**diff options**

author | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2018-08-05 16:18:23 +0200 |
---|---|---|

committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2018-08-06 00:13:15 +0200 |

commit | a11cada73596ce5b67e460ae5259d227f349e83c (patch) | |

tree | d50e85b3bc90786478f2d6e66f794e3688e16dc4 | |

parent | 6c9adee6462ce97f628288bd3da808fd22cdbc7b (diff) | |

download | VeraCrypt-a11cada73596ce5b67e460ae5259d227f349e83c.tar.gz VeraCrypt-a11cada73596ce5b67e460ae5259d227f349e83c.zip |

crypto: cleaner code for Streebog carry bit handling and add comment about missing handling of overflow caused by carry bit.

-rw-r--r-- | src/Crypto/Streebog.c | 29 |

1 files changed, 24 insertions, 5 deletions

diff --git a/src/Crypto/Streebog.c b/src/Crypto/Streebog.c index 6c52ce75..e443ecae 100644 --- a/src/Crypto/Streebog.c +++ b/src/Crypto/Streebog.c @@ -1845,21 +1845,40 @@ add512(const unsigned long long *x, const unsigned long long *y, unsigned long l { #ifndef __GOST3411_BIG_ENDIAN__ unsigned int CF, OF; + unsigned long long tmp; unsigned int i; CF = 0; for (i = 0; i < 8; i++) { - r[i] = x[i] + y[i]; - if ( (r[i] < y[i]) || - (r[i] < x[i]) ) + /* Detecting integer overflow condition for three numbers + * in a portable way is tricky a little. */ + + /* Step 1: numbers cause overflow */ + tmp = x[i] + y[i]; + + /* Compare with any of two summands, no need to check both */ + if (tmp < x[i]) OF = 1; else OF = 0; - r[i] += CF; + /* Step 2: carry bit causes overflow */ + tmp += CF; + + /* + * We don't include the carry bit overflow since it can break + * mounting for some containers eventhough the probability of + * such case is very low + */ + /* + if (CF > 0 && tmp == 0) + OF = 1; + */ CF = OF; - } + + r[i] = tmp; + } #else const unsigned char *xp, *yp; unsigned char *rp; |