[PATCH] MPI helper of addition one limb, Least Leak Intended

[NIIBE Yutaka]

Hello,

Jacob Bachmeyer <jcb62281 at gmail.com> wrote:
> Also, if I understand correctly from the previous discussion, "<" is to 
> be avoided because compilers can use a branch to implement it.  

Than you.  Good catch.  It is the reason why we have
mpih_ct_limb_less_than.

Using mpih_ct_limb_less_than, it is like:

==========================
/* Do same calculation as _gcry_mpih_add_1 does (under the condition
   of RES_PTR == S1_PTR), Least Leak Intended.  */
static inline mpi_limb_t
_gcry_mpih_add_1_lli (mpi_ptr_t s1_ptr, mpi_size_t s1_size, mpi_limb_t s2_limb)
{
  mpi_limb_t x;
  mpi_limb_t cy;

  x = *s1_ptr;
  s2_limb += x;
  *s1_ptr++ = s2_limb;
  cy = mpih_ct_limb_less_than (s2_limb, x);
  while ( --s1_size )
    {
      x = *s1_ptr + cy;
      *s1_ptr++ = x;
      cy = mpih_limb_is_zero (x) & mpih_limb_is_not_zero (cy);
    }

  return cy;
}
==========================

We will need to arrange header files to allow use of mpih_ct_limb_less_than,
though.
--