deon/gnuk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

simplify compute_kP

Browse Source
This commit is contained in:
NIIBE Yutaka
2014-01-24 16:16:41 +09:00
parent f4e10311c7
commit 4b65ed1a5b
2 changed files with 5 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -2,6 +2,7 @@
* src/ec_p256.c (get_v_k_i): New. * src/ec_p256.c (get_v_k_i): New.
(compute_kG): Fix for constant time. (compute_kG): Fix for constant time.
(compute_kP): Simplify.
2014-01-23 Niibe Yutaka <gniibe@fsij.org> 2014-01-23 Niibe Yutaka <gniibe@fsij.org>

22
src/ec_p256.c
View File

@@ -1,7 +1,7 @@
/* -*- coding: utf-8 -*- /* -*- coding: utf-8 -*-
* ec_p256.c - Elliptic curve over GF(p256) * ec_p256.c - Elliptic curve over GF(p256)
* *
* Copyright (C) 2011, 2013 Free Software Initiative of Japan * Copyright (C) 2011, 2013, 2014 Free Software Initiative of Japan
* Author: NIIBE Yutaka <gniibe@fsij.org> * Author: NIIBE Yutaka <gniibe@fsij.org>
* *
* This file is a part of Gnuk, a GnuPG USB Token implementation. * This file is a part of Gnuk, a GnuPG USB Token implementation.
@@ -479,30 +479,16 @@ compute_kP (ac *X, const naf4_257 *NAF_K, const ac *P)
return -1; return -1;
} }
memset (Q->z, 0, sizeof (bn256)); /* infinity */
for (i = 256; i >= 0; i--) for (i = 256; i >= 0; i--)
{ {
int k_i; int k_i;
if (!q_is_infinite) jpc_double (Q, Q);
jpc_double (Q, Q);
k_i = naf4_257_get (NAF_K, i); k_i = naf4_257_get (NAF_K, i);
if (k_i) if (k_i)
{ jpc_add_ac_signed (Q, Q, p_Pi[NAF_K_INDEX(k_i)], NAF_K_SIGN (k_i));
if (q_is_infinite)
{
memcpy (Q->x, p_Pi[NAF_K_INDEX(k_i)]->x, sizeof (bn256));
if (NAF_K_SIGN (k_i))
bn256_sub (Q->y, P256, p_Pi[NAF_K_INDEX(k_i)]->y);
else
memcpy (Q->y, p_Pi[NAF_K_INDEX(k_i)]->y, sizeof (bn256));
memset (Q->z, 0, sizeof (bn256));
Q->z->word[0] = 1;
q_is_infinite = 0;
}
else
jpc_add_ac_signed (Q, Q, p_Pi[NAF_K_INDEX(k_i)], NAF_K_SIGN (k_i));
}
} }
return jpc_to_ac (X, Q); return jpc_to_ac (X, Q);