From: Daiki Ueno <dueno@redhat.com>
Date: Sat, 5 Aug 2017 07:43:44 +0000 (+0200)
Subject: eccdata: Emit correct ecc_Bmodq_shifted for curve448
X-Git-Tag: nettle_3.4rc1~29
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7ef335beec90fc27035d4d90b8aff957c64f27b2;p=thirdparty%2Fnettle.git

eccdata: Emit correct ecc_Bmodq_shifted for curve448

In curve448, the bit size of the order is slightly smaller than the
one of p's.  Adjust ecc_Bmodq_shifted accordingly.

Signed-off-by: Daiki Ueno <dueno@redhat.com>
---

diff --git a/eccdata.c b/eccdata.c
index 9533d783..9be9afb5 100644
--- a/eccdata.c
+++ b/eccdata.c
@@ -1014,16 +1014,19 @@ output_curve (const struct ecc_curve *ecc, unsigned bits_per_limb)
 	      exit (EXIT_FAILURE);
 	    }
 	}
+    }
+  else
+    printf ("#define ecc_Bmodp_shifted ecc_Bmodp\n");
+
+  if (bits < limb_size * bits_per_limb)
+    {
       mpz_set_ui (t, 0);
-      mpz_setbit (t, ecc->bit_size);
+      mpz_setbit (t, bits);
       mpz_sub (t, t, ecc->q);      
       output_bignum ("ecc_Bmodq_shifted", t, limb_size, bits_per_limb);      
     }
   else
-    {
-      printf ("#define ecc_Bmodp_shifted ecc_Bmodp\n");
-      printf ("#define ecc_Bmodq_shifted ecc_Bmodq\n");
-    }
+    printf ("#define ecc_Bmodq_shifted ecc_Bmodq\n");
 
   mpz_add_ui (t, ecc->p, 1);
   mpz_fdiv_q_2exp (t, t, 1);