aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/ec_group/point_mul.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/pubkey/ec_group/point_mul.cpp')
-rw-r--r--src/lib/pubkey/ec_group/point_mul.cpp9
1 files changed, 7 insertions, 2 deletions
diff --git a/src/lib/pubkey/ec_group/point_mul.cpp b/src/lib/pubkey/ec_group/point_mul.cpp
index d42a5d5e8..d052b837c 100644
--- a/src/lib/pubkey/ec_group/point_mul.cpp
+++ b/src/lib/pubkey/ec_group/point_mul.cpp
@@ -6,6 +6,7 @@
#include <botan/internal/point_mul.h>
#include <botan/rng.h>
+#include <botan/reducer.h>
#include <botan/internal/rounding.h>
namespace Botan {
@@ -38,8 +39,10 @@ PointGFp Blinded_Point_Multiply::blinded_multiply(const BigInt& scalar,
return m_point_mul->mul(scalar, rng, m_order, m_ws);
}
-PointGFp_Base_Point_Precompute::PointGFp_Base_Point_Precompute(const PointGFp& base) :
+PointGFp_Base_Point_Precompute::PointGFp_Base_Point_Precompute(const PointGFp& base,
+ const Modular_Reducer& mod_order) :
m_base_point(base),
+ m_mod_order(mod_order),
m_p_words(base.get_curve().get_p().size()),
m_T_size(base.get_curve().get_p().bits() + PointGFp_SCALAR_BLINDING_BITS + 1)
{
@@ -97,7 +100,9 @@ PointGFp PointGFp_Base_Point_Precompute::mul(const BigInt& k,
// Choose a small mask m and use k' = k + m*order (Coron's 1st countermeasure)
const BigInt mask(rng, PointGFp_SCALAR_BLINDING_BITS, false);
- const BigInt scalar = k + group_order * mask;
+
+ // Instead of reducing k mod group order should we alter the mask size??
+ const BigInt scalar = m_mod_order.reduce(k) + group_order * mask;
size_t windows = round_up(scalar.bits(), 2) / 2;