NotificationsYou must be signed in to change notification settings
Fork498
Star1.8k

Commitec735ed

committed

utils: leak less information ingetNAF()

1 parent71e4e8e commitec735edCopy full SHA for ec735ed

File tree

2 files changed

+15

-14

lines changed

lib/elliptic
- curve
  - base.js
- utils.js

2 files changed

+15

-14

lines changed

`‎lib/elliptic/curve/base.js`

Lines changed: 6 additions & 4 deletions

Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,8 @@ function BaseCurve(type, conf) {`
`28`	`28`	`this._wnafT3=newArray(4);`
`29`	`29`	`this._wnafT4=newArray(4);`
`30`	`30`
	`31`	`+this._bitLength=this.n ?this.n.bitLength() :0;`
	`32`	`+`
`31`	`33`	`// Generalized Greg Maxwell's trick`
`32`	`34`	`varadjustCount=this.n&&this.p.div(this.n);`
`33`	`35`	`if(!adjustCount\|\|adjustCount.cmpn(100)>0){`
`@@ -51,7 +53,7 @@ BaseCurve.prototype._fixedNafMul = function _fixedNafMul(p, k) {`
`51`	`53`	`assert(p.precomputed);`
`52`	`54`	`vardoubles=p._getDoubles();`
`53`	`55`
`54`		`-varnaf=getNAF(k,1);`
	`56`	`+varnaf=getNAF(k,1,this._bitLength);`
`55`	`57`	`varI=(1<<(doubles.step+1))-(doubles.step%2===0 ?2 :1);`
`56`	`58`	`I/=3;`
`57`	`59`
`@@ -88,7 +90,7 @@ BaseCurve.prototype._wnafMul = function _wnafMul(p, k) {`
`88`	`90`	`varwnd=nafPoints.points;`
`89`	`91`
`90`	`92`	`// Get NAF form`
`91`		`-varnaf=getNAF(k,w);`
	`93`	`+varnaf=getNAF(k,w,this._bitLength);`
`92`	`94`
`93`	`95`	// Add `this`*(N+1) for every w-NAF index
`94`	`96`	`varacc=this.jpoint(null,null,null);`
`@@ -144,8 +146,8 @@ BaseCurve.prototype._wnafMulAdd = function _wnafMulAdd(defW,`
`144`	`146`	`vara=i-1;`
`145`	`147`	`varb=i;`
`146`	`148`	`if(wndWidth[a]!==1\|\|wndWidth[b]!==1){`
`147`		`-naf[a]=getNAF(coeffs[a],wndWidth[a]);`
`148`		`-naf[b]=getNAF(coeffs[b],wndWidth[b]);`
	`149`	`+naf[a]=getNAF(coeffs[a],wndWidth[a],this._bitLength);`
	`150`	`+naf[b]=getNAF(coeffs[b],wndWidth[b],this._bitLength);`
`149`	`151`	`max=Math.max(naf[a].length,max);`
`150`	`152`	`max=Math.max(naf[b].length,max);`
`151`	`153`	`continue;`

`‎lib/elliptic/utils.js`

Lines changed: 9 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -12,14 +12,17 @@ utils.toHex = minUtils.toHex;`
`12`	`12`	`utils.encode=minUtils.encode;`
`13`	`13`
`14`	`14`	`// Represent num in a w-NAF form`
`15`		`-functiongetNAF(num,w){`
`16`		`-varnaf=[];`
	`15`	`+functiongetNAF(num,w,bits){`
	`16`	`+varnaf=newArray(Math.max(num.bitLength(),bits)+1);`
	`17`	`+naf.fill(0);`
	`18`	`+`
`17`	`19`	`varws=1<<(w+1);`
`18`	`20`	`vark=num.clone();`
`19`		`-while(k.cmpn(1)>=0){`
	`21`	`+`
	`22`	`+for(vari=0;i<naf.length;i++){`
`20`	`23`	`varz;`
	`24`	`+varmod=k.andln(ws-1);`
`21`	`25`	`if(k.isOdd()){`
`22`		`-varmod=k.andln(ws-1);`
`23`	`26`	`if(mod>(ws>>1)-1)`
`24`	`27`	`z=(ws>>1)-mod;`
`25`	`28`	`else`
`@@ -28,13 +31,9 @@ function getNAF(num, w) {`
`28`	`31`	`}else{`
`29`	`32`	`z=0;`
`30`	`33`	`}`
`31`		`-naf.push(z);`
`32`	`34`
`33`		`-// Optimization, shift by word if possible`
`34`		`-varshift=(k.cmpn(0)!==0&&k.andln(ws-1)===0) ?(w+1) :1;`
`35`		`-for(vari=1;i<shift;i++)`
`36`		`-naf.push(0);`
`37`		`-k.iushrn(shift);`
	`35`	`+naf[i]=z;`
	`36`	`+k.iushrn(1);`
`38`	`37`	`}`
`39`	`38`
`40`	`39`	`returnnaf;`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitec735ed

File tree

2 files changed

2 files changed

`‎lib/elliptic/curve/base.js`

`‎lib/elliptic/utils.js`

0 commit comments