Filippo Valsorda :go: on Nostr: The good news is that now it's personal, so I have a 25-lines change that makes ...
The good news is that now it's personal, so I have a 25-lines change that makes verification four times faster, and I am not done.
The bad news is that it's too late for Go 1.22, so this is coming in Go 1.23.
This is yet another reason the RSA exponent should have been fixed rather than per-key (see https://words.filippo.io/parameters/): there would have been no way to benchmark the wrong value.
Also, I wouldn't have had to worry about whether it's ok to leak it with timing side-channels!
The bad news is that it's too late for Go 1.22, so this is coming in Go 1.23.
This is yet another reason the RSA exponent should have been fixed rather than per-key (see https://words.filippo.io/parameters/): there would have been no way to benchmark the wrong value.
Also, I wouldn't have had to worry about whether it's ok to leak it with timing side-channels!