Make hal_core_alloc2 a little smarter.hal_core_alloc2-fix

Currently the only use of hal_core_alloc2 is to allocate two modexp cores.
If the bitstream only has one, we'd allocate that one, then try to allocate
it again, and spin forever.

Added a check for that, and let rsa_crt fall back to trying with one modexp
core if it can't find two.

1 files changed, 9 insertions, 1 deletions

diff --git a/rsa.c b/rsa.c
index 1b5de7d..9776b08 100644
--- a/rsa.c
+++ b/rsa.c
@@ -539,7 +539,15 @@ static hal_error_t rsa_crt(hal_core_t *core1, hal_core_t *core2, hal_rsa_key_t *
    */
   if ((err = modexp2(precalc, msg,
                      core1, key->dP, key->p, m1, key->pC, sizeof(key->pC), key->pF, sizeof(key->pF),
-                     core2, key->dQ, key->q, m2, key->qC, sizeof(key->qC), key->qF, sizeof(key->qF))) != HAL_OK)
+                     core2, key->dQ, key->q, m2, key->qC, sizeof(key->qC), key->qF, sizeof(key->qF))) == HAL_ERROR_CORE_NOT_FOUND) {
+      /* Couldn't get two modexp cores, fall back to trying with one. */
+    if ((err = modexp(core1, precalc, msg, key->dP, key->p, m1,
+                      key->pC, sizeof(key->pC), key->pF, sizeof(key->pF))) != HAL_OK ||
+        (err = modexp(core1, precalc, msg, key->dQ, key->q, m2,
+                        key->qC, sizeof(key->qC), key->qF, sizeof(key->qF))) != HAL_OK)
+      goto fail;
+  }
+  else if (err != HAL_OK)
     goto fail;
 
   if (precalc)