arne
/
cryptopp
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

fix possible branch prediction analysis (BPA) vulnerability

pull/2/head
weidai 2007-08-13 23:47:54 +00:00
parent 9026dd6c7f
commit d42ea79cd7
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
integer.cpp
View File

@ -826,6 +826,8 @@ static word LinearMultiply(word *C, const word *A, word B, size_t N)
return carry;
}
#ifndef CRYPTOPP_DOXYGEN_PROCESSING
#define Mul_2 \
Mul_Begin(2) \
Mul_SaveAcc(0, 0, 1) Mul_Acc(1, 0) \
@ -992,6 +994,8 @@ static word LinearMultiply(word *C, const word *A, word B, size_t N)
Bot_SaveAcc(14, 0, 15) Bot_Acc(1, 14) Bot_Acc(2, 13) Bot_Acc(3, 12) Bot_Acc(4, 11) Bot_Acc(5, 10) Bot_Acc(6, 9) Bot_Acc(7, 8) Bot_Acc(8, 7) Bot_Acc(9, 6) Bot_Acc(10, 5) Bot_Acc(11, 4) Bot_Acc(12, 3) Bot_Acc(13, 2) Bot_Acc(14, 1) Bot_Acc(15, 0) \
Bot_End(16)
#endif
#if 0
#define Mul_Begin(n) \
Declare2Words(p) \
@ -2307,7 +2311,7 @@ void MontgomeryReduce(word *R, word *T, word *X, const word *M, const word *U, s
// defend against timing attack by doing this Add even when not needed
word carry = Add(T+N, T, M, N);
assert(carry || !borrow);
CopyWords(R, T + (borrow ? N : 0), N);
CopyWords(R, T + ((0-borrow) & N), N);
#elif 0
const word u = 0-U[0];
Declare2Words(p)