artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2cf255e) | patch
Remove ECDSA nonce padding kludge
authortb <tb@openbsd.org>
Tue, 8 Aug 2023 13:09:28 +0000 (13:09 +0000)
committertb <tb@openbsd.org>
Tue, 8 Aug 2023 13:09:28 +0000 (13:09 +0000)
commit34663717cb0860420c3d4eefddf19adb17f26237
tree0b4ae6eaa9eb6e614a9958c3dad481b8802646c3tree | snapshot
parent2cf255ecb293e36a048134d2a755adf9145d7fd4commit | diff
Remove ECDSA nonce padding kludge

This was a workaround due to the historically non-constant time scalar
multiplication in the EC code. Since Brumley and Tuveri implemented the
Montgomery ladder, this is no longer useful and should have been removed
a long time ago, as it now does more harm than good.

Keep the preallocations as they still help hiding some timing info.

ok jsing
lib/libcrypto/ecdsa/ecdsa.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim