mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-07 13:22:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Simplify exponent bit selection

Browse Source 
Use indices instead of mutating data to extract the bits of the exponent.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-11-16 20:42:09 +01:00 committed by Janos Follath
parent d83b5cb504
commit c718a3ce94
1 changed files with 17 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
library/bignum_core.c
View File

@ -675,21 +675,20 @@ int mbedtls_mpi_core_exp_mod( mbedtls_mpi_uint *X,
/* X = 1 (in Montgomery presentation) initially */ /* X = 1 (in Montgomery presentation) initially */
memcpy( X, Wtable, AN_limbs * ciL ); memcpy( X, Wtable, AN_limbs * ciL );
/* Start from the end of exponent buffer */ /* We'll process the bits of E from most significant
E += E_limbs; * (limb_index=E_limbs-1, E_bit_index=biL-1) to least significant
* (limb_index=0, E_bit_index=0). */
size_t limb_bits_remaining = 0; size_t E_limb_index = E_limbs;
size_t E_bit_index = 0;
mbedtls_mpi_uint window = 0; mbedtls_mpi_uint window = 0;
size_t window_bits = 0; size_t window_bits = 0;
/* Will be initialized properly in the first loop iteration */
mbedtls_mpi_uint cur_limb = 0;
while( 1 ) while( 1 )
{ {
size_t window_bits_missing = wsize - window_bits; size_t window_bits_missing = wsize - window_bits;
const int no_more_bits = const int no_more_bits =
( limb_bits_remaining == 0 ) && ( E_limbs == 0 ); ( E_bit_index == 0 ) && ( E_limb_index == 0 );
const int window_full = const int window_full =
( window_bits_missing == 0 ); ( window_bits_missing == 0 );
@ -707,24 +706,22 @@ int mbedtls_mpi_core_exp_mod( mbedtls_mpi_uint *X,
continue; continue;
} }
/* Load next exponent limb if necessary */
if( limb_bits_remaining == 0 )
{
--E;
cur_limb = *E;
--E_limbs;
limb_bits_remaining = biL;
}
/* Square */ /* Square */
mbedtls_mpi_core_montmul( X, X, X, AN_limbs, N, AN_limbs, mm, temp ); mbedtls_mpi_core_montmul( X, X, X, AN_limbs, N, AN_limbs, mm, temp );
/* Insert next exponent bit into window */ /* Insert next exponent bit into window */
window <<= 1; if( E_bit_index == 0 )
window |= ( cur_limb >> ( biL - 1 ) ); {
cur_limb <<= 1; --E_limb_index;
E_bit_index = biL - 1;
}
else
{
--E_bit_index;
}
++window_bits; ++window_bits;
--limb_bits_remaining; window <<= 1;
window |= ( E[E_limb_index] >> E_bit_index ) & 1;
} }
/* Convert X back to normal presentation */ /* Convert X back to normal presentation */