emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tls: P256: fix sp_256_div2_8 - it wouldn't use a[] if low bit is 0

Browse Source 
It worked by chance because the only caller passed both parameters
as two pointers to the same array.
My fault (I made this error when converting from 26-bit code).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2021-11-27 16:07:42 +01:00
parent 8cbb70365f
commit dcfd8d3d10
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
networking/tls_sp_c32.c
View File

@ -636,12 +636,14 @@ static void sp_256_rshift1_8(sp_digit* r, sp_digit carry)
} }
#endif #endif
/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) */ /* Divide the number by 2 mod the modulus (prime). (r = (r / 2) % m) */
static void sp_256_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m) static void sp_256_div2_8(sp_digit* r /*, const sp_digit* m*/)
{ {
const sp_digit* m = p256_mod;
int carry = 0; int carry = 0;
if (a[0] & 1) if (r[0] & 1)
carry = sp_256_add_8(r, a, m); carry = sp_256_add_8(r, r, m);
sp_256_norm_8(r); sp_256_norm_8(r);
sp_256_rshift1_8(r, carry); sp_256_rshift1_8(r, carry);
} }
@ -1125,7 +1127,7 @@ static void sp_256_proj_point_dbl_8(sp_point* r, sp_point* p)
/* T2 = Y * Y */ /* T2 = Y * Y */
sp_256to512z_mont_sqr_8(t2, r->y /*, p256_mod, p256_mp_mod*/); sp_256to512z_mont_sqr_8(t2, r->y /*, p256_mod, p256_mp_mod*/);
/* T2 = T2/2 */ /* T2 = T2/2 */
sp_256_div2_8(t2, t2, p256_mod); sp_256_div2_8(t2 /*, p256_mod*/);
/* Y = Y * X */ /* Y = Y * X */
sp_256to512z_mont_mul_8(r->y, r->y, r->x /*, p256_mod, p256_mp_mod*/); sp_256to512z_mont_mul_8(r->y, r->y, r->x /*, p256_mod, p256_mp_mod*/);
/* X = T1 * T1 */ /* X = T1 * T1 */