Hi Brian, On Wed, Aug 17, 2016 at 05:49:46PM +1000, Brian May wrote: > Guido Günther <a...@sigxcpu.org> writes: > > > As I wrote in dla-needed.txt the bignum handling is in > > crypto/peersec/mpi.c and it seems to use the same algorithms (and lacks > > the same checks in e.g. mp_exptmod) so I marked it as > > vulnerable. Porting back the fixes from the current version will be > > difficult though, since the code has changed a lot. > > How can you tell the algorithms are the same? > > The implementation of mp_exptmod looks very different to pstm_exptmod; I > can't see any similarities in the algorithm.
I vaguely remember that both current git and wheezy use montgomery multiplication similarly and I therefore thought that wheezy is affected as well. I have some more time tomorrow. Will check again and report back. Cheers, -- Guido
