Fix negative zero created by (-A) + (+A) or (-A) - (-A)

In mbedtls_mpi_add_mpi() and mbedtls_mpi_sub_mpi(), and by extention
mbedtls_mpi_add_int() and mbedtls_mpi_sub_int(), when the resulting value
was zero, the sign bit of the result was incorrectly set to -1 when the
left-hand operand was negative. This is not a valid mbedtls_mpi
representation. Fix this: always set the sign to +1 when the result is 0.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-11-09 22:02:16 +01:00
parent 4cbbfd8d4e
commit 4a768dd17d

View File

@ -987,14 +987,19 @@ static int add_sub_mpi( mbedtls_mpi *X,
s = A->s; s = A->s;
if( A->s * B->s * flip_B < 0 ) if( A->s * B->s * flip_B < 0 )
{ {
if( mbedtls_mpi_cmp_abs( A, B ) >= 0 ) int cmp = mbedtls_mpi_cmp_abs( A, B );
if( cmp >= 0 )
{ {
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, A, B ) );
X->s = s; /* If |A| = |B|, the result is 0 and we must set the sign bit
* to +1 regardless of which of A or B was negative. Otherwise,
* since |A| > |B|, the sign is the sign of A. */
X->s = cmp == 0 ? 1 : s;
} }
else else
{ {
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_sub_abs( X, B, A ) );
/* Since |A| < |B|, the sign is the opposite of A. */
X->s = -s; X->s = -s;
} }
} }