ct: Use volatile trick in scalar_cond_negate
This commit is contained in:
		
							parent
							
								
									edcba04c28
								
							
						
					
					
						commit
						3e94289966
					
				| @ -180,7 +180,8 @@ static int secp256k1_scalar_is_high(const secp256k1_scalar *a) { | |||||||
| static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { | static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { | ||||||
|     /* If we are flag = 0, mask = 00...00 and this is a no-op;
 |     /* If we are flag = 0, mask = 00...00 and this is a no-op;
 | ||||||
|      * if we are flag = 1, mask = 11...11 and this is identical to secp256k1_scalar_negate */ |      * if we are flag = 1, mask = 11...11 and this is identical to secp256k1_scalar_negate */ | ||||||
|     uint64_t mask = !flag - 1; |     volatile int vflag = flag; | ||||||
|  |     uint64_t mask = -vflag; | ||||||
|     uint64_t nonzero = (secp256k1_scalar_is_zero(r) != 0) - 1; |     uint64_t nonzero = (secp256k1_scalar_is_zero(r) != 0) - 1; | ||||||
|     uint128_t t = (uint128_t)(r->d[0] ^ mask) + ((SECP256K1_N_0 + 1) & mask); |     uint128_t t = (uint128_t)(r->d[0] ^ mask) + ((SECP256K1_N_0 + 1) & mask); | ||||||
|     r->d[0] = t & nonzero; t >>= 64; |     r->d[0] = t & nonzero; t >>= 64; | ||||||
|  | |||||||
| @ -253,7 +253,8 @@ static int secp256k1_scalar_is_high(const secp256k1_scalar *a) { | |||||||
| static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { | static int secp256k1_scalar_cond_negate(secp256k1_scalar *r, int flag) { | ||||||
|     /* If we are flag = 0, mask = 00...00 and this is a no-op;
 |     /* If we are flag = 0, mask = 00...00 and this is a no-op;
 | ||||||
|      * if we are flag = 1, mask = 11...11 and this is identical to secp256k1_scalar_negate */ |      * if we are flag = 1, mask = 11...11 and this is identical to secp256k1_scalar_negate */ | ||||||
|     uint32_t mask = !flag - 1; |     volatile int vflag = flag; | ||||||
|  |     uint32_t mask = -vflag; | ||||||
|     uint32_t nonzero = 0xFFFFFFFFUL * (secp256k1_scalar_is_zero(r) == 0); |     uint32_t nonzero = 0xFFFFFFFFUL * (secp256k1_scalar_is_zero(r) == 0); | ||||||
|     uint64_t t = (uint64_t)(r->d[0] ^ mask) + ((SECP256K1_N_0 + 1) & mask); |     uint64_t t = (uint64_t)(r->d[0] ^ mask) + ((SECP256K1_N_0 + 1) & mask); | ||||||
|     r->d[0] = t & nonzero; t >>= 32; |     r->d[0] = t & nonzero; t >>= 32; | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user