[PATCH 4/8] cipher:ecc: Introduce GCRYECC_FLAG_LEAST_LEAK.

Wed, 26 Mar 2025 22:26:31 -0700 

* src/cipher.h (GCRYECC_FLAG_LEAST_LEAK): New.
* cipher/ecc.c (ecc_generate): Use GCRYECC_FLAG_LEAST_LEAK.
(ecc_check_secret_key, ecc_sign, ecc_decrypt_raw): Likewise.

--

GnuPG-bug-id: 7519
Signed-off-by: NIIBE Yutaka <gni...@fsij.org>
---
 cipher/ecc.c | 8 ++++----
 src/cipher.h | 5 +++++
 2 files changed, 9 insertions(+), 4 deletions(-)


diff --git a/cipher/ecc.c b/cipher/ecc.c
index a165bb7a..d9cd32c3 100644
--- a/cipher/ecc.c
+++ b/cipher/ecc.c
@@ -734,7 +734,7 @@ ecc_generate (const gcry_sexp_t genparms, gcry_sexp_t *r_skey)
   gcry_sexp_t curve_flags = NULL;
   gcry_mpi_t base = NULL;
   gcry_mpi_t public = NULL;
-  int flags = 0;
+  int flags = GCRYECC_FLAG_LEAST_LEAK;
 
   rc = _gcry_mpi_ec_internal_new (&ec, &flags, "ecgen curve", genparms, NULL);
   if (rc)
@@ -894,7 +894,7 @@ static gcry_err_code_t
 ecc_check_secret_key (gcry_sexp_t keyparms)
 {
   gcry_err_code_t rc;
-  int flags = 0;
+  int flags = GCRYECC_FLAG_LEAST_LEAK;
   mpi_ec_t ec = NULL;
 
   /*
@@ -930,7 +930,7 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
   gcry_mpi_t sig_r = NULL;
   gcry_mpi_t sig_s = NULL;
   mpi_ec_t ec = NULL;
-  int flags = 0;
+  int flags = GCRYECC_FLAG_LEAST_LEAK;
 
   _gcry_pk_util_init_encoding_ctx (&ctx, PUBKEY_OP_SIGN, 0);
 
@@ -1475,7 +1475,7 @@ ecc_decrypt_raw (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
   mpi_point_struct kG;
   mpi_point_struct R;
   gcry_mpi_t r = NULL;
-  int flags = 0;
+  int flags = GCRYECC_FLAG_LEAST_LEAK;
   int enable_specific_point_validation;
 
   point_init (&kG);
diff --git a/src/cipher.h b/src/cipher.h
index 0a2551fe..78a7c7ce 100644
--- a/src/cipher.h
+++ b/src/cipher.h
@@ -44,6 +44,11 @@
 #define PUBKEY_FLAG_DJB_TWEAK      (1 << 15)
 #define PUBKEY_FLAG_SM2            (1 << 16)
 #define PUBKEY_FLAG_PREHASH        (1 << 17)
+/*
+ * The internal flag to select least leak implementation for ECC.
+ * It needs to be a distinct value not covered by PUBKEY_* above.
+ */
+#define GCRYECC_FLAG_LEAST_LEAK   (1 << 30)
 
 
 enum pk_operation

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel

Reply via email to