From 1939460417e0909ab3d45d2d201fbd3da1603678 Mon Sep 17 00:00:00 2001
From: Daniel Otte <d.otte@wut.de>
Date: Fri, 21 Aug 2020 12:34:29 +0200
Subject: [PATCH 1/4] adjusting size of sliding window array to correct size.

Probably the `W[2 << MBEDTLS_MPI_WINDOW_SIZE]` notation is based on a transcription of 2**MBEDTLS_MPI_WINDOW_SIZE.

Signed-off-by: Daniel Otte <d.otte@wut.de>
---
 library/bignum.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/library/bignum.c b/library/bignum.c
index 3135ec4ad..0e39e3a44 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1850,7 +1850,7 @@ int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi
     size_t i, j, nblimbs;
     size_t bufsize, nbits;
     mbedtls_mpi_uint ei, mm, state;
-    mbedtls_mpi RR, T, W[ 2 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
+    mbedtls_mpi RR, T, W[ 1 << MBEDTLS_MPI_WINDOW_SIZE ], Apos;
     int neg;
 
     if( mbedtls_mpi_cmp_int( N, 0 ) <= 0 || ( N->p[0] & 1 ) == 0 )

From e6f2fb4878a0962238a8c5f8f69a69bf725ab453 Mon Sep 17 00:00:00 2001
From: Daniel Otte <d.otte@wut.de>
Date: Mon, 7 Sep 2020 13:06:40 +0200
Subject: [PATCH 2/4] fixing spelling mistakes (window <-- windows)

Signed-off-by: Daniel Otte <d.otte@wut.de>
---
 include/mbedtls/bignum.h | 2 +-
 include/mbedtls/config.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 754b50a3b..26f76f7c4 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -88,7 +88,7 @@
  *
  * Reduction in size, reduces speed.
  */
-#define MBEDTLS_MPI_WINDOW_SIZE                           6        /**< Maximum windows size used. */
+#define MBEDTLS_MPI_WINDOW_SIZE                           6        /**< Maximum window size used. */
 #endif /* !MBEDTLS_MPI_WINDOW_SIZE */
 
 #if !defined(MBEDTLS_MPI_MAX_SIZE)
diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
index d8332dae5..d23a7efcc 100644
--- a/include/mbedtls/config.h
+++ b/include/mbedtls/config.h
@@ -2814,7 +2814,7 @@
  */
 
 /* MPI / BIGNUM options */
-//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum windows size used. */
+//#define MBEDTLS_MPI_WINDOW_SIZE            6 /**< Maximum window size used. */
 //#define MBEDTLS_MPI_MAX_SIZE            1024 /**< Maximum number of bytes for usable MPIs. */
 
 /* CTR_DRBG options */

From d9854684b9e9f8ab0daa7d78aa008fbbd844239f Mon Sep 17 00:00:00 2001
From: Daniel Otte <d.otte@wut.de>
Date: Mon, 7 Sep 2020 13:07:14 +0200
Subject: [PATCH 3/4] adjusting comment on sliding window memory usage.

The comment now uses '**' as exponentiation operator.

Signed-off-by: Daniel Otte <d.otte@wut.de>
---
 include/mbedtls/bignum.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index 26f76f7c4..a2fa3bdaf 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@@ -83,7 +83,7 @@
  * Maximum window size used for modular exponentiation. Default: 6
  * Minimum value: 1. Maximum value: 6.
  *
- * Result is an array of ( 2 << MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
+ * Result is an array of ( 2 ** MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
  * for the sliding window calculation. (So 64 by default)
  *
  * Reduction in size, reduces speed.

From 72a410dcfc134d4c8407b9908dba5ddc7d5accc3 Mon Sep 17 00:00:00 2001
From: Daniel Otte <d.otte@wut.de>
Date: Mon, 7 Sep 2020 13:08:10 +0200
Subject: [PATCH 4/4] adding entry file to ChangeLog.d for backport of PR3592

Signed-off-by: Daniel Otte <d.otte@wut.de>
---
 ChangeLog.d/adjusting sliding_window_size_PR3592.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 ChangeLog.d/adjusting sliding_window_size_PR3592.txt

diff --git a/ChangeLog.d/adjusting sliding_window_size_PR3592.txt b/ChangeLog.d/adjusting sliding_window_size_PR3592.txt
new file mode 100644
index 000000000..608956541
--- /dev/null
+++ b/ChangeLog.d/adjusting sliding_window_size_PR3592.txt	
@@ -0,0 +1,3 @@
+Changes
+   * Reduce stack usage significantly during sliding window exponentiation.
+     Reported in #3591 and fix contributed in #3592 by Daniel Otte.