projects / libgcrypt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 45c3934) | patch
ecc: Store EdDSA session key in secure memory.
authorJo Van Bulck <jo.vanbulck@cs.kuleuven.be>
Thu, 19 Jan 2017 16:00:15 +0000 (17:00 +0100)
committerWerner Koch <wk@gnupg.org>
Thu, 1 Jun 2017 13:52:10 +0000 (15:52 +0200)
commit5a22de904a0a366ae79f03ff1e13a1232a89e26b
tree32fad96216afb6a746608f23e9ab0e7a7370eaeftree | snapshot
parent45c39340c9926c2c5801dbab7609687c41e9ff1fcommit | diff
ecc: Store EdDSA session key in secure memory.

* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate
session key.
--

An attacker who learns the EdDSA session key from side-channel
observation during the signing process, can easily revover the long-
term secret key. Storing the session key in secure memory ensures that
constant time point operations are used in the MPI library.

Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>
cipher/ecc-eddsa.c diff | blob | history
The GNU crypto library