On Fri, Jul 2, 2021 at 11:59 PM Maamoun TK maamoun.tk@googlemail.com wrote:
I've added a new comment that wipes hash subkey from stack once GHASH operation completed as it's a good practice to do so
*commit
I'm thinking it's also worth it to wipe the authentication tag and the leftover bytes of input data from the stack. Leaving out the output authentication tag in the stack is never a good idea and in case of processing AAD the input data is left in the clear so leaving leftover bytes in the stack may reveal potential secret data. I've pushed another commit to wipe the whole parameter block content (authentication tag and hash subkey) and the leftover bytes of input data.
regards, Mamone
On Thu, Jul 1, 2021 at 4:43 PM Maamoun TK maamoun.tk@googlemail.com wrote:
I've replied to your comments in the MR.
Thank you, Mamone
On Wed, Jun 30, 2021 at 10:10 PM Niels Möller nisse@lysator.liu.se wrote:
Maamoun TK maamoun.tk@googlemail.com writes:
I made a merge request !26 https://git.lysator.liu.se/nettle/nettle/-/merge_requests/26 that optimizes the GHASH algorithm for S390x architecture.
Nice! I've added a few comments in the mr.
Regards, /Niels
-- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance.