diff options
Diffstat (limited to 'src/crypto/fipsmodule/bn/montgomery.c')
-rw-r--r-- | src/crypto/fipsmodule/bn/montgomery.c | 17 |
1 files changed, 3 insertions, 14 deletions
diff --git a/src/crypto/fipsmodule/bn/montgomery.c b/src/crypto/fipsmodule/bn/montgomery.c index c21a0309..7ce8c4c3 100644 --- a/src/crypto/fipsmodule/bn/montgomery.c +++ b/src/crypto/fipsmodule/bn/montgomery.c @@ -289,18 +289,7 @@ static int bn_from_montgomery_in_place(BN_ULONG *r, size_t num_r, BN_ULONG *a, a += num_n; // |a| thus requires at most one additional subtraction |n| to be reduced. - // Subtract |n| and select the answer in constant time. - OPENSSL_COMPILE_ASSERT(sizeof(BN_ULONG) <= sizeof(crypto_word_t), - crypto_word_t_too_small); - BN_ULONG v = bn_sub_words(r, a, n, num_n) - carry; - // |v| is one if |a| - |n| underflowed or zero if it did not. Note |v| cannot - // be -1. That would imply the subtraction did not fit in |num_n| words, and - // we know at most one subtraction is needed. - v = 0u - v; - for (size_t i = 0; i < num_n; i++) { - r[i] = constant_time_select_w(v, a[i], r[i]); - a[i] = 0; - } + bn_reduce_once(r, a, carry, n, num_n); return 1; } @@ -381,11 +370,11 @@ static int bn_mod_mul_montgomery_fallback(BIGNUM *r, const BIGNUM *a, } if (a == b) { - if (!bn_sqr_fixed(tmp, a, ctx)) { + if (!bn_sqr_consttime(tmp, a, ctx)) { goto err; } } else { - if (!bn_mul_fixed(tmp, a, b, ctx)) { + if (!bn_mul_consttime(tmp, a, b, ctx)) { goto err; } } |