diff options
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | gmp-glue.c | 20 | ||||
-rw-r--r-- | gmp-glue.h | 4 |
3 files changed, 31 insertions, 0 deletions
@@ -1,3 +1,10 @@ +2022-10-13 Niels Möller <nisse@lysator.liu.se> + + * gmp-glue.c (mpn_sec_tabselect) [NETTLE_USE_MINI_GMP]: Add back + here, to support mini-gmp builds. Updated signature to be + compatible with the gmp version. + * gmp-glue.h: Add declaration. + 2022-10-11 Niels Möller <nisse@lysator.liu.se> * sec-tabselect.c (sec_tabselect): Delete file and function. All @@ -99,6 +99,26 @@ mpn_cnd_swap (mp_limb_t cnd, volatile mp_limb_t *ap, volatile mp_limb_t *bp, mp_ } } +/* Copy the k'th element of the table out tn elements, each of size + rn. Always read complete table. Similar to gmp's mpn_tabselect. */ +void +mpn_sec_tabselect (volatile mp_limb_t *rp, volatile const mp_limb_t *table, + mp_size_t rn, unsigned tn, unsigned k) +{ + volatile const mp_limb_t *end = table + tn * rn; + volatile const mp_limb_t *p; + mp_size_t i; + + assert (k < tn); + for (p = table; p < end; p += rn, k--) + { + mp_limb_t mask = - (mp_limb_t) (k == 0); + for (i = 0; i < rn; i++) + rp[i] = (~mask & rp[i]) | (mask & p[i]); + } +} + + #endif /* NETTLE_USE_MINI_GMP */ int @@ -66,6 +66,10 @@ mpn_cnd_sub_n (mp_limb_t cnd, mp_limb_t *rp, void mpn_cnd_swap (mp_limb_t cnd, volatile mp_limb_t *ap, volatile mp_limb_t *bp, mp_size_t n); + +void +mpn_sec_tabselect (volatile mp_limb_t *rp, volatile const mp_limb_t *table, + mp_size_t rn, unsigned tn, unsigned k); #endif /* Side-channel silent variant of mpn_zero_p. */ |