ECDSA: remove nonce padding (delegated to EC_POINT_mul)

* EC_POINT_mul is now responsible for constant time point multiplication (for single fixed or variable point multiplication, when the scalar is in the range [0,group_order), so we need to strip the nonce padding from ECDSA. * Entry added to CHANGES * Updated EC_POINT_mul documentation - Integrate existing EC_POINT_mul and EC_POINTs_mul entries in the manpage to reflect the shift in constant-time expectations when performing a single fixed or variable point multiplication; - Add documentation to ec_method_st to reflect the updated "contract" between callers and implementations of ec_method_st.mul. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6070)
author: Billy Brumley <bbrumley@gmail.com> 2018-04-24 16:00:08 +0300
committer: Andy Polyakov <appro@openssl.org> 2018-05-09 13:29:48 +0200
commit: fe2d3975880e6a89702f18ec58881307bf862542 (patch)
tree: 584e4788d2db332354cd5f1d912d1d27785ebd97 /CHANGES
parent: 06e0950d20d3110849dea28eb78cac4127618b48 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index a13183f9e8..08586c09d3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,10 @@
 
  Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]
 
+  *) Remove ECDSA nonce padding: EC_POINT_mul is now responsible for
+     constant time fixed point multiplication.
+     [Billy Bob Brumley]
+
   *) Updated CONTRIBUTING
      [Rich Salz]
author	Billy Brumley <bbrumley@gmail.com>	2018-04-24 16:00:08 +0300
committer	Andy Polyakov <appro@openssl.org>	2018-05-09 13:29:48 +0200
commit	fe2d3975880e6a89702f18ec58881307bf862542 (patch)
tree	584e4788d2db332354cd5f1d912d1d27785ebd97 /CHANGES
parent	06e0950d20d3110849dea28eb78cac4127618b48 (diff)