]> Git Repo - secp256k1.git/commit - src/scalar_impl.h
projects / secp256k1.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 856a01d) | patch
Eliminate harmless non-constant time operations on secret data.
authorGregory Maxwell <[email protected]>
Sat, 11 Jan 2020 01:01:05 +0000 (01:01 +0000)
committerGregory Maxwell <[email protected]>
Thu, 20 Feb 2020 17:27:03 +0000 (17:27 +0000)
commit34a67c773b0871e5797c7ab506d004e80911f120
tree583dbba9a12fe76e380356610873f8b22d2545e7tree | snapshot
parent856a01d6ad60c70fd92bdd44fa8584493b87594dcommit | diff
Eliminate harmless non-constant time operations on secret data.

There were several places where the code was non-constant time
 for invalid secret inputs.  These are harmless under sane use
 but get in the way of automatic const-time validation.

(Nonce overflow in signing is not addressed, nor is s==0 in
 signing)
16 files changed:
src/ecdsa_impl.h diff | blob | blame | history
src/eckey_impl.h diff | blob | blame | history
src/ecmult_gen_impl.h diff | blob | blame | history
src/field_10x26_impl.h diff | blob | blame | history
src/field_5x52_impl.h diff | blob | blame | history
src/field_impl.h diff | blob | blame | history
src/modules/ecdh/main_impl.h diff | blob | blame | history
src/scalar.h diff | blob | blame | history
src/scalar_4x64_impl.h diff | blob | blame | history
src/scalar_8x32_impl.h diff | blob | blame | history
src/scalar_impl.h diff | blob | blame | history
src/scalar_low.h diff | blob | blame | history
src/scalar_low_impl.h diff | blob | blame | history
src/secp256k1.c diff | blob | blame | history
src/tests.c diff | blob | blame | history
src/util.h diff | blob | blame | history
Empty description
This page took 0.028475 seconds and 4 git commands to generate.