bn/bn_mont.c: improve readability of post-condition code.

author Andy Polyakov <appro@openssl.org>

Fri, 6 Jul 2018 12:54:34 +0000 (14:54 +0200)

committer Andy Polyakov <appro@openssl.org>

Thu, 12 Jul 2018 13:08:40 +0000 (15:08 +0200)
author Andy Polyakov <appro@openssl.org>
Fri, 6 Jul 2018 12:54:34 +0000 (14:54 +0200)
committer Andy Polyakov <appro@openssl.org>
Thu, 12 Jul 2018 13:08:40 +0000 (15:08 +0200)
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c

index f052d5612b72a6f725d0cd6cdbbae545e6f5ae4b..e1d2973032e2119a96a21e443fb0f9d47cb255b0 100644 (file)
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -130,15 +130,14 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
       */
      ap = &(r->d[nl]);
  
+    carry -= bn_sub_words(rp, ap, np, nl);
      /*
-     * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
-     * cannot be -1. That would imply the subtraction did not fit in |nl| words,
-     * and we know at most one subtraction is needed.
+     * |carry| is -1 if |ap| - |np| underflowed or zero if it did not. Note
+     * |carry| cannot be 1. That would imply the subtraction did not fit in
+     * |nl| words, and we know at most one subtraction is needed.
       */
-    v = bn_sub_words(rp, ap, np, nl) - carry;
-    v = 0 - v;
      for (i = 0; i < nl; i++) {
-        rp[i] = (v & ap[i]) | (~v & rp[i]);
+        rp[i] = (carry & ap[i]) | (~carry & rp[i]);
          ap[i] = 0;
      }
      bn_correct_top(r);
author	Andy Polyakov <appro@openssl.org>
	Fri, 6 Jul 2018 12:54:34 +0000 (14:54 +0200)
committer	Andy Polyakov <appro@openssl.org>
	Thu, 12 Jul 2018 13:08:40 +0000 (15:08 +0200)