diff options
| author | Jack Lloyd <[email protected]> | 2018-12-24 12:45:43 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2018-12-24 12:45:43 -0500 |
| commit | f29d725c6fc2cf301a8acd7daa03c9ccadccba9e (patch) | |
| tree | 482d4c36a474fbf499d652e639159b5d5044663f /src/lib/math | |
| parent | f0600586291da690f1e5d1eb2958052764c60192 (diff) | |
Avoid size-based bypass of the comparison in Barrett reduction.
As it would leak if an input was > p^2, or just close to it in size.
Diffstat (limited to 'src/lib/math')
| -rw-r--r-- | src/lib/math/numbertheory/reducer.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/lib/math/numbertheory/reducer.cpp b/src/lib/math/numbertheory/reducer.cpp index 5094ae420..c37a1daeb 100644 --- a/src/lib/math/numbertheory/reducer.cpp +++ b/src/lib/math/numbertheory/reducer.cpp @@ -76,7 +76,7 @@ void Modular_Reducer::reduce(BigInt& t1, const BigInt& x, secure_vector<word>& w const size_t x_sw = x.sig_words(); - if(x_sw >= (2*m_mod_words - 1) && x.cmp(m_modulus_2, false) >= 0) + if(x.cmp(m_modulus_2, false) >= 0) { // too big, fall back to slow boat division t1 = ct_modulo(x, m_modulus); |