diff options
| author | Jack Lloyd <[email protected]> | 2016-02-20 06:19:58 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-02-20 12:33:11 -0500 |
| commit | f794b638a4059d3c004f092b6bd89d27cf4ffefa (patch) | |
| tree | 2e773b0ff4da8f953c78e4bcf3fa691af1df80ad /src/lib/math/mp | |
| parent | 99f2c04783b0a33d606531b73b1b3d0d1f52daa3 (diff) | |
For odd moduli use a input-independent modular inverse algorithm.
Also adds a (not const time) implementation of almost Montgomery reduction.
Diffstat (limited to 'src/lib/math/mp')
| -rw-r--r-- | src/lib/math/mp/mp_asm.cpp | 32 | ||||
| -rw-r--r-- | src/lib/math/mp/mp_core.h | 8 |
2 files changed, 20 insertions, 20 deletions
diff --git a/src/lib/math/mp/mp_asm.cpp b/src/lib/math/mp/mp_asm.cpp index 6d60d7e77..cfbb027d7 100644 --- a/src/lib/math/mp/mp_asm.cpp +++ b/src/lib/math/mp/mp_asm.cpp @@ -24,9 +24,6 @@ void bigint_cnd_swap(word cnd, word x[], word y[], size_t size) { const word mask = CT::expand_mask(cnd); - CT::poison(x, size); - CT::poison(y, size); - for(size_t i = 0; i != size; ++i) { word a = x[i]; @@ -34,9 +31,6 @@ void bigint_cnd_swap(word cnd, word x[], word y[], size_t size) x[i] = CT::select(mask, b, a); y[i] = CT::select(mask, a, b); } - - CT::unpoison(x, size); - CT::unpoison(y, size); } /* @@ -47,9 +41,6 @@ word bigint_cnd_add(word cnd, word x[], const word y[], size_t size) { const word mask = CT::expand_mask(cnd); - CT::poison(x, size); - CT::poison(y, size); - word carry = 0; for(size_t i = 0; i != size; ++i) { @@ -61,10 +52,6 @@ word bigint_cnd_add(word cnd, word x[], const word y[], size_t size) x[i] = CT::select(mask, z, x[i]); } - CT::unpoison(x, size); - CT::unpoison(y, size); - CT::unpoison(carry); - return carry & mask; } @@ -76,9 +63,6 @@ word bigint_cnd_sub(word cnd, word x[], const word y[], size_t size) { const word mask = CT::expand_mask(cnd); - CT::poison(x, size); - CT::poison(y, size); - word carry = 0; for(size_t i = 0; i != size; ++i) { @@ -86,13 +70,21 @@ word bigint_cnd_sub(word cnd, word x[], const word y[], size_t size) x[i] = CT::select(mask, z, x[i]); } - CT::unpoison(x, size); - CT::unpoison(y, size); - CT::unpoison(carry); - return carry & mask; } +void bigint_cnd_abs(word cnd, word x[], size_t size) + { + const word mask = CT::expand_mask(cnd); + + word carry = mask & 1; + for(size_t i = 0; i != size; ++i) + { + const word z = word_add(~x[i], 0, &carry); + x[i] = CT::select(mask, z, x[i]); + } + } + /* * Two Operand Addition, No Carry */ diff --git a/src/lib/math/mp/mp_core.h b/src/lib/math/mp/mp_core.h index 86bc920cf..73f13742c 100644 --- a/src/lib/math/mp/mp_core.h +++ b/src/lib/math/mp/mp_core.h @@ -40,6 +40,14 @@ word bigint_cnd_add(word cnd, word x[], const word y[], size_t size); BOTAN_DLL word bigint_cnd_sub(word cnd, word x[], const word y[], size_t size); +/* +* 2s complement absolute value +* If cond > 0 sets x to ~x + 1 +* Runs in constant time +*/ +BOTAN_DLL +void bigint_cnd_abs(word cnd, word x[], size_t size); + /** * Two operand addition * @param x the first operand (and output) |