Re: matrixssl

To: Guido Günther <agx@sigxcpu.org>
Cc: Ola Lundqvist <ola@inguza.com>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: matrixssl
From: Brian May <bam@debian.org>
Date: Wed, 17 Aug 2016 17:49:46 +1000
Message-id: <[🔎] 87d1l76did.fsf@prune.linuxpenguins.xyz>
In-reply-to: <[🔎] 20160811183508.GA25886@bogon.m.sigxcpu.org>
References: <[🔎] 87inv9821q.fsf@prune.linuxpenguins.xyz> <[🔎] 87fuqd81ji.fsf@prune.linuxpenguins.xyz> <[🔎] CABY6=0m6hkH3FpnADKyD+2kaAEUZYpPx5gkVBWeNfj4y1_SYUw@mail.gmail.com> <[🔎] 87a8gj8yuk.fsf@prune.linuxpenguins.xyz> <[🔎] 20160811183508.GA25886@bogon.m.sigxcpu.org>

Guido Günther <agx@sigxcpu.org> writes:

> As I wrote in dla-needed.txt the bignum handling is in
> crypto/peersec/mpi.c and it seems to use the same algorithms (and lacks
> the same checks in e.g. mp_exptmod) so I marked it as
> vulnerable. Porting back the fixes from the current version will be
> difficult though, since the code has changed a lot.

How can you tell the algorithms are the same?

The implementation of mp_exptmod looks very different to pstm_exptmod; I
can't see any similarities in the algorithm.
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: matrixssl
  - From: Guido Günther <agx@sigxcpu.org>

References:
- matrixssl
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: matrixssl
  - From: Brian May <bam@debian.org>
- Re: matrixssl
  - From: Ola Lundqvist <ola@inguza.com>
- Re: matrixssl
  - From: Brian May <bam@debian.org>
- Re: matrixssl
  - From: Guido Günther <agx@sigxcpu.org>

Prev by Date: CVE-2016-2839 / Firefox-ESR
Next by Date: Re: CVE-2016-2839 / Firefox-ESR
Previous by thread: Re: matrixssl
Next by thread: Re: matrixssl
Index(es):
- Date
- Thread