)]}'
{
  "commit": "f20772cc0a2eb5d66f59afe8b4fe3eeea5ca3687",
  "tree": "67383c77f531626f229754488d24c7a20ef92c1a",
  "parents": [
    "a49c617197b577f1f92153a295c11c762cd929f8"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Tue Apr 07 15:18:23 2020 -0400"
  },
  "committer": {
    "name": "CQ bot account: commit-bot@chromium.org",
    "email": "commit-bot@chromium.org",
    "time": "Thu Apr 09 15:03:48 2020 +0000"
  },
  "message": "Make ec_GFp_simple_is_on_curve constant-time.\n\nThis function (by way of EC_POINT_is_on_curve) is used by callers in two\nplaces:\n\n- To check the affine result of decoding a point. (This is no longer\n  necessary because we\u0027ll always do it internally, but folks still do\n  it.)\n\n- To check the Jacobian result of a multiplication as fault protection.\n  (Tink does this. We should probably do it in the library.)\n\nThat function\u0027s implementations of affine and Jacobian checks are mostly\nconstant-time, but branching between the two isn\u0027t. Since the difference\nis small (2S + 1M vs 2S + 3M) compared to what one would be doing with\nan affine point (point multiplication), this probably isn\u0027t worth\nworrying about. Conservatively do the Jacobian check so folks like Tink\naren\u0027t accidentally introducing side channels.\n\nChange-Id: I3140167868e027004906293df547add43ae40552\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/40590\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "f7827c529172aca819e159a8ddd3b05cb083e10d",
      "old_mode": 33188,
      "old_path": "crypto/fipsmodule/ec/ec_test.cc",
      "new_id": "7ab7f5fe1a58ccc3b01eecffc82981a874fdfa26",
      "new_mode": 33188,
      "new_path": "crypto/fipsmodule/ec/ec_test.cc"
    },
    {
      "type": "modify",
      "old_id": "19e9ad5fc33984fe271f15ab481a9f8ece77ac2c",
      "old_mode": 33188,
      "old_path": "crypto/fipsmodule/ec/simple.c",
      "new_id": "ce722355293937e73d3b57898383ff9f2415b83e",
      "new_mode": 33188,
      "new_path": "crypto/fipsmodule/ec/simple.c"
    }
  ]
}