Use crate::ConstantTimeSelect as a substitute for subtle::Conditional…

…lySelectable in BoxedUint
RustCrypto · Dec 18, 2023 · 2eba0e7 · 2eba0e7
1 parent 89816e7
commit 2eba0e7
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 9 deletions.
diff --git a/src/modular/div_by_2.rs b/src/modular/div_by_2.rs
@@ -31,19 +31,18 @@ pub(crate) fn div_by_2<const LIMBS: usize>(a: &Uint<LIMBS>, modulus: &Uint<LIMBS
 
 #[cfg(feature = "alloc")]
 pub(crate) mod boxed {
-    use crate::BoxedUint;
+    use crate::{BoxedUint, ConstantTimeSelect};
 
     pub(crate) fn div_by_2(a: &BoxedUint, modulus: &BoxedUint) -> BoxedUint {
         debug_assert_eq!(a.bits_precision(), modulus.bits_precision());
 
-        let (mut ret, is_odd) = a.shr1_with_carry();
+        let (half, is_odd) = a.shr1_with_carry();
         let half_modulus = modulus.shr1();
 
-        let if_odd = ret
+        let if_odd = half
             .wrapping_add(&half_modulus)
             .wrapping_add(&BoxedUint::one_with_precision(a.bits_precision()));
-        ret.conditional_assign(&if_odd, is_odd);
 
-        ret
+        BoxedUint::ct_select(&half, &if_odd, is_odd)
     }
 }
diff --git a/src/uint/boxed.rs b/src/uint/boxed.rs
@@ -27,7 +27,7 @@ mod sub_mod;
 #[cfg(feature = "rand_core")]
 mod rand;
 
-use crate::{Integer, Limb, NonZero, Uint, Word, Zero, U128, U64};
+use crate::{Integer, Limb, NonZero, Word, Zero};
 use alloc::{boxed::Box, vec, vec::Vec};
 use core::fmt;
 use subtle::{Choice, ConditionallySelectable, ConstantTimeEq};

diff --git a/src/uint/boxed/sqrt.rs b/src/uint/boxed/sqrt.rs
@@ -2,7 +2,7 @@
 
 use subtle::{ConstantTimeEq, ConstantTimeGreater, CtOption};
 
-use crate::{BoxedUint, NonZero};
+use crate::{ConstantTimeSelect, BoxedUint, NonZero};
 
 impl BoxedUint {
     /// Computes √(`self`) in constant time.
@@ -35,7 +35,7 @@ impl BoxedUint {
             let (q, _) = self.div_rem(&nz_x);
 
             // A protection in case `self == 0`, which will make `x == 0`
-            let q = Self::conditional_select(
+            let q = Self::ct_select(
                 &Self::zero_with_precision(self.bits_precision()),
                 &q,
                 is_some,
@@ -48,7 +48,7 @@ impl BoxedUint {
         // At this point `x_prev == x_{n}` and `x == x_{n+1}`
         // where `n == i - 1 == LOG2_BITS + 1 == floor(log2(BITS)) + 1`.
         // Thus, according to Hast, `sqrt(self) = min(x_n, x_{n+1})`.
-        Self::conditional_select(&x_prev, &x, Self::ct_gt(&x_prev, &x))
+        Self::ct_select(&x_prev, &x, Self::ct_gt(&x_prev, &x))
     }
 
     /// Computes √(`self`)