Skip to content

Commit

Permalink
fix(crypto): remove memory access dependent on secret data
Browse files Browse the repository at this point in the history
  • Loading branch information
onvej-sl committed Sep 26, 2024
1 parent 7548fbf commit 3b49e54
Showing 1 changed file with 17 additions and 6 deletions.
23 changes: 17 additions & 6 deletions crypto/ed25519-donna/ed25519-donna-impl-base.c
Original file line number Diff line number Diff line change
Expand Up @@ -103,22 +103,33 @@ void ge25519_nielsadd2_p1p1(ge25519_p1p1 *r, const ge25519 *p, const ge25519_nie
#endif

void ge25519_pnielsadd_p1p1(ge25519_p1p1 *r, const ge25519 *p, const ge25519_pniels *q, unsigned char signbit) {
const bignum25519 *qb = (const bignum25519 *)q;
bignum25519 *rb = (bignum25519 *)r;
bignum25519 q1, q2 = {0};
bignum25519 a = {0}, b = {0}, c = {0};

curve25519_sub(a, p->y, p->x);
curve25519_add(b, p->y, p->x);
curve25519_mul(a, a, qb[signbit]); /* ysubx for +, xaddy for - */
curve25519_mul(r->x, b, qb[signbit^1]); /* xaddy for +, ysubx for - */

// a = a * ysubx, r->x = b * xaddy for signbit = 0
// a = a * xaddy, r->x = b * ysubx for signbit = 1
curve25519_copy(q1, q->ysubx);
curve25519_copy(q2, q->xaddy);
curve25519_swap_conditional(q1, q2, signbit);
curve25519_mul(a, a, q1);
curve25519_mul(r->x, b, q2);

curve25519_add(r->y, r->x, a);
curve25519_sub(r->x, r->x, a);
curve25519_mul(c, p->t, q->t2d);
curve25519_mul(r->t, p->z, q->z);
curve25519_add_reduce(r->t, r->t, r->t);
curve25519_copy(r->z, r->t);
curve25519_add(rb[2+signbit], rb[2+signbit], c); /* z for +, t for - */
curve25519_sub(rb[2+(signbit^1)], rb[2+(signbit^1)], c); /* t for +, z for - */

// r->z = r->z + c, r->t = r->t - c for signbit == 0
// r->z = r->z - c, r->t = r->t + c for signbit == 1
curve25519_swap_conditional(r->z, r->t, signbit);
curve25519_add(r->z, r->z, c);
curve25519_sub(r->t, r->t, c);
curve25519_swap_conditional(r->z, r->t, signbit);
}

void ge25519_double_partial(ge25519 *r, const ge25519 *p) {
Expand Down

0 comments on commit 3b49e54

Please sign in to comment.