tls: P256: fix sp_256_div2_8 - it wouldn't use a[] if low bit is 0

It worked by chance because the only caller passed both parameters as two pointers to the same array. My fault (I made this error when converting from 26-bit code). Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2021-11-27 16:07:42 +01:00
parent 8cbb70365f
commit dcfd8d3d10
1 changed files with 7 additions and 5 deletions
--- a/networking/tls_sp_c32.c
+++ b/networking/tls_sp_c32.c
@@ -636,12 +636,14 @@ static void sp_256_rshift1_8(sp_digit* r, sp_digit carry)
 }
 #endif

-/* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m) */
-static void sp_256_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+/* Divide the number by 2 mod the modulus (prime). (r = (r / 2) % m) */
+static void sp_256_div2_8(sp_digit* r /*, const sp_digit* m*/)
 {
+	const sp_digit* m = p256_mod;
+
 	int carry = 0;
-	if (a[0] & 1)
-		carry = sp_256_add_8(r, a, m);
+	if (r[0] & 1)
+		carry = sp_256_add_8(r, r, m);
 	sp_256_norm_8(r);
 	sp_256_rshift1_8(r, carry);
 }
@@ -1125,7 +1127,7 @@ static void sp_256_proj_point_dbl_8(sp_point* r, sp_point* p)
 	/* T2 = Y * Y */
 	sp_256to512z_mont_sqr_8(t2, r->y /*, p256_mod, p256_mp_mod*/);
 	/* T2 = T2/2 */
-	sp_256_div2_8(t2, t2, p256_mod);
+	sp_256_div2_8(t2 /*, p256_mod*/);
 	/* Y = Y * X */
 	sp_256to512z_mont_mul_8(r->y, r->y, r->x /*, p256_mod, p256_mp_mod*/);
 	/* X = T1 * T1 */