diff options
author | Andy Polyakov <appro@openssl.org> | 2016-05-26 21:40:09 +0200 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2016-05-27 22:58:49 +0200 |
commit | bb83c8796b9e708a881f7c49a2af7921e73b2298 (patch) | |
tree | caee132e64443ee3377c7707c84ce13f873add6b /crypto/bn | |
parent | dae9e15d74df2f216b277c8887afe2976cba9c6e (diff) | |
download | openssl-bb83c8796b9e708a881f7c49a2af7921e73b2298.zip openssl-bb83c8796b9e708a881f7c49a2af7921e73b2298.tar.gz openssl-bb83c8796b9e708a881f7c49a2af7921e73b2298.tar.bz2 |
bn/bn_exp.c: explain 'volatile' in MOD_EXP_CTIME_COPY_FROM_PREBUF.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/bn')
-rw-r--r-- | crypto/bn/bn_exp.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c index 25c05fa..d334cf7 100644 --- a/crypto/bn/bn_exp.c +++ b/crypto/bn/bn_exp.c @@ -527,6 +527,14 @@ static int MOD_EXP_CTIME_COPY_FROM_PREBUF(BIGNUM *b, int top, { int i, j; int width = 1 << window; + /* + * We declare table 'volatile' in order to discourage compiler + * from reordering loads from the table. Concern is that if + * reordered in specific manner loads might give away the + * information we are trying to conceal. Some would argue that + * compiler can reorder them anyway, but it can as well be + * argued that doing so would be violation of standard... + */ volatile BN_ULONG *table = (volatile BN_ULONG *)buf; if (bn_wexpand(b, top) == NULL) |