mirrors/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2024-11-20 18:49:30 +01:00
Code Issues Projects Releases Wiki Activity

Merge #422: Restructure nonce clearing

Browse Source 
3769783 Restructure nonce clearing (bgorlick)
0f9e69d Restructure nonce clearing (bgorlick)
This commit is contained in:
Pieter Wuille 2016-10-26 14:14:13 -07:00
commit a922365f20
No known key found for this signature in database
GPG Key ID: DBA1A67379A1A931
3 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/modules/recovery/main_impl.h Normal file → Executable file
View File

@ -138,16 +138,15 @@ int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecd
secp256k1_scalar_set_b32(&sec, seckey, &overflow); secp256k1_scalar_set_b32(&sec, seckey, &overflow);
/* Fail if the secret key is invalid. */ /* Fail if the secret key is invalid. */
if (!overflow && !secp256k1_scalar_is_zero(&sec)) { if (!overflow && !secp256k1_scalar_is_zero(&sec)) {
unsigned char nonce32[32];
unsigned int count = 0; unsigned int count = 0;
secp256k1_scalar_set_b32(&msg, msg32, NULL); secp256k1_scalar_set_b32(&msg, msg32, NULL);
while (1) { while (1) {
unsigned char nonce32[32];
ret = noncefp(nonce32, msg32, seckey, NULL, (void*)noncedata, count); ret = noncefp(nonce32, msg32, seckey, NULL, (void*)noncedata, count);
if (!ret) { if (!ret) {
break; break;
} }
secp256k1_scalar_set_b32(&non, nonce32, &overflow); secp256k1_scalar_set_b32(&non, nonce32, &overflow);
memset(nonce32, 0, 32);
if (!secp256k1_scalar_is_zero(&non) && !overflow) { if (!secp256k1_scalar_is_zero(&non) && !overflow) {
if (secp256k1_ecdsa_sig_sign(&ctx->ecmult_gen_ctx, &r, &s, &sec, &msg, &non, &recid)) { if (secp256k1_ecdsa_sig_sign(&ctx->ecmult_gen_ctx, &r, &s, &sec, &msg, &non, &recid)) {
break; break;
@ -155,6 +154,7 @@ int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecd
} }
count++; count++;
} }
memset(nonce32, 0, 32);
secp256k1_scalar_clear(&msg); secp256k1_scalar_clear(&msg);
secp256k1_scalar_clear(&non); secp256k1_scalar_clear(&non);
secp256k1_scalar_clear(&sec); secp256k1_scalar_clear(&sec);

4
src/modules/schnorr/main_impl.h Normal file → Executable file
View File

@ -24,6 +24,7 @@ int secp256k1_schnorr_sign(const secp256k1_context* ctx, unsigned char *sig64, c
secp256k1_scalar sec, non; secp256k1_scalar sec, non;
int ret = 0; int ret = 0;
int overflow = 0; int overflow = 0;
unsigned char nonce32[32];
unsigned int count = 0; unsigned int count = 0;
VERIFY_CHECK(ctx != NULL); VERIFY_CHECK(ctx != NULL);
ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx)); ARG_CHECK(secp256k1_ecmult_gen_context_is_built(&ctx->ecmult_gen_ctx));
@ -36,13 +37,11 @@ int secp256k1_schnorr_sign(const secp256k1_context* ctx, unsigned char *sig64, c
secp256k1_scalar_set_b32(&sec, seckey, NULL); secp256k1_scalar_set_b32(&sec, seckey, NULL);
while (1) { while (1) {
unsigned char nonce32[32];
ret = noncefp(nonce32, msg32, seckey, secp256k1_schnorr_algo16, (void*)noncedata, count); ret = noncefp(nonce32, msg32, seckey, secp256k1_schnorr_algo16, (void*)noncedata, count);
if (!ret) { if (!ret) {
break; break;
} }
secp256k1_scalar_set_b32(&non, nonce32, &overflow); secp256k1_scalar_set_b32(&non, nonce32, &overflow);
memset(nonce32, 0, 32);
if (!secp256k1_scalar_is_zero(&non) && !overflow) { if (!secp256k1_scalar_is_zero(&non) && !overflow) {
if (secp256k1_schnorr_sig_sign(&ctx->ecmult_gen_ctx, sig64, &sec, &non, NULL, secp256k1_schnorr_msghash_sha256, msg32)) { if (secp256k1_schnorr_sig_sign(&ctx->ecmult_gen_ctx, sig64, &sec, &non, NULL, secp256k1_schnorr_msghash_sha256, msg32)) {
break; break;
@ -53,6 +52,7 @@ int secp256k1_schnorr_sign(const secp256k1_context* ctx, unsigned char *sig64, c
if (!ret) { if (!ret) {
memset(sig64, 0, 64); memset(sig64, 0, 64);
} }
memset(nonce32, 0, 32);
secp256k1_scalar_clear(&non); secp256k1_scalar_clear(&non);
secp256k1_scalar_clear(&sec); secp256k1_scalar_clear(&sec);
return ret; return ret;

4
src/secp256k1.c Normal file → Executable file
View File

@ -359,16 +359,15 @@ int secp256k1_ecdsa_sign(const secp256k1_context* ctx, secp256k1_ecdsa_signature
secp256k1_scalar_set_b32(&sec, seckey, &overflow); secp256k1_scalar_set_b32(&sec, seckey, &overflow);
/* Fail if the secret key is invalid. */ /* Fail if the secret key is invalid. */
if (!overflow && !secp256k1_scalar_is_zero(&sec)) { if (!overflow && !secp256k1_scalar_is_zero(&sec)) {
unsigned char nonce32[32];
unsigned int count = 0; unsigned int count = 0;
secp256k1_scalar_set_b32(&msg, msg32, NULL); secp256k1_scalar_set_b32(&msg, msg32, NULL);
while (1) { while (1) {
unsigned char nonce32[32];
ret = noncefp(nonce32, msg32, seckey, NULL, (void*)noncedata, count); ret = noncefp(nonce32, msg32, seckey, NULL, (void*)noncedata, count);
if (!ret) { if (!ret) {
break; break;
} }
secp256k1_scalar_set_b32(&non, nonce32, &overflow); secp256k1_scalar_set_b32(&non, nonce32, &overflow);
memset(nonce32, 0, 32);
if (!overflow && !secp256k1_scalar_is_zero(&non)) { if (!overflow && !secp256k1_scalar_is_zero(&non)) {
if (secp256k1_ecdsa_sig_sign(&ctx->ecmult_gen_ctx, &r, &s, &sec, &msg, &non, NULL)) { if (secp256k1_ecdsa_sig_sign(&ctx->ecmult_gen_ctx, &r, &s, &sec, &msg, &non, NULL)) {
break; break;
@ -376,6 +375,7 @@ int secp256k1_ecdsa_sign(const secp256k1_context* ctx, secp256k1_ecdsa_signature
} }
count++; count++;
} }
memset(nonce32, 0, 32);
secp256k1_scalar_clear(&msg); secp256k1_scalar_clear(&msg);
secp256k1_scalar_clear(&non); secp256k1_scalar_clear(&non);
secp256k1_scalar_clear(&sec); secp256k1_scalar_clear(&sec);