From e141702551bef58664a43e361b755c1e8c4cceb8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Wed, 6 Apr 2022 06:45:45 +0100 Subject: [PATCH] Adjust mpi_montmul() to new signature of mpi_mul_hlp() A previous commit has changed the signature of mpi_mul_hlp, making the length of the output explicit. This commit adjusts mpi_montmul() accordingly. It also fixes a comment on the required size of the temporary value passed to mpi_montmul() (but does not change the call-sites). Signed-off-by: Hanno Becker --- library/bignum.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/library/bignum.c b/library/bignum.c index 91ba824af6..a8f8f84be4 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -1907,8 +1907,8 @@ static void mpi_montg_init( mbedtls_mpi_uint *mm, const mbedtls_mpi *N ) * \param mm The value calculated by `mpi_montg_init(&mm, N)`. * This is -N^-1 mod 2^ciL. * \param[in,out] T A bignum for temporary storage. - * It must be at least twice the limb size of N plus 2 - * (T->n >= 2 * (N->n + 1)). + * It must be at least twice the limb size of N plus 1 + * (T->n >= 2 * N->n + 1). * Its initial content is unused and * its final content is indeterminate. * Note that unlike the usual convention in the library @@ -1934,10 +1934,13 @@ static void mpi_montmul( mbedtls_mpi *A, const mbedtls_mpi *B, const mbedtls_mpi u0 = A->p[i]; u1 = ( d[0] + u0 * B->p[0] ) * mm; - mpi_mul_hlp( m, B->p, d, u0 ); - mpi_mul_hlp( n, N->p, d, u1 ); - - d++; d[n + 1] = 0; + (void) mpi_mul_hlp( d, n + 2, + B->p, m, + u0 ); + (void) mpi_mul_hlp( d, n + 2, + N->p, n, + u1 ); + d++; } /* At this point, d is either the desired result or the desired result