Fix negative zero created by (-A) + (+A) or (-A) - (-A)

In mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi(), and by extention mbedtls_mpi_add_int() and mbedtls_mpi_sub_int(), when the resulting value was zero, the sign bit of the result was incorrectly set to -1 when the left-hand operand was negative. This is not a valid mbedtls_mpi representation. Fix this: always set the sign to +1 when the result is 0. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2022-11-09 22:02:16 +01:00 · 2022-11-09 22:02:16 +01:00 · 4a768dd17d
commit 4a768dd17d
parent 4cbbfd8d4e
1 changed files with 7 additions and 2 deletions
--- a/library/bignum.c
+++ b/library/bignum.c
@ -987,14 +987,19 @@ static int add_sub_mpi( mbedtls_mpi *X,
    s = A->s;
    if( A->s * B->s * flip_B < 0 )
    {
-        if( mbedtls_mpi_cmp_abs( A, B ) >= 0 )
+        int cmp = mbedtls_mpi_cmp_abs( A, B );
+        if( cmp >= 0 )
        {
            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
-            X->s =  s;
+            /* If |A| = |B|, the result is 0 and we must set the sign bit
+             * to +1 regardless of which of A or B was negative. Otherwise,
+             * since |A| > |B|, the sign is the sign of A. */
+            X->s = cmp == 0 ? 1 : s;
        }
        else
        {
            MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
+            /* Since |A| < |B|, the sign is the opposite of A. */
            X->s = -s;
        }
    }