From 176cab0dc5747391168bb41f6b4d7c4b14ea0c0c Mon Sep 17 00:00:00 2001 From: Jeffrey Walton Date: Mon, 29 Jul 2019 10:36:29 -0400 Subject: Update comments Reference the bug report in DL_SignerBase::SignAndRestart for future readers --- pubkey.h | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'pubkey.h') diff --git a/pubkey.h b/pubkey.h index 41249448..654df8c3 100644 --- a/pubkey.h +++ b/pubkey.h @@ -1604,8 +1604,8 @@ public: if (rng.CanIncorporateEntropy()) rng.IncorporateEntropy(representative, representative.size()); + Integer k, ks; const Integer& q = params.GetSubgroupOrder(); - Integer k; if (alg.IsDeterministic()) { const Integer& x = key.GetPrivateExponent(); @@ -1617,7 +1617,9 @@ public: k.Randomize(rng, 1, params.GetSubgroupOrder()-1); } - Integer ks = k + q; + // Due to timing attack on nonce length by Jancar + // https://github.com/weidai11/cryptopp/issues/869 + ks = k + q; if (ks.BitCount() == q.BitCount()) { ks += q; } @@ -1635,7 +1637,7 @@ public: alg.Sign(params, key.GetPrivateExponent(), ma.m_k, e, r, s); */ - size_t rLen = alg.RLen(params); + const size_t rLen = alg.RLen(params); r.Encode(signature, rLen); s.Encode(signature+rLen, alg.SLen(params)); -- cgit v1.2.1