From: Bernd Edlinger <bernd.edlinger@hotmail.de>
Date: Sat, 4 Oct 2025 14:20:31 +0000 (+0200)
Subject: Fix riscv64 carry bug in SM2 modulo reduction
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=521ae4abf3931ddb78ae22b2fbf0983c8f447727;p=thirdparty%2Fopenssl.git

Fix riscv64 carry bug in SM2 modulo reduction

Fixes #28731

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28746)
---

diff --git a/crypto/ec/asm/ecp_sm2p256-riscv64.pl b/crypto/ec/asm/ecp_sm2p256-riscv64.pl
index 0fb16753027..2a17e124dc4 100644
--- a/crypto/ec/asm/ecp_sm2p256-riscv64.pl
+++ b/crypto/ec/asm/ecp_sm2p256-riscv64.pl
@@ -881,6 +881,7 @@ $code.=<<___;
 	add $t1, $t1, $s6
 	sltu $c2, $t1, $s6
 	add $t1, $t1, $c1
+	sltu $c1, $t1, $c1
 	add $c1, $c1, $c2
 	add $t2, $t2, $c1
 	sltu $c1, $t2, $c1