Constant time verification.

diff --git a/src/lib/crypto/nano-nacl.ts b/src/lib/crypto/nano-nacl.ts
index 99556ed591ae4fc02ac9546a7348691a4aec3a2e..63273a0ea4e1ccca7831fe9033564cde68e3771e 100644 (file)
--- a/src/lib/crypto/nano-nacl.ts
+++ b/src/lib/crypto/nano-nacl.ts
@@ -418,7 +418,7 @@ export class NanoNaCl {
                const p: Float64Array[] = [new Float64Array(16), new Float64Array(16), new Float64Array(16), new Float64Array(16)]\r
                const q: Float64Array[] = [new Float64Array(16), new Float64Array(16), new Float64Array(16), new Float64Array(16)]\r
 \r
-               if (this.unpackneg(q, pk)) return -1\r
+               let result = this.unpackneg(q, pk) ? -1 : n\r
 \r
                m.set(sm.subarray(0, n), 0)\r
                m.set(pk.subarray(0, 32), 32)\r
@@ -432,11 +432,19 @@ export class NanoNaCl {
 \r
                n -= 64\r
                if (this.#vn(sm, 0, t, 0, 32)) {\r
-                       m.fill(0, 0, n)\r
-                       return -1\r
+                       for (let i = 0; i < n; i++) {\r
+                               m[i] = 0\r
+                       }\r
+                       result = -1\r
+               } else {\r
+                       for (let i = 0; i < n; i++) {\r
+                               m[i] = m[i]\r
+                       }\r
+                       result = n\r
                }\r
                m.set(sm.subarray(64, n + 64), 0)\r
-               return n\r
+               result = result === -1 ? -1 : n\r
+               return result\r
        }\r
 \r
        /**\r