Add mbedtls_mpi_core_check_zero_ct() and tests

Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
2022-12-12 16:54:57 +00:00 · 2022-12-12 16:54:57 +00:00 · 30f3b4d601
commit 30f3b4d601
parent e9ffb6c8e9
4 changed files with 57 additions and 0 deletions
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@ -742,6 +742,17 @@ mbedtls_mpi_uint mbedtls_mpi_core_sub_int( mbedtls_mpi_uint *X,
    return( c );
 }

+mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct( const mbedtls_mpi_uint *A,
+                                                 size_t limbs )
+{
+    mbedtls_mpi_uint bits = 0;
+
+    for( size_t i = 0; i < limbs; i++ )
+        bits |= A[i];
+
+    return( bits );
+}
+
 /* END MERGE SLOT 3 */

 /* BEGIN MERGE SLOT 4 */
--- a/library/bignum_core.h
+++ b/library/bignum_core.h
@ -572,6 +572,19 @@ mbedtls_mpi_uint mbedtls_mpi_core_sub_int( mbedtls_mpi_uint *X,
                                           mbedtls_mpi_uint b,
                                           size_t limbs );

+/**
+ * \brief Determine if a given MPI has the value \c 0 in constant time with
+ *        respect to the value (but not with respect to the number of limbs).
+ *
+ * \param[in] A   The MPI to test.
+ * \param limbs   Number of limbs in \p A.
+ *
+ * \return        0 if `A == 0`
+ *                non-0 (may be any value) if `A != 0`.
+ */
+mbedtls_mpi_uint mbedtls_mpi_core_check_zero_ct( const mbedtls_mpi_uint *A,
+                                                 size_t limbs );
+
 /* END MERGE SLOT 3 */

 /* BEGIN MERGE SLOT 4 */