Always calculate this value to avoid leaking X

paragonie · Apr 24, 2024 · 2405fb8 · 2405fb8
1 parent b4c7c02
commit 2405fb8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/Primitives/Point.php b/src/Primitives/Point.php
@@ -204,10 +204,10 @@ public function add(PointInterface $addend): PointInterface
         $modMath = $this->modAdapter;
 
         // if (x1 == x2)
+        $return = $this->getDouble();
         if ($math->equals($addend->getX(), $this->x)) {
             // if (y1 == y2) return doubled(), else return pointAtInfinity()
             // Avoids leaking comparison value via branching side-channels
-            $return = $this->getDouble();
             $bit = $math->equalsReturnInt($addend->getY(), $this->y);
             $this->cswap($return, $infinity, $bit ^ 1, $this->curve->getSize());
             return $return;