Merge pull request #143 from westin123/master
Conditionally removed vararg related macros for platforms where they …
diff --git a/README.md b/README.md
index fd31d1c..111321b 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@
Usage Notes
-----------
### Point Representation ###
-Compressed points are represented in the standard format as defined in http://www.secg.org/sec1-v2.pdf; uncompressed points are represented in standard format, but without the `0x04` prefix. All functions except `uECC_compress()` only accept uncompressed points; use `uECC_compress()` and `uECC_decompress()` to convert between compressed and uncompressed point representations.
+Compressed points are represented in the standard format as defined in http://www.secg.org/sec1-v2.pdf; uncompressed points are represented in standard format, but without the `0x04` prefix. All functions except `uECC_decompress()` only accept uncompressed points; use `uECC_compress()` and `uECC_decompress()` to convert between compressed and uncompressed point representations.
Private keys are represented in the standard format.
diff --git a/uECC.c b/uECC.c
index bb4e232..3cf2b1f 100644
--- a/uECC.c
+++ b/uECC.c
@@ -1120,7 +1120,7 @@
}
#endif /* uECC_SUPPORT_COMPRESSED_POINT */
-int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve) {
+uECC_VLI_API int uECC_valid_point(const uECC_word_t *point, uECC_Curve curve) {
uECC_word_t tmp1[uECC_MAX_WORDS];
uECC_word_t tmp2[uECC_MAX_WORDS];
wordcount_t num_words = curve->num_words;
@@ -1215,7 +1215,7 @@
bcopy((uint8_t *) native, bits, bits_size);
#else
uECC_vli_bytesToNative(native, bits, bits_size);
-#endif
+#endif
if (bits_size * 8 <= (unsigned)curve->num_n_bits) {
return;
}
@@ -1244,6 +1244,7 @@
uECC_word_t tmp[uECC_MAX_WORDS];
uECC_word_t s[uECC_MAX_WORDS];
uECC_word_t *k2[2] = {tmp, s};
+ uECC_word_t *initial_Z = 0;
#if uECC_VLI_NATIVE_LITTLE_ENDIAN
uECC_word_t *p = (uECC_word_t *)signature;
#else
@@ -1260,7 +1261,15 @@
}
carry = regularize_k(k, tmp, s, curve);
- EccPoint_mult(p, curve->G, k2[!carry], 0, num_n_bits + 1, curve);
+ /* If an RNG function was specified, try to get a random initial Z value to improve
+ protection against side-channel attacks. */
+ if (g_rng_function) {
+ if (!uECC_generate_random_int(k2[carry], curve->p, num_words)) {
+ return 0;
+ }
+ initial_Z = k2[carry];
+ }
+ EccPoint_mult(p, curve->G, k2[!carry], initial_Z, num_n_bits + 1, curve);
if (uECC_vli_isZero(p, num_words)) {
return 0;
}
@@ -1304,7 +1313,7 @@
bcopy((uint8_t *) signature + curve->num_bytes, (uint8_t *) s, curve->num_bytes);
#else
uECC_vli_nativeToBytes(signature + curve->num_bytes, curve->num_bytes, s);
-#endif
+#endif
return 1;
}
@@ -1477,7 +1486,7 @@
uECC_word_t *_public = (uECC_word_t *)public_key;
#else
uECC_word_t _public[uECC_MAX_WORDS * 2];
-#endif
+#endif
uECC_word_t r[uECC_MAX_WORDS], s[uECC_MAX_WORDS];
wordcount_t num_words = curve->num_words;
wordcount_t num_n_words = BITS_TO_WORDS(curve->num_n_bits);
