Noise Protocol Question
Jason A. Donenfeld
Jason at zx2c4.com
Thu Feb 16 15:39:35 UTC 2023
On Sat, Feb 11, 2023 at 03:39:12PM +0000, z wrote:
> TL;DR Why is wireguard go not calling isZero() on the output of the ECDH key agreement every time?
Good question. AFAICT, this was something I had noticed back when this
code was in development, but then zero checking only got added to the
initiation side, not the response side, in 8c34c4c ("First set of code
review patches"). I don't know whether this was a mistake or if there
was a rationale at the time.
Fortunately, there aren't really any real consequences. But I did fix it
up, so thanks very much for reporting this:
https://git.zx2c4.com/wireguard-go/commit/?id=c7b76d3d9ecdc2ffde80decadda88c0c7cdfeedf
Jason
More information about the WireGuard
mailing list