mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-02 21:34:18 +01:00
Contextualize comment about mbedtls_mpi_random retries
This comment is no longer in the specific context of generating a random point on an elliptic curve. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
3b05615e5b
commit
ef1325134f
@ -2498,9 +2498,11 @@ int mbedtls_mpi_random( mbedtls_mpi *X,
|
|||||||
* a probability 1/2 of being 0, and then the result will be < N),
|
* a probability 1/2 of being 0, and then the result will be < N),
|
||||||
* so after 30 tries failure probability is a most 2**(-30).
|
* so after 30 tries failure probability is a most 2**(-30).
|
||||||
*
|
*
|
||||||
* For most curves, 1 try is enough with overwhelming probability,
|
* When N is just below a power of 2, as is the case when generating
|
||||||
* since N starts with a lot of 1s in binary, but some curves
|
* a random point on most elliptic curves, 1 try is enough with
|
||||||
* such as secp224k1 are actually very close to the worst case.
|
* overwhelming probability. When N is just above a power of 2,
|
||||||
|
* as when generating a random point on secp224k1, each try has
|
||||||
|
* a probability of failing that is almost 1/2.
|
||||||
*/
|
*/
|
||||||
if( ++count > 30 )
|
if( ++count > 30 )
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user