1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-11-19 14:08:11 +00:00

bignum: constant time implementation for bn_mod()

This commit is contained in:
Roman Zeyde 2015-08-31 20:55:02 +03:00
parent e67018178b
commit 437f8b3856

View File

@ -229,27 +229,10 @@ void bn_mult_k(bignum256 *x, uint8_t k, const bignum256 *prime)
// assumes x partly reduced, guarantees x fully reduced. // assumes x partly reduced, guarantees x fully reduced.
void bn_mod(bignum256 *x, const bignum256 *prime) void bn_mod(bignum256 *x, const bignum256 *prime)
{ {
int i = 8; const int flag = bn_is_less(x, prime); // x < prime
uint32_t temp; bignum256 temp;
// compare numbers bn_subtract(x, prime, &temp); // temp = x - prime
while (i >= 0 && prime->val[i] == x->val[i]) i--; bn_cmov(x, flag, x, &temp);
// if equal
if (i == -1) {
// set x to zero
bn_zero(x);
} else {
// if x is greater
if (x->val[i] > prime->val[i]) {
// substract p from x
temp = 0x40000000u;
for (i = 0; i < 9; i++) {
temp += x->val[i] - prime->val[i];
x->val[i] = temp & 0x3FFFFFFF;
temp >>= 30;
temp += 0x3FFFFFFFu;
}
}
}
} }
// auxiliary function for multiplication. // auxiliary function for multiplication.