dragonfly: Disable use of groups using Brainpool curves
Disable groups that use Brainpool curves for now since they leak more timing information due to the prime not being close to a power of two. This removes use of groups 28, 29, and 30 from SAE and EAP-pwd. Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen
parent
14b408c04c
commit
876c5eaa6d
1 changed files with 4 additions and 2 deletions
|
|
@ -21,9 +21,11 @@ int dragonfly_suitable_group(int group, int ecc_only)
|
||||||
* purposes: FFC groups whose prime is >= 3072 bits and ECC groups
|
* purposes: FFC groups whose prime is >= 3072 bits and ECC groups
|
||||||
* defined over a prime field whose prime is >= 256 bits. Furthermore,
|
* defined over a prime field whose prime is >= 256 bits. Furthermore,
|
||||||
* ECC groups defined over a characteristic 2 finite field and ECC
|
* ECC groups defined over a characteristic 2 finite field and ECC
|
||||||
* groups with a co-factor greater than 1 are not suitable. */
|
* groups with a co-factor greater than 1 are not suitable. Disable
|
||||||
|
* groups that use Brainpool curves as well for now since they leak more
|
||||||
|
* timing information due to the prime not being close to a power of
|
||||||
|
* two. */
|
||||||
return group == 19 || group == 20 || group == 21 ||
|
return group == 19 || group == 20 || group == 21 ||
|
||||||
group == 28 || group == 29 || group == 30 ||
|
|
||||||
(!ecc_only &&
|
(!ecc_only &&
|
||||||
(group == 15 || group == 16 || group == 17 || group == 18));
|
(group == 15 || group == 16 || group == 17 || group == 18));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue