Skip to content

Commit

Permalink
8.0.13 release
Browse files Browse the repository at this point in the history
  • Loading branch information
@kjur
kjur committed Mar 31, 2020
1 parent d282c71 commit 9dcb89c
Show file tree
Hide file tree
Showing 17 changed files with 228 additions and 28 deletions.
13 changes: 13 additions & 0 deletions ChangeLog.txt
View file
@@ -1,6 +1,19 @@

ChangeLog for jsrsasign

* Changes from 8.0.12 to 8.0.13 (2020-Mar-31)
- LICENSE.txt
- fixed wrong description from BSD to MIT License
- ext/ec.js
- mitigate Minerva timing attack in ECPointFp.multiply method
   https://minerva.crocs.fi.muni.cz/
- test/qunit-do-crypto-ecdsa.html
- testcase fix
- sample_node/tsr2certs added
- script to extract certificates from timestamp response or token
- npm
- ECPointFp, ECCurveFp and ECFieldElementFp are now exported.

* Changes from 8.0.11 to 8.0.12 (2018-Apr-22)
- base64x 1.1.13 to 1.1.14
- function iptohex added
Expand Down
2 changes: 1 addition & 1 deletion LICENSE.txt
View file
Expand Up @@ -21,7 +21,7 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

LICENSE: BSD License
LICENSE: MIT License
----

RSA and ECC in JavaScript
Expand Down
1 change: 1 addition & 0 deletions Makefile
View file
Expand Up @@ -22,6 +22,7 @@ FILES_MIN = \
min/jwsjs-2.0.min.js

FILES_EXT_MIN = \
ext/ec-min.js \
ext/rsa-min.js \
ext/rsa2-min.js

Expand Down
2 changes: 1 addition & 1 deletion bower.json
View file
@@ -1,6 +1,6 @@
{
"name": "kjur-jsrsasign",
"version": "8.0.12",
"version": "8.0.13",
"main": "jsrsasign-all-min.js",
"description": "The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation, ASN.1, PKCS#1/5/8 private/public key, X.509 certificate, CRL, OCSP, CMS SignedData, TimeStamp, CAdES, JWS and JWT in pure JavaScript.",
"license": "MIT",
Expand Down
2 changes: 1 addition & 1 deletion ext/ec-min.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

25 changes: 23 additions & 2 deletions ext/ec.js
View file
Expand Up @@ -182,16 +182,25 @@ function pointFpTwice() {

// Simple NAF (Non-Adjacent Form) multiplication algorithm
// TODO: modularize the multiplication algorithm
// UPDATE: 2020.03.30 mitigate Minerva timing attack https://minerva.crocs.fi.muni.cz/
// Constant time execution on multiply method.
function pointFpMultiply(k) {
if(this.isInfinity()) return this;
if(k.signum() == 0) return this.curve.getInfinity();

var e = k;
// initialize for multiply
var e = k; // e = k
var h = e.multiply(new BigInteger("3"));

var neg = this.negate();
var R = this;

// initialize for dummy to mitigate timing attack
var e2 = this.curve.q.subtract(k); // e2 = q - k
var h2 = e2.multiply(new BigInteger("3"));
var R2 = new ECPointFp(this.curve, this.x, this.y);
var neg2 = R2.negate();

// calculate multiply
var i;
for(i = h.bitLength() - 2; i > 0; --i) {
R = R.twice();
Expand All @@ -204,6 +213,18 @@ function pointFpMultiply(k) {
}
}

// calculate dummy to mitigate timing attack
for(i = h2.bitLength() - 2; i > 0; --i) {
R2 = R2.twice();

var h2Bit = h2.testBit(i);
var e2Bit = e2.testBit(i);

if (h2Bit != e2Bit) {
R2 = R2.add(h2Bit ? R2 : neg2);
}
}

return R;
}

Expand Down

1 comment on commit 9dcb89c

@kjur
Copy link
Owner Author

@kjur kjur commented on 9dcb89c Jul 18, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See

jsrsasign 8.0.13 release note in which Minerva issue was fixed:
https://github.com/kjur/jsrsasign/releases/tag/8.0.13

jsrsasign security advisory:
2020.03.31 ECDSA signature vulnerability of Minerva timing attack
GHSA-g753-jx37-7xwh

Please sign in to comment.