From: Amitay Isaacs <amitay@ozlabs.org>
Date: Mon, 1 Feb 2021 05:22:16 +0000 (+1100)
Subject: curve448: Use constant time zero check function
X-Git-Tag: openssl-3.0.0-alpha14~9
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f684a2d783bf2c4728e65f83e0f89ec654f40e79;p=thirdparty%2Fopenssl.git

curve448: Use constant time zero check function

Signed-off-by: Amitay Isaacs <amitay@ozlabs.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14784)
---

diff --git a/crypto/ec/curve448/arch_64/arch_intrinsics.h b/crypto/ec/curve448/arch_64/arch_intrinsics.h
index ef611b903f8..30be38e99b3 100644
--- a/crypto/ec/curve448/arch_64/arch_intrinsics.h
+++ b/crypto/ec/curve448/arch_64/arch_intrinsics.h
@@ -13,13 +13,11 @@
 #ifndef OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H
 # define OSSL_CRYPTO_EC_CURVE448_ARCH_64_INTRINSICS_H
 
+# include "internal/constant_time.h"
+
 # define ARCH_WORD_BITS 64
 
-static ossl_inline uint64_t word_is_zero(uint64_t a)
-{
-    /* let's hope the compiler isn't clever enough to optimize this. */
-    return (((__uint128_t) a) - 1) >> 64;
-}
+# define word_is_zero(a)     constant_time_is_zero_64(a)
 
 static ossl_inline uint128_t widemul(uint64_t a, uint64_t b)
 {