armv*-mont.pl: Correct a carry flag comment

On Arm, C is a true carry flag, unlike x86 where CF is a borrow flag for
subtraction. That is, for subtraction, it is set if Rn + ~Rm + 1 carries
in unsigned arithmetic, and so for subtracting 0, i.e. adding ~0 + 1, it
always sets the carry flag. Correct the comment to document what this is
actually doing.

CLA: trivial

Fixes: d1671f4f1a39 ("bn/asm/armv4-mont.pl: add NEON code path.")
Fixes: 10646160125a ("Optimize RSA on armv8")
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27826)

diff --git a/crypto/bn/asm/armv4-mont.pl b/crypto/bn/asm/armv4-mont.pl
index 017aa7cddff83415b48865129ecd6b8d7d346f1f..ab24ce8de573994f6e256f715bbde55e4a80c8ed 100644 (file)
--- a/crypto/bn/asm/armv4-mont.pl
+++ b/crypto/bn/asm/armv4-mont.pl
@@ -684,7 +684,7 @@ $code.=<<___;
 
        vst1.32 {${temp}[0]}, [$toutptr, :32]           @ top-most bit
        sub     $nptr,$nptr,$num,lsl#2                  @ rewind $nptr
-       subs    $aptr,sp,#0                             @ clear carry flag
+       subs    $aptr,sp,#0                             @ set carry flag
        add     $bptr,sp,$num,lsl#2
 
 .LNEON_sub:

diff --git a/crypto/bn/asm/armv8-mont.pl b/crypto/bn/asm/armv8-mont.pl
index b69df520352838a563a031fca78069750d311c9b..f1692caae70d8ea67bbcff459ec83ca4d6125627 100755 (executable)
--- a/crypto/bn/asm/armv8-mont.pl
+++ b/crypto/bn/asm/armv8-mont.pl
@@ -587,7 +587,7 @@ $code.=<<___;
 
        st1     {$temp.s}[0], [$toutptr],#4     // top-most bit
        sub     $nptr,$nptr,$num,lsl#2          // rewind $nptr
-       subs    $aptr,sp,#0                     // clear carry flag
+       subs    $aptr,sp,#0                     // set carry flag
        add     $bptr,sp,$num,lsl#2
 
 .LNEON_sub: