[crypto] Expose carry flag from big integer addition and subtraction

Expose the effective carry (or borrow) out flag from big integer addition and subtraction, and use this to elide an explicit bit test when performing x25519 reduction. Signed-off-by: Michael Brown <mcb30@ipxe.org>
author: Michael Brown <mcb30@ipxe.org> 2024-11-26 12:53:01 +0000
committer: Michael Brown <mcb30@ipxe.org> 2024-11-26 12:55:13 +0000
commit: 167a08f08928c7e469f50d5d364287abb784e99c (patch)
tree: 039a60c76e5da50dfe17cffb41c4491087c2c74f /src/crypto/x25519.c
parent: da6da6eb3b83fe92002e9c8e245933498ba19a48 (diff)
download: ipxe-167a08f08928c7e469f50d5d364287abb784e99c.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/src/crypto/x25519.c b/src/crypto/x25519.c
index 19f9a2c02..ab5d2e8b0 100644
--- a/src/crypto/x25519.c
+++ b/src/crypto/x25519.c
@@ -564,6 +564,7 @@ void x25519_invert ( const union x25519_oct258 *invertend,
  */
 static void x25519_reduce_by ( const x25519_t *subtrahend, x25519_t *value ) {
 	x25519_t tmp;
+	int underflow;
 
 	/* Conditionally subtract subtrahend
 	 *
@@ -571,8 +572,8 @@ static void x25519_reduce_by ( const x25519_t *subtrahend, x25519_t *value ) {
 	 * time) if the subtraction underflows.
 	 */
 	bigint_copy ( value, &tmp );
-	bigint_subtract ( subtrahend, value );
-	bigint_swap ( value, &tmp, bigint_msb_is_set ( value ) );
+	underflow = bigint_subtract ( subtrahend, value );
+	bigint_swap ( value, &tmp, underflow );
 }
 
 /**
author	Michael Brown <mcb30@ipxe.org>	2024-11-26 12:53:01 +0000
committer	Michael Brown <mcb30@ipxe.org>	2024-11-26 12:55:13 +0000
commit	167a08f08928c7e469f50d5d364287abb784e99c (patch)
tree	039a60c76e5da50dfe17cffb41c4491087c2c74f /src/crypto/x25519.c
parent	da6da6eb3b83fe92002e9c8e245933498ba19a48 (diff)
download	ipxe-167a08f08928c7e469f50d5d364287abb784e99c.tar.gz