From 5429acdb7f5dc465e7cc6efc19079237dde93667 Mon Sep 17 00:00:00 2001
From: Andrew Kozlik <42678794+andrewkozlik@users.noreply.github.com>
Date: Mon, 24 Aug 2020 14:25:43 +0200
Subject: [PATCH] crypto: fix undefined behavior in shamir unbitslice (#1219)

---
 crypto/shamir.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/shamir.c b/crypto/shamir.c
index ae94af1e0..82b5e29a2 100644
--- a/crypto/shamir.c
+++ b/crypto/shamir.c
@@ -48,7 +48,7 @@ static void bitslice(uint32_t r[8], const uint8_t *x, size_t len) {
   for (arr_idx = 0; arr_idx < len; arr_idx++) {
     cur = (uint32_t)x[arr_idx];
     for (bit_idx = 0; bit_idx < 8; bit_idx++) {
-      r[bit_idx] |= ((cur & (1 << bit_idx)) >> bit_idx) << arr_idx;
+      r[bit_idx] |= ((cur >> bit_idx) & 1) << arr_idx;
     }
   }
 }
@@ -61,7 +61,7 @@ static void unbitslice(uint8_t *r, const uint32_t x[8], size_t len) {
   for (bit_idx = 0; bit_idx < 8; bit_idx++) {
     cur = (uint32_t)x[bit_idx];
     for (arr_idx = 0; arr_idx < len; arr_idx++) {
-      r[arr_idx] |= ((cur & (1 << arr_idx)) >> arr_idx) << bit_idx;
+      r[arr_idx] |= ((cur >> arr_idx) & 1) << bit_idx;
     }
   }
 }