From c875e575c56918addf54de9b39f91aaed5e7459f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niels=20M=C3=B6ller?= Date: Thu, 13 Oct 2022 19:16:36 +0200 Subject: Add back implementation of mpn_sec_tabselect, for mini-gmp builds. --- ChangeLog | 7 +++++++ gmp-glue.c | 20 ++++++++++++++++++++ gmp-glue.h | 4 ++++ 3 files changed, 31 insertions(+) diff --git a/ChangeLog b/ChangeLog index 98dc40a4..3dc357f6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2022-10-13 Niels Möller + + * gmp-glue.c (mpn_sec_tabselect) [NETTLE_USE_MINI_GMP]: Add back + here, to support mini-gmp builds. Updated signature to be + compatible with the gmp version. + * gmp-glue.h: Add declaration. + 2022-10-11 Niels Möller * sec-tabselect.c (sec_tabselect): Delete file and function. All diff --git a/gmp-glue.c b/gmp-glue.c index e75d678b..ffce6c30 100644 --- a/gmp-glue.c +++ b/gmp-glue.c @@ -99,6 +99,26 @@ mpn_cnd_swap (mp_limb_t cnd, volatile mp_limb_t *ap, volatile mp_limb_t *bp, mp_ } } +/* Copy the k'th element of the table out tn elements, each of size + rn. Always read complete table. Similar to gmp's mpn_tabselect. */ +void +mpn_sec_tabselect (volatile mp_limb_t *rp, volatile const mp_limb_t *table, + mp_size_t rn, unsigned tn, unsigned k) +{ + volatile const mp_limb_t *end = table + tn * rn; + volatile const mp_limb_t *p; + mp_size_t i; + + assert (k < tn); + for (p = table; p < end; p += rn, k--) + { + mp_limb_t mask = - (mp_limb_t) (k == 0); + for (i = 0; i < rn; i++) + rp[i] = (~mask & rp[i]) | (mask & p[i]); + } +} + + #endif /* NETTLE_USE_MINI_GMP */ int diff --git a/gmp-glue.h b/gmp-glue.h index bc6dbf16..dc0ede2a 100644 --- a/gmp-glue.h +++ b/gmp-glue.h @@ -66,6 +66,10 @@ mpn_cnd_sub_n (mp_limb_t cnd, mp_limb_t *rp, void mpn_cnd_swap (mp_limb_t cnd, volatile mp_limb_t *ap, volatile mp_limb_t *bp, mp_size_t n); + +void +mpn_sec_tabselect (volatile mp_limb_t *rp, volatile const mp_limb_t *table, + mp_size_t rn, unsigned tn, unsigned k); #endif /* Side-channel silent variant of mpn_zero_p. */ -- cgit v1.2.1