Dr. Stephen Henson st...@openssl.org writes:
[...]
+#ifdef ECDSA_POINT_MUL_NO_CONSTTIME
+ /* We do not want timing information to leak the length of k,
+* so we compute G*k using an equivalent scalar of fixed
+* bit-length. */
+
+ if
Hi ,
I agree with Bruce: we should default to a constant time behavior so
definitely the code must use #ifndef instead of #ifdef since the patch
makes the scalar a fixed bit length value.
I think the paper authors got confused when they wrote the code.
Cheers,
--
Mounir IDRASSI
IDRIX
-...@openssl.orgDate: 05/28/2011 12:49AMSubject: Re: [CVS] OpenSSL: openssl/ CHANGES openssl/crypto/ecdsa/ ecs_ossl.cHi ,I agree with Bruce: we should default to a constant time behavior so definitely the code must use #ifndef instead of #ifdef since the patch makes the scalar a fixed bit length
Hi,
a couple of days ago I've reported the bug:
http://rt.openssl.org/Ticket/Display.html?id=1641
It looks like that Bodo's commit (see below) has fixed the reported
problem.
So the bug can be closed and set to fixed.
Best regards,
Christian
Bodo Moeller wrote:
OpenSSL CVS Repository
On 2007.10.26 at 14:06:37 +0200, Dr. Stephen Henson wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Modified files:
openssl CHANGES
openssl/appss_client.c
openssl/crypto/dsa dsa_pmeth.c
openssl/crypto/evp evp.h pmeth_fn.c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dr. Stephen Henson schrieb:
patch -p0 '@@ .'
Index: openssl/CHANGES
$ cvs diff -u -r1.1342 -r1.1343 CHANGES
--- openssl/CHANGES 18 Jul 2006 12:36:17 -
On Fri, Jun 23, 2006 at 04:36:07PM +0100, Joe Orton wrote:
Log:
New functions CRYPTO_set_idptr_callback(),
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long' type of the existing thread ID
does not always work
On Fri, Jun 23, 2006 at 06:42:10PM +0200, Kurt Roeckx wrote:
On Fri, Jun 23, 2006 at 04:36:07PM +0100, Joe Orton wrote:
Log:
New functions CRYPTO_set_idptr_callback(),
CRYPTO_get_idptr_callback(), CRYPTO_thread_idptr() for a 'void *' type
thread ID, since the 'unsigned long'
Scholars might like to note two bugs turned up by this change:
Index: openssl/crypto/asn1/a_set.c
$ cvs diff -u -r1.13 -r1.14 a_set.c
--- openssl/crypto/asn1/a_set.c 5 Dec 2004 01:03:06 - 1.13
+++
Hi Richard,
Richard Levitte wrote:
...
+int EVP_PKEY_cmp(EVP_PKEY *a, EVP_PKEY *b)
Wouldn't be EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
more appropriate ?
+ {
+ if (a-type != b-type)
+ return -1;
+
+ switch (a-type)
+ {
+#ifndef
In message [EMAIL PROTECTED] on Sun, 6 Apr 2003 12:36:11 +0200, Nils Larsch [EMAIL
PROTECTED] said:
nlarsch Richard Levitte wrote:
nlarsch ...
nlarsch+int EVP_PKEY_cmp(EVP_PKEY *a, EVP_PKEY *b)
nlarsch
nlarsch Wouldn't be EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
nlarsch more
Not entirely true. I implemented the dynamic locks on Windows in Kermit
95. I do not have any hardware to test it with though.
+ *) The hw_ncipher.c engine requires dynamic locks. Unfortunately, it
+ seems that in spite of existing for more than a year, no application
+ author
In message [EMAIL PROTECTED] on Thu, 12 Dec 2002 23:34:07 -0500, Jeffrey
Altman [EMAIL PROTECTED] said:
jaltman Not entirely true. I implemented the dynamic locks on
jaltman Windows in Kermit 95. I do not have any hardware to test it
jaltman with though.
OK, I've now made a small change to
13 matches
Mail list logo