lib: use vartime comparison for input validation - secp256k1 - Pure Haskell Schnorr, ECDSA on the elliptic curve secp256k1 (docs.ppad.tech/secp256k1).

commit 53b335c2466c1316be91af119cc000236aa78034
parent 92188372fe96f4f78199b8d05ff3e973ce019201
Author: Jared Tobin <jared@jtobin.io>
Date:   Fri, 22 May 2026 11:01:18 -0230

lib: use vartime comparison for input validation

Diffstat:
M lib/Crypto/Curve/Secp256k1.hs  | 4 ++--
M ppad-secp256k1.cabal  | 2 +-

2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/Crypto/Curve/Secp256k1.hs b/lib/Crypto/Curve/Secp256k1.hs
@@ -1440,7 +1440,7 @@ _verify_ecdsa_no_hash
   -> ECDSA         -- ^ signature
   -> Bool
 _verify_ecdsa_no_hash m p sig@(ECDSA _ s)
-  | CT.decide (W.gt s _CURVE_QH) = False
+  | W.gt_vartime s _CURVE_QH = False
   | otherwise =
       _verify_ecdsa_unrestricted (mul_vartime _CURVE_G) NoHash m p sig
 
@@ -1462,7 +1462,7 @@ _verify_ecdsa_no_hash'
   -> ECDSA         -- ^ signature
   -> Bool
 _verify_ecdsa_no_hash' tex m p sig@(ECDSA _ s)
-  | CT.decide (W.gt s _CURVE_QH) = False
+  | W.gt_vartime s _CURVE_QH = False
   | otherwise =
       _verify_ecdsa_unrestricted (mul_wnaf tex) NoHash m p sig
 
diff --git a/ppad-secp256k1.cabal b/ppad-secp256k1.cabal
@@ -38,7 +38,7 @@ library
     , bytestring >= 0.9 && < 0.13
     , ppad-hmac-drbg >= 0.3.1 && < 0.4
     , ppad-sha256 >= 0.3.2 && < 0.4
-    , ppad-fixed >= 0.1.3 && < 0.2
+    , ppad-fixed >= 0.1.4 && < 0.2
     , primitive >= 0.8 && < 0.10
 
 test-suite secp256k1-tests

	secp256k1 Pure Haskell Schnorr, ECDSA on the elliptic curve secp256k1 (docs.ppad.tech/secp256k1).
	git clone git://git.ppad.tech/secp256k1.git
	Log \| Files \| Refs \| README \| LICENSE

M	lib/Crypto/Curve/Secp256k1.hs	\|	4	++--
M	ppad-secp256k1.cabal	\|	2	+-