* mpi/mpih-const-time.c (vzero, vone): Remove.
(_gcry_mpih_set_cond, _gcry_mpih_add_n_cond, _gcry_mpih_sub_n_cond)
(_gcry_mpih_swap_cond, _gcry_mpih_abs_cond): Use _gcry_ct_vzero and
_gcry_ct_vone.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
mpi/mpih-const-time.c | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/mpi/mpih-const-time.c b/mpi/mpih-const-time.c
index 388d2a91..85dba389 100644
--- a/mpi/mpih-const-time.c
+++ b/mpi/mpih-const-time.c
@@ -22,14 +22,10 @@
#include <stdlib.h>
#include "mpi-internal.h"
#include "g10lib.h"
+#include "const-time.h"
#define A_LIMB_1 ((mpi_limb_t)1)
-/* These variables are used to generate masks from conditional operation
- * flag parameters. Use of volatile prevents compiler optimizations from
- * converting AND-masking to conditional branches. */
-static volatile mpi_limb_t vzero = 0;
-static volatile mpi_limb_t vone = 1;
/*
* W = U when OP_ENABLED=1
@@ -40,8 +36,8 @@ _gcry_mpih_set_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_size_t usize,
unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
for (i = 0; i < usize; i++)
@@ -60,8 +56,8 @@ _gcry_mpih_add_n_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_ptr_t vp,
mpi_size_t usize, unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
mpi_limb_t cy;
@@ -92,8 +88,8 @@ _gcry_mpih_sub_n_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_ptr_t vp,
mpi_size_t usize, unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
mpi_limb_t cy;
@@ -124,8 +120,8 @@ _gcry_mpih_swap_cond (mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t usize,
unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
for (i = 0; i < usize; i++)
@@ -147,8 +143,8 @@ _gcry_mpih_abs_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_size_t usize,
unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_limb_t cy = op_enable;
mpi_size_t i;
--
2.40.1
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel
(_gcry_mpih_set_cond, _gcry_mpih_add_n_cond, _gcry_mpih_sub_n_cond)
(_gcry_mpih_swap_cond, _gcry_mpih_abs_cond): Use _gcry_ct_vzero and
_gcry_ct_vone.
--
Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
---
mpi/mpih-const-time.c | 26 +++++++++++---------------
1 file changed, 11 insertions(+), 15 deletions(-)
diff --git a/mpi/mpih-const-time.c b/mpi/mpih-const-time.c
index 388d2a91..85dba389 100644
--- a/mpi/mpih-const-time.c
+++ b/mpi/mpih-const-time.c
@@ -22,14 +22,10 @@
#include <stdlib.h>
#include "mpi-internal.h"
#include "g10lib.h"
+#include "const-time.h"
#define A_LIMB_1 ((mpi_limb_t)1)
-/* These variables are used to generate masks from conditional operation
- * flag parameters. Use of volatile prevents compiler optimizations from
- * converting AND-masking to conditional branches. */
-static volatile mpi_limb_t vzero = 0;
-static volatile mpi_limb_t vone = 1;
/*
* W = U when OP_ENABLED=1
@@ -40,8 +36,8 @@ _gcry_mpih_set_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_size_t usize,
unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
for (i = 0; i < usize; i++)
@@ -60,8 +56,8 @@ _gcry_mpih_add_n_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_ptr_t vp,
mpi_size_t usize, unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
mpi_limb_t cy;
@@ -92,8 +88,8 @@ _gcry_mpih_sub_n_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_ptr_t vp,
mpi_size_t usize, unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
mpi_limb_t cy;
@@ -124,8 +120,8 @@ _gcry_mpih_swap_cond (mpi_ptr_t up, mpi_ptr_t vp, mpi_size_t usize,
unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_size_t i;
for (i = 0; i < usize; i++)
@@ -147,8 +143,8 @@ _gcry_mpih_abs_cond (mpi_ptr_t wp, mpi_ptr_t up, mpi_size_t usize,
unsigned long op_enable)
{
/* Note: dual mask with AND/OR used for EM leakage mitigation */
- mpi_limb_t mask1 = vzero - op_enable;
- mpi_limb_t mask2 = op_enable - vone;
+ mpi_limb_t mask1 = _gcry_ct_vzero - op_enable;
+ mpi_limb_t mask2 = op_enable - _gcry_ct_vone;
mpi_limb_t cy = op_enable;
mpi_size_t i;
--
2.40.1
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gcrypt-devel