Improved on the fix of #309 and extended the test to cover subroutines.

commit: 6cbacec3b339547df06b9f6c0ac5205a53c1f74a [log] [tgz]
author: Janos Follath <janos.follath@gmail.com> Sun Oct 25 12:29:13 2015 +0100
committer: Janos Follath <janos.follath@gmail.com> Sun Oct 25 12:31:27 2015 +0100
tree: 46e583a89d3cc56bbe84a0bb4a15995cbb248c89
parent: 044a86bde8b0fd3b185253f52715655541dacc60 [diff] [blame]
diff --git a/library/bignum.c b/library/bignum.c
index 1b80200..7e35aa6 100644
--- a/library/bignum.c
+++ b/library/bignum.c

@@ -862,12 +862,19 @@
 
     if( X == B )
     {
-        const mbedtls_mpi *T;
+        if( B == A )
+        {
+            // Making a temporary copy instead of shifting by one to deny
+            // the possibility of corresponding side-channel attacks.
+            mbedtls_mpi TB;
 
-        if( B == A)
-            return mbedtls_mpi_shift_l( X, 1 );
+            mbedtls_mpi_init( &TB );
+            MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &TB, B ) );
+            
+            return mbedtls_mpi_add_abs( X, A, &TB );
+        }
 
-        T = A; A = X; B = T;
+        B = A; A = X;
     }
 
     if( X != A )
commit	6cbacec3b339547df06b9f6c0ac5205a53c1f74a	[log] [tgz]
author	Janos Follath <janos.follath@gmail.com>	Sun Oct 25 12:29:13 2015 +0100
committer	Janos Follath <janos.follath@gmail.com>	Sun Oct 25 12:31:27 2015 +0100
tree	46e583a89d3cc56bbe84a0bb4a15995cbb248c89
parent	044a86bde8b0fd3b185253f52715655541dacc60 [diff] [blame]