ec/ecdsa_ossl.c: revert blinding in ECDSA signature.
Originally suggested solution for "Return Of the Hidden Number Problem" is arguably too expensive. While it has marginal impact on slower curves, none to ~6%, optimized implementations suffer real penalties. Most notably sign with P-256 went more than 2 times[!] slower. Instead, just implement constant-time BN_mod_add_quick. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6796) (cherry picked from commit 3fc7a9b9) Resolved conflicts: crypto/ec/ecdsa_ossl.c
parent
2f19065b
Please register or sign in to comment