Re: HPKE ready for Merge!

2024-02-01 Thread Norbert Pócs 
Hi,

The MR is still in a draft phase if I remember correctly. The last
modifications were not yet reviewed by Niels;
When would you Niels have time to look into it? I would like to finish it
up.

Congratulations on implementing ClientHello in GnuTLS! [0]


[0] - https://gitlab.com/gnutls/gnutls/-/merge_requests/1748

Best regards
Pócs Norbert

On Wed, Jan 31, 2024, 17:41 Ajit singh  wrote:

> Hi all,
> I trust this message finds you well. Notably, HPKE has already been
> successfully implemented, and now your prompt attention is sought for the
> critical review and merging of the MR into the main branch of Nettle. As
> encrypted client hello(ECH) also relies on HPKE, your swift action is
> highly appreciated.
>
> HPKE MR Link:https://git.lysator.liu.se/nettle/nettle/-/merge_requests/27
>
> Thanks,
> Ajit
> ___
> nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
> To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se
>
___
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se

Re: Add RSA-OAEP encryption/decryption to Nettle

2024-02-01 Thread Niels Möller 
Daiki Ueno  writes:

> Added `mark_bytes_undefined (1, [key->size]);` to the test
> cases doing encryption.

I'm afraid that isn't right. For one, mark_bytes_undefined is
conditioned so it only has any effect when running the sc tests. Second,
it will not produce any warnings for writes, which I think is what we'd
like to detect here. I think the options are:

1. Just don't allocate any extra byte, and valgrind's should arrange for
   alerts on out-of-bounds writes without anything special.

2. Allocate an extra byte, write some random value before the call, and
   check that the value is unchanged after the call (some other tests
   do that sort of thing, it's simple, old fashioned, and doesn't depend
   on valgrind).

3. Allocate an extra byte, and mark it using VALGRIND_MAKE_MEM_NOACCESS
   (wrapped in some macro depending on the memcheck.h configure check).
   I don't think that gives any real benefit over valgrind's default
   behavior with (1), but might make sense if done in combination with
   (2).

Regards,
/Niels

-- 
Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se