More logical parameter order for mpi_sub_hlp
mpi_sub_hlp performs a subtraction A - B, but took parameters in the
order (B, A). Swap the parameters so that they match the usual
mathematical syntax.
This has the additional benefit of putting the output parameter (A)
first, which is the normal convention in this module.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/library/bignum.c b/library/bignum.c
index aa19b0c..e59d91f 100644
--- a/library/bignum.c
+++ b/library/bignum.c
@@ -1109,8 +1109,8 @@
* d -= s where d and s have the same size and d >= s.
*/
static void mpi_sub_hlp( size_t n,
- const mbedtls_mpi_uint *s,
- mbedtls_mpi_uint *d )
+ mbedtls_mpi_uint *d,
+ const mbedtls_mpi_uint *s )
{
size_t i;
mbedtls_mpi_uint c, z;
@@ -1162,7 +1162,7 @@
if( B->p[n - 1] != 0 )
break;
- mpi_sub_hlp( n, B->p, X->p );
+ mpi_sub_hlp( n, X->p, B->p );
cleanup:
@@ -1768,7 +1768,7 @@
* timing attacks. */
/* Set d to A + (2^biL)^n - N. */
d[n] += 1;
- mpi_sub_hlp( n, N->p, d );
+ mpi_sub_hlp( n, d, N->p );
/* Now d - (2^biL)^n = A - N so d >= (2^biL)^n iff A >= N.
* So we want to copy the result of the subtraction iff d->p[n] != 0.
* Note that d->p[n] is either 0 or 1 since A - N <= N <= (2^biL)^n. */