Home GnuPG
Diffusion libgcrypt 3583e2ebcad5

rsa, elgamal: avoid logical not operator in constant-time code
3583e2ebcad5Unpublished
Actions

Unpublished Commit · Learn More

Not On Permanent Ref: This commit is not an ancestor of any permanent ref.

Description

rsa, elgamal: avoid logical not operator in constant-time code

* cipher/elgamal.c (elg_decrypt): Replace ! operator with calls to
ct_is_not_zero/ct_is_zero/ct_ulong_select.
* cipher/rsa-common.c (_gcry_rsa_pkcs1_decode_for_enc): Replace !
operator with call to ct_is_zero.
* cipher/rsa.c (rsa_decrypt): Replace ! operator with calls to
ct_is_not_zero/ct_is_zero/ct_ulong_select.
* src/const-time.c (_gcry_ct_vzero, _gcry_ct_vone): New.
* src/const-time.h (_gcry_ct_vzero, _gcry_ct_vone): New.
(ct_is_not_zero, ct_is_zero, DEFINE_CT_TYPE_SELECT_FUNC)
(ct_uintptr_select, ct_ulong_select): New.
(sexp_null_cond): Use ct_uintptr_select.

Cherry-pick master commit of:
84f934c09afac18b3f4351646c0fe6f93aede277

  • Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>

Details

Provenance
jukiviliAuthored on Oct 30 2023, 7:15 PM
gniibeCommitted on Nov 6 2023, 2:30 AM
Parents
rC5e9ba851948f: const-time: always avoid comparison operator for byte comparison
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (5)

PathSize
cipher/
src/

rC3583e2ebcad5

View Options

cipher/elgamal.c

Loading...
View Options

cipher/rsa-common.c

Loading...
View Options

cipher/rsa.c

Loading...
View Options

src/const-time.c

Loading...
View Options

src/const-time.h

Loading...