Merge pull request #6095 from gabor-mezei-arm/6016_add_new_modulus_and_residue_structures

Add the new modulus and the residue structures with low level I/O operations
2025-08-08 17:42:09 +03:00 · 2022-08-23 09:02:43 +01:00
parent 0ce93933e8 2e328c8591
commit 645ff5b8ff
15 changed files with 1728 additions and 238 deletions
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -741,6 +741,50 @@ cleanup:
    return( ret );
 }

+/*
+ * Compare unsigned values in constant time
+ */
+unsigned mbedtls_mpi_core_lt_ct( const mbedtls_mpi_uint *A,
+                                 const mbedtls_mpi_uint *B,
+                                 size_t limbs )
+{
+    unsigned ret, cond, done;
+
+    /* The value of any of these variables is either 0 or 1 for the rest of
+     * their scope. */
+    ret = cond = done = 0;
+
+    for( size_t i = limbs; i > 0; i-- )
+    {
+        /*
+         * If B[i - 1] < A[i - 1] then A < B is false and the result must
+         * remain 0.
+         *
+         * Again even if we can make a decision, we just mark the result and
+         * the fact that we are done and continue looping.
+         */
+        cond = mbedtls_ct_mpi_uint_lt( B[i - 1], A[i - 1] );
+        done |= cond;
+
+        /*
+         * If A[i - 1] < B[i - 1] then A < B is true.
+         *
+         * Again even if we can make a decision, we just mark the result and
+         * the fact that we are done and continue looping.
+         */
+        cond = mbedtls_ct_mpi_uint_lt( A[i - 1], B[i - 1] );
+        ret |= cond & ( 1 - done );
+        done |= cond;
+    }
+
+    /*
+     * If all the limbs were equal, then the numbers are equal, A < B is false
+     * and leaving the result 0 is correct.
+     */
+
+    return( ret );
+}
+
 /*
 * Compare signed values in constant time
 */