Ola Lundqvist <o...@inguza.com> writes: > I have not tried to reproduce the potential side-channel issue as that one > is rather hard to trigger. If anyone know about a tool for that, please let > me know.
One basically has to patch a valid private key and clear the least significant bit of p or q. With lsh, sexp-conv -s hex should convert an unencrypted private key into a form suitable for editing in a text editor. After editing, convert back to canonical (binary) syntax, again using sexp-conv. For key files as used with gnutls, Hannu suggested using https://github.com/google/der-ascii Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance.
