, to see
where results start to differ between the working and the non-working
build.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs
ni...@lysator.liu.se (Niels Möller) writes:
I'll send another mail once everything is ready at the new
server. Intention is that git urls will be unchanged.
The move is completed now, and git.lysator.liu.se points to the new
server. Apparently, the gitlab software doesn't support the git
ni...@lysator.liu.se (Niels Möller) writes:
Nettle and LSH repos (as well as other repos I have there) will move,
but they may be temporarily unavailable in the weekend or next week.
Now all repos exist at the new server, available under the temporary
name gluten.lysator.liu.se. Testing
ni...@lysator.liu.se (Niels Möller) writes:
(I'll check status of 64-bit wine in debian, last time I looked
it didn't work out of the box).
Seems to work now, after
apt-get -t testing install wine wine32 wine64
Only problem is that it seems one can't use the same ~/.wine for 32-bit
and 64
ni...@lysator.liu.se (Niels Möller) writes:
It fails make check; several assembly functions crash on w64, also in
the --disable-shared case. I haven't yet looked closer, but I suspect
that's some simple bug in the register shuffling done to support the w64
calling convention.
Fixed now
is, why this doesn't happen when using
the assembly version in x86/arcfour-crypt.asm. I guess I will have to
compare pseudoops and symbol table attributes between working and
non-working case to find out. Unless someone here already knows the
answer.
Regards,
/Niels
--
Niels Möller. PGP-encrypted
to set this up
correctly.
Some questions remain. Why didn't the other tests of functions with
assembly implementation, in particular md5-test and sha1-test, fail in
the same way?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject
ni...@lysator.liu.se (Niels Möller) writes:
Some questions remain. Why didn't the other tests of functions with
assembly implementation, in particular md5-test and sha1-test, fail in
the same way?
Hmm. That's most likely because the involved assembly function,
_nettle_md5_compress, is called
,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
Eli Zaretskii e...@gnu.org writes:
From: ni...@lysator.liu.se (Niels Möller)
Hopefully, there should be a new version later today.
OK, I will try that when it's available.
I just pushed a fix to the git repo. 32-bit windows builds, with shared
libraries, now work for me, using the mingw
reconfigure with --disable-public-key.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http
from constant data, and it
should be independent of the choice between C or assembly for
arcfour-crypt.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
So it seems the linker does something very different (and more correct)
in this case.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs
send another mail once everything is ready at the new
server. Intention is that git urls will be unchanged.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
.
Traditional Nettle Soup: I never knew there was such a thing :)
This is the right time of the year to prepare that soup. It's pretty good.
On the other hand, I'm fairly sure there's *no* way to prepare anything
edible from hogweed.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email
I've spent some time the last few days updating the manual. Feedback
appreciated, in particular on the new sections on the new DSA interface,
AEAD algorithms, chacha and poly1305. Also some smaller documentation
updates on Salsa20, GCM and CCM.
Regards,
/Niels
--
Niels Möller. PGP-encrypted
ni...@lysator.liu.se (Niels Möller) writes:
I get a couple of warnings, when compiling for 32-bit platforms, e.g.,
ARM.
/home/nisse/hack/nettle/ccm.c: In function `nettle_ccm_set_nonce':
/home/nisse/hack/nettle/ccm.c:134:3: warning: comparison is always
false due to limited range of data
\
: ((size_t) 1 (8*(15 - N))) - 1)
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle
*digest0, uint8_t *digest1, uint8_t
*DIGEST_SIZE);
That looks similar to the mem_equal I sketched, except that the third
argument looks strange. Was that intentional?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government
-invents them
Definitely.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http
ni...@lysator.liu.se (Niels Möller) writes:
In another forum, it was suggested that UMAC_DATA_SIZE be renamed to
UMAC_BLOCK_SIZE, and for consistency one could do the same with, e.g.,
MD5_DATA_SIZE. For the time being, the old names should be kept for
backwards compatibility.
