diff options
| author | tb <> | 2023-08-08 13:09:28 +0000 | 
|---|---|---|
| committer | tb <> | 2023-08-08 13:09:28 +0000 | 
| commit | 409280fb4ae64371e28c3111dba6a52b1f295a56 (patch) | |
| tree | 53e2912d8befdb105ede8dcdcf70f4b83e3fd1b1 /src/lib/libc/crypt/arc4random_uniform.c | |
| parent | ad0272791cbb2340f4870bcdee4d925c9559beea (diff) | |
| download | openbsd-409280fb4ae64371e28c3111dba6a52b1f295a56.tar.gz openbsd-409280fb4ae64371e28c3111dba6a52b1f295a56.tar.bz2 openbsd-409280fb4ae64371e28c3111dba6a52b1f295a56.zip | |
Remove ECDSA nonce padding kludge
This was a workaround due to the historically non-constant time scalar
multiplication in the EC code. Since Brumley and Tuveri implemented the
Montgomery ladder, this is no longer useful and should have been removed
a long time ago, as it now does more harm than good.
Keep the preallocations as they still help hiding some timing info.
ok jsing
Diffstat (limited to 'src/lib/libc/crypt/arc4random_uniform.c')
0 files changed, 0 insertions, 0 deletions
