diff options
| author | Matt Caswell <matt@openssl.org> | 2018-02-01 13:53:56 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-02-20 12:59:30 +0000 |
| commit | f918504f91780225d8edc9ac0d4308e005b4d078 (patch) | |
| tree | 2cf034c28f2a23af27cd4ad0f2abba52233629df /crypto/ec/curve448/field.h | |
| parent | e0fa632420adaab5f0c5fb1db7190dcbd7637a18 (diff) | |
Remove the curve448 specific constant time implementation
Instead we should use the standard OpenSSL constant time routines.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/5105)
Diffstat (limited to 'crypto/ec/curve448/field.h')
| -rw-r--r-- | crypto/ec/curve448/field.h | 30 |
1 files changed, 27 insertions, 3 deletions
diff --git a/crypto/ec/curve448/field.h b/crypto/ec/curve448/field.h index 2b7fc2aa95..5bc16bc2be 100644 --- a/crypto/ec/curve448/field.h +++ b/crypto/ec/curve448/field.h @@ -13,7 +13,7 @@ #ifndef __GF_H__ # define __GF_H__ -# include "constant_time.h" +# include "internal/constant_time_locl.h" # include <string.h> # include <assert.h> # include "word.h" @@ -128,7 +128,20 @@ static ossl_inline void gf_mulw(gf c, const gf a, int32_t w) /* Constant time, x = is_z ? z : y */ static ossl_inline void gf_cond_sel(gf x, const gf y, const gf z, mask_t is_z) { - constant_time_select_c448(x, y, z, sizeof(gf), is_z, 0); + size_t i; + + for (i = 0; i < NLIMBS; i++) { +#if ARCH_WORD_BITS == 32 + x[0].limb[i] = constant_time_select_32((uint32_t)is_z, + (uint32_t)(z[0].limb[i]), + (uint32_t)(y[0].limb[i])); +#else + /* Must be 64 bit */ + x[0].limb[i] = constant_time_select_64((uint64_t)is_z, + (uint64_t)(z[0].limb[i]), + (uint64_t)(y[0].limb[i])); +#endif + } } /* Constant time, if (neg) x=-x; */ @@ -142,7 +155,18 @@ static ossl_inline void gf_cond_neg(gf x, mask_t neg) /* Constant time, if (swap) (x,y) = (y,x); */ static ossl_inline void gf_cond_swap(gf x, gf_s * RESTRICT y, mask_t swap) { - constant_time_cond_swap(x, y, sizeof(gf_s), swap); + size_t i; + + for (i = 0; i < NLIMBS; i++) { +#if ARCH_WORD_BITS == 32 + constant_time_cond_swap_32((uint32_t)swap, (uint32_t *)&(x[0].limb[i]), + (uint32_t *)&(y->limb[i])); +#else + /* Must be 64 bit */ + constant_time_cond_swap_64((uint64_t)swap, (uint64_t *)&(x[0].limb[i]), + (uint64_t *)&(y->limb[i])); +#endif + } } #endif /* __GF_H__ */ |