Provide constant time conditional selection between EC_FIELD_ELEMENTs.

Provide a ec_field_element_select() function that allows for constant time conditional selection between two EC_FIELD_ELEMENTs. This will become a building block for constant time point multiplication. ok tb@
author: jsing <> 2025-08-02 15:44:09 +0000
committer: jsing <> 2025-08-02 15:44:09 +0000
commit: c2a138d43f713ed803eed13034f57ed2c5f72dc7 (patch)
tree: c8109e9d88fa52c6af035cfe6ce1868562a9cae3 /src
parent: 767b2822ebb9d7b6b9ecab56928ee5f68f673eec (diff)
download: openbsd-c2a138d43f713ed803eed13034f57ed2c5f72dc7.tar.gz
openbsd-c2a138d43f713ed803eed13034f57ed2c5f72dc7.tar.bz2
openbsd-c2a138d43f713ed803eed13034f57ed2c5f72dc7.zip
2 files changed, 17 insertions, 2 deletions
diff --git a/src/lib/libcrypto/ec/ec_field.c b/src/lib/libcrypto/ec/ec_field.c
index ec1c7d11e0..0513b9f410 100644
--- a/src/lib/libcrypto/ec/ec_field.c
+++ b/src/lib/libcrypto/ec/ec_field.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ec_field.c,v 1.1 2025/05/25 05:12:05 jsing Exp $      */
+/*      $OpenBSD: ec_field.c,v 1.2 2025/08/02 15:44:09 jsing Exp $      */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -131,6 +131,19 @@ ec_field_element_copy(EC_FIELD_ELEMENT *dst, const EC_FIELD_ELEMENT *src)
        memcpy(dst, src, sizeof(EC_FIELD_ELEMENT));
 }
+void
+ec_field_element_select(const EC_FIELD_MODULUS *fm, EC_FIELD_ELEMENT *r,
+    const EC_FIELD_ELEMENT *a, const EC_FIELD_ELEMENT *b, int conditional)
+{
+        BN_ULONG mask;
+        int i;
+        mask = bn_ct_eq_zero_mask(conditional);
+        for (i = 0; i < fm->n; i++)
+                r->w[i] = (a->w[i] & mask) | (b->w[i] & ~mask);
+}
 int
 ec_field_element_equal(const EC_FIELD_MODULUS *fm, const EC_FIELD_ELEMENT *a,
    const EC_FIELD_ELEMENT *b)
diff --git a/src/lib/libcrypto/ec/ec_internal.h b/src/lib/libcrypto/ec/ec_internal.h
index 29b447e8c9..327d9ea94d 100644
--- a/src/lib/libcrypto/ec/ec_internal.h
+++ b/src/lib/libcrypto/ec/ec_internal.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ec_internal.h,v 1.1 2025/05/25 05:12:05 jsing Exp $   */
+/*      $OpenBSD: ec_internal.h,v 1.2 2025/08/02 15:44:09 jsing Exp $   */
 /*
 * Copyright (c) 2024 Joel Sing <jsing@openbsd.org>
 *
@@ -46,6 +46,8 @@ int ec_field_element_to_bn(const EC_FIELD_MODULUS *fm, const EC_FIELD_ELEMENT *f
    BIGNUM *bn, BN_CTX *ctx);
 void ec_field_element_copy(EC_FIELD_ELEMENT *dst, const EC_FIELD_ELEMENT *src);
+void ec_field_element_select(const EC_FIELD_MODULUS *fm, EC_FIELD_ELEMENT *r,
+    const EC_FIELD_ELEMENT *a, const EC_FIELD_ELEMENT *b, int conditional);
 int ec_field_element_equal(const EC_FIELD_MODULUS *fm, const EC_FIELD_ELEMENT *a,
    const EC_FIELD_ELEMENT *b);
author	jsing <>	2025-08-02 15:44:09 +0000
committer	jsing <>	2025-08-02 15:44:09 +0000
commit	c2a138d43f713ed803eed13034f57ed2c5f72dc7 (patch)
tree	c8109e9d88fa52c6af035cfe6ce1868562a9cae3 /src
parent	767b2822ebb9d7b6b9ecab56928ee5f68f673eec (diff)
download	openbsd-c2a138d43f713ed803eed13034f57ed2c5f72dc7.tar.gz openbsd-c2a138d43f713ed803eed13034f57ed2c5f72dc7.tar.bz2 openbsd-c2a138d43f713ed803eed13034f57ed2c5f72dc7.zip