projects
/
BearSSL
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
15b3af7
)
Fixed carry propagation bug in P-256 'm62' implementation (found by Auke Zeilstra...
author
Thomas Pornin
<pornin@bolet.org>
Sat, 14 Dec 2019 15:53:30 +0000
(16:53 +0100)
committer
Thomas Pornin
<pornin@bolet.org>
Sat, 14 Dec 2019 15:53:30 +0000
(16:53 +0100)
src/ec/ec_p256_m62.c
patch
|
blob
|
history
diff --git
a/src/ec/ec_p256_m62.c
b/src/ec/ec_p256_m62.c
index
3bcb95b
..
a431790
100644
(file)
--- a/
src/ec/ec_p256_m62.c
+++ b/
src/ec/ec_p256_m62.c
@@
-580,7
+580,7
@@
f256_final_reduce(uint64_t *a)
w = t[2] - cc;
t[2] = w & MASK52;
cc = w >> 63;
- w = t[3] - BIT(36);
+ w = t[3] - BIT(36)
- cc
;
t[3] = w & MASK52;
cc = w >> 63;
t[4] -= cc;