Renaming done
an invalid combination of nonce
size and message size? Will it trigger some assert, or will the counter
wrap around silently?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
is in the range 7...14 bytes,
inclusive.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
ni...@lysator.liu.se (Niels Möller) writes:
Pushed now, with some smaller changes.
I get a couple of warnings, when compiling for 32-bit platforms, e.g.,
ARM.
/home/nisse/hack/nettle/ccm.c: In function `nettle_ccm_set_nonce':
/home/nisse/hack/nettle/ccm.c:134:3: warning: comparison is always
ARM boards that I can cross compile for, so
I'll take a look at cleaning up the warnings when I get some time this
weekend.
I think you get the same warnings if you configure with CC='gcc -m32'
CXX='g++ -m32' on a plain x86_64 gnu/linux box or similar.
Regards,
/Niels
--
Niels Möller. PGP
, please speak
up.
(In case a feature is removed and it later turns out to be a mistake,
I'm open to reintroduce features in an update, but I believe there's
little need to keep these around).
And any other cruft which should be removed while we're at it?
Regards,
/Niels
--
Niels Möller. PGP
Daniel Kahn Gillmor d...@fifthhorseman.net writes:
On 04/11/2014 01:49 PM, Niels Möller wrote:
I'm considering removing the following features:
* des-compat.h and all its functions. This provides some level of
compatiblity with libdes (and possibly also old versions of
openssl/ssleay
Nikos Mavrogiannopoulos n...@gnutls.org writes:
This patch allows comparing the performance differences in secp256r1
(the curve mostly used in the web), between nettle and openssl.
Thanks, pushed now.
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email
testsuite, I hope one can get by with something simpler.
Do as many of the tests as possible using mini-gmp only, and disable
tests which depend on functions only available in the real gmp library,
e.g., mpz_urandomb.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26
ni...@lysator.liu.se (Niels Möller) writes:
Unless there are objections, I think I'm going to merge this to the
master branch as soon as I get the time. (Most likely a manual merge, to
avoid checking in dead ends). We really need to get this over with.
Pushed now.
Regards,
/Niels
--
Niels
ni...@lysator.liu.se (Niels Möller) writes:
I really not sure about the best way to go about it. Another option
might be to purge all deprecated stuff from dsa.h, and put it into a new
file dsa-compat.h.
I've now done this, and pushed it on the dsa-reorg branch. I also killed
struct dsa_value
on this and the docs.
I look forward to that. Of the missing things, test cases are most
important, I think.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle
are
replaced by nettle_cipher_func (introduced last week), and the cipher
context arguments accordingly changed to const. And some tweaks of
indentation and line breaks.
Documentation remains to do.
Thanks,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email
code prettier.
Minor nit: I prefer patches in unified format.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs
source
file anyway, maybe these objects could be placed together in
sha384-meta.c. With this in place, adding them to
examples/nettle-benchmark.c is trivial.
Should also update nettle-meta-hashes.c and correspnding test case.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email
ni...@lysator.liu.se (Niels Möller) writes:
* Complete the dsa reorg (I'd appreciate all comments on that).
Not much comments on these issues. I'm now leaning towards a split into
dsa.h with the new interface (and unchanged pieces, like struct
dsa_signature), and a dsa-compat.h, with the old
for ccm_decrypt_message, one should also check that
ccm_decrypt_message returns 1 for the correct data, and 0 if any of
message, adata or or tag is corrupted.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
) or des-compat.h (libdes-compatible
interface)?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs
ni...@lysator.liu.se (Niels Möller) writes:
One possibility might be to have all dsa functions take the dsa group
parameters and the actual key as separate function arguments.
I've tried this now. I think it looks reasonably good. Excerpts from the
new dsa.h:
struct dsa_params
) to a dual license, LGPLv3 or later, or GPLv2 or later.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs
Daniel Kahn Gillmor d...@fifthhorseman.net writes:
On Fri 2013-12-06 15:12:57 -0500, Niels Möller wrote:
For DH, I don't think there's any particular reason to prefer to work in
a small subgroup. But I may be missing something, of course.
