Niels Möller nisse@lysator.liu.se writes:
I noticed that there are two failures in the ci builds. See https://gitlab.com/gnutls/nettle/-/pipelines/1178451395.
One failure is the new side-channel test failing with mini-gmp. Which is expected, the test should just be skipped in mini-gmp builds (similar to several other sc tests).
Yes, I'm attaching the patch for this.
The other is a complaint from ubsan. I guess it's related to the label == NULL case. I don't know what's the proper place for a fix, maybe it's not in the new code. I think the Nettle APIs should generally allow size == 0, ptr == NULL more or less everywhere, even where libc functions we use formally require ptr != NULL.
This is similar to this issue: https://gitlab.com/gnutls/gnutls/-/issues/1306 where we passed NULL to sha*_update in the GnuTLS code, though it turned to be a non-issue.
In the RSA-OAEP case, I'm not exactly sure whether we should be able to safely special case label == NULL as its hash is part of plaintext data block. Therefore I'm adding label = "" at the API entry points.
Regards,