1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-24 13:32:59 +03:00

Simplify internal code

We know that Montgomery multiplication will never be called without an
RNG, so make that clear from the beginning of the function.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard
2021-06-15 11:29:26 +02:00
parent 7962bfaa79
commit 02b5705aa3

View File

@@ -2384,6 +2384,9 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
mbedtls_mpi PX; mbedtls_mpi PX;
mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX ); mbedtls_ecp_point_init( &RP ); mbedtls_mpi_init( &PX );
if( f_rng == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/* Save PX and read from P before writing to R, in case P == R */ /* Save PX and read from P before writing to R, in case P == R */
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &PX, &P->X ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_copy( &RP, P ) );
@@ -2397,8 +2400,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
MOD_ADD( RP.X ); MOD_ADD( RP.X );
/* Randomize coordinates of the starting point */ /* Randomize coordinates of the starting point */
if( f_rng != NULL ) MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, &RP, f_rng, p_rng ) );
/* Loop invariant: R = result so far, RP = R + P */ /* Loop invariant: R = result so far, RP = R + P */
i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */ i = mbedtls_mpi_bitlen( m ); /* one past the (zero-based) most significant bit */
@@ -2430,9 +2432,7 @@ static int ecp_mul_mxz( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
* *
* Avoid the leak by randomizing coordinates before we normalize them. * Avoid the leak by randomizing coordinates before we normalize them.
*/ */
if( f_rng != NULL ) MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_randomize_mxz( grp, R, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) ); MBEDTLS_MPI_CHK( ecp_normalize_mxz( grp, R ) );
cleanup: cleanup: