[crypto] Add bigint_swap() to conditionally swap big integers

Add a helper function bigint_swap() that can be used to conditionally swap a pair of big integers in constant time. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-04-04 03:00:20 +03:00 · 2024-01-19 12:34:02 +00:00
parent 13e390d54e
commit bac13ba1f6
3 changed files with 94 additions and 0 deletions
--- a/src/crypto/bigint.c
+++ b/src/crypto/bigint.c
@@ -50,6 +50,31 @@ static struct profiler bigint_mod_multiply_rescale_profiler __profiler =
 static struct profiler bigint_mod_multiply_subtract_profiler __profiler =
 	{ .name = "bigint_mod_multiply.subtract" };

+/**
+ * Conditionally swap big integers (in constant time)
+ *
+ * @v first0		Element 0 of big integer to be conditionally swapped
+ * @v second0		Element 0 of big integer to be conditionally swapped
+ * @v size		Number of elements in big integers
+ * @v swap		Swap first and second big integers
+ */
+void bigint_swap_raw ( bigint_element_t *first0, bigint_element_t *second0,
+		       unsigned int size, int swap ) {
+	bigint_element_t mask;
+	bigint_element_t xor;
+	unsigned int i;
+
+	/* Construct mask */
+	mask = ( ( bigint_element_t ) ( ! swap ) - 1 );
+
+	/* Conditionally swap elements */
+	for ( i = 0 ; i < size ; i++ ) {
+		xor = ( mask & ( first0[i] ^ second0[i] ) );
+		first0[i] ^= xor;
+		second0[i] ^= xor;
+	}
+}
+
 /**
 * Perform modular multiplication of big integers
 *