ineering
> process. The process has gaps where CI testing should occur.
You asked "Is there any reason you refuse to fix things?" (which is kind
of provocative). I tried to answer honestly. I refuse to argue this
further.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferr
Jeffrey Walton writes:
> On Mon, Apr 13, 2020 at 10:09 AM Niels Möller wrote:
>>
>> As far as I'm aware, that should fix BSDs and other systems disliking
>> relative names in LD_LIRBARY_PATH. If you can verify the rc1 tarball on
>> NetBSD (I only have Fre
e" to
sometimes discard DYLD_LIBRARY_PATH completely. My understanding is that
problem is limited to MacOS.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
net
or
now. The proper solution is likely to move setting of these enviroment
variables to the same place where $EMULATOR is expanded.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government s
ni...@lysator.liu.se (Niels Möller) writes:
> Andreas Metzler writes:
>
>> PS: On top of this the Debian nettle *packaging* currently is broken
>> with respect to unsynced soname bumps of libhogweed/libnettle runtime
>> packages, which is a different issue, probably a bug
s, and depends in the internal struct ecc_curve layout. Is that
wrong? I can have a renewed look at the patch, but my gut feeling is to
not add new features at this point.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale g
But all of them? And it
doesn't look like it would affect references to NETTLE_INTERNAL.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettl
ep, I'm going to look on
> this in the next few days.
Thanks.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettl
nce GnuTLS wants to
support more curves than are in Nettle, and hook into the
implementation. And not visible in this list, GnuTLS also depends on the
layout of the internal struct ecc_curve. As I've said before, I'd wish
this usage was (i) controlled by a GnuTLS ./configure argument, an
reaking the libnettle ABI at the same time. (The
opposite is also possible, but less likely to happen). In which case
only one of the sonames would be bumped. There's currently no testing of
libhogweed from nettle-X linking at runtime with a libnettle.so built
from nettle-(X+1) or nettle-(X-1).
ni...@lysator.liu.se (Niels Möller) writes:
> I've updated the NEWS file, and I don't think there are any easy changes
> pending. Please let me know ASAP if there's anything missing in NEWS, or
> if there are additional changes you think ought to be included before
&g
Dmitry Baryshkov writes:
> вс, 5 апр. 2020 г. в 23:27, Niels Möller :
>> Dmitry Baryshkov writes:
>>
>> > GnuTLS project would like to ask you to bump libhogweed soname as a
>> > way to enforce recompilation because of the ecc-internal.h usage.
>&g
"Stephen R. van den Berg" writes:
> Niels Möller wrote:
>>I've updated the NEWS file, and I don't think there are any easy changes
>>pending. Please let me know ASAP if there's anything missing in NEWS, or
>>if there are additional changes you thin
at it would be nice to get GOST VKO key derivation
> algorithm to supplement GOST digital signatures algorithm.
I don't want to delay the release for that. Ok?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale g
day or two for final
testing.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists
e is a good tradeoff. If we
want to do it, that should be a separete change. And
base64url_decode_init should be updated too.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
7;t investigate that right
now.
>> 2. What's the right way to add line breaks for the very long configure
>> command in .gitlab-ci.yml?
>
> Just breaking the line (linefeed) is enough, as long as the continuation
> line doesn't start with a dash '-'
ni...@lysator.liu.se (Niels Möller) writes:
> Nikos Mavrogiannopoulos writes:
>
>> We may want to install nettle somewhere separately and instruct gnutls
>> to use it from there rather than the default locations.
>
> That seems to be the right solution to the immedia
our choice
anyway.
Do you see any clean workaround? One could maybe delegate it further,
similar to how $EMULATOR is handled.
Otherwise, we may just have to recommend disabling this "protection" on
macs used for development (according to the linked comments, boot in
"recovery mode&q
ni...@lysator.liu.se (Niels Möller) writes:
> I think a reasonable way is to add
>
> abs_top_builddir = @abs_top_builddir@
>
> TEST_SHLIB_DIR = "${abs_top_builddir}/.lib"
>
> to config.make.in, and use that to set LD_LIBRARY_PATH. And possibly
> only pass TEST
Nikos Mavrogiannopoulos writes:
> On Mon, Mar 30, 2020 at 1:23 PM Niels Möller wrote:
>>
>> The error is
>>
>> 1217 ./bootstrap: getting translations into po/.reference for gnutls...
>> 1218 wget: /lib64/libhogweed.so.5: version `HOGWEED_INTERNAL_5_0
le the case that gmp is in /usr/local, you
configure with --with-lib-path=/usr/local/lib
--with-inlcude-path=/usr/local/include, but the runtime linker doesn't
look in /usr/local/lib. Then LSH_RPATH_FIX will add the appropriate
flag to set rpath. (I see there are some other unused macros in
a
ls.so.30, but apparently an older
version. According to
objdump -T /usr/lib/x86_64-linux-gnu/libgnutls.so.30
the version I have refers only to symbols with version NETTLE_6 and
HOGWEED_4, i.e., nettle version older than 3.5. And no mention of
NETTLE_INTERNAL or HOGWEED_INTERNAL.
Regards,
/Niels
ls.so.30, but apparently an older
version. According to
objdump -T /usr/lib/x86_64-linux-gnu/libgnutls.so.30
the version I have refers only to symbols with version NETTLE_6 and
HOGWEED_4, i.e., nettle version older than 3.5. And no mention of
NETTLE_INTERNAL or HOGWEED_INTERNAL.
Regards,
/Niels
ls.so.30, but apparently an older
version. According to
objdump -T /usr/lib/x86_64-linux-gnu/libgnutls.so.30
the version I have refers only to symbols with version NETTLE_6 and
HOGWEED_4, i.e., nettle version older than 3.5. And no mention of
NETTLE_INTERNAL or HOGWEED_INTERNAL.
Regards,
/Niels
"H.J. Lu" writes:
> Here is the updated patch.
Pushed to the master-updates branch now. Thanks!
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government
I take it the rdssp instruction is a nop on older processors? I had a
quick look at
https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf
and I don't find any mention of a cpuid bit to check before using this
instruction.
Regards,
lways_inline__, __artificial__))
_get_ssp (void)
{
return __builtin_ia32_rdsspq ();
}
Would it be easier to define it using inline asm, eliminating the
configure check for -mshstk? Or is it a complicated thing involving a
cpuid check first?
> + signal(SIGSEGV, segfa
ough to test
that everything works fine in the absense of attack, we need tests to
model the attacks, at least when that's practical.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
_
over the details, with a
./configure CC='gcc -fcf-protextion=full' && make && make check on a
CET-enabled system.
I'd prefer to not passing any special linker flags when linking the test
executables, they should as far as possible be linked the same way as
non-test p
rent types of failures, rather than just a success/fail indication,
that should be reported without using any globals.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
_
ect on a test executable (on systems where it is
expected to have effect). It's not obvious to me if and how the patch
improves that.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveil
ere
the inline asm is somehow broken.
No additional configure checks needed (except if we want a proper test
for signal/sigaction rather than depending on preprocessor predefines).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject
Simo Sorce writes:
> On Thu, 2020-03-12 at 21:53 +0100, Niels Möller wrote:
>> But I'm a bit confused by the use of ASM_X86_ENDBR. The instruction is
>> added to entry points, via the PROLOGUE macro, but not to other branch
>> targets, e.g., loop labels in the assembly
need to
coordinate with Nikos. I have a somewhat fuzzy understanding of how it's
set up, and know very little about the various system images being used.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to whole
files. Is that not needed
(because branches are direct, without going via PLT indirection)? Or
will the assembler insert some ENDBR instructions automatically?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale gover
s the only case where chacha_crypt and
chacha_crypt32 behave differently. Is that something you can look into?
Thanks!
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
", was applied back then.
Do you remember why you used GNU_CET_SECTION() explicitly in .asm files,
rather than using an m4 divert?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale gove
dbarysh...@gmail.com writes:
> From: Dmitry Baryshkov
>
> Move cmac-des3 meta information from testsuite/cmac-test.c to main
> Nettle library.
>
> Signed-off-by: Dmitry Baryshkov
Thanks, applied.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid
ot;
> + .p2align $p2align
> + .long 1f - 0f
> + .long 4f - 1f
> + .long 5
> +0:
> + .asciz \"GNU\"
> +1:
> + .p2align $p2align
> + .long 0xc002
> + .long 3f - 2f
> +2:
> + .long 3
> +3:
>
on chacha_set_counter, which takes an
> 8-octet initial value of the block counter.
Do you see any need to add functions working with a 32-bit counter
(together with chacha_set_nonce96)? We could have something like
chacha_set_counter32 and chacha_crypt32.
Regards,
/Niels
--
Niels Möller
> +Unlike the original definition of ChaCha, the nonces are of 12 bytes.
Maybe worth mentioning the 32-bit block count and corresponding limit on
message size?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wh
al
b .Lmemxor_bytes
is slightly suboptimal, in that it will reread individual bytes from the
word at DST. It might be better to check if N > TNC/8, and if so read
and xor one more source word.
ldr r4, [SRC]
eor r3, r4, S1ADJ TNC
And we can then have the byte
RFC 8439, if I understood the document history correstly). It seems this
change is not documented in the manual or in NEWS; the manual still says
that chacha-poly1305 use 64-bit nonce and is experimental.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet e
C.
> Full patch for reference again below and at
> https://git.lysator.liu.se/michaelweiser/nettle/-/tree/arm-memxor-generic.
>
> If it's acceptable shall I rather git send-email it or do a MR on
> gitlab?
Either alternative is ok (although I'm still not that used to gitlab
MRs).
I've been offline, skiiing, for a week, and I haven't yet caught up we
email. http://www.lysator.liu.se/~nisse/misc/s%C3%A5nfj%C3%A4llet.jpg
Michael Weiser writes:
> Hi Niels,
>
> On Sat, Feb 22, 2020 at 07:58:10AM +0100, Niels Möller wrote:
>
>> Lookingup NSL
eb by disabling asm when cross- and
> binfmt_misc-qemu-natively-compiling the userland for my Cubies. So I
> have likely never run the asm under qemu-user nor qemu-system.
Is there some problem with configuring qemu to emulate armv6? I think
that's what is used when testing non-BE ARM
sider using
static libraries; then the linker will pull in only those object files
that are referenced by the main program. (And avoid features like
nettle_get_hashes, since by design that function references all
supported hash algorithms).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is pr
ago). But whenever there's some new
code or larger rewrites there, it's likely that armeb will be broken in
the process. Testing, be that ci or more manual, is essential.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Key
ort armeb. I can't say why that fails in your setting.
Double check that big-endian is detected correctly by configure.
Also try to configure nettle --without-assembler, if that also fails,
then it maybe something else in the environment that is broken.
Regards,
/Niels
--
Niels Möller. PGP-e
iar with the cross setup used for
arm, mips, and aarch64, Nikos helped with all that. But maybe armeb can
be added in the same way?
I'm not aware of any issues, but on the other hand, I don't do any
testing on armeb.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferr
dbarysh...@gmail.com writes:
> From: Dmitry Baryshkov
>
> To make ecc functions usage more obvious remove ecc_modp_foo() and
> ecc_modq_foo() wrapper macros.
Thanks, applied.
Regards,,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email i
Dmitry Eremin-Solenikov writes:
> ср, 25 дек. 2019 г. в 14:31, Niels Möller :
>>
>> If we define a single nettle_mac for each supported (no-nonce) mac
>> algorithm, what should the key size be for each algorithm? Using the
>> underlying block size for the hmac a
dbarysh...@gmail.com writes:
> From: Dmitry Baryshkov
>
> gost28147_param instances were never a part of stable release, so move
> them to internal header.
Thanks, applied.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email i
ni...@lysator.liu.se (Niels Möller) writes:
> Do you think it makes sense to change from -G to -shared
> unconditionally for Solaris?
I've done this change, after digging just a little in the docs.
According to
https://docs.oracle.com/cd/E77782_01/html/E77792/gqexw.html#OSGCCgqfch,
-
Jeffrey Walton writes:
> On Sun, Feb 2, 2020 at 11:48 PM Niels Möller wrote:
>>
>> I don't have any time to spend on testing with these systems or
>> compilers. Do you think it makes sense to change from -G to -shared
>> unconditionally for Solaris? It makes
'll have to stick to workarounds until someone else
decides to fix the problem. Solaris on x86 is a somewhat obscure
platform, so good supports will depend a lot on the user community to
help eachother out.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
I
; So I have to tell Autotools to build for a 64-bit system via
> --host=amd64-sun-solaris
If you get into any subtle problems from configure thinking you're
crosscompiling, you might want to add --build=amd64-sun-solaris instead
or in addition to setting --host.
Regards,
/Niels
--
Niels Möll
rts of it causing problems. I think it would
cause a lot of trouble if done the same way for x86.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
uild using -G: https://pastebin.com/SKZxKfdZ.
: checking build system type... i386-pc-solaris2.11
: checking host system type... x86_64-sun-solaris2
Looks like a cross-compile configuration. Is that intentional?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
g these
instructions. The easy option is to drop --eable-fat from the confgure
arguments.
There are other options, e.g., pre-assembling these instructions and
replacing them with .byte sequences in the .asm file, or additional
configure checks to test assembler features and conditionally disable
t
ni...@lysator.liu.se (Niels Möller) writes:
> If we want to compute v = z^-1 (mod p), but in redc form with v' = vB
> and z' = zB, then we have
>
> v z = 1 (mod p)
>
> but
>
> v' z' = B^2 (mod p)
>
> So for redc curves we need to compute v
ni...@lysator.liu.se (Niels Möller) writes:
>> 3. I'm considering changing the struct ecc_point representation to use
>>montgomery representation of the for the individual coordinates, for
>>primes where we use that. Then ecc_a_to_* will (almost?) be
>>
fusing.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
rged gostdsa and the first two curves to master.
I'd like to postpone additional gost curves for a bit, to figure out
what else needs to get into the next release.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject t
to the
> bottom of the page.
Done! I also added two index entries.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-
Nikos Mavrogiannopoulos writes:
> We had the same issue in gnutls. You can apply this patch.
Thanks, applied on master branch now. Will need merge/rebase any
other branches we want tested too.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet em
itlab?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/
ni...@lysator.liu.se (Niels Möller) writes:
> 1. Eddsa signatures with curve448. Needs SHAKE support first (Daiki
>posted patches for this long ago).
Done!
> 2. Renaming of stuff using curve names consistently (recent patches by
>Dmitry). Preparation for new gost curves
8:
>ctx->mul = curve448_mul;
>ctx->mul_g = curve448_mul_g;
> - knuth_lfib_random (&lfib, sizeof(CURVE448_SIZE), ctx->s);
> + knuth_lfib_random (&lfib, CURVE448_SIZE, ctx->s);
> break;
> default:
>abort ();
Thanks,
ne 65
error: could not build fake ancestor
(I haven't looked into what the problem might be).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle
dbarysh...@gmail.com writes:
> Two small fixes to go on top of ecc-gost branch. These two patches can
> be squashed into respective patches or just live as separate instances,
> whatever you would prefer.
Pushed to that branch now.
Regards,
/Niels
--
Niels Möller. PGP-encrypted
meet.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/
renamed
ecc_hash_le ?
What are typical values of length, compared to the prime size?
> --- /dev/null
> +++ b/gostdsa.h
> @@ -0,0 +1,102 @@
[...]
> +
> +/* Development of Nettle's ECC support was funded by the .SE Internet Fund.
&
ni...@lysator.liu.se (Niels Möller) writes:
> Requiring GNU make makes a few things easier: We can use %-patterns
> everywhere. We can use -include unconditionally for dep-files, dropping the
> @DEP_INCLUDE@ variable and the dummy-dep-files configure step. We can
> most likely also dr
Dmitry Eremin-Solenikov writes:
> I'll change the names t follow
> gost_gc256b pattern, add documentation and submit v4.
Excellent.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government s
alternatives:
nettle_get_gost_gc256b
nettle_get_gost_curve_256b
nettle_get_tls_gc256b
I can merge the support as is, but it would be good to agree on name
before release (and perhaps before adapting the gnutls code, to avoid
another renaming hassle there).
Regards,
/Niels
--
Niels Möller. PGP
Nikos Mavrogiannopoulos writes:
> On Tue, Jan 14, 2020 at 1:26 PM Niels Möller wrote:
>>
>> Nikos Mavrogiannopoulos writes:
>>
>> > That's great. Does git.lysator.liu.se support shared runners for CI?
>>
>> I'm not sure what "shar
ab mirror, do they belong to gitlab, or
have you set them up?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bu
en Nettle was started.
> IOW, I'd encourage mandating GNU make for any project.
I'd agree. Except for GNU make itself, and its required dependencies, if
any...
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to
y a few hundred spam accounts.
Should be fixed now.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-b
ze_t mn = m->size;
> + mp_limb_t hi;
> +
> + hi = mpn_addmul_1(rp, rp + mn, mn, 0x269);
> + hi = sec_add_1 (rp, rp, mn, hi * 0x269);
> + hi = sec_add_1 (rp, rp, mn, hi * 0x269);
> + assert(hi == 0);
> +}
The last sec_add_1 could probably be a cnd_add with m->B. But per
likely not tested for a long time), and it should
kind-of work with BSD make, provided one configures with
--disable-dependency-tracking.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
k are gc256b and gc512a.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.ly
c
with friendly structure (but one word larger). I think this trick is
known as Svoboda division. But for the main operations, it is likely
more efficient to use plain unstructured redc, precomputing p^{-1} mod B
(where B is word size, 2^32 or 2^64 depending on architecture).
Regards,
/Niels
--
ce on how to use and configure gitlab is welcome.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists
sting.
Thanks,
/Niels Möller
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/ma
0, and
at least the functions appear unused outside of Nettle.
Opinions?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
n
Nikos Mavrogiannopoulos writes:
> This patch updates the CI to the latest fedora image. It also includes
> some minor changes to tools, to pass the new clang analyser.
Pushed now.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is s
command is no longer available (used by config.status). If I understand
the log correctly, it's using
registry.gitlab.com/gnutls/build-images:buildenv-f29. See
https://gitlab.com/gnutls/nettle/-/jobs/393683657
Is that easy to fix, or is it better to leave as is and just switch to
the fedora31 i
ni...@lysator.liu.se (Niels Möller) writes:
> I think this is complete now (except updating hogweed-benchmark), just
> pushed to the ed448 branch. Thanks for the patience.
It seems I forgot to add the new files in the first attempt. Ooops.
Fixed with a forced update on this branch.
Now
rner cases. I've added some debug
printouts to verify that mpn_submul_1 returns 0 for the ed25519
testcases, and 1 for all the ed448 testcases. If it's taken out to a
separate function/method, then it gets easier to unit test.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is
ni...@lysator.liu.se (Niels Möller) writes:
> Daiki Ueno writes:
>
>> For curve25519, q is defined as:
>>
>> 2^252 + 0x14def9dea2f79cd65812631a5cf5d3ed
>>
>> whose bit pattern starts with 0x1000, so r - q * (r>>252) should
>> work.
>&g
Daiki Ueno writes:
> Implement SHAKE128/256 functions
I've merged a stripped-down version of this patch, introducing a single new
function sha3_256_shake. If I've understood it correctly, that's what is
needed for ed448 signatures.
Regards,
/Niels
--
Niels Möller. PGP-
that's what used for hmac
in the ssh protocol)?
My current plan is to first add struct nettle_mac as an interface for no-nonce
macs. And then add a different struct for macs requiring a per-message nonce.
struct nettle_nmac was suggested, any better name for this?
Regards,
/Niels
--
Niels Möller
be simpler if (3) is done first.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lis
hms or approaches you think are promising.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@list
ni...@lysator.liu.se (Niels Möller) writes:
> I don't understand the gnutls failure. I've logged in to gitlab and
> pressed the "Retry"-button. If it keeps failing, I'll need some help
> investigating.
The retry passed. Merged this deletion (ecdsa over curve2551
ni...@lysator.liu.se (Niels Möller) writes:
> ni...@lysator.liu.se (Niels Möller) writes:
>
>> ni...@lysator.liu.se (Niels Möller) writes:
>>
>>> I'm considering the below patch. I think there's room for further
>>> improvement, maybe splitting the
n storage for a few other things can likely be trimmed
down too, in particular, curve448_mul would get the same scratch need as
curve25519_mul, 12*n rather than 14*n.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid 368C6
501 - 600 of 1686 matches
Mail list logo