From: Chris Duncan <chris@zoso.dev>
Date: Mon, 18 Aug 2025 04:44:58 +0000 (-0700)
Subject: Constant time verification.
X-Git-Tag: v0.10.5~41^2~77
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=3a9f1f0f11616ba69f0881df9278f81dc2331ed9;p=libnemo.git

Constant time verification.
---

diff --git a/src/lib/crypto/nano-nacl.ts b/src/lib/crypto/nano-nacl.ts
index 99556ed..63273a0 100644
--- a/src/lib/crypto/nano-nacl.ts
+++ b/src/lib/crypto/nano-nacl.ts
@@ -418,7 +418,7 @@ export class NanoNaCl {
 		const p: Float64Array[] = [new Float64Array(16), new Float64Array(16), new Float64Array(16), new Float64Array(16)]
 		const q: Float64Array[] = [new Float64Array(16), new Float64Array(16), new Float64Array(16), new Float64Array(16)]
 
-		if (this.unpackneg(q, pk)) return -1
+		let result = this.unpackneg(q, pk) ? -1 : n
 
 		m.set(sm.subarray(0, n), 0)
 		m.set(pk.subarray(0, 32), 32)
@@ -432,11 +432,19 @@ export class NanoNaCl {
 
 		n -= 64
 		if (this.#vn(sm, 0, t, 0, 32)) {
-			m.fill(0, 0, n)
-			return -1
+			for (let i = 0; i < n; i++) {
+				m[i] = 0
+			}
+			result = -1
+		} else {
+			for (let i = 0; i < n; i++) {
+				m[i] = m[i]
+			}
+			result = n
 		}
 		m.set(sm.subarray(64, n + 64), 0)
-		return n
+		result = result === -1 ? -1 : n
+		return result
 	}
 
 	/**