Gilles Peskine
c097e9ea45
Move carry propagation out of mpi_sub_hlp ...
The function mpi_sub_hlp had confusing semantics: although it took a
size parameter, it accessed the limb array d beyond this size, to
propagate the carry. This made the function difficult to understand
and analyze, with a potential buffer overflow if misused (not enough
room to propagate the carry).
Change the function so that it only performs the subtraction within
the specified number of limbs, and returns the carry.
Move the carry propagation out of mpi_sub_hlp and into its caller
mbedtls_mpi_sub_abs. This makes the code of subtraction very slightly
less neat, but not significantly different.
In the one other place where mpi_sub_hlp is used, namely mpi_montmul,
this is a net win because the carry is potentially sensitive data and
the function carefully arranges to not have to propagate it.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2020-06-08 22:08:21 +02:00
2015-06-25 10:59:56 +02:00
2020-04-22 16:01:48 +02:00
2019-08-15 15:44:50 +01:00
2019-08-15 15:44:50 +01:00
2019-08-15 15:44:50 +01:00
2020-02-03 10:39:55 +00:00
2019-12-19 10:24:22 +00:00
2019-08-15 15:44:50 +01:00
2020-06-08 22:08:21 +02:00
2019-08-15 15:44:50 +01:00
2019-08-15 15:44:50 +01:00
2019-12-03 16:07:18 +00:00
2020-03-19 13:36:33 +01:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2020-01-21 15:02:14 +01:00
2020-04-22 16:01:48 +02:00
2020-04-29 17:14:48 +01:00
2020-03-24 22:57:11 +01:00
2020-01-15 15:55:11 +00:00
2020-04-22 16:01:48 +02:00
2019-09-04 10:11:45 +01:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2020-01-24 12:11:56 +01:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2020-04-24 09:28:17 +02:00
2020-05-20 18:14:45 +00:00
2019-12-19 10:24:22 +00:00
2020-05-25 12:23:55 +02:00
2020-01-15 15:55:11 +00:00
2019-08-15 15:44:50 +01:00
2020-04-02 19:54:51 +02:00
2019-12-03 16:07:18 +00:00
2020-04-17 11:57:50 +02:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2020-04-20 13:56:09 +03:00
2019-08-15 15:44:50 +01:00
2020-05-20 18:14:45 +00:00
2019-12-03 16:07:18 +00:00
2020-04-22 16:01:48 +02:00
2019-08-15 15:44:50 +01:00
2019-12-03 16:07:18 +00:00
2020-01-31 10:15:32 +01:00
2020-01-31 10:15:32 +01:00
2019-12-03 16:07:18 +00:00
2020-03-19 13:36:33 +01:00
2019-12-03 16:07:18 +00:00
2020-02-18 10:31:29 +01:00
2020-01-31 10:24:21 +01:00
2019-09-04 11:31:35 +01:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2019-08-08 10:58:09 +02:00
2018-11-23 22:58:38 +01:00
2019-07-23 17:30:37 +01:00
2020-05-11 11:15:26 +02:00
2020-05-11 11:15:26 +02:00
2019-02-19 15:09:14 +02:00
2019-10-08 15:57:27 +02:00
2019-08-08 10:58:09 +02:00
2020-01-31 10:24:21 +01:00
2019-07-31 14:15:27 +02:00
2020-05-05 12:41:48 +01:00
2019-09-05 09:34:34 -04:00
2019-12-03 16:07:18 +00:00
2019-08-15 15:44:50 +01:00
2020-01-28 14:43:52 -05:00
2019-12-03 16:07:18 +00:00
2019-12-03 16:07:18 +00:00
2020-01-29 09:46:49 +01:00
2020-03-19 13:36:33 +01:00
2020-03-23 17:55:32 +01:00
2020-04-09 12:17:11 +02:00
2020-03-19 13:36:33 +01:00
2020-04-09 12:11:02 +01:00
2020-04-22 09:31:00 +02:00
2020-03-19 13:36:33 +01:00
2020-05-11 21:59:07 +02:00
2019-08-15 15:44:50 +01:00
2020-05-20 18:14:45 +00:00
2020-03-24 22:56:45 +01:00
2016-11-04 23:05:56 +01:00
2020-03-19 13:36:33 +01:00
2020-03-19 13:36:33 +01:00
2020-04-27 18:01:08 +03:00
2020-03-19 13:36:33 +01:00
2020-05-21 01:56:55 +09:00
2020-03-19 13:36:33 +01:00
2020-03-19 13:36:33 +01:00
2019-08-15 15:44:50 +01:00
c097e9ea45