mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-12 18:05:29 +00:00
More logical parameter order for mpi_sub_hlp
mpi_sub_hlp performs a subtraction A - B, but took parameters in the order (B, A). Swap the parameters so that they match the usual mathematical syntax. This has the additional benefit of putting the output parameter (A) first, which is the normal convention in this module. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
ea9ba77e55
commit
dc24cece12
|
@ -1109,8 +1109,8 @@ cleanup:
|
||||||
* d -= s where d and s have the same size and d >= s.
|
* d -= s where d and s have the same size and d >= s.
|
||||||
*/
|
*/
|
||||||
static void mpi_sub_hlp( size_t n,
|
static void mpi_sub_hlp( size_t n,
|
||||||
const mbedtls_mpi_uint *s,
|
mbedtls_mpi_uint *d,
|
||||||
mbedtls_mpi_uint *d )
|
const mbedtls_mpi_uint *s )
|
||||||
{
|
{
|
||||||
size_t i;
|
size_t i;
|
||||||
mbedtls_mpi_uint c, z;
|
mbedtls_mpi_uint c, z;
|
||||||
|
@ -1162,7 +1162,7 @@ int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
|
||||||
if( B->p[n - 1] != 0 )
|
if( B->p[n - 1] != 0 )
|
||||||
break;
|
break;
|
||||||
|
|
||||||
mpi_sub_hlp( n, B->p, X->p );
|
mpi_sub_hlp( n, X->p, B->p );
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
|
|
||||||
|
@ -1768,7 +1768,7 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi
|
||||||
* timing attacks. */
|
* timing attacks. */
|
||||||
/* Set d to A + (2^biL)^n - N. */
|
/* Set d to A + (2^biL)^n - N. */
|
||||||
d[n] += 1;
|
d[n] += 1;
|
||||||
mpi_sub_hlp( n, N->p, d );
|
mpi_sub_hlp( n, d, N->p );
|
||||||
/* Now d - (2^biL)^n = A - N so d >= (2^biL)^n iff A >= N.
|
/* Now d - (2^biL)^n = A - N so d >= (2^biL)^n iff A >= N.
|
||||||
* So we want to copy the result of the subtraction iff d->p[n] != 0.
|
* So we want to copy the result of the subtraction iff d->p[n] != 0.
|
||||||
* Note that d->p[n] is either 0 or 1 since A - N <= N <= (2^biL)^n. */
|
* Note that d->p[n] is either 0 or 1 since A - N <= N <= (2^biL)^n. */
|
||||||
|
|
Loading…
Reference in a new issue