I can think of a few, but i'm not sure how
ni...@lysator.liu.se (Niels Möller) writes:
ni...@lysator.liu.se (Niels Möller) writes:
Nikos Mavrogiannopoulos n...@gnutls.org writes:
In the master branch you break the ABI anyway, so it may be a good time
to introduce that. Otherwise you may simply introduce new functions for
the new
ni...@lysator.liu.se (Niels Möller) writes:
Owen Kirby is working on an implementation of the CCM mode. I'm
forwarding my comments here (with permission).
Ooops, I got bitten by the bad mailman configuration regarding
attachments. New attempt below. /Niels
Owen Kirby o...@exegin.com writes
ni...@lysator.liu.se (Niels Möller) writes:
Owen Kirby o...@exegin.com writes:
--- /dev/null
+++ b/ccm.h
+/* Obnoxiously, CCM mode requires the adata and message lengths when
+ * building the IV. This prevents any sort of streaming type API to
+ * the cipher mode. We chose to put all
ni...@lysator.liu.se (Niels Möller) writes:
Nikos Mavrogiannopoulos n...@gnutls.org writes:
In the master branch you break the ABI anyway, so it may be a good time
to introduce that. Otherwise you may simply introduce new functions for
the new structures and leave the old API intact.
I
ni...@lysator.liu.se (Niels Möller) writes:
Does anyone else know of use or interest in 128-bit chacha keys? It
would definitely make things a bit simpler if we can omit support for
128-bit keys. (And if we skip it now, we could of course reintroduce it
later if it turns out to be needed
that done soon.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se
ni...@lysator.liu.se (Niels Möller) writes:
There is some possibilty to let the two views of these input block
coexist, but I'm afraid that will get a bit messy to support in Nettle
(although I haven't yet thought very much about the details).
This is all about initialization and update
ni...@lysator.liu.se (Niels Möller) writes:
Q: Should the nonce size be fixed?
A: Yes. Motivation: For a given key, fixed nonce size is good enough for
RFC 5116. It's unclear if there are use-cases for varying the nonce size,
and if needed one can define separate nettle_aead objects
).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman
not really familiar with ccm, I've only read the critique of it in
the eax paper. But that sounds like it's killing streaming operations.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
arrange to pass a large enough buffer, call the
encrypt/decrypt function, which returns the amount of output actually
produced.
Or use struct nettle_buffer for the destination operand, possibly in
combination with some macro/function to query the needed space.
Regards,
/Niels
--
Niels Möller
I'm continuing to reply to myself... It's the recurring question on
fixed size versus varying size of certain inputs and outputs.
ni...@lysator.liu.se (Niels Möller) writes:
Q: Should the nonce size be fixed?
A: Yes. Motivation: For a given key, fixed nonce size is good enough for
RFC
Joachim Strömbergson joac...@secworks.se writes:
Niels Möller wrote:
Done now. And I found and fixed one bug in chacha_crypt. When
updating the block counter, it used the salsa20 state layout, not the
chacha state layout.
Looking through the commits and docs... Holy cr-p! Yes
Thanks for the review.
Nikos Mavrogiannopoulos n.mavrogiannopou...@gmail.com writes:
On Fri, Feb 7, 2014 at 1:01 PM, Niels Möller ni...@lysator.liu.se wrote:
Q: Should it expose the block size?
I'd say no because the whole purpose of AEAD (or at least my
understanding of rfc5116
Stefan Bühler nettle-b...@stbuehler.de writes:
Stripping attachments on the ml... really?
Last time I looked at this in the mailman config, I was too confused to
solve the problem. Maybe I should try again.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26
delete my
feature branch).
It would make sense to att at least a few of those to nettle's
testsuite/chacha-test.c. Thanks for the pointer!
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
ni...@lysator.liu.se (Niels Möller) writes:
Testing could be improved, quoting the comments in chacha-test.c:
/* FIXME: For rounds == 20, use crypt function, support more than
one block, and test various short lengths. */
Done now. And I found and fixed one bug in chacha_crypt. When
ni...@lysator.liu.se (Niels Möller) writes:
Next, AEAD (authenticated encryption with associated data).
