eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #5841 from aurel32/ecp_mul_mxz-timing-leak

Browse source 
Fix a timing leak in ecp_mul_mxz()
This commit is contained in:
Gilles Peskine 2022-10-27 19:46:48 +02:00 committed by GitHub
commit 75c4eaf1f8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
library/ecp.c
View file

@ -2461,7 +2461,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
/* Loop invariant: R = result so far, RP = R + P */ /* Loop invariant: R = result so far, RP = R + P */
i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */ i = grp->nbits + 1; /* one past the (zero-based) required msb for private keys */
while( i-- > 0 ) while( i-- > 0 )
{ {
b = mbedtls_mpi_get_bit( m, i ); b = mbedtls_mpi_get_bit( m, i );