diff options
| author | Jeffrey Walton <noloader@gmail.com> | 2019-07-29 10:36:29 -0400 |
|---|---|---|
| committer | Jeffrey Walton <noloader@gmail.com> | 2019-07-29 10:36:29 -0400 |
| commit | 176cab0dc5747391168bb41f6b4d7c4b14ea0c0c (patch) | |
| tree | 8a91f311ccaee844b2772099211d556204d82994 /pubkey.h | |
| parent | f68f00f5601f6e4aade302e92cb1a7f8e85c250f (diff) | |
| download | cryptopp-git-176cab0dc5747391168bb41f6b4d7c4b14ea0c0c.tar.gz | |
Update comments
Reference the bug report in DL_SignerBase::SignAndRestart for future readers
Diffstat (limited to 'pubkey.h')
| -rw-r--r-- | pubkey.h | 8 |
1 files changed, 5 insertions, 3 deletions
@@ -1604,8 +1604,8 @@ public: if (rng.CanIncorporateEntropy())
rng.IncorporateEntropy(representative, representative.size());
+ Integer k, ks;
const Integer& q = params.GetSubgroupOrder();
- Integer k;
if (alg.IsDeterministic())
{
const Integer& x = key.GetPrivateExponent();
@@ -1617,7 +1617,9 @@ public: k.Randomize(rng, 1, params.GetSubgroupOrder()-1);
}
- Integer ks = k + q;
+ // Due to timing attack on nonce length by Jancar
+ // https://github.com/weidai11/cryptopp/issues/869
+ ks = k + q;
if (ks.BitCount() == q.BitCount()) {
ks += q;
}
@@ -1635,7 +1637,7 @@ public: alg.Sign(params, key.GetPrivateExponent(), ma.m_k, e, r, s);
*/
- size_t rLen = alg.RLen(params);
+ const size_t rLen = alg.RLen(params);
r.Encode(signature, rLen);
s.Encode(signature+rLen, alg.SLen(params));
|