[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: matrixssl

Hi Brian,
On Wed, Aug 17, 2016 at 05:49:46PM +1000, Brian May wrote:
> Guido Günther <agx@sigxcpu.org> writes:
> > As I wrote in dla-needed.txt the bignum handling is in
> > crypto/peersec/mpi.c and it seems to use the same algorithms (and lacks
> > the same checks in e.g. mp_exptmod) so I marked it as
> > vulnerable. Porting back the fixes from the current version will be
> > difficult though, since the code has changed a lot.
> How can you tell the algorithms are the same?
> The implementation of mp_exptmod looks very different to pstm_exptmod; I
> can't see any similarities in the algorithm.

I vaguely remember that both current git and wheezy use montgomery
multiplication similarly and I therefore thought that wheezy is affected
as well.

I have some more time tomorrow. Will check again and report back.
 -- Guido

Reply to: