From 8934e10e139d45e5bc9b6874b3c630461d55607c Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Thu, 11 Jun 2015 18:21:50 -0400
Subject: Debug modexp_fp() buffer handling.  Add basic timing report.
 Compensate for PyCrypto's weird inversion of p and q when calculating CRT
 coefficients, and add key the key components PyCrypto doesn't bother
 pre-calculating to our test data.

---
 rsa.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

(limited to 'rsa.c')

diff --git a/rsa.c b/rsa.c
index b61feb4..31c4f61 100644
--- a/rsa.c
+++ b/rsa.c
@@ -175,18 +175,18 @@ static hal_error_t modexp_fp(fp_int *msg, fp_int *exp, fp_int *mod, fp_int *res)
 
   assert(msg != NULL && exp != NULL && mod != NULL && res != NULL);
 
-  uint8_t msgbuf[(fp_unsigned_bin_size(msg) + 3) & ~3];
-  uint8_t expbuf[(fp_unsigned_bin_size(exp) + 3) & ~3];
-  uint8_t modbuf[(fp_unsigned_bin_size(mod) + 3) & ~3];
+  const size_t msg_len = fp_unsigned_bin_size(msg);
+  const size_t exp_len = fp_unsigned_bin_size(exp);
+  const size_t mod_len = fp_unsigned_bin_size(mod);
 
-  if ((err = unpack_fp(msg, msgbuf, sizeof(msgbuf))) != HAL_OK ||
-      (err = unpack_fp(exp, expbuf, sizeof(expbuf))) != HAL_OK ||
-      (err = unpack_fp(mod, modbuf, sizeof(modbuf))) != HAL_OK)
-    goto fail;
+  const size_t len = (MAX(MAX(msg_len, exp_len), mod_len) + 3) & ~3;
 
-  uint8_t resbuf[FP_MAX_SIZE/8];
+  uint8_t msgbuf[len], expbuf[len], modbuf[len], resbuf[len];
 
-  if ((err = hal_modexp(msgbuf, sizeof(msgbuf),
+  if ((err = unpack_fp(msg, msgbuf, sizeof(msgbuf))) != HAL_OK ||
+      (err = unpack_fp(exp, expbuf, sizeof(expbuf))) != HAL_OK ||
+      (err = unpack_fp(mod, modbuf, sizeof(modbuf))) != HAL_OK ||
+      (err = hal_modexp(msgbuf, sizeof(msgbuf),
                         expbuf, sizeof(expbuf),
                         modbuf, sizeof(modbuf),
                         resbuf, sizeof(resbuf))) != HAL_OK)
-- 
cgit v1.2.3