Fix for constant time (step 9)

2014-01-23 15:34:18 +09:00
parent 36541838f9
commit 78ffb4179e
2 changed files with 15 additions and 4 deletions
--- a/2
+++ b/2
@@ -1,5 +1,7 @@
 2014-01-23  Niibe Yutaka  <gniibe@fsij.org>
 	* src/jpc.c (jpc_add_ac_signed): Fix for constant time.
 	* src/ec_p256.c (ecdsa): Bug fix for k selection.
 2014-01-22  Niibe Yutaka  <gniibe@fsij.org>
--- a/src/jpc.c
+++ b/src/jpc.c
@@ -81,7 +81,7 @@ jpc_double (jpc *X, const jpc *A)
 void
 jpc_add_ac_signed (jpc *X, const jpc *A, const ac *B, int minus)
 {
-  bn256 a[1], b[1], c[1], d[1];
+  bn256 a[1], b[1], c[1], d[1], tmp[1];
 #define minus_B_y c
 #define c_sqr a
 #define c_cube b
@@ -96,9 +96,15 @@ jpc_add_ac_signed (jpc *X, const jpc *A, const ac *B, int minus)
    {
      memcpy (X->x, B->x, sizeof (bn256));
      if (minus)
-	bn256_sub (X->y, P256, B->y);
+	{
 	  memcpy (tmp, B->y, sizeof (bn256));
 	  bn256_sub (X->y, P256, B->y);
 	}
      else
-	memcpy (X->y, B->y, sizeof (bn256));
+	{
 	  memcpy (X->y, B->y, sizeof (bn256));
 	  bn256_sub (tmp, P256, B->y);
 	}
      memset (X->z, 0, sizeof (bn256));
      X->z->word[0] = 1;
      return;
@@ -115,7 +121,10 @@ jpc_add_ac_signed (jpc *X, const jpc *A, const ac *B, int minus)
      modp256_mul (b, b, minus_B_y);
    }
  else
-    modp256_mul (b, b, B->y);
+    {
      bn256_sub (tmp, P256, B->y);
      modp256_mul (b, b, B->y);
    }
  if (bn256_cmp (A->x, a) == 0 && bn256_cmp (A->y, b) == 0)
    {