arno
/
trezor-firmware
mirror of https://github.com/trezor/trezor-firmware.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(crypto): revert to bitwise OR operator and silence warning

Browse Source
pull/2005/head
Christian Reitter 2 years ago committed by Andrew Kozlik
parent 0c482173ab
commit d1d3558d02
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File

6
crypto/bignum.c
Unescape View File

@ -271,7 +271,8 @@ int bn_is_equal(const bignum256 *x, const bignum256 *y) {
// &truecase == &falsecase or &res == &truecase == &falsecase
void bn_cmov(bignum256 *res, volatile uint32_t cond, const bignum256 *truecase,
const bignum256 *falsecase) {
assert((cond == 1) || (cond == 0));
// Intentional use of bitwise OR operator to ensure constant-time
assert((int)(cond == 1) | (int)(cond == 0));
uint32_t tmask = -cond; // tmask = 0xFFFFFFFF if cond else 0x00000000
uint32_t fmask = ~tmask; // fmask = 0x00000000 if cond else 0xFFFFFFFF
@ -290,7 +291,8 @@ void bn_cmov(bignum256 *res, volatile uint32_t cond, const bignum256 *truecase,
// Assumes prime is normalized and
// 0 < prime < 2**260 == 2**(BITS_PER_LIMB * LIMBS - 1)
void bn_cnegate(volatile uint32_t cond, bignum256 *x, const bignum256 *prime) {
assert((cond == 1) || (cond == 0));
// Intentional use of bitwise OR operator to ensure constant time
assert((int)(cond == 1) | (int)(cond == 0));
uint32_t tmask = -cond; // tmask = 0xFFFFFFFF if cond else 0x00000000
uint32_t fmask = ~tmask; // fmask = 0x00000000 if cond else 0xFFFFFFFF

Write Preview
Loading…
Cancel
Save