survei
the ELF file, and if so,
how the assembler decides which attributes to attach.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing
s probably best
to leave it unchanged. New macros for the new convention should be put
into some internal header, e.g., md-internal.h.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale governme
re's also
a variant ecc_point_mul_g.
But it seems they're not properly documented in the manual.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettl
s390x ci build work, and added a brief ChangeLog
entry for latest additions.
For the memxor merge requests, it would be good to retarget to the
master branch (but I'm not sure how to do that in gitlab).
Regards,
/Niels
> regards,
> Mamone
--
Niels Möller. PGP-encrypted email is preferred.
e are any difficulties.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysat
nd qemu-user to test other ARM code, and that's also what the ci tests
do).
I have access to the systems listed on
https://gmplib.org/devel/testsystems, is any of those applicable? The
arm64 machines available includes one Cortex-A73 and one Apple M1.
Regards,
/Niels
--
Niels Möller. PGP-encrypt
t.
Merged, thanks! I wrote some comments asking for two followup changes
(avoid inline asm, and setting of FAT_TEST_LIST).
Do you think we're getting ready to merge the s390x branch to master?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is
nts _AES128_ROUNDS,
_AES192_ROUNDS, _AES256_ROUNDS as the first argument.
I think it's becoming clearer that we should make assembly for
_nettle_aes_encypt optional, in favor of separate entry points for
aes{128,192,256}_{en,de}crypt. I think you or I had an experimental
branch to do that.
Regards,
ancient systems don't do it?)
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists
ink using encrypted swap
(using an ephemeral key destroyed on shutdown) is a good idea.
To me, it makes some sense for nettle to wipe the copy of the key (since
the application might wipe the context struct and expect no copies to
remain), but probably overkill for the other data. But it shouldn't hurt
Maamoun TK writes:
> I made a merge request that adds fat build support for SHA-256 compress
> function !29 <https://git.lysator.liu.se/nettle/nettle/-/merge_requests/29>
Thanks, merged!
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
In
description. A patch for fat build support will be followed in another
> merge request.
Thanks, merged now!
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
Maamoun TK writes:
> I made a merge request !26
> <https://git.lysator.liu.se/nettle/nettle/-/merge_requests/26> that
> optimizes the GHASH algorithm for S390x architecture.
Nice! I've added a few comments in the mr.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is p
be try as an attachment next time
(or create a merge request).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettl
ni...@lysator.liu.se (Niels Möller) writes:
> I've prepared a new bug-fix release of Nettle, a low-level
> cryptographics library, to fix bugs in the RSA decryption functions. The
> bugs cause crashes on certain invalid inputs, which could be used
> for denial of service attacks on
large for the given key. Unlike the other bugs,
this would typically be triggered by invalid local
configuration, rather than by processing untrusted remote
data.
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to who
more correct to put
the constants in rodata segment. But let's leave as is for now.
> We have an intensive discussion about that in the GCM patch. The short
> story, this patch should work well for both endianness modes.
Sounds good.
I've pushed the combined patches to a branch arm64-sha1. W
You probably need to
grasp the @node thing, though. See
https://www.gnu.org/software/texinfo/manual/texinfo/texinfo.html#Writing-a-Node
(the nettle manual uses the old-fashined way with explicit node links).
I edit it in emacs, like any other file.
Regards,
/Niels
--
Niels Möller. PGP-encrypted
er, and
then we do unconditional byteswapping? Maybe add a comment. Not sure if
it's worth the effort to make it work differently (ld1 .4w on
big-endian)? It's going to be a pretty small fraction of the per-block
processing.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid
ni...@lysator.liu.se (Niels Möller) writes:
> We could either switch it on by default in configure.ac, or add a
> configure flag in .gitlab-ci.
Just pushed a change to .gitlab-ci to pass --enable-s390x-msa, and it
seems to work, see
https://gitlab.com/gnutls/nettle/-/jobs/128489525
ut with input and output output in registers
rather than stored in memory.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nett
it's a derived work in the copyright sense.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.
e it
explicitly, right?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator
storing data from memory?
What unit is "cbp"? If it's cycles per byte, 0.77 cycles/byte for memxor
(the cost of "Basic AES-Accelerator with memxor" minus cost of
CBC-Accellerator) sounds unexpectedly slow, compared to, e.g, x86_64,
where I get 0.08 cycles per byte (regardless of alig
Maamoun TK writes:
> On Sat, May 1, 2021 at 6:11 PM Niels Möller wrote:
>
>> Is https://git.lysator.liu.se/nettle/nettle/-/merge_requests/23 still
>> the current code?
>>
>
> I've added the basic AES-192 and AES-256 too since there is no problem to
> test them a
o arrange an extension to long-term access, so
it doesn't expire?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
ne
s soon, but I also got a
fairly serious bug report a few days ago that I need to attend to first.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettl
function. But maybe it is sufficient to optimize
something a bit more general than aes gcm, e.g., aes ctr?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
ni...@lysator.liu.se (Niels Möller) writes:
> (iii) I've considered doing it earlier, to make it easier to implement
> aes without a round loop (like for all current versions of
> aes-encrypt-internal.*). E.g., on x86_64, for aes128 we could load
> all subkeys in
GCM HASH being fast
by itself, for performance with other ciphers than aes.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
ption" to generalize
it?
Or possibly under "7.3 Cipher modes", if it's too different from the
AEAD constructions.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
_
ems, as long as the
cost in added complexity is small.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator
annoying
me and wasting my time.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.ly
dentally set the new S390X_ACCOUNT varable to "protected", and then
the job was started but with $S390X_ACCOUNT expanding to the empty
string, and failing.. Perhaps
it needs to be written as
- $FOO != ""
instead?
Regards,
/Niels
--
Niels Möller. PGP-e
tion
only:
variables:
- $SSH_PRIVATE_KEY
- $S390X_ACCOUNT
Still on the master-updates branch, will merge as soon as the run looks
green.
Regards,
/Nies
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholes
ld add a configure test to see whether you need the ull suffix.
The current related code uses UINT64_C for the 64-bit constants. No
configure test needed.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillanc
k in 3.6 (so you'd need to recompile lots of guix packages), but no
incompatible changes to the (source level) api.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
e to the gmp dependency was in
nettle-3.6, which requires gmp-6.1 or later.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
PELINE_IID, that seems to be a good way to get one directory per job.
> only:
> variables:
> - $S390X_SSH_IP_ADDRESS
> - $S390X_SSH_PRIVATE_KEY
> - $S390X_SSH_CI_DIRECTORY
What does this mean? Ah, it excludes the job if these variables aren't
set?
Regards,
/Niels
--
Ni
acros in gcm-hash.asm (patch provided by Niels Möller), in addition to add
> documentation comments.
Thanks! Merged to master-updates, for testing.
Regard,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale
?
The tests that are failing for you act as a kind of integration-level
test for the library. I think that has some value.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
m this is intended to
illustrate.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
is hit, the verify
operation should complete with a correct result.
* Fix to ecdsa_sign, which with a very low probability could
return out of range signature values, which would be
rejected immediately by a verifier.
--
Niels Möller. PGP-encrypted email
s tomorrow (Wednesday, european time), or in
the weekend.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysa
LENGTH,#15
@@ -325,9 +328,9 @@ Lmod_8_load:
Lmod_8_done:
eorC0.16b,C0.16b,D.16b
-PMUL C0,H1M,H1L
+PMUL(C0,H1M,H1L)
-REDUCTION D
+ REDUCTION(D)
Ldone:
IF_LE(`
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subje
))
| ((x & UINT64_C(0x)) << 16);
x = ((x >> 8) & UINT64_C(0xff00ff00ff00ff))
| ((x & UINT64_C(0xff00ff00ff00ff)) << 8);
return x;
}
#endif
and then use as
B.u64[0] = A.u64 ^ bswap_if_le((n * j) + (i + 1));
Regards,
/Niel
s an uint8_t, not an
uint64_t.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.ly
ly for large indentation.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.ly
onally limit message size to 64 bytes? Is
that according to spec?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
be reused for remote testing on any other platforms of
>>interest, which aren't directly available in the ci system.
> Done!
Thanks! Sorry I'm a bit slow, but I hope to be able to setup an account
and try this out reasonably soon.
Regards,
/Niels
--
Niels Möller. PGP-encrypted
m, key derivation/expansion,
and aead are of main interest?
Do you expect the specification to be finalized soon?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government survei
201 - 300 of 1234 matches
Mail list logo
