cnd_mpn_zero: Use a volatile-declared mask variable.

author: Niels Möller <nisse@lysator.liu.se> 2018-11-25 20:10:13 +0100
committer: Niels Möller <nisse@lysator.liu.se> 2018-11-25 20:10:13 +0100
commit: f9e3227f3726a1c39819e29c43af7d4e6d978e44 (patch)
tree: b3fcc32118b4545f5fae9c6025d23c505e0b165d /rsa-sign-tr.c
parent: dbaf6abb9ce830d74559d2eab13ca0799f3baeb8 (diff)
download: nettle-f9e3227f3726a1c39819e29c43af7d4e6d978e44.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/rsa-sign-tr.c b/rsa-sign-tr.c
index be320b23..54bf49fd 100644
--- a/rsa-sign-tr.c
+++ b/rsa-sign-tr.c
@@ -245,6 +245,7 @@ sec_equal(const mp_limb_t *a, const mp_limb_t *b, size_t limbs)
       z |= (a[i] ^ b[i]);
     }
 
+  /* FIXME: Might compile to a branch instruction on some platforms. */
   return z == 0;
 }
 
@@ -278,11 +279,12 @@ static void
 cnd_mpn_zero (int cnd, volatile mp_ptr rp, mp_size_t n)
 {
   volatile mp_limb_t c;
+  volatile mp_limb_t mask = (mp_limb_t) cnd - 1;
 
   while (--n >= 0)
     {
       c = rp[n];
-      c &= ((mp_limb_t)cnd - 1);
+      c &= mask;
       rp[n] = c;
     }
 }
author	Niels Möller <nisse@lysator.liu.se>	2018-11-25 20:10:13 +0100
committer	Niels Möller <nisse@lysator.liu.se>	2018-11-25 20:10:13 +0100
commit	f9e3227f3726a1c39819e29c43af7d4e6d978e44 (patch)
tree	b3fcc32118b4545f5fae9c6025d23c505e0b165d /rsa-sign-tr.c
parent	dbaf6abb9ce830d74559d2eab13ca0799f3baeb8 (diff)
download	nettle-f9e3227f3726a1c39819e29c43af7d4e6d978e44.tar.gz