eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #7564 from gabor-mezei-arm/7262_fix_ouput_width_in_ecc_mod_koblitz

Browse source 
[Bignum] Fix output width in ecp_mod_koblitz()
This commit is contained in:
Paul Elliott 2023-05-16 15:24:31 +01:00 committed by GitHub
commit 55a701afec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
library/ecp_curves.c
View file

@ -5533,7 +5533,6 @@ cleanup:
* with R about 33 bits, used by the Koblitz curves.
*
* Write N as A0 + 2^224 A1, return A0 + R * A1.
* Actually do two passes, since R is big.
*/
#define P_KOBLITZ_R (8 / sizeof(mbedtls_mpi_uint)) // Limbs in R
@ -5571,7 +5570,11 @@ static inline int ecp_mod_koblitz(mbedtls_mpi_uint *X,
mask = ((mbedtls_mpi_uint) 1 << shift) - 1;
}
for (size_t pass = 0; pass < 2; pass++) {
/* Two passes are needed to reduce the value of `A0 + R * A1` and then
* we need an additional one to reduce the possible overflow during
* the addition.
*/
for (size_t pass = 0; pass < 3; pass++) {
/* Copy A1 */
memcpy(A1, X + P_limbs - adjust, P_limbs * ciL);