NIIBE Yutaka <gni...@fsij.org> writes: > In the generated code, we can see the conditional jump with the variable > CND. > > x86 msvc v19.0 (WINE): > https://godbolt.org/z/f88edPe46 > > IIUC, it is better to use something like NOT_EQUAL (in > nettle/pkcs1-sec-decrypt.c) to compute the mask, too. > > If it is my misunderstanding (like MSVC actually is not supported), > sorry in advance. I'm learning important things from Nettle > implementation. (Thanks again for that.)
Thanks for the report. I think this deserves fixing (even if 32-bit x86 is not a high priority these days). It's a bit tricky to get the compiler to do the intended thing. It might also help if one could review call sites for cnd_copy and arrange so that they pass always 0 or 1 for cnd argument. I'll be offline the rest of this week, so I will not be able to fix or review stuff until I'm back. Regards, /Niels -- Niels Möller. PGP key CB4962D070D77D7FCB8BA36271D8F1FF368C6677. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se