27 lines
942 B
Diff
27 lines
942 B
Diff
commit 2472be710f8518caab1f62999c50970b475f162f
|
|
Author: Angel Yankov <angel.yankov@suse.com>
|
|
Date: Wed May 28 16:17:10 2025 +0300
|
|
|
|
Fix ElGamal side channel issue
|
|
|
|
diff --git a/pubkey.h b/pubkey.h
|
|
index 31e00a33..b12ef458 100644
|
|
--- a/pubkey.h
|
|
+++ b/pubkey.h
|
|
@@ -1854,8 +1854,13 @@ public:
|
|
|
|
SecByteBlock derivedKey(encAlg.GetSymmetricKeyLength(encAlg.GetMaxSymmetricPlaintextLength(ciphertextLength)));
|
|
derivAlg.Derive(params, derivedKey, derivedKey.size(), z, q, parameters);
|
|
-
|
|
- return encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
|
|
+ DecodingResult res = encAlg.SymmetricDecrypt(derivedKey, ciphertext, ciphertextLength, plaintext, parameters);
|
|
+ Element z2 = agreeAlg.AgreeWithStaticPrivateKey(params, q, true, key.GetPrivateExponent());
|
|
+ if (z == z2) {
|
|
+ } else {
|
|
+ return DecodingResult();
|
|
+ }
|
|
+ return res;
|
|
}
|
|
catch (DL_BadElement &)
|
|
{
|