Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dsa: migrate from num-bigint-dig to crypto-bigint #779

Open
tarcieri opened this issue Jan 17, 2024 · 1 comment
Open

dsa: migrate from num-bigint-dig to crypto-bigint #779

tarcieri opened this issue Jan 17, 2024 · 1 comment
Labels
security Security-critical issues

Comments

@tarcieri
Copy link
Member

The num-bigint(-dig) crate(s) implement operations in a non-constant-time manner. Notably they include a normalize function which strips trailing zeros, which is called all over the place.

The crypto-bigint crate has been written from the ground-up paying attention to constant-time, and the latest crypto-bigint prereleases support a BoxedUint which is suitable for use with dsa:

https://docs.rs/crypto-bigint/0.6.0-pre.11/crypto_bigint/struct.BoxedUint.html

Additionally, the latest prerelease of the crypto-primes crate support generic operation over Uint and BoxedUint:

https://docs.rs/crypto-primes/0.6.0-pre.0/crypto_primes/fn.generate_prime_with_rng.html
@tarcieri tarcieri added the security Security-critical issues label Jan 17, 2024
This was referenced Jan 17, 2024
Closed
Draft
@tarcieri
Copy link
Member Author

PR for this open under #784

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
security Security-critical issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tarcieri