diff options
author | NIIBE Yutaka <gniibe@fsij.org> | 2021-01-27 12:12:36 +0900 |
---|---|---|
committer | NIIBE Yutaka <gniibe@fsij.org> | 2021-01-27 12:12:36 +0900 |
commit | f06ff4e31c8e162f4a59986241c7ab43d5085927 (patch) | |
tree | 514e131e4ff964068fe004f7767ac7a524899007 /mpi | |
parent | fc901e978a0c18a3524cad5d1ef3451ed11b9347 (diff) | |
download | libgcrypt-f06ff4e31c8e162f4a59986241c7ab43d5085927.tar.gz |
mpi: Fix _gcry_mpih_mod implementation.
* mpi/mpih-const-time.c (_gcry_mpih_mod): Handle the overflow.
--
GnuPG-bug-id: 5269
Reported-by: Guido Vranken <guidovranken@gmail.com>
Fixes-commit: 95bdfd9ce9e114f447f3639e551e8f4f63d024fe
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
Diffstat (limited to 'mpi')
-rw-r--r-- | mpi/mpih-const-time.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/mpi/mpih-const-time.c b/mpi/mpih-const-time.c index 5ebb8d11..96899505 100644 --- a/mpi/mpih-const-time.c +++ b/mpi/mpih-const-time.c @@ -170,12 +170,13 @@ _gcry_mpih_mod (mpi_ptr_t vp, mpi_size_t vsize, mpi_limb_t limb = vp[limbno]; unsigned int the_bit = ((limb & (A_LIMB_1 << bitno)) ? 1 : 0); mpi_limb_t underflow; + mpi_limb_t overflow; - _gcry_mpih_lshift (rp, rp, usize, 1); + overflow = _gcry_mpih_lshift (rp, rp, usize, 1); rp[0] |= the_bit; underflow = _gcry_mpih_sub_n (rp, rp, up, usize); - mpih_add_n_cond (rp, rp, up, usize, underflow); + mpih_add_n_cond (rp, rp, up, usize, overflow ^ underflow); } return rp; |