diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2011-09-01 14:23:41 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2011-09-01 14:23:41 +0000 |
commit | a0bf2c86abcbb1e6659816b9ca97ca81c154eb41 (patch) | |
tree | 682b1508b76eb7322c8f30e905c59fb7834a2064 /crypto | |
parent | 6a662a45f3d15ae6d0cd895320d21a566fb55fea (diff) | |
download | openssl-new-a0bf2c86abcbb1e6659816b9ca97ca81c154eb41.tar.gz |
make timing attack protection unconditional
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/ecdsa/ecs_ossl.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/crypto/ecdsa/ecs_ossl.c b/crypto/ecdsa/ecs_ossl.c index bbb5588cbe..1bbf328de5 100644 --- a/crypto/ecdsa/ecs_ossl.c +++ b/crypto/ecdsa/ecs_ossl.c @@ -144,7 +144,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, } while (BN_is_zero(k)); -#ifdef ECDSA_POINT_MUL_NO_CONSTTIME /* We do not want timing information to leak the length of k, * so we compute G*k using an equivalent scalar of fixed * bit-length. */ @@ -152,7 +151,6 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, if (!BN_add(k, k, order)) goto err; if (BN_num_bits(k) <= BN_num_bits(order)) if (!BN_add(k, k, order)) goto err; -#endif /* def(ECDSA_POINT_MUL_NO_CONSTTIME) */ /* compute r the x-coordinate of generator * k */ if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) |