curve448: Use constant time zero check function

Signed-off-by: Amitay Isaacs <amitay@ozlabs.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14784)

diff --git a/crypto/ec/curve448/arch_64/arch_intrinsics.h b/crypto/ec/curve448/arch_64/arch_intrinsics.h
index ef611b903f8df1ac0601fd466089bf898ee6d5a2..30be38e99b3e310f88f64e0b1c1e11cc25e9eb20 100644 (file)
--- a/crypto/ec/curve448/arch_64/arch_intrinsics.h
+++ b/crypto/ec/curve448/arch_64/arch_intrinsics.h
@@ -13,13 +13,11 @@
 #ifndef OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H
 # define OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H
 
+# include "internal/constant_time.h"
+
 # define ARCH_WORD_BITS 64
 
-static ossl_inline uint64_t word_is_zero(uint64_t a)
-{
-    /* let's hope the compiler isn't clever enough to optimize this. */
-    return (((__uint128_t) a) - 1) >> 64;
-}
+# define word_is_zero(a)     constant_time_is_zero_64(a)
 
 static ossl_inline uint128_t widemul(uint64_t a, uint64_t b)
 {