[Gmp-commit] /var/hg/gmp: Handle 0^e mod m specially.

mercurial at gmplib.org mercurial at gmplib.org
Wed Dec 25 15:45:19 UTC 2013 

details:   /var/hg/gmp/rev/c9c2135eefb8
changeset: 16107:c9c2135eefb8
user:      Torbjorn Granlund <tege at gmplib.org>
date:      Wed Dec 25 16:45:16 2013 +0100
description:
Handle 0^e mod m specially.

diffstat:

 ChangeLog              |  5 +++++
 mpn/generic/powm_sec.c |  5 ++++-
 mpz/powm_sec.c         |  8 +++++++-
 3 files changed, 16 insertions(+), 2 deletions(-)

diffs (55 lines):

diff -r b7219db5ac53 -r c9c2135eefb8 ChangeLog
--- a/ChangeLog	Mon Dec 23 22:08:09 2013 +0100
+++ b/ChangeLog	Wed Dec 25 16:45:16 2013 +0100
@@ -1,3 +1,8 @@
+2013-12-25  Torbjorn Granlund  <tege at gmplib.org>
+
+	* mpz/powm_sec.c: Handle 0^e mod m specially.
+	* mpn/generic/powm_sec.c: ASSERT that the base is non-zero.
+
 2013-12-23  Torbjorn Granlund  <tege at gmplib.org>
 
 	* mpn/generic/powm_sec.c (redcify): Use passed scratch instead of
diff -r b7219db5ac53 -r c9c2135eefb8 mpn/generic/powm_sec.c
--- a/mpn/generic/powm_sec.c	Mon Dec 23 22:08:09 2013 +0100
+++ b/mpn/generic/powm_sec.c	Wed Dec 25 16:45:16 2013 +0100
@@ -1,7 +1,7 @@
 /* mpn_powm_sec -- Compute R = U^E mod M.  Secure variant, side-channel silent
    under the assumption that the multiply instruction is side channel silent.
 
-   Contributed to the GNU project by Torbjorn Granlund.
+   Contributed to the GNU project by Torbjörn Granlund.
 
    THE FUNCTIONS IN THIS FILE ARE INTERNAL WITH MUTABLE INTERFACES.  IT IS ONLY
    SAFE TO REACH THEM THROUGH DOCUMENTED INTERFACES.  IN FACT, IT IS ALMOST
@@ -253,6 +253,9 @@
 
   ASSERT (en > 1 || (en == 1 && ep[0] > 0));
   ASSERT (n >= 1 && ((mp[0] & 1) != 0));
+  /* The code works for bn = 0, but the defined scratch space is 2 limbs
+     greater than we supply, when converting 1 to redc form .  */
+  ASSERT (bn >= 1);
 
   MPN_SIZEINBASE_2EXP(ebi, ep, en, 1);
 
diff -r b7219db5ac53 -r c9c2135eefb8 mpz/powm_sec.c
--- a/mpz/powm_sec.c	Mon Dec 23 22:08:09 2013 +0100
+++ b/mpz/powm_sec.c	Wed Dec 25 16:45:16 2013 +0100
@@ -54,10 +54,16 @@
 	}
       DIVIDE_BY_ZERO;
     }
+  en = es;
 
-  en = es;
   bn = ABSIZ(b);
 
+  if (UNLIKELY (bn == 0))
+    {
+      SIZ(r) = 0;
+      return;
+    }
+
   TMP_MARK;
   tp = TMP_ALLOC_LIMBS (n + mpn_powm_sec_itch (bn, en, n));

More information about the gmp-commit mailing list