[PATCH 03/10] mpih-pow: harden condition calculation against branch optimization
Jussi Kivilinna
jussi.kivilinna at iki.fi
Sat Sep 27 09:54:12 CEST 2025
* mpi/mpih-pow.c (mont_reduc): Pass condition code through mask
generator to avoid optimization to branch by certain compilers.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna at iki.fi>
---
mpi/mpih-pow.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mpi/mpih-pow.c b/mpi/mpih-pow.c
index 649052f6..fb6cd9f3 100644
--- a/mpi/mpih-pow.c
+++ b/mpi/mpih-pow.c
@@ -97,7 +97,7 @@ mont_reduc (mpi_ptr_t rp, mpi_ptr_t tp,
cy0 = _gcry_mpih_sub_n (rp, tp + n, mp, n);
_gcry_mpih_set_cond (rp, tp + n, n,
- mpih_limb_is_not_zero (cy0)
+ ct_ulong_gen_mask (mpih_limb_is_not_zero (cy0))
& mpih_limb_is_zero (cy1));
}
--
2.48.1
More information about the Gcrypt-devel
mailing list