From: Niels Möller <nisse@lysator.liu.se>
Date: Thu, 13 Oct 2022 17:16:36 +0000 (+0200)
Subject: Add back implementation of mpn_sec_tabselect, for mini-gmp builds.
X-Git-Tag: nettle_3.9_release_20230514~48
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c875e575c56918addf54de9b39f91aaed5e7459f;p=thirdparty%2Fnettle.git

Add back implementation of mpn_sec_tabselect, for mini-gmp builds.
---

diff --git a/ChangeLog b/ChangeLog
index 98dc40a4..3dc357f6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2022-10-13  Niels MÃ¶ller  <nisse@lysator.liu.se>
+
+	* gmp-glue.c (mpn_sec_tabselect) [NETTLE_USE_MINI_GMP]: Add back
+	here, to support mini-gmp builds. Updated signature to be
+	compatible with the gmp version.
+	* gmp-glue.h: Add declaration.
+
 2022-10-11  Niels MÃ¶ller  <nisse@lysator.liu.se>
 
 	* sec-tabselect.c (sec_tabselect): Delete file and function. All
diff --git a/gmp-glue.c b/gmp-glue.c
index e75d678b..ffce6c30 100644
--- a/gmp-glue.c
+++ b/gmp-glue.c
@@ -99,6 +99,26 @@ mpn_cnd_swap (mp_limb_t cnd, volatile mp_limb_t *ap, volatile mp_limb_t *bp, mp_
     }
 }
 
+/* Copy the k'th element of the table out tn elements, each of size
+   rn. Always read complete table. Similar to gmp's mpn_tabselect. */
+void
+mpn_sec_tabselect (volatile mp_limb_t *rp, volatile const mp_limb_t *table,
+		   mp_size_t rn, unsigned tn, unsigned k)
+{
+  volatile const mp_limb_t *end = table + tn * rn;
+  volatile const mp_limb_t *p;
+  mp_size_t i;
+
+  assert (k < tn);
+  for (p = table; p < end; p += rn, k--)
+    {
+      mp_limb_t mask = - (mp_limb_t) (k == 0);
+      for (i = 0; i < rn; i++)
+	rp[i] = (~mask & rp[i]) | (mask & p[i]);
+    }
+}
+
+
 #endif /* NETTLE_USE_MINI_GMP */
 
 int
diff --git a/gmp-glue.h b/gmp-glue.h
index bc6dbf16..dc0ede2a 100644
--- a/gmp-glue.h
+++ b/gmp-glue.h
@@ -66,6 +66,10 @@ mpn_cnd_sub_n (mp_limb_t cnd, mp_limb_t *rp,
 
 void
 mpn_cnd_swap (mp_limb_t cnd, volatile mp_limb_t *ap, volatile mp_limb_t *bp, mp_size_t n);
+
+void
+mpn_sec_tabselect (volatile mp_limb_t *rp, volatile const mp_limb_t *table,
+		   mp_size_t rn, unsigned tn, unsigned k);
 #endif
 
 /* Side-channel silent variant of mpn_zero_p. */