commit e1d31c4aadac5f354a88117fd7d08412de60765f
author Gabor Mezei <gabor.mezei@arm.com> Mon Sep 12 16:25:24 2022 +0200
committer Gabor Mezei <gabor.mezei@arm.com> Fri Sep 30 13:33:30 2022 +0200
tree 8badb2443f07cec0b4e66f2040393994dbd1a817
parent 845de0898e505df4b9b2bf3eb95e2592a9910e98

Add conditional swap and assign function for MPI core

Signed-off-by: Gabor Mezei <gabor.mezei@arm.com>

library/bignum_core.c

diff --git a/library/bignum_core.c b/library/bignum_core.c
index c47292e..6aa1e00 100644
--- a/library/bignum_core.c
+++ b/library/bignum_core.c
@@ -25,6 +25,7 @@
 
 #include "mbedtls/error.h"
 #include "mbedtls/platform_util.h"
+#include "constant_time_internal.h"
 
 #if defined(MBEDTLS_PLATFORM_C)
 #include "mbedtls/platform.h"
@@ -161,6 +162,61 @@
     }
 }
 
+int mbedtls_mpi_core_cond_assign( mbedtls_mpi_uint *X,
+                                  size_t X_limbs,
+                                  const mbedtls_mpi_uint *Y,
+                                  size_t Y_limbs,
+                                  unsigned char assign )
+{
+    if( X_limbs < Y_limbs )
+        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
+
+    if( X != NULL && Y != NULL )
+    {
+        /* all-bits 1 if assign is 1, all-bits 0 if assign is 0 */
+        mbedtls_mpi_uint limb_mask = mbedtls_ct_mpi_uint_mask( assign );
+
+        mbedtls_ct_mpi_uint_cond_assign( X_limbs, X, Y, assign );
+
+        for( size_t i = Y_limbs; i < X_limbs; i++ )
+            X[i] &= ~limb_mask;
+
+        return( 0 );
+    }
+
+    return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+}
+
+int mbedtls_mpi_core_cond_swap( mbedtls_mpi_uint *X,
+                                size_t X_limbs,
+                                mbedtls_mpi_uint *Y,
+                                size_t Y_limbs,
+                                unsigned char swap )
+{
+    if( X == Y )
+        return( 0 );
+
+    if( X_limbs != Y_limbs )
+        return( MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL );
+
+    if( X != NULL && Y != NULL )
+    {
+        /* all-bits 1 if swap is 1, all-bits 0 if swap is 0 */
+        mbedtls_mpi_uint limb_mask = mbedtls_ct_mpi_uint_mask( swap );
+
+        for( size_t i = 0; i < X_limbs; i++ )
+        {
+            mbedtls_mpi_uint tmp = X[i];
+            X[i] = ( X[i] & ~limb_mask ) | ( Y[i] & limb_mask );
+            Y[i] = ( Y[i] & ~limb_mask ) | (  tmp & limb_mask );
+        }
+
+        return( 0 );
+    }
+
+    return( MBEDTLS_ERR_MPI_BAD_INPUT_DATA );
+}
+
 int mbedtls_mpi_core_read_le( mbedtls_mpi_uint *X,
                               size_t X_limbs,
                               const unsigned char *input,