commit 0ae1f40299a816771acc920fed136318f7b7917b
author Paul Bakker <p.j.bakker@polarssl.org> Tue Nov 13 10:25:21 2012 +0000
committer Paul Bakker <p.j.bakker@polarssl.org> Wed Jan 16 13:03:46 2013 +0100
tree 57206eca30c22148d23ec03e6564939c2289e9f3
parent f173e0ac74404221ce74b5039a8817d3ac148e55

Allow R and A to point to same mpi in mpi_div_mpi
(cherry picked from commit f02c5642d0f19281e7c30d849bf8cd94703a9bd5 and
from commit 50546921ac8250d1884c41fd9dc7a645007d4103)

ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 60e0f77..e562139 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,8 @@
      #52)
    * Fixed possible segfault in mpi_shift_r() (found by Manuel
      Pégourié-Gonnard)
+   * Allow R and A to point to same mpi in mpi_div_mpi (found by Manuel
+     Pégourié-Gonnard)
 
 Security
    * Fixed potential memory zeroization on miscrafted RSA key (found by Eloi

library/bignum.c

diff --git a/library/bignum.c b/library/bignum.c
index acaba6a..079b58e 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1196,9 +1196,9 @@
     if( R != NULL )
     {
         mpi_shift_r( &X, k );
+        X.s = A->s;
         mpi_copy( R, &X );
 
-        R->s = A->s;
         if( mpi_cmp_int( R, 0 ) == 0 )
             R->s = 1;
     }
@@ -1400,19 +1400,6 @@
         return( POLARSSL_ERR_MPI_BAD_INPUT_DATA );
 
     /*
-     * Compensate for negative A (and correct at the end)
-     */
-    neg = ( A->s == -1 );
-
-    mpi_init( &Apos );
-    if( neg )
-    {
-        MPI_CHK( mpi_copy( &Apos, A ) );
-        Apos.s = 1;
-        A = &Apos;
-    }
-
-    /*
      * Init temps and window size
      */
     mpi_montg_init( &mm, N );
@@ -1433,6 +1420,19 @@
     MPI_CHK( mpi_grow( &T, j * 2 ) );
 
     /*
+     * Compensate for negative A (and correct at the end)
+     */
+    neg = ( A->s == -1 );
+
+    mpi_init( &Apos );
+    if( neg )
+    {
+        MPI_CHK( mpi_copy( &Apos, A ) );
+        Apos.s = 1;
+        A = &Apos;
+    }
+
+    /*
      * If 1st call, pre-compute R^2 mod N
      */
     if( _RR == NULL || _RR->p == NULL )

tests/suites/test_suite_mpi.function

diff --git a/tests/suites/test_suite_mpi.function b/tests/suites/test_suite_mpi.function
index 596b7df..70d9b4f 100644
--- a/tests/suites/test_suite_mpi.function
+++ b/tests/suites/test_suite_mpi.function
@@ -514,21 +514,21 @@
 BEGIN_CASE
 mpi_mod_mpi:radix_X:input_X:radix_Y:input_Y:radix_A:input_A:div_result
 {
-    mpi X, Y, Z, A;
+    mpi X, Y, A;
     int res;
-    mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); mpi_init( &A );
+    mpi_init( &X ); mpi_init( &Y ); mpi_init( &A );
 
     TEST_ASSERT( mpi_read_string( &X, {radix_X}, {input_X} ) == 0 );
     TEST_ASSERT( mpi_read_string( &Y, {radix_Y}, {input_Y} ) == 0 );
     TEST_ASSERT( mpi_read_string( &A, {radix_A}, {input_A} ) == 0 );
-    res = mpi_mod_mpi( &Z, &X, &Y );
+    res = mpi_mod_mpi( &X, &X, &Y );
     TEST_ASSERT( res == {div_result} );
     if( res == 0 )
     {
-        TEST_ASSERT( mpi_cmp_mpi( &Z, &A ) == 0 );
+        TEST_ASSERT( mpi_cmp_mpi( &X, &A ) == 0 );
     }
 
-    mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z ); mpi_free( &A );
+    mpi_free( &X ); mpi_free( &Y ); mpi_free( &A );
 }
 END_CASE