Merge pull request #823 from LedgerHQ/is_zero

bigspider · web-flow · commit fe9d203cde73 · 2024-11-14T13:04:57.000Z
Make cx_math_is_zero run in constant time
diff --git a/lib_cxng/include/lcx_math.h b/lib_cxng/include/lcx_math.h
@@ -568,13 +568,11 @@ DEPRECATED static inline void cx_math_next_prime(uint8_t *r, uint32_t len)
  */
 static inline bool cx_math_is_zero(const uint8_t *a, size_t len)
 {
-    uint32_t i;
-    for (i = 0; i < len; i++) {
-        if (a[i] != 0) {
-            return 0;
-        }
+    uint8_t acc = 0;  // accumulate all the bytes in order to run in constant time
+    for (size_t i = 0; i < len; i++) {
+        acc |= a[i];
     }
-    return 1;
+    return acc == 0;
 }
 
 #endif  // HAVE_MATH

Original file line number	Diff line number	Diff line change
`@@ -568,13 +568,11 @@ DEPRECATED static inline void cx_math_next_prime(uint8_t *r, uint32_t len)`
`568`	`568`	`*/`
`569`	`569`	`static inline bool cx_math_is_zero(const uint8_t *a, size_t len)`
`570`	`570`	`{`
`571`		`- uint32_t i;`
`572`		`- for (i = 0; i < len; i++) {`
`573`		`- if (a[i] != 0) {`
`574`		`- return 0;`
`575`		`- }`
	`571`	`+ uint8_t acc = 0; // accumulate all the bytes in order to run in constant time`
	`572`	`+ for (size_t i = 0; i < len; i++) {`
	`573`	`+ acc \|= a[i];`
`576`	`574`	`}`
`577`		`- return 1;`
	`575`	`+ return acc == 0;`
`578`	`576`	`}`
`579`	`577`
`580`	`578`	`#endif // HAVE_MATH`