3 Sep
2015
3 Sep
'15
9:47 a.m.
Florian Weimer fweimer@redhat.com writes:
I strongly suggest to implement RSA-CRT hardening, by checking that RSA signature have not been miscomputed accidentally:
Thanks for the reminder. I'll add it to the rsa_pkcs1_sign_tr and rsa_decrypt_tr functions. For other RSA secret-key functions, interface issues makes it a bit more difficult.
I've updated the plan for a nettle-3.2 release, http://www.lysator.liu.se/~nisse/nettle/plan.html
Another recent change is that I'm disabling the use of ifunc linking, see https://sourceware.org/ml/libc-help/2015-06/msg00010.html. I hope glibc will be improved to make use of ifunc more reliable, but I haven't really investigated that.
Regards, /Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.