lib: don't inline timing-sensitive functions - secp256k1 - Pure Haskell Schnorr, ECDSA on the elliptic curve secp256k1 (docs.ppad.tech/secp256k1).

commit 03c4cdb770f79591e5915c3ba591fd6187a7e962
parent 39b3deab7c57c497a2d88c63a75156a7f4391302
Author: Jared Tobin <jared@jtobin.io>
Date:   Fri, 18 Oct 2024 09:28:16 +0400

lib: don't inline timing-sensitive functions

Diffstat:
M lib/Crypto/Curve/Secp256k1.hs  | 4 ++++

1 file changed, 4 insertions(+), 0 deletions(-)
diff --git a/lib/Crypto/Curve/Secp256k1.hs b/lib/Crypto/Curve/Secp256k1.hs
@@ -503,12 +503,14 @@ mul p n
               nm = I.integerShiftR m 1
               nr = if I.integerTestBit m 0 then add r d else r
           in  loop nr nd nm
+{-# NOINLINE mul #-}
 
 -- parsing --------------------------------------------------------------------
 
 -- | Parse an integer.
 parse_integer :: BS.ByteString -> Integer
 parse_integer = roll -- XX timing concern (use constant-time roll here)
+{-# NOINLINE parse_integer #-}
 
 -- | Parse compressed point (33 bytes), uncompressed point (65 bytes),
 --   or BIP0340-style point (32 bytes).
@@ -606,6 +608,7 @@ sign_schnorr d' m a
             in  if   verify_schnorr m p_proj sig
                 then sig
                 else error "ppad-secp256k1 (sign_schnorr): invalid signature"
+{-# NOINLINE sign_schnorr #-}
 
 -- | Verify a 64-byte Schnorr signature for the provided message with
 --   the supplied public key.
@@ -756,6 +759,7 @@ _sign_ecdsa ty hf x m
              in  case ty of
                    Unrestricted -> pure sig
                    LowS -> pure (low sig)
+{-# NOINLINE _sign_ecdsa #-}
 
 -- RFC6979 sec 3.3b
 gen_k :: DRBG.DRBG s -> ST s Integer

	secp256k1 Pure Haskell Schnorr, ECDSA on the elliptic curve secp256k1 (docs.ppad.tech/secp256k1).
	git clone git://git.ppad.tech/secp256k1.git
	Log \| Files \| Refs \| README \| LICENSE