mpi_exp_mod: fix out of bounds access The table size was set before the configured window size bound was applied which lead to out of bounds access when the configured window size bound is less. Signed-off-by: Janos Follath <janos.follath@arm.com>

commit: 6fa7a766ccd4632acb3d8a6c15701198b9c77c96 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Tue Nov 22 10:18:06 2022 +0000
committer: Janos Follath <janos.follath@arm.com> Tue Nov 22 10:21:52 2022 +0000
tree: d2fad305a219a0cf9c4194abb3d2c165bbf23ef5
parent: 2b72690e14b8524ff8d759b6ca521e614a7d1de1 [diff] [blame]
diff --git a/library/bignum.c b/library/bignum.c
index 1b1c119..e2dfae7 100644
--- a/library/bignum.c
+++ b/library/bignum.c

@@ -2036,13 +2036,14 @@
 
     window_bitsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 :
             ( i >  79 ) ? 4 : ( i >  23 ) ? 3 : 1;
-    const size_t w_table_used_size = ( (size_t)1 << window_bitsize ) + 1;
 
 #if( MBEDTLS_MPI_WINDOW_SIZE < 6 )
     if( window_bitsize > MBEDTLS_MPI_WINDOW_SIZE )
         window_bitsize = MBEDTLS_MPI_WINDOW_SIZE;
 #endif
 
+    const size_t w_table_used_size = ( (size_t) 1 << window_bitsize ) + 1;
+
     /*
      * This function is not constant-trace: its memory accesses depend on the
      * exponent value. To defend against timing attacks, callers (such as RSA
commit	6fa7a766ccd4632acb3d8a6c15701198b9c77c96	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Tue Nov 22 10:18:06 2022 +0000
committer	Janos Follath <janos.follath@arm.com>	Tue Nov 22 10:21:52 2022 +0000
tree	d2fad305a219a0cf9c4194abb3d2c165bbf23ef5
parent	2b72690e14b8524ff8d759b6ca521e614a7d1de1 [diff] [blame]