[git commit] tls: P256: fix sp_256_div2_8 - it wouldn't use a[] if low bit is 0
Denys Vlasenko
vda.linux at googlemail.com
Sat Nov 27 15:24:49 UTC 2021
commit: https://git.busybox.net/busybox/commit/?id=dcfd8d3d1013ba989fa511f44bb0553a88c1ef10
branch: https://git.busybox.net/busybox/commit/?id=refs/heads/master
It worked by chance because the only caller passed both parameters
as two pointers to the same array.
My fault (I made this error when converting from 26-bit code).
Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
networking/tls_sp_c32.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/networking/tls_sp_c32.c b/networking/tls_sp_c32.c
index baed62f41..b3f7888f5 100644
--- a/networking/tls_sp_c32.c
+++ b/networking/tls_sp_c32.c
@@ -636,12 +636,14 @@ static void sp_256_rshift1_8(sp_digit* r, sp_digit carry)
}
#endif
-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) */
-static void sp_256_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+/* Divide the number by 2 mod the modulus (prime). (r = (r / 2) % m) */
+static void sp_256_div2_8(sp_digit* r /*, const sp_digit* m*/)
{
+ const sp_digit* m = p256_mod;
+
int carry = 0;
- if (a[0] & 1)
- carry = sp_256_add_8(r, a, m);
+ if (r[0] & 1)
+ carry = sp_256_add_8(r, r, m);
sp_256_norm_8(r);
sp_256_rshift1_8(r, carry);
}
@@ -1125,7 +1127,7 @@ static void sp_256_proj_point_dbl_8(sp_point* r, sp_point* p)
/* T2 = Y * Y */
sp_256to512z_mont_sqr_8(t2, r->y /*, p256_mod, p256_mp_mod*/);
/* T2 = T2/2 */
- sp_256_div2_8(t2, t2, p256_mod);
+ sp_256_div2_8(t2 /*, p256_mod*/);
/* Y = Y * X */
sp_256to512z_mont_mul_8(r->y, r->y, r->x /*, p256_mod, p256_mp_mod*/);
/* X = T1 * T1 */
More information about the busybox-cvs
mailing list