Move mbedtls_mpi_lt_mpi_ct function to the constant-time module
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
parent
5c97621215
commit
c29a3da599
2 changed files with 66 additions and 66 deletions
|
@ -1091,72 +1091,6 @@ int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y )
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Compare signed values in constant time
|
|
||||||
*/
|
|
||||||
int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
|
|
||||||
unsigned *ret )
|
|
||||||
{
|
|
||||||
size_t i;
|
|
||||||
/* The value of any of these variables is either 0 or 1 at all times. */
|
|
||||||
unsigned cond, done, X_is_negative, Y_is_negative;
|
|
||||||
|
|
||||||
MPI_VALIDATE_RET( X != NULL );
|
|
||||||
MPI_VALIDATE_RET( Y != NULL );
|
|
||||||
MPI_VALIDATE_RET( ret != NULL );
|
|
||||||
|
|
||||||
if( X->n != Y->n )
|
|
||||||
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Set sign_N to 1 if N >= 0, 0 if N < 0.
|
|
||||||
* We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0.
|
|
||||||
*/
|
|
||||||
X_is_negative = ( X->s & 2 ) >> 1;
|
|
||||||
Y_is_negative = ( Y->s & 2 ) >> 1;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If the signs are different, then the positive operand is the bigger.
|
|
||||||
* That is if X is negative (X_is_negative == 1), then X < Y is true and it
|
|
||||||
* is false if X is positive (X_is_negative == 0).
|
|
||||||
*/
|
|
||||||
cond = ( X_is_negative ^ Y_is_negative );
|
|
||||||
*ret = cond & X_is_negative;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This is a constant-time function. We might have the result, but we still
|
|
||||||
* need to go through the loop. Record if we have the result already.
|
|
||||||
*/
|
|
||||||
done = cond;
|
|
||||||
|
|
||||||
for( i = X->n; i > 0; i-- )
|
|
||||||
{
|
|
||||||
/*
|
|
||||||
* If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both
|
|
||||||
* X and Y are negative.
|
|
||||||
*
|
|
||||||
* Again even if we can make a decision, we just mark the result and
|
|
||||||
* the fact that we are done and continue looping.
|
|
||||||
*/
|
|
||||||
cond = mbedtls_cf_mpi_uint_lt( Y->p[i - 1], X->p[i - 1] );
|
|
||||||
*ret |= cond & ( 1 - done ) & X_is_negative;
|
|
||||||
done |= cond;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If X->p[i - 1] < Y->p[i - 1] then X < Y is true if and only if both
|
|
||||||
* X and Y are positive.
|
|
||||||
*
|
|
||||||
* Again even if we can make a decision, we just mark the result and
|
|
||||||
* the fact that we are done and continue looping.
|
|
||||||
*/
|
|
||||||
cond = mbedtls_cf_mpi_uint_lt( X->p[i - 1], Y->p[i - 1] );
|
|
||||||
*ret |= cond & ( 1 - done ) & ( 1 - X_is_negative );
|
|
||||||
done |= cond;
|
|
||||||
}
|
|
||||||
|
|
||||||
return( 0 );
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Compare signed values
|
* Compare signed values
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -637,4 +637,70 @@ cleanup:
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Compare signed values in constant time
|
||||||
|
*/
|
||||||
|
int mbedtls_mpi_lt_mpi_ct( const mbedtls_mpi *X, const mbedtls_mpi *Y,
|
||||||
|
unsigned *ret )
|
||||||
|
{
|
||||||
|
size_t i;
|
||||||
|
/* The value of any of these variables is either 0 or 1 at all times. */
|
||||||
|
unsigned cond, done, X_is_negative, Y_is_negative;
|
||||||
|
|
||||||
|
MPI_VALIDATE_RET( X != NULL );
|
||||||
|
MPI_VALIDATE_RET( Y != NULL );
|
||||||
|
MPI_VALIDATE_RET( ret != NULL );
|
||||||
|
|
||||||
|
if( X->n != Y->n )
|
||||||
|
return MBEDTLS_ERR_MPI_BAD_INPUT_DATA;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Set sign_N to 1 if N >= 0, 0 if N < 0.
|
||||||
|
* We know that N->s == 1 if N >= 0 and N->s == -1 if N < 0.
|
||||||
|
*/
|
||||||
|
X_is_negative = ( X->s & 2 ) >> 1;
|
||||||
|
Y_is_negative = ( Y->s & 2 ) >> 1;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If the signs are different, then the positive operand is the bigger.
|
||||||
|
* That is if X is negative (X_is_negative == 1), then X < Y is true and it
|
||||||
|
* is false if X is positive (X_is_negative == 0).
|
||||||
|
*/
|
||||||
|
cond = ( X_is_negative ^ Y_is_negative );
|
||||||
|
*ret = cond & X_is_negative;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This is a constant-time function. We might have the result, but we still
|
||||||
|
* need to go through the loop. Record if we have the result already.
|
||||||
|
*/
|
||||||
|
done = cond;
|
||||||
|
|
||||||
|
for( i = X->n; i > 0; i-- )
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* If Y->p[i - 1] < X->p[i - 1] then X < Y is true if and only if both
|
||||||
|
* X and Y are negative.
|
||||||
|
*
|
||||||
|
* Again even if we can make a decision, we just mark the result and
|
||||||
|
* the fact that we are done and continue looping.
|
||||||
|
*/
|
||||||
|
cond = mbedtls_cf_mpi_uint_lt( Y->p[i - 1], X->p[i - 1] );
|
||||||
|
*ret |= cond & ( 1 - done ) & X_is_negative;
|
||||||
|
done |= cond;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* If X->p[i - 1] < Y->p[i - 1] then X < Y is true if and only if both
|
||||||
|
* X and Y are positive.
|
||||||
|
*
|
||||||
|
* Again even if we can make a decision, we just mark the result and
|
||||||
|
* the fact that we are done and continue looping.
|
||||||
|
*/
|
||||||
|
cond = mbedtls_cf_mpi_uint_lt( X->p[i - 1], Y->p[i - 1] );
|
||||||
|
*ret |= cond & ( 1 - done ) & ( 1 - X_is_negative );
|
||||||
|
done |= cond;
|
||||||
|
}
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
#endif /* MBEDTLS_BIGNUM_C */
|
#endif /* MBEDTLS_BIGNUM_C */
|
||||||
|
|
Loading…
Reference in a new issue