[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security update of nettle



Ola Lundqvist <ola@inguza.com> writes:

> I have not tried to reproduce the potential side-channel issue as that one
> is rather hard to trigger. If anyone know about a tool for that, please let
> me know.

One basically has to patch a valid private key and clear the least
significant bit of p or q. 

With lsh, sexp-conv -s hex should convert an unencrypted private key
into a form suitable for editing in a text editor. After editing,
convert back to canonical (binary) syntax, again using sexp-conv.

For key files as used with gnutls, Hannu suggested using
https://github.com/google/der-ascii

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.


Reply to: