Skip to content

Commit

Permalink
Fix #1363: Recommendation R17 - Constant timing in ECDH
Browse files Browse the repository at this point in the history
  • Loading branch information
@tjoly-ledger
tjoly-ledger committed Oct 18, 2022
1 parent 166c500 commit 61aba38
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
6 changes: 5 additions & 1 deletion lib_cxng/src/cx_ecdh.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,11 @@ cx_err_t cx_ecdh_no_throw(const cx_ecfp_private_key_t *key,
CX_CHECK(cx_ecpoint_alloc(&W, curve));
CX_CHECK(cx_ecpoint_init(&W, public_point + 1, sz, public_point + 1 + sz, sz));
// Scalar multiplication with random projective coordinates and additive splitting
CX_CHECK(cx_ecpoint_rnd_scalarmul(&W, key->d, key->d_len));
if (CX_CURVE_RANGE(curve, WEIERSTRASS)) {
CX_CHECK(cx_ecpoint_rnd_fixed_scalarmul(&W, key->d, key->d_len));
} else {
CX_CHECK(cx_ecpoint_rnd_scalarmul(&W, key->d, key->d_len));
}
switch (mode & CX_MASK_EC) {
case CX_ECDH_POINT:
secret[0] = 0x04;
Expand Down
2 changes: 1 addition & 1 deletion lib_cxng/src/cx_ecfp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ cx_err_t cx_ecfp_generate_pair2_no_throw(cx_curve_t curve,
if (CX_CURVE_RANGE(curve, WEIERSTRASS)) {
CX_CHECK(cx_ecpoint_alloc(&W, private_key->curve));
CX_CHECK(cx_ecdomain_generator_bn(curve, &W));
CX_CHECK(cx_ecpoint_rnd_scalarmul(&W, private_key->d, private_key->d_len));
CX_CHECK(cx_ecpoint_rnd_fixed_scalarmul(&W, private_key->d, private_key->d_len));
public_key->curve = curve;
public_key->W_len = 1 + 2 * size;
public_key->W[0] = 0x04;
Expand Down

0 comments on commit 61aba38

Please sign in to comment.