Some questions on a general abstraction for this, and my tentative answers:
Q: Should it expose the block size?
A: Yes. The caller must pass data in chunks which are an integral number
the
code (I haven't been very systematic), pshufhw + pshuflw seems to be
slightly faster. It saves one por instruction.
I'm pretty sure doing a couple of blocks at a time in parellel,
interleaving the instructions, will give some speedup.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email
have a small redzone around
the destination area, to check for overwrites.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
Nikos Mavrogiannopoulos n.mavrogiannopou...@gmail.com writes:
However, RC2-40 is used in gnutls to decrypt PKCS #12 files, so it
would be good for RC2-40 to remain so that decryption of any existing
files will remain possible.
Ok, I leave that in, then.
Regards,
/Niels
--
Niels Möller. PGP
the variable key size function cast5_set_key.
It just seemed a bit too awkward to name the fix-sized function
cast128_128_set_key. If we ever add a specific set_key function for,
e.g., 80-bit cast5/cast128, I think that could be named
cast5_80_set_key.
Regards,
/Niels
2014-01-29 Niels Möller ni
ni...@lysator.liu.se (Niels Möller) writes:
Resulting patch below. I think I'll check this in soon. Next steps would
be:
1. Add it to the benchmark (probably easiest to do it the same way as
salsa20, with a struct in nettle-internal.c).
2. Adapt the test program to nettle conventions
ni...@lysator.liu.se (Niels Möller) writes:
* Introduce a poly1305_update function, and use preprocessor casting
tricks to define poly1305_aes128_update (and any other
poly1305_*_update) as an alias.
Done, then undone;
I tried the same trick for a different function, and it turns out
.
Am I missing something? I guess Adam Langley usually knows what he's
doing. But otherwise, the paragraph in the draft, and the awkward method
it describes, makes absolutely no sense to me.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email
, probably that will make everything clear.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http
ni...@lysator.liu.se (Niels Möller) writes:
Camellia uses fewer subkeys for 128 bit keys than for 192 or 256 bit
keys. So this is a bit similar to AES, and I think an analogous reorg
would make sense.
I tried this out now. New header file below.
Now merged in the master branch. Unlike
, const uint8_t *key);
void
salsa20_256_set_key(struct salsa20_ctx *ctx, const uint8_t *key);
void
salsa20_set_key(struct salsa20_ctx *ctx,
size_t length, const uint8_t *key);
then.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email
but no
encryption, like hmac-sha256 or poly1305. But I doubt that's very
useful.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing
ni...@lysator.liu.se (Niels Möller) writes:
Joachim Strömbergson joac...@secworks.se writes:
What is the status of Poly1305 in Nettle, i.e. is the branch ready to be
merged into master
There are a couple of things I'd like to do. Quoting a mail from 21/11:
I've done most of this now
:
chacha256_set_key(...);
break;
}
}
Maybe that's clutter, but I think the actual complexity cost is pretty
low, so I don't think we have to be very afraid of it.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale
ni...@lysator.liu.se (Niels Möller) writes:
I expect that every byte of memory which is accessible at all is
accessible using an aligned read access of a full word. I view
byte-sized loads in the instruction set as mostly syntactic sugar for
word-sized loads and masking.
After a bit more
broken., but those
standards clearly don't apply to assembly code).
3. memxor.c might also use partial loads in a way which violates C
standards. I don't think that's a problem on any real system, and,
e.g, glibc memcmp does similar tricks.
Regards,
/Niels
--
Niels Möller. PGP-encrypted
is completely disabled).
What do you think?
Relatedly, I've updated the release plan on
http://www.lysator.liu.se/~nisse/nettle/plan.html.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
.
In the memxor tests, do you put the buffers at a zone exactly at the
ending position of the buffer,
No. That's probably why valgrind doesn't warn about it. I just allocate
a buffer of 16 + MAX_SIZE bytes, and try with starting address buf,
buf+1, ..., buf + 15.
Regards,
/Niels
--
Niels Möller. PGP
of different sizes. And I get
no warnings from
make check EMULATOR='$(VALGRIND)' TS_ALL=memxor-test
As far as I see, those tests *should* include the same size and alignments
as in your test, so I wonder what's going on here.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid
to do with the mpz interface,
though.
On mitigation, it also sounds like RSA blinding (which you implemented a
while ago) is effective. It ought to be effective against any attacks
relying on *chosen* ciphertexts.
(And I think you forgot to attach the patch).
Regards,
/Niels
--
Niels Möller. PGP
Martin Storsjö mar...@martin.st writes:
On Tue, 17 Dec 2013, Niels Möller wrote:
There's also IFUNC relocations, but I'm not sure which systems beyond
vanilla gnu/linux support them. Are they usable on android, e.g.?
Not sure - and even if they are they might not have been supported
from
ni...@lysator.liu.se (Niels Möller) writes:
Below is an untested patch for the configure machinery. Can you try this?
I haven't seen any feedback on this, but I have now checked it in
nonetheless.
It would be nice if you could confirm that it actually works. If you or
Martin also have a real
Nikos Mavrogiannopoulos n...@gnutls.org writes:
On Sun, 2013-12-15 at 19:19 +0100, Niels Möller wrote:
Checked in now, with minor changes (deleted the out_n argument for
gmp_alloc, and moved the TMP_GMP_* macros to gmp-glue.h).
Would that be included in a 2.7 release?
I don't currently
Nikos Mavrogiannopoulos n.mavrogiannopou...@gmail.com writes:
updated.
Checked in now, with minor changes (deleted the out_n argument for
gmp_alloc, and moved the TMP_GMP_* macros to gmp-glue.h).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet
Martin Storsjö mar...@martin.st writes:
Your C code snippet seemed to use .short
Ok, I've now changed gcm-hash8.asm to also use .short.
Remains the configure test for rodata. Not sure what's best, but perhaps
easiest to just check of $host_os is darwin.
Regards,
/Niels
--
Niels Möller. PGP
);
+ return ret;
}
err is maybe not the right name for the label, since the code is also
for successful termination. done or cleanup would be better.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
, all previous releases of nettle
have worked just fine on OS X.
That's very nice, and in a large part that's thanks to your work.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
implementation choice to me. A similar function
for sala20 has been discussed earlier. We might need to think a bit
about naming. And the wrapper functions are necessary, for nettle_cipher
if nothing else.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
it separately for nettle and gmp. See gmp-glue.c:gmp_alloc_limbs.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs
is not used in the obvious way as
a stream cipher + a separate mac? Care to elaborate?
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing
(or any other fixed number), and alloca otherwise.
As far as possible, I think we should avoid large allocations. So I
don't think such a change is needed.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government
checking the various implementations of
that function (C, x86_64 and arm), which values besides 12 and 20 really
work.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
to the FSF. I think I understand both the
advantages and disadvantages which come with FSF copyright assignment.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
algorithm, we'd obviously want to get the faster
code into Nettle before changing libgcrypt.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs
Nikos Mavrogiannopoulos n...@gnutls.org writes:
On Fri, 2013-12-06 at 20:00 +0100, Niels Möller wrote:
Simplest would be to just drop these requirements from
dsa_generate_keypair, and let it do whatever the caller asks for. Do you
think that makes sense?
Sounds reasonable. Nettle is low
, Nettle is a bit slower than openssl for sha1 and md5,
which might be the most important things for gnulib).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
change, so we maybe shouldn't do that, or at
least think carefully about compatibility.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing
that each of the discrete logarithm above are
closely related to a factoring algorithm.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing
, it seems all three ecc_size* functions are undocumented, and at
least ecc_size () and ecc_size_a () make sense for users.
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance
,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
).
Regards,
/Niels
--
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.
___
nettle-bugs mailing list
nettle-bugs@lists.lysator.liu.se
http://lists.lysator.liu.se/mailman/listinfo
1001 - 1100 of 1237 matches
Mail list logo