diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-07-23 15:17:12 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-07-23 15:17:12 +0700 |
| commit | 6e306046568f9a4d13639b913f0ff6d5879fa165 (patch) | |
| tree | 994b8711674bb146ff578c1f0dff649282962acb /crypto/src/math/ec/multiplier | |
| parent | Update encrypt_then_mac entry (diff) | |
| download | BouncyCastle.NET-ed25519-6e306046568f9a4d13639b913f0ff6d5879fa165.tar.xz | |
Add automatic EC point validation for decoded points and for multiplier outputs
Diffstat (limited to 'crypto/src/math/ec/multiplier')
| -rw-r--r-- | crypto/src/math/ec/multiplier/AbstractECMultiplier.cs | 8 | ||||
| -rw-r--r-- | crypto/src/math/ec/multiplier/ReferenceMultiplier.cs | 28 |
2 files changed, 8 insertions, 28 deletions
diff --git a/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs b/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs index fe683726f..517881323 100644 --- a/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs +++ b/crypto/src/math/ec/multiplier/AbstractECMultiplier.cs @@ -10,7 +10,13 @@ return p.Curve.Infinity; ECPoint positive = MultiplyPositive(p, k.Abs()); - return sign > 0 ? positive : positive.Negate(); + ECPoint result = sign > 0 ? positive : positive.Negate(); + + /* + * Although the various multipliers ought not to produce invalid output under normal + * circumstances, a final check here is advised to guard against fault attacks. + */ + return ECAlgorithms.ValidatePoint(result); } protected abstract ECPoint MultiplyPositive(ECPoint p, BigInteger k); diff --git a/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs b/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs index 832fd7be4..4848ada39 100644 --- a/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs +++ b/crypto/src/math/ec/multiplier/ReferenceMultiplier.cs @@ -3,35 +3,9 @@ namespace Org.BouncyCastle.Math.EC.Multiplier public class ReferenceMultiplier : AbstractECMultiplier { - /** - * Simple shift-and-add multiplication. Serves as reference implementation - * to verify (possibly faster) implementations in - * {@link org.bouncycastle.math.ec.ECPoint ECPoint}. - * - * @param p The point to multiply. - * @param k The factor by which to multiply. - * @return The result of the point multiplication <code>k * p</code>. - */ protected override ECPoint MultiplyPositive(ECPoint p, BigInteger k) { - ECPoint q = p.Curve.Infinity; - int t = k.BitLength; - if (t > 0) - { - if (k.TestBit(0)) - { - q = p; - } - for (int i = 1; i < t; i++) - { - p = p.Twice(); - if (k.TestBit(i)) - { - q = q.Add(p); - } - } - } - return q; + return ECAlgorithms.ReferenceMultiply(p, k); } } } |