diff options
| author | Adam Langley <agl@google.com> | 2015-09-24 23:03:06 +0000 |
|---|---|---|
| committer | Android Git Automerger <android-git-automerger@android.com> | 2015-09-24 23:03:06 +0000 |
| commit | c737bc23bc868fff21e5c1b95940813f709ea550 (patch) | |
| tree | dd743d9d64af3145fe96b8d5fc2f3427544794bd /src/crypto/bn/gcd.c | |
| parent | 0267d647a4d272af8b9e7c91063d374f7e2775bb (diff) | |
| parent | 3781a60670f92c3c6fca860cb4589495cefa2e56 (diff) | |
| download | external_boringssl-c737bc23bc868fff21e5c1b95940813f709ea550.zip external_boringssl-c737bc23bc868fff21e5c1b95940813f709ea550.tar.gz external_boringssl-c737bc23bc868fff21e5c1b95940813f709ea550.tar.bz2 | |
am 3781a606: am 1e4884f6: external/boringssl: sync with upstream.
* commit '3781a60670f92c3c6fca860cb4589495cefa2e56':
external/boringssl: sync with upstream.
Diffstat (limited to 'src/crypto/bn/gcd.c')
| -rw-r--r-- | src/crypto/bn/gcd.c | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/src/crypto/bn/gcd.c b/src/crypto/bn/gcd.c index 3132c29..e106149 100644 --- a/src/crypto/bn/gcd.c +++ b/src/crypto/bn/gcd.c @@ -223,20 +223,23 @@ err: } /* solves ax == 1 (mod n) */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx); +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx); -BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, - BN_CTX *ctx) { +BIGNUM *BN_mod_inverse_ex(BIGNUM *out, int *out_no_inverse, const BIGNUM *a, + const BIGNUM *n, BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM *ret = NULL; int sign; if ((a->flags & BN_FLG_CONSTTIME) != 0 || (n->flags & BN_FLG_CONSTTIME) != 0) { - return BN_mod_inverse_no_branch(out, a, n, ctx); + return BN_mod_inverse_no_branch(out, out_no_inverse, a, n, ctx); } + *out_no_inverse = 0; + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -522,7 +525,8 @@ BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, } } } else { - OPENSSL_PUT_ERROR(BN, BN_mod_inverse, BN_R_NO_INVERSE); + *out_no_inverse = 1; + OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); goto err; } ret = R; @@ -535,16 +539,25 @@ err: return ret; } +BIGNUM *BN_mod_inverse(BIGNUM *out, const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { + int no_inverse; + return BN_mod_inverse_ex(out, &no_inverse, a, n, ctx); +} + /* BN_mod_inverse_no_branch is a special version of BN_mod_inverse. * It does not contain branches that may leak sensitive information. */ -static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, - const BIGNUM *n, BN_CTX *ctx) { +static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, int *out_no_inverse, + const BIGNUM *a, const BIGNUM *n, + BN_CTX *ctx) { BIGNUM *A, *B, *X, *Y, *M, *D, *T, *R = NULL; BIGNUM local_A, local_B; BIGNUM *pA, *pB; BIGNUM *ret = NULL; int sign; + *out_no_inverse = 0; + BN_CTX_start(ctx); A = BN_CTX_get(ctx); B = BN_CTX_get(ctx); @@ -682,7 +695,8 @@ static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *out, const BIGNUM *a, } } } else { - OPENSSL_PUT_ERROR(BN, BN_mod_inverse_no_branch, BN_R_NO_INVERSE); + *out_no_inverse = 1; + OPENSSL_PUT_ERROR(BN, BN_R_NO_INVERSE); goto err; } ret = R; |