projects / BearSSL / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Added guard code to avoid issue when decoding PEM but not keeping data.
[BearSSL] / src / int / i31_montmul.c
diff --git a/src/int/i31_montmul.c b/src/int/i31_montmul.c
index 0857797..8066808 100644 (file)
--- a/src/int/i31_montmul.c
+++ b/src/int/i31_montmul.c
@@ -34,14 +34,14 @@ br_i31_montymul(uint32_t *d, const uint32_t *x, const uint32_t *y,
 
        len = (m[0] + 31) >> 5;
        len4 = len & ~(size_t)3;
-       br_i32_zero(d, m[0]);
+       br_i31_zero(d, m[0]);
        dh = 0;
        for (u = 0; u < len; u ++) {
                uint32_t f, xu;
                uint64_t r, zh;
 
                xu = x[u + 1];
-               f = ((d[1] + x[u + 1] * y[1]) * m0i) & 0x7FFFFFFF;
+               f = MUL31_lo((d[1] + MUL31_lo(x[u + 1], y[1])), m0i);
 
                r = 0;
                for (v = 0; v < len4; v += 4) {
The BearSSL library and